A Safety Process for Self-adaptive Safety-Critical Plug&Fly Avionics

Self-adaptive avionics are capable to significantly reduce development effort, but require a realignment of the safety process to account for their dynamic, not predetermined configuration.Integrated modular avionics have introduced the concept of an avionics platform hosting multiple mixed-criticality applications on shared hardware devices. The downside of this approach is the huge configuration effort, which is necessary to accommodate all hosted functions. Furthermore, functions have to be implemented with their own redundancy management and failure detection mechanisms. We address these drawbacks with a self-adaptive avionics approach called Plug&Fly avionics. Plug&Fly avionics possess self-* properties of Autonomic Computing. The ultimate objective is avionics that can establish safe operation on their own. However, these systems do not have a static configuration. Nevertheless, the operation of adaptive avionics systems needs to be in line with regulations and requirements necessary for certification. In this paper, we suggest a safety process for these self-adaptive avionics, which splits safety assessment into design-time and run-time activities. Our approach is based on the ARP4754A process and the assessment methods of ARP4761, which is the process usually conducted to reach certification. While design-time activities address the correctness and completeness of portable machine-readable application specifications, the run-time activities generate evidences for the verification of safety requirements. The Plug&Fly avionics platform assures the safety through a virtual certification, which is the necessity for applications to enter live operation.