2023 www.opengroup.org/face 2023 | Volume 2 | Number 1 SPECIAL EDITION Q&A
Taylor Program Director, FACE Consortium P 6 To subscribe to the Avionics Design e-newsletter and Military Embedded Systems magazine and receive future copies of the FACE Special Edition, CLICK HERE. To subscribe to The Open Group’s FACE E-newsletter, CLICK HERE.
with Alicia
Q and A with Alicia Taylor Program Director, FACE Consortium p.6
EDITOR’S
5 FACE Special Edition
By John McHale, Editorial Director
FACE FEATURES
Subbarao, Lynx Software Technologies p.14
10 FACE Membership List
12 FACE Consortium Information
14 FACE in military avionics systems: Now let’s integrate it
By
Arun Subbarao, Lynx Software Technologies
FACE
SPEAKOUTS AND PROFILES
ON THE COVER
MOSA systems: The benefits of deploying a datacentric architecture By Andre Odermatt, RTI p.18
2 | FACE Special Edition 2023 www.opengroup.org/face
@theopengroup 2023 VOLUME 2 NUMBER 1 FACE™ and logo design and The Open
The
the United States and other countries. © 2023 OpenSystems Media © 2023 FACE Special Edition
Group Certification Mark™ are trademarks of
Open Group in
New platforms are turning toward a MOSA [Modular Open Systems Approach] process, with one example being the Army’s Future Long-Range Assault Aircraft (FLRAA) program. Bell Textron Inc., a Textron company, won the FLRAA development contract based on Bell’s V-280 Valor tiltrotor aircraft that was developed and tested as part of the Joint Multi-Role Technology Demonstrator (JMR TD) program. Image courtesy of Bell Textron. PERSPECTIVE
6 Q and A with Alicia Taylor Program Director, FACE Consortium
18 MOSA systems: The benefits of deploying a datacentric architecture
By Andre Odermatt, RTI
9 FACE Speakouts 24 FACE Profiles
FACE in military avionics systems: Now let’s integrate it By Arun
INTEGRATING ADVANCED MODELING & DEVELOPEMENT
TES-SAVi is revolutionizing the way cyber-physical systems are developed and managed with our comprehensive tool suites, AWESUM® and FAME™ . Experience seamless integration of Modular Open Systems Approach (MOSA) systems and software modeling, simulation capabilities, and FACE™ industry standards compliance fortheend-to-endlifecycle ofyourprojects.
TheAWESUMtoolsuiteiscurrentlysupporting the US Army's Airworthy FACE aligned products for both current and future militarysystemsespecially where Avionics Integrationiskey.
OUR TOOLS
• AWESUM: Low-risk, cost-effective solutionforhighlyreliablesystemdevelopment andreducedschedules.
• FAME:The mostuser-friendlyandefficient FACEdatamodelingtoolavailable.
• MMOSA Lifecycle Process: Streamlined digital engineering forMOSAsystems.
• HARMONY: Simplifying automated verification and conformance testing for MOSA systemssuchas FACE, HOSTandSOSA.
• FACESupportLibraries (DO-178CDALC): Comprehensive set of libraries, including TSS, IOS, Platform Abstraction Layer (PAL), Lifecycle, Logging, and more, for enhanced complianceandfunctionality.
