ARINC 613-1988 Guidance for Using the ADA Programming Language in Avionic Systems《航空电子设备用ADA程序设计语言指南》.pdf

1、ARINC bL3 BB m 030bl17 0004453 b m -a- - GUIDANCE FOR USING THE ADA PROGRAMMING LANGUAGE IN AVIONIC SYSTEMS ARINC REPORT 613 PUBLISHED: JANUARY 4, 1988 _e_ AN M!NC DOCUMENT Pirpwrd by UIILIHfS ELtCTROHlC ENGlHEtRlNG CMMITTtf tuYithri iy YROWAUTICAL RADIO. iNC. 2551 HVA ROAD. AHHAPOLIS. MARYLAHO 2140

2、1 - ARINC 613 88 0307617 0004454 8 = AERONAUTICAL RADIO, INC. 2551 Riva Road Annapolis, hlaryland 21401 ARINC REPORT 613 GUIDANCE FOR USING TIIE ADA PROGRARlhlING LANGUAGE IN AVIONIC SYSTEM3 Published: January 4, 1988 Prepared by the Airlines Electronic Engineering Committee Report 613 Adopted by th

3、e Airlines Electronic Engineering Committee: October 14, 1987 ARINC bL3 88 W 0307637 0004455 T W FOREWORD Activities of AERONAUTICAL RADIO, INC. (ARINC) and the Purpose of ARIMC Reports and Specifications Aeronautical Radio, Inc., is a corporation in which the United States scliediiled airlines are

4、tlie principal stockholders. Other stockholders include a variety of other air transport companies, aircraft manufacturers and foreign flag airlines. Activities of ARINC include the operation of an extensive system of domestic and overseas aeronautical land radio stations, the fulfillment of systems

5、 requirements to accomplish ground and airborne compatibility, the allocation and assignment of frequencies to meet those needs, the coordination incident to standard airborne communications and electronics systems and the exchange of technical information. ARINC sponsors the Airlines Electronic Eng

6、ineering Commit tee (AEEC), composed of airline technical personnel. The AEEC formulates standards for electronic equipmen and systems for airlines. The establishment of Equipment Characteristics is a principal function of this Committee. It is desirable to reference certain general ARINC Specificat

7、ions or Reports which are applicable to more than one type of equipment. These general Specifications or Reports may be considered as suppplementary to the Equipment Characteristics in which they are referenced. They are intended to set forth tlie desires of the airlines pertaining to components and

8、 general design, construction and test criteria, in order to insure satisfactory operation and the necessary interchangeability in airline service. The release of a Specification or Equipment Characteristic should not be construed to obligate ARINC or any airline insofar as the purchase of any compo

9、nents or equipment is concerned. which is: (1 1 (2) An ARINC Report (Specification or Characteristic) has a twofold purpose To indicate to the prospective manufacturers of airline electronic equipment the considered opinion of the airline technical people coordinated on an industry basis concerning

10、requisites of new equipment, and To channel new equipment desigris in a direction which can result in the maximum possible standardization of those physical and electrical characteristics which influence interchangeabilty of equipment wit hout seriously hampering engine e ring initia tive. ii ARINC

11、613 88 0307637 0004456 3 m 1 TELI 1 .u - 1.1 1.2 1.3 1.4 1.5 1.6 2.0 2.1 2.2 3.0 3.1 3.2 3.2.1 3.2.2 3.2.3 3.3.1 3.3.2 3.3.3 9.3.4 3.3.5 3.3.6 3.3.7 3.4.1 3.4.2 3.4.3 3.4.4 3.4.5 3.5.1 3.5.2 3.5.3 3.3 3.4 3.5 3.6 3.7 4.0 4.1 4.2 4.3 4.4 4.4.1 4.4.2 4.4.3 4.5 4.6 4.1 5.0 5.1 5.2 5.2.1 5.2.2 5.3 5.4 5

