Airborne systems must meet highest safety requirements and appropriate Design Assurance Levels (DAL) in accordance with the DO-254 and DO-178C standards. With safe modular boards and systems safety-critical aviation hardware platforms can be made available as commercial off-the-shelf (COTS) components.
On a per route per passenger basis, the aviation sector today supports 50,000 routes and carries more than 3 billion passengers globally. By 2030, it is estimated that passenger aircraft fleet size will have almost doubled. As airspace gets more crowded and technology improves, the automation of the airborne industry will be a dominant task for airport and airline operators, as well as for the OEMs, tier one suppliers and embedded computing vendors that supply them.
This will lead to substantial investments. The commercial avionics systems market is projected to reach USD $22.49 billion by 2020, at a CAGR of 6.10% from 2015 to 2020. Outside the cockpit, the growth is even more impressive. The global connected aircraft market, which in majority is an infotainment service for passengers, is expected to grow at 14.9% CAGR by 2020 (Research and Markets). Flight connectivity will grow even faster with a CAGR of 23% by 2025 (Euroconsult) as airlines are moving towards portable connected aircraft entertainment systems since they are new revenue sources as well as cost and technology friendly.
Avionics standards are a must
These new demands call for a new generation of airborne systems which provide the required functionality in a size, weight, power and cost optimised design (aka SWAP-C designs). On top of this, safety critical airborne systems must meet highest functional safety requirements, because a single error or failure may pose a risk to human life or the environment - or cause large financial losses. As a result, airborne technology often needs to meet the most extensive international safety requirements. How to design such safety critical systems is specified, for example, by RTCA/DO-254 – the Design Assurance Guidance for airborne electronic hardware for the commercial aviation industry.
One highly-efficient approach for avionics systems designers instead is to use COTS components from qualified hardware vendors based on open modular standards. COTS-based system designs aim to provide a transparent system structure. Modular design principles make it very easy to adjust systems for different applications and promote the efficient re-use of already existing designs. Modular COTS systems are also future-proofed because expansions are easy to implement by adding extra or swapping functionally identical, but more powerful components. This also helps to mitigate the challenges of obsolescence management, which is quite an expensive task across the usual 20-year life span. Additionally, they can help to enable faster, more cost-effective maintenance as individual modules can be replaced directly in the field, instead of having to replace whole units.
Single platform for various needs
MEN Mikro Elektronik has accepted the challenge to design DAL-compliant COTS components with a universal approach, where one single avionic board meets the requirements for all Design Assurance Levels. Only the configuration of the board needs to be changed. The hardware also meets all communication demands: One single board can be operated in various environments such as AFDX (ARINC-664), ARINC-429, MIL-STD 1553, CAN and standard Ethernet, again by only re-configuring the board.
To provide the required safety levels, the boards use a redundant processor architecture. This can be custom configured for the overall required reliability in terms of ruggedness as well as safety levels. Following the common design principles for airborne applications, the redundancy setup is either 1oo2 (one out of two) or 2oo3 (2 out of three) to ensure the most flexible increase in both safety and availability to a measure that is statistically sufficient and reasonable.
The board also fulfils the SWAP-C demands of modern airborne systems, as the double or triple redundancy is provided on one single board only. Such a single board solution requires considerably less power and space than three individual boards. To integrate such complex functionality on a single PCB, the boards are equipped with three PowerPC 750 processors for accessing the redundant main memory, local voltage supply, clock generators and Flash memory.
Flexible inter-system communication
For truly flexible system designs, one task is still missing: the external communication interfaces to interconnect to other avionics subsystems. Traditionally, communication has been accomplished for example through ARINC-429 or MIL-STD 1553. But as computing needs have grown, aircraft manufacturers as well as suppliers of avionics subsystems now increasingly use the Asynchronous Full Duplex switched Ethernet (AFDX = ARINC-664) for new designs. Here, MEN Mikro Elektronik offers a safe FPGA design. Utilising an FPGA for managing the communication layer adds more flexibility to the design compared to a fixed ASIC design.
The FPGA is developed according to ARINC-664 P7-1 to meet the demands of safety critical avionics applications. It is DO-254-compliant and prepared to meet the requirements from levels DAL-E to DAL-A. The flash-based architecture makes chip configuration SEU-resistant. Functions of the real time capable FPGA are customisable towards gateway solutions including AFDX-to-ARINC-429, AFDX-to-CAN, or AFDX-to-standard-Ethernet. This enables OEMs to implement these boards for different tasks in different environments without any hardware re-design, thereby saving valuable development and certification efforts.
With such DAL-compliant, safe computing boards MEN Mikro Elektronik fulfils all the demands avionics systems designers need to design SWAP-C optimised safe airborne solutions on the basis of standardised modular COTS components. Systems based on such COTS components have already proven their airworthiness in a cargo load control on the Airbus A400.