--TES--TM AVi
Check out our site! TES-SAVi.com
FIND OUT MORE TES-SAVi.COM
Gold Sponsors
GROUP EDITORIAL DIRECTOR John McHale john.mchale@opensysmedia.com
ASSISTANT MANAGING EDITOR Lisa Daigle lisa.daigle@opensysmedia.com
TECHNOLOGY EDITOR – WASHINGTON BUREAU Dan Taylor dan.taylor@opensysmedia.com
CREATIVE DIRECTOR Stephanie Sweet stephanie.sweet@opensysmedia.com
WEB DEVELOPER Paul Nelson paul.nelson@opensysmedia.com
EMAIL MARKETING SPECIALIST Drew Kaufman drew.kaufman@opensysmedia.com
WEBCAST MANAGER Marvin Augustyn marvin.augustyn@opensysmedia.com
VITA EDITORIAL DIRECTOR Jerry Gipper jerry.gipper@opensysmedia.com
SALES/MARKETING
DIRECTOR OF SALES Tom Varcie tom.varcie@opensysmedia.com (734) 748-9660
DIRECTOR OF MARKETING Eric Henry eric.henry@opensysmedia.com
OPERATIONS & AUDIENCE DEVELOPMENT (541) 760-5361
STRATEGIC ACCOUNT MANAGER Rebecca Barker rebecca.barker@opensysmedia.com (281) 724-8021
STRATEGIC ACCOUNT MANAGER Bill Barron bill.barron@opensysmedia.com (516) 376-9838
STRATEGIC ACCOUNT MANAGER Kathleen Wackowski kathleen.wackowski@opensysmedia.com (978) 888-7367
SOUTHERN CAL REGIONAL SALES MANAGER Len Pettek len.pettek@opensysmedia.com (805) 231-9582
DIRECTOR OF SALES ENABLEMENT Barbara Quinlan barbara.quinlan@opensysmedia.com AND PRODUCT MARKETING (480) 236-8818
INSIDE SALES Amy Russell amy.russell@opensysmedia.com
STRATEGIC ACCOUNT MANAGER Lesley Harmoning lesley.harmoning@opensysmedia.com
EUROPEAN ACCOUNT MANAGER Jill Thibert jill.thibert@opensysmedia.com
TAIWAN SALES ACCOUNT MANAGER Patty Wu patty.wu@opensysmedia.com
CHINA SALES ACCOUNT MANAGER Judy Wang judywang2000@vip.126.com
WEBCAST
MOSA Virtual Summit 2023: Applying open architectures in avionics, radar, EW, & C5ISR systems
PRESIDENT Patrick Hopper patrick.hopper@opensysmedia.com
EXECUTIVE VICE PRESIDENT John McHale john.mchale@opensysmedia.com
EXECUTIVE VICE PRESIDENT AND ECD BRAND DIRECTOR Rich Nass rich.nass@opensysmedia.com
ECD EDITOR-IN-CHIEF Brandon Lewis brandon.lewis@opensysmedia.com
TECHNOLOGY EDITOR Curt Schwaderer curt.schwaderer@opensysmedia.com
ASSOCIATE EDITOR Tiera Oliver tiera.oliver@opensysmedia.com
ASSOCIATE EDITOR Taryn Engmark taryn.engmark@opensysmedia.com
PRODUCTION EDITOR Chad Cox chad.cox@opensysmedia.com
CREATIVE PROJECTS Chris Rassiccia chris.rassiccia@opensysmedia.com
GRAPHIC DESIGNER Kaitlyn Bellerson kaitlyn.bellerson@opensysmedia.com
FINANCIAL ASSISTANT Emily Verhoeks emily.verhoeks@opensysmedia.com
SUBSCRIPTION MANAGER subscriptions@opensysmedia.com CORPORATE
OFFICE 1505 N. Hayden Rd. #105 • Scottsdale, AZ 85257 • Tel: (480) 967-5581
WRIGHT’S MEDIA REPRINT COORDINATOR Kathy Richey clientsuccess@wrightsmedia.com (281) 419-5725
4 | FACE Special Edition 2023 www.opengroup.org/face
ADVERTISER
Real-Time
RTI Connext TSS
LDRA – Automate FACE Conformance with the LDRA tool suite 27 FACE – The FACE Approach ADVERTISER PG Operating System Segment (OSS) Lynx Software Technologies 25 Portable Components Segment (PCS) Rapita Systems . . . . . . . . . . . . . 24 Platform-Specific Services Segment (PSSS) wolfSSL 24 Transport Services Segment (TSS) TES-SAVi/Tucson Embedded Systems 26
SPONSOR
MOSA-compliant
Executive Speakout
TES-SAVi/Tucson
Systems
TES-SAVi/Tucson
Systems – Executive Speakout Advertiser Index Profile Index
REPRINTS
www.opensysmedia.com
PG
17
Innovations (RTI) –
20
PG
28 Lynx Software Technologies –
advanced new software architectures 9 Lynx Software Technologies –
3
Embedded Systems – Discovering the Future of Cyber-Physical
9
Embedded
Powered
Systems Watch keynote address and separate
by Military Embedded
sessions: https://bit.ly/3KZ9CaQ (This is an archived event.)