12、.5 5.6 5.6.1 5.6.2 5.6.3 5.6.4 5.6.5 6.0 6.1 6.2 ARINC REPORT 613 TABLE OF CONTENTS SUBJECT INTRODUCTI 014 Purpose of this Document Intended Audience Scope Document Organization Background References PURPOSE OF THE ADA LANGU Introduction GE - Ada Language Domain for Commercial Avionics Equipment DES

13、IGN RECOBiLlENDATIONS Introduction Design Principles Abstraction Information Hiding Modularity Data Abstraction Using Types User Defined Data Types Subtypes Derived Types Enumeration Types Types with Range Constraints Types with Accuracy Constraints Access Types Activity Abst r ac tioii Overloading

14、Generic Units Subprogram Units Control Flow Object Creation and Release Encapsulation Packages Tasks Private Types Portability Issues Efficiency Issues FORMAT RECOBIRIENDATIONS Introduction Standard Style Declarations Lexical Ordering of Program Units Lexical Ordering of Subprogram Componerlts Lexic

15、al Ordering of Nested Package Components Task Declarations Ada Source File Naming Application of WITH and USE Named Association CODE RECOMMENDATIONS Introduction Control Flow Selection Iteration Numerical Precision Storage hlanagement Resource Allocation Ada Programming Support Environment Text Edit

16、or Ada Compiler Linker/ Loader Library Manager Symbolic Debugger TEST RECOhlhlLNDATlONS Introduction Analytical -Activities PAGE 1 1 1 1 - 1 1 9 3 3 3 3 3 3 3 3 3-4 4 4-5 5 5 5 6 6 6 6 6 6 6 6 6 7 7 8 8 8 8 8 8 8 8 9 9 9 10 10 10 10 10-11 11 11 11-12 12 12 12 12 12 12 13 13 13 iii ARINC bL3 88 0307b

17、1i7 0004457 3 1 TLhl 6.3 ti.4 6.5 7 .u 7.1 7.2 7.3 7.4 7.5 7.6 I .I 7.8 7 .Y 7.10 8 .O 8.1 8.2 . 8.3 9.0 Y .1 Y .2 10.0 10.1 10.2 10.3 10.4 10.5 1 u.ti 11.0 11.1 12.0 12.1 12.2 12.3 12.4 12.5 12.6 13.0 13.1 13.2 13.5 14.0 14.1 14.2 14.3 14.4 15.0 15.1 15.2 15.3 15.3.1 15.3.2 15.4 16.0 ARINC HEPORT 6

18、13 TABLE OF CONTENTS (contd) SUBJECT Testing Activities Verification of the Hun-Time Library Testing Tools PHAUMAS In t roduc ti on Pr a gma CONiHOL L ED Pragme INLINE Prayma INTERFACE Pragma OPT1 hllZ E Pragma PACK Pragma PRIORITY Prtigma SUPPRESS Pragma SY STEhlNAME, STORAGE-UNIT and h.1BMORY-Sl Z

19、E Interrupt Optimization Pragmes ATTHIUUUTES Introduction Attribute PIADDRESS Attribute PICOUNT COhlPlLE TlhiE PROCESSING Static Expressions Generics TASKS Introduction Ada Language versus Assembly for Task Management Dynamic Task Allocation Task Scheduling and Priorities DELAY Statement SELECT Stat

20、ement EXCEPTIONS AND ERROR HANDLING Use of Exceptions and Error Handling REPRESENTATIONS Introduction Length Clauses Enumeration Representation Clauses Record Representation Clauses Address Clauses Example Use of Record Representation and Length Clauses PREDEFINED UNITS The Package SYSTELI Procedure

21、 UNCHECKED-DEALLOCATIN Function UNCHECKED-CONVERSION USE OF OTHEH LANGUAGES lnt roduction Waivers Use of Assembly Code Use of Other High-Order Languages COMPILER ISSUES Introduction Compilation Order Compiler Validation Derived Compilers Unvalidated Ada Language Compilers Quality and Performance RUN

