Why CPM is not CPM - Enabling Standardized Safety Mechanisms on Off-the-shelf IMA Modules

Abstract

This paper describes the implementation of standardized mechanisms for safety-critical applications (Flexible-Avionics-Platform) on a state-of-the-art Integrated Modular Avionics (IMA) platform. The major contribution is the virtual promotion of two IMA simplex Core Processing Modules (CPM) to a high-integrity unit by application-level synchronization and cross-lane communication via CAN bus. In order to incorporate Remote Data Concentrators (RDC), the CPMs need to perform additional services for sensor management while maintaining robustness against failures from other components. Automatic artifact generation from an abstract model to loadable units is implemented for all modules within the platform. Verification is finally performed using real IMA hardware.