Editor’s Perspective
By John McHale, Editorial Director
FACE Special Edition
By John McHale, Editorial Director John.McHale@opensysmedia.com
Welcome to the 2023 FACE Special Edition, which covers the technology and development efforts behind The Open Group Future Airborne Capability Environment (FACE) Technical Standard. This magazine is the second of what is an annual issue, highlighting editorial content on FACE from the pages and website of Military Embedded Systems Magazine, together with the products aligned and certified conformant to the technical standard – all put together exclusively by our staff.
This issue is similar to our SOSA Special Edition, published in August each year covering the technology and innovation behind The Open Group Sensor Open Systems Architecture (SOSA) Technical Standard.
Both FACE and SOSA are examples of a Modular Open System Approach (MOSA) strategy, mandated by the U.S. Department of Department of Defense (DoD) for all new program designs and refreshes. A 2019 memo signed by the secretary of each service called MOSA a “warfighting imperative” and stated that “development of a modular open systems approach (MOSA) in areas where we lack them is vital to our success.” The missive mentioned FACE, SOSA, and other standards by name as examples of MOSA.
While FACE, founded in 2010, is a more mature standard than SOSA, they both share the goal of enabling commonality across multiple platforms through an open architecture approach that reduces long-term life cycle costs. Both the FACE and SOSA consortia also share industry and government members, demonstrating the support for these efforts.
“The founders of the FACE Consortium deserve credit for establishing a strong foundation and incorporating the MOSA principles,” said Joe Carter, Joe Carter, System Engineering Lead, U.S. Army PEO
[Program Executive Office] Missiles and Space and former Chair of the FACE Steering Committee, in a Q and A in the 2022 FACE Special Edition.
The success of FACE is seen in its adoption by major military platforms such as the Army’s UH-60V Black Hawk helicopter and the C-130J transport aircraft. For FACE procurement examples, visit: https://www.opengroup.org/face/ procurements
New platforms are also turning toward a MOSA process, with one example being the Army’s Future Long-Range Assault Aircraft (FLRAA) program. Bell Textron Inc., a Textron company, won the FLRAA development contract based on Bell’s V-280 Valor tiltrotor aircraft that was developed and tested as part of the Joint Multi-Role Technology Demonstrator (JMR TD) program. (See cover photo).
“Bell and its industry partners have systematically validated the V-280 aircraft and their [MOSA strategy] in collaboration with the Army,” according to Bell.
“Virtually every presentation from the U.S. armed services is driving a Modular Open Systems Approach (MOSA), and includes acronyms such as FACE, SOSA, and other open capability standards,” writes Ian Ferguson, Vice President of Marketing for Lynx Software Technologies, in an article titled “Lynx and RTI: The art of driving down mission-critical system costs” in the April/May Avionics issue of Military Embedded Systems.
“It is vital for the ecosystem of partners that are supporting the efforts of the military and aerospace industries to collaborate, so that our customers can reduce time-to-market, costs, and program risk for the next generation of best-in-class platforms,” he continues. “This means aligning behind and investing in solutions that conform to the important standards.”
Lynx is also the latest FACE member to achieve conformance certification. “Thanks to the expert guidance of our FACE Verification Authority (VA), LDRA, Lynx has just completed the conformance certification of our real-time operating system, LynxOS-178 to the FACE Technical Standard, Edition 3.1 for the FACE Operating System Segment (OSS) General Purpose Profile for PowerPC, Arm and Intel processor architectures,” Ferguson states.
Other certified FACE conformant suppliers include Collins Aerospace, Honeywell, L3Harris, Raytheon, Textron, ADLINK, RealTime Innovations, Inc. (RTI), Skayl (DSDM), Ansys, Hanwha Systems, BlackBerry QNX, DDC-I, DornerWorks, Green Hills, and Wind River.
In addition to the certified conformant members, the consortium boasts more than 90 member organizations from industry, academia, and government. For a full member list, see page 10 of this issue.
MOSA approaches like FACE and SOSA continue to gather momentum and we’ll continue to cover them like we’ve covered open standards for 40 years at OpenSystems Media, dating back to our first publication – VMEBus Magazine – still published today as VITA Technologies.
Helping bring this issue together were Alicia Taylor, Reggie Hammond, and their colleagues at The Open Group. A big thank you as well to Chip Downing, who helped in his role with the FACE Outreach Subcommittee.
