Real-time Operating System Requirements for Use in Safety Critical Systems
Whether the embedded system is an internet enabled handheld device, a telephone switch, or one of the many complex systems aboard an aircraft, the real-time operating system (RTOS) controlling the embedded system must provide fundamental fault tolerance and high availability features that enable the designers of a critical application to guarantee its uninterrupted service. In addition, given the steadily increasing speed of microprocessors, the ability to run multiple applications, at varying levels of criticality, on the same microprocessor is desired, indeed expected, by modern system designers. For example, consider a microprocessor that runs an application controlling an inflight entertainment system as well as an application that analyzes data read from a sensor and performs critical flight control functions. In order for such applications to safely coexist, the RTOS controlling the microprocessor must be able to properly partition the applications to guarantee resource availability in both the space and time domains. The key word is guarantee. Testing is not enough. Embedded systems must respond to the inherently unpredictable, nondeterministic environment around them.