Introduction —
The Concepts Behind IEC 61508 —
Characteristics of a Safe Kernel —
Design Safe State —
Isolation —
Scheduling Predictability —
Protection —
RTOS Architectures —
Development Support —
Documentation —
Training —
Conclusion
[+]
Introduction
The QNX Neutrino RTOS Safe Kernel has been certified to conform to IEC 61508 at Safety Integrity Level 3. This safe kernel provides a certified platform on which application developers can implement ...
The Concepts Behind IEC 61508
During the 1990s, software became an increasingly important component of many systems whose operation was mission- or safety-critical. The first edition of IEC 61508 ...
Characteristics of a Safe Kernel
IEC 61508 describes the concept of a Functional Safety Requirement. Taken together, the Functional Safety Requirements for a safe kernel provide the minimum level of operation required ...
Design Safe State
A safe kernel serves as one component of a system. It is essential that it revert to a safe state if it encounters a situation which it cannot handle. This state must ...
Isolation
Isolation covers areas such as the isolation provided by the safe kernel between application processes: the behavior of one application process ...
Scheduling Predictability
It is essential that a developer writing applications to run on a safe kernel be able to predict the behavior of its schedulers. In particular, it is important that schedulers be ...
Protection
Circumstances that were not considered by an application designer may occur in practice. To minimize the danger associated with these situations, a safe kernel needs to ...
RTOS Architectures
No discussion of reliable systems can be complete without at least a review of RTOS architectures and their implications for a system’s reliability and ability to recover ...
Development Support
No kernel — not even a microkernel — is an island unto itself. This truth is especially relevant to a safe kernel, which demands that the applications in which it is used conform exactly to strict ...
Documentation
Without complete, accurate and up-to-date documentation, developers can not only waste precious time struggling to understand concepts, but also make fundamental design errors that ...
Training
Architects, designers and developers creating a system that incorporates a safe kernel need to be competent both in the design of safety-related systems and in ...
Conclusion
The software on which mission- and safety-critical systems increasingly rely is inexorably becoming more complex. The techniques that were adequate for developing a few hundred lines of code running as a single-threaded ...