To be part of future FACE and SOSA Special Editions or to contribute content to Military Embedded Systems magazine and our Avionics Design e-newsletter, reach out to me (john.mchale@opensysmedia.com) and assistant managing editor Lisa Daigle (lisa.daigle@opensysmedia.com). Thanks for joining us.
www.opengroup.org/face FACE Special Edition 2023 | 5
In this Q and A, Alicia Taylor, Program Director, The Open Group FACE Consortium, discusses the FACE approach, how FACE enables modularity across the acquisition life cycle, and expanding participation in FACE outside of the U.S.
Q: What is the Open Group FACE Consortium?
TAYLOR: The Open Group FACE Consortium is a government, industry, and academia collaboration that encourages innovation in refining business processes and developing vendor-neutral open standards which enable software portability, reusability, and interoperability. The two FACE Consortium software standards are the FACE Technical Standard and the Open Universal Data Description Language Standard (UDDL).
Q: What is the FACE Technical Standard?
TAYLOR: The FACE Technical Standard defines a reference and data architecture intended for the development of portable software components. The architecture is based on over 60 recognized
industry standards. The FACE Reference Architecture uses standardized interfaces and provides requirements for developing software components that will reside in architectural segments. The FACE Data Architecture describes the data and its semantics.
The open standards specified within the FACE Technical Standard allow use without payment or other obligation to the standards owners. Additionally, neither the FACE Technical Standard nor the FACE Conformance Certification Process require or prohibit a software supplier to relinquish rights to technical data or computer software within the software, the business logic, the presentation logic, or any other logic whether in the application or the software computing environment.
Q: Tri-Service leadership issued a mandate in 2019 to have a MOSA [Modular Open Systems Approach] strategy implemented for all new platforms and upgrades. Why have open architectures strategies become so important to the DoD?
TAYLOR: An open systems approach is not new and neither is modularity. The DoD started using MOSA in 2004 as a way to address rising costs and the need to get products to the warfighter faster. MOSA enables a modular architecture and an open business model to add, modify, or replace components across the acquisition life cycle.
This approach also facilitates technology refresh through the delivery of new capabilities or replacement technology without changing all components in the entire system. MOSA also sparks innovation by enabling operational flexibility to configure and
Q and A with Alicia Taylor Program Director, FACE Consortium Q and A with Alicia Taylor Program Director, FACE Consortium
FACE SPECIAL EDITION
6 | FACE Special Edition 2023 www.opengroup.org/face
FACE
reconfigure available assets to meet rapidly changing operational requirements.
A MOSA strategy importantly enables cost savings/cost avoidance through the reuse of technology/components from any supplier across the acquisition life cycle. The FACE Technical Standard is an example and the FACE ecosystem addresses all five MOSA principles.
Q: How does FACE enable the modularity you mention?
TAYLOR: Typically, aircraft are built with platform-unique requirements by a single vendor where the capabilities are tightly coupled to the avionics, sensors, and operating system. The resulting software is unique to that aircraft, and without a modular approach and standard interfaces, each time we add a capability to the fleet we create new software for each aircraft type.
The FACE Approach changes this software architecture paradigm. The FACE Technical Standard created an open, layered architecture that allows any FACE software component to move from one aircraft platform to the next with minimal integration complexity on any desired hardware platform.
Q: What does being FACE conformant mean?
TAYLOR: FACE Conformance ensures proper use of the defined FACE Interfaces and adherence to the FACE Reference Architecture. In addition to conformance, the FACE ecosystem addresses other practical business concerns such as contracting (FACE Contract Guide), value proposition and business drivers (FACE Business Guide), and product registry (FACE Library documents).
Q: There are some common misconceptions regarding the FACE Technical Standard: One is that it is only for U.S military aircraft.
TAYLOR: The biggest potential for growth for the FACE Technical Standard
is outside of airborne platforms – from ground-control systems, to ground vehicles, to autonomous systems assisting dismounted soldiers, to supply chains to loyal wingmen. It is even being looked at for commercial aircraft platforms.
The FACE Approach also includes business processes, technical practices, and an open component-based software standard that can be used in almost any software environment. Over the last 12 years we were focused on the aviation software domain, but good software engineering is good software engineering regardless of the application domain.
Q: Is the FACE Technical Standard subject to export regulations or does it contain any U.S.-controlled information?
TAYLOR: Absolutely not! This is a common misunderstanding. The FACE Technical Standard is an open, nonproprietary specification that is publicly available without restrictive contracts, licensing terms, or royalties.
Q: What are some other misconceptions?