22、TIUE ISSUES PAGE 13 13-14 14 15 15 15 15 15 15 15 15 15-16 16 16 17 17 17 17 18 18 18 1Y 1Y 19 19 19 1Y 19 20 zu-21 22 22 22 22 22 22 22-25 26 26 26 26 27 27 27 27 27 28 28 28 28 28 28 28-29 30 iv ITEM APPENDICES - A B C D E F G ARINC bL3 88 = 0307bL7 0004458 5 ARINC REPORT 613 TABLE OF CONTENTS SUB

23、JECT Glossary Need for an Avionics Lanugage Standard Ada Language Recomiiiended Ada Features for Avionics Sample Data Type Declarations Stylistic Hecommenda tions Use of the Ada Programming Langutige in Flight Simulators V PAGE 31-32 33 34-35 36 37-38 39-40 41-44 ARINC bL3 BB = 0307bL7 0004459 7 1.1

24、 Purpose of this Document 1.0 INTRODUCTION . ARINC REPOKT 613 - Page 1 This document is intended to provide guidance on the use of the Ada programming language in commercial avionics applications. It is intended to provide guidelines to the airlines, airframe manufacturers, flight simulator manufact

25、urers, avionics suppliers, and compiler vendors. It is the desire of the airline comniunity to reduce the cost and economic risk associated with avionics software systems. As a means to achieve this it is recommended that the Ada programming language be used as the standard High-Order Language (HOL)

26、 in avionics equipment design. 1.2 Intended Audience This document is intended for the following individuals who may be concerned with the use of the Ada language: a. Engineering hlanagers b. System Design hlanagers c. Software Development Engineers d. Software hlaintenance Engineers e. Support Soft

27、ware Developers Le. compiler vendors) 1.3 Scope The scope of this document is limited to commercial avionics software. This document addresses the use of the Ada programming language in the development, testing, and maintenance of digital avionics for the commercial aviation industry. This environme

28、nt includes application of the Ada language in on-board processors on aircraft, and in ground-based systems such as test equipment and simulators. 1.4 Document Organization The first part of this document covers recom- mendations on design, format, code, and test. The last part follows, in the seque

29、nce, some of the material in the Ada Language Reference hlanual (LRbl). Additional inforrnation is included in the appendices: Appendix A: Glossary of various terms and acronyms used in this document Appendix U: Discussion on the need for an avionics HOL standard Appendix C: Historical information o

30、n the development of the Ada language Recommended set of features to be implemented in any Ada language compiler selected for avionics development Sample data type declarations Appendix D: Appendix E: Appendix F: Stylistic recommendations Appendix G: Use of the Ada Programming Language in Flight Sim

31、ulators 1.5 Background The Ada High-Order Language (HOL) was developed under the auspices of the Department of Defense (DoD) in Order to reduce the cost of embedded systems software. This language is officially defined by MIL-STD-1815A. Reference Manual for the Ada Programming Language. Subsequent t

32、o the development of the Ada language, the airline coinmunity began investigating the possibility of a single HOL suitable for commercial avionics. After studying the advantages of the Ada language, it was suggested as a promising candidate for the standard HOL (see AHINC Report 607). It is anticipa

33、ted that the use of the Ada language will reduce the nonrecurring (development) and recur- ring (post development) cost of avionics. Appendices B and C further highlight the benefits expected from the use of the Ada language, 1.6 References The following documents contain additional infor- mation on

34、 software design guidance and HOL standardization: 1. 2. 3. 4. 5. 6. - ANSl/hlIL-SD-3815A-l983, Reference hlanual for the Ada Programming Language. Department of Defense (ANSIlhllL-STD-1815A-lY83 will be re- ferred to in this document as the Language Reference hlanual or LRR1). ARINC Report 607, “De

