Military Embedded Systems

Merging legacy software into contemporary system design

Story

April 02, 2008

Ole N. Oest

DDC-I

As defense industry software developers transition from Ada to Java and upgrade their hardware, they must do so in a way that protects existing application software. Mixed language development tools that support real-time and safety-critical Java as well as stalwarts such as Ada and C provide a seamless upgrade path that enhances productivity while preserving legacy code.

As defense industry software developers transition from Ada to Java and upgrade their hardware, they must do so in a way that protects existing application software. Mixed language development tools that support real-time and safety-critical Java as well as stalwarts such as Ada and C provide a seamless upgrade path that enhances productivity while preserving legacy code.

The defense industry faces an increasing need to address
military hardware obsolescence and the lack of support for aging software
programs. Increasingly, the DoD and the defense contractors seek to migrate
current applications onto new hardware and use contemporary programming
languages to enhance system capabilities while preserving as much of the
original software investment as possible. Enhanced versions of Java and
multi-language development tools support such merging of legacy and
contemporary software while reducing the risks and cost of system enhancement.

Ada's advantages over C/C++, Java

Military systems typically outlive by decades the technology
used in their creation, making it exceedingly difficult to enhance or even
maintain the system's capabilities. The
problem is particularly acute for software written in the Ada language -
once mandatory for military system design. Support for Ada development, in
terms of tool availability and numbers of experienced programmers, lags far
behind contemporary programming languages such as C, C++, and Java. As a result,
many defense contractors seek to migrate such systems to a contemporary
language basis to ease maintenance and future enhancement. At the same time,
however, they want to minimize the cost of migration by reusing legacy software
where possible and utilizing standards-based Integrated Development
Environments (IDEs) instead of proprietary toolsets.

But contemporary languages do not adequately mirror
capabilities and attributes built into Ada that are essential for military
applications.

Ada
was designed for embedded systems and includes real-time operation as well as
the ability to directly access and manipulate the system's underlying hardware. Ada is also a
"safe" language, with an architecture and tool set that prevent programming
errors or detect them early in the development process.

Contemporary languages fall short in one or more of these
attributes. Traditional Java lacks determinism and the ability to directly
manipulate underlying hardware. Both C and C++ lack the programming safeguards,
making these languages inherently unsafe and complicating military system
development. Errors such as memory leaks or references to nonexistent objects
can cause fatal system behavior in the field, yet easily escape detection
during development of C and C++ programs. Larger aerospace and defense
developers have found that they needed to add more than 250 design rules to C
and C++ development to ensure robust software design.

Java gets real Ö and safe

The situation is improving, however, with the development of
specialized Java profiles. Real-Time Java (RTSJ), available for several years
now, addresses the determinism needs of real-time embedded systems and the
hardware-level interface can be handled through C. In addition, Java as such
includes safeguards and language features that support mission-critical system
software development (see Table 1). These attributes make RTSJ similar to Ada
in its ability to address military system requirements while leveraging the
wide availability of Java tools and programmers.

 

Figure 1

(Click graphic to zoom by 1.7x)


21

 

 

There is also a new drive within the Java community to expand
the language's applicability to
safety-critical systems. The JSR-302 Expert Group is defining a
"safety-critical" Java profile (SC Java). This subset of RTSJ eliminates many
class libraries as well as functions such as garbage collection and dynamic
class loading, which can make for unpredictable - and potentially unsafe
- code execution; this also allows ready creation of programs that
perform at the highest levels of reliability. The JSR-302 Expert Group is
aiming to at least meet the requirements of the DO-178B standard, Level A, used
for certifying avionics system software. A draft version of the safety-critical
Java specification is expected to be released for review in mid-2008, with first
implementations of SCJ by year's
end.

Legacy migration is inevitable

A complete solution to the problem of legacy military systems
must include more than an appropriate language; however, it must also support
the reuse of code that is still effective. Rewriting applications in a new
language can be risky because it invariably introduces change. Ada, for
instance, uses objects while C does not, and C++ uses objects but in a
different manner. Accommodating such differences can easily introduce
behavioral changes into system operation. Rewriting code also triggers a need
to retest the code, and testing for mission- and safety-critical systems can be
laborious and expensive.

A key element for a complete migration solution, then, is a
development environment that has the ability to mix legacy languages such as
Ada, C and C++, and Java into a tightly coupled solution. Such tools, like
DDC-I's Eclipse-based OpenArbor
framework, allow each program element, in any language, to be able to call into
the others; they also allow developers to compile and debug them simultaneously
from the same session. Coupled with a robust language such as SC Java for
future development, mixed-language development and debugging tools provide
developers with an ability to reuse legacy software and merge it into
contemporary language programs to maintain and enhance military systems at a
reasonable cost.

Ole N. Oest is one of DDC-I's founders. He is a graduate
of the Technical University of Denmark, and holds an MS in Electrical Engineering
and a PhD in Software Engineering, with special interest in programming
languages and compiler construction as well as formal specification and
development of programs.

DDC-I
602-386-4360
www.ddci.com

Featured Companies

DDC-I

4545 E. Shea Blvd., Suite 210
Phoenix, AZ 85028
https://www.ddci.com/
Categories
Avionics - Software
Topic Tags