TAYLOR: One is that the FACE Technical Standard documents are proprietary. They are not. On our website, if you visit the docs and tools pages, you can download anything we have listed and use it freely.
Another is that the FACE Technical Standard is complex and cost-prohibitive. Also not true, as there is a long-term cost savings associated enabled by software reuse. We have proven through Technical Interchange Meetings (TIMs) and other integration events that using the FACE Technical Standard actually saves integration time.
Q: The FACE Consortium recently announced that it is opening membership and participation to companies and individuals outside the United States. Who is included in this expansion and what does it mean for the acceptance of the FACE Technical Standard?
TAYLOR: In November 2022, we announced that membership to the FACE Consortium is open to participation from companies and organizations in Australia, Canada, New Zealand, and the United Kingdom.
We are already seeing benefits of opening membership in terms of an increased desire to work together to find solutions to common problems and to better align standards. Many of our new members were already working in some capacity with our current members, but now we are starting those conversations about how to not only strengthen those relationships, but also to use new ideas to continue to evolve and improve the FACE Technical Standard and Ecosystem.
Q: The FACE Consortium has been around for more than 12 years; do you see (new or other) opportunities beyond current activities that may help accelerate adoption of the FACE Technical Standard, in a broad sense?
TAYLOR: People tend to push back on anything new. When the FACE Approach was developed, the rumor was that it was too complicated or too difficult to implement. As the Technical Standard and FACE work products matured, people started to realize the benefits of adopting open standards. The DoD is placing a greater emphasis on implementing open standards (FACE, SOSA, HOST, VICTORY, etc.) and industry is also seeing the benefits, not just in contracts, but in how software is developed.
SPECIAL EDITION
www.opengroup.org/face FACE Special Edition 2023 | 7
I believe that we as members of the FACE Consortium have to continue telling our “good news” story about the benefits of using the FACE Technical Standard. Opening up to international participation will have multiple benefits, to not only our current membership organizations who have international offices, but it will also allow greater participation and promote cooperation and synergy.
I believe we are going to have to look closely at how technology is transforming the way code is developed, automated, and integrated. Digital Engineering and Model based System Engineering are increasing the use of models and linking data together through those models to promote better collaboration. Our tool vendors are already taking advantage of some of those innovations by auto generating code and supporting the conformance process.
Q: What recommendations or advice would you share for new members to gain the greatest ROI from the FACE Consortium?
TAYLOR: The first FACE Consortium meeting I ever attended was in December 2015. I remember I was so lost. I did not even know enough to ask a question. I remember attending something called FACE 101 and even felt lost in the introductory overview. It felt like drinking from a fire hose. I tried reading the Technical Standard and the RIG –nothing really made sense. Fortunately, Terry Carlson and Joe Carter (then-chairs of the FACE Steering Committee) and others answered my questions and gave me the support I needed to increase my knowledge level. Over the years I have tried to use that experience in shaping how the IWS and the FACE Consortium supports new members, educates our members, and removes barriers. The FACE Consortium now has Overviews covering Business, Technical, Data Architecture, and Conformance. There is a Getting Started
OpenSystems Media works with industry
Enabling the Migration to Software-Defined Platforms for Critical Infrastructure
By Paul Parkinson, Director, Field Engineering, Aerospace & Defense, EMEA, Wind River
There is a growing need across multiple sectors for devicestobeable to support the greater intelligence required to transitionfrom automated to autonomous systems. This is drivingtechnical requirements for open standards – based software-defined architectures to enable consolidation of multipleapplications onto common computing platforms. In this white paper, learn how this approach enables application migration, portability, and interoperability, to avoid being lockedinto proprietary architectures.
section on the external website. There are Getting Started Guides for Software Suppliers and Integrators. YouTube videos contain information about the CTS, BALSA, and much more. Plus, there are many other supporting resources.
My advice to new members: 1) Take advantage of the available resources and become familiar with them; 2) Ask lots of questions; 3) Get involved; and 4) Share your ideas and opinions. This is a consortium and it takes all of us working together. We all have strengths! You are an important piece of the puzzle for continuing to make the FACE Consortium successful! ■
Alicia Taylor joined The Open Group FACE Consortium in May of 2022 as the Program Director. Prior to that, she spent 6.5 years as a contractor for Axient, Inc. supporting US Army PEO Aviation.