35、sign Guidance for Avionic Equipment“ RTCA/ DO-17 8A “Software Considerations in Airborne Systems and Equipment Certifica tion“ Ada Compiler Validation Capability (ACVC) test suite Ada Compiler Evaluation Capability (ACEC) test suite Rationale for the Design of the Ada Programming Lenkuage, lloneywel

36、 and Alsys. January 1Y84 ARINC bL3 88 = 0307637 0004460 3 m ARINC REPORT 613 - Page 2 2.0 PURPOSE OF TlIE ADA LANGUAGE 2.1 Introduction The purpose of using the Ada language in commercial avionics software development is to reduce the cost of avionics systems over the entire life cycle, Cost reducti

37、on is based on reducing software development effort and post-development software changes. This can be achieved by the following methods: 1. Use of a modern HOL incorporating the latest software engineering constructs. Standarization on a single HOL (benefits resulting from standardization are conti

38、ngent upon industry-wide accept- ance of the Ada language and should therefore not be considered in a current costlbenefit analysis) 2. 3. Application of engineering methodology to software development. The application of these methods should result in the following benefits: i. Increased understand

39、ability - create readable code - allow easy isolation of data structures and algorithms 2. increased reliability - reduce errors in software design - simplify exception handling and development 3. Increased modifiability - control changes more easily - introduce changes without increasing complexity

40、 - capture design structure clearly and consistently 4. increased efficiently - employ available resources (time and space) in an optimal fashion 5. Increased reusability - greater consideration given to adaptability, commonality, and interface requirements 6. Reduced training needs - utilize single

41、 HOL - utilize common tools 7. Reduced schedule or technical risk 2.2 Ada Language Domain for Commercial Avionics Systems Avionics software is generally large, complex, subject to frequent revisions throughout its life cycle and required to be highly reliable. Under these circumstances it is not sur

42、prising that the normal effort associated with software development is more intense for avionics systems. Although the Ada language was originally designed for embedded system applications, not all elements are equally important for avionics software. Some elements of the language may lead to compli

43、cations during test, may increase certification concerns, or may be inefficiently implemented by some compilers. Accordingly, this document concentrates on an avionics domain of the Ada language. 2.2 Ada Language Domain for Commercial Avionics Systems (contd) language have not been included due to p

44、otential for increased testing complexity, more difficult certif- ication, and inefficienf implementation by certain compil e rs. By delineating this specific Ada domain, the intent is to: 1. Inform the Ada language user about relevant problems, concerns, and recom- mendat ions, 2. Define a set of o

45、ptional features which should be implemented on the compiler selected by the Ada language user. 3. Suggest to compiler vendors those features of the Ada language which should be implemented in a manner which produces the most efficient runtime code. This document provides guidance on specific Ada la

46、nguage features for one or more of the following reasons: 1. The features are commonly used in 2. They have a specific preferred imple- mentation. 3. They should be supported by the selected compiler. They should be used only after a careful costlbenefit analysis. avionics software. 4. 5. They are i

47、nappropriate for avionics equipment. In general. specific features may not be recommended due to certification questions or the lack of effective implementation by some compilers. While certification issues may continue to be in question in the future, it is likely that compiler implementations will

48、 improve, Accordingly, it is expected that compliler maturation may render some of these recommendation obsolete It is not the intent of this document to recommend that compiler vendors implement a subset of the Ada language. The word “doniain“ was specifically chosen to avoid the implications of tf

49、subset.t See Appendix 1) for more information on this domain. ARINC b33 BB O307637 O004463 5 m ARINC REPORT 713 - Page 3 3.0 DESIGN RECOhlhlENDATIONS 3.1 Introduction The primary goal of software engineering is to produce programs that are reliable, testable, portable, reusable, modifiable, efficient and under- standable. The Ada language supports this goal by promoting modern software engineering design, modularity. and built-in checking features. 3.2 Design Principles A major concern in designing software is handling its coniplexity, The use of correct software d