FACE Consortium
www.opengroup.org/face
FACE SPECIAL EDITION
Read more white papers: https://militaryembedded.com/whitepapers
leaders to develop and publish content that educates our readers.
Read this white paper at https://bit.ly/3HtVtBu 8 | FACE Special Edition 2023 www.opengroup.org/face
QUESTION: HOW DOES THE FACE™ TECHNICAL STANDARD BENEFIT MILITARY AVIONICS SYSTEMS?
Standards: An essential first step but not the end
Ian Ferguson, VP of Marketing
There are three challenges expressed to us by our customers every day, namely;
1. Driving down system costs to be competitive
2. Opening up systems to a broad spectrum of solutions and breaking apart vendor lock
3. Shifting from single-use software and hardware platforms to rapidly enable reuse
Fundamentally, this comes down to radically improving time to market for the next generation of industry-leading platforms and subsequent generations. This must be achieved despite rising system complexity as we shift from closed “black boxes” to “systems of systems,” whereby systems are constructed out of multiple connected subsystems. These subsystems are either inside an armored vehicle or a plane or, like the vision of the Connected Battlefield, a set of discrete, connected, distributed platforms that share information securely in real-time.
Aligning to standards is an essential first step. It is indeed exciting to see the increased momentum of companies rallying around the Future Airborne Capability Environment™ (FACE) Technical Standard to help
EXECUTIVE SPEAKOUT
fuel the cadence of innovation. But as an ecosystem, we have a lot more we need to accomplish to support the higher-level objectives. Open system initiatives’ benefits hinge on engineers’ ability to reuse system components effectively. Today, we cannot simply insert a software component into a mission-critical system as easily as inserting a VPX card into a chassis. That is because standards
• Lack descriptions of expected behavior and side effects that can inform real-time and hazard analysis
• Do not account for the system information that’s needed to build, integrate and configure a comprehensive system to behave correctly
• Do not cover software components that reside in the operating system itself, such as drivers and health monitors
So, this is where we believe the ecosystem that services this category of use cases should be focused. And we must realize this vision together!
www.Lynx.com
Advancing the FACE™ Technical Standard
By Sean Mulholland, President and Co-founder of TES-SAVi (SAVi) –Tucson Embedded Systems (TES-i) subsidiary
Throughout the years, TES-SAVi and TES-i have championed the implementation of each version of the Future Airborne Capability Environment™ (FACE) Technical Standard by constructing FACE PCS and PSS components, real-time operating system interfaces, and building FACE development and modeling tools like AWESUM® and FAME. During these endeavors, we have often discovered potential improvements to the standard, which we actively address through the FACE working groups. We now find ourselves deeply immersed in developing and integrating various FACE components for deployment on multiple aircraft. As a result, we have identified challenges that necessitate a stronger focus on real-world system development and integration support. Specifically, we see the need to:
• Expand mandatory Transport Service Segment (TSS) requirements to enhance compatibility and portability of PCS & PSS components.
• Reduce software code required for each UoC message by implementing methods such as grouping UoC interfaces.
• Minimize memory copies needed for sending and receiving messages, enforced by the multiple injectable interfaces in the TSS.
ADVERTORIAL
• Refine the Integration Model by incorporating an Action Language for specifying data conversions, transformations, and integrations.
• Implement UDDL and FACE DA proposals to bolster the usability and specificity of data models.
• Update the normative programming languages to reflect current standards.
While numerous FACE improvements can be addressed through FACE tooling, some challenges stem directly from the standard and cannot be “fixed” without modification. None of these changes or additions are “earth-shattering”; however, we must persist in enhancing and supporting the growing ecosystem of developers, integrators, and tool vendors, making the FACE approach a reality. The most striking revelation might be that besides these tweaks, there are no major additions needed for the FACE Technical Standard to support real deployments.
ADVERTORIAL EXECUTIVE SPEAKOUT
WOULD YOU LIKE TO SEE TO THE FACE™ TECHNICAL STANDARD AND WHY? www.TES-SAVi.com
QUESTION: WHAT ADDITIONS
www.opengroup.org/face FACE Special Edition 2023 | 9
About the FACE TM Consortium
www.opengroup.org/face
The Open Group FACE™ Approach integrates technical and business practices that establish a standard common operating environment to support portable capabilities across avionics systems. The modularity defined in the FACE Approach enables an agile environment for firms to respond to market and customer demands for capability changes and upgrades. Industry has proven its commitment to the success of the FACE Approach by completing FACE conformance certification for its products. This enables military programs to rapidly select precertified software modules to reduce design, integration, and conformance costs for all programs requiring FACE conformance.
FACE SPONSOR
Air Force Life Cycle Management Center
https://www.afrl.af.mil/
Boeing
https://www.boeing.com/
Collins Aerospace
https://www.rockwellcollins.com/
Joint Tactical Networking Center
https://www.jtnc.mil/
Lockheed Martin
https://www.lockheedmartin.com/
NAVAIR
https://www.navair.navy.mil/
U.S. Army PEO Aviation
https://www.army.mil/PEOAviation
FACE PRINCIPAL
AdaCore
https://www.adacore.com/
BAE Systems Inc
https://www.baesystems.com/
Bell
https://www.bellflight.com/
Cubic Corporation
https://www.cubic.com/
Elbit Systems of America
https://www.elbitamerica.com/
FLIR Systems, Inc.
https://www.flir.com/
GE Aviation Systems
https://www.geaviation.com/
General Dynamics https://www.gd.com/
Honeywell Aerospace https://aerospace.honeywell.com/
L3Harris
https://www.l3harris.com/
Leonardo DRS
https://www.leonardodrs.com/
Mercury Systems
https://www.mrcy.com/
Northrop Grumman
https://www.northropgrumman.com/
Parry Labs, LLC
https://parrylabs.com/
Raytheon
https://www.rtx.com/
Sierra Nevada Corporation
https://www.sncorp.com/
Sikorsky Aircraft
https://www.lockheedmartin.com/en-us/ capabilities/sikorsky.html
U.S. Army Combat Capabilities Development Command Aviation and Missile Center
https://www.army.mil/article/157845/ ccdc_aviation_missile_center
Wind River
https://www.windriver.com/
FACE ASSOCIATE
Aitech
https://aitechsystems.com/
Alta Data Technologies, LLC
https://www.altadt.com/
Ampro ADLINK Technology, Inc.
https://www.adlinktech.com/en/Index
Ansys https://www.ansys.com/
Avalex Technologies
https://avalex.com/
Avilution, LLC
https://www.avilution.com/
CAE USA
https://www.cae.com/cae-usa/
Carnegie Mellon University, Software Engineering Institute
https://www.sei.cmu.edu/
CoreAVI
https://coreavi.com/
Craft Designs, Inc.
https://craftdesigns.net/
CS Communication & Systems, Inc.
https://www.cscanada.ca/
Cyient, Inc.
https://www.cyient.com/
10 | FACE Special Edition 2023 www.opengroup.org/face
Danbury Mission Technologies, LLC
https://www.dmtllc.org/
DDC-I
https://www.ddci.com/
ENSCO Avionics
https://www.ensco.com/
EXB Solutions
https://exbsolutions.com/
Galois
https://galois.com/
GaN Corporation
https://www.geeksandnerds.com/
General Atomics
https://www.ga.com/
General Micro Systems, Inc.
https://www.gms4sbc.com/
Green Hills Software
https://www.ghs.com/
Integrated Solutions for Systems, Inc.
https://is4s.com/
Intellisense Systems, Inc.
https://www.intellisenseinc.com/
Inter-Coastal Electronics, LLC
https://www.faac.com/inter-coastal/
ITZ, LLC
https://itz.org/
Jovian Software Consulting LLC
https://www.joviansc.com/
Kearfott Corp.
https://www.kearfott.com/
KIHOMAC, Inc.
https://www.kihomac.com/
LDRA Technology
https://ldra.com/
Leidos
https://www.leidos.com/
Lynx Software Technologies
https://www.lynx.com/
Makel Engineering, Inc.
https://www.makelengineering.com/
Mathtech, Inc.
https://icsg.us.com/
MathWorks
https://www.mathworks.com/
Micro Focus (US) Inc.
https://www.microfocus.com/en-us/home
Moog, Inc.
https://www.moog.com/
North Atlantic Industries, Inc.
https://www.naii.com/
OAR Corporation
http://www.oarcorp.com/
Presagis USA, Inc.
https://www.presagis.com/en/
Rapita Systems, Inc.
https://www.rapitasystems.com/about/ partners/face-consortium
Rapita Systems Ltd.
https://www.rapitasystems.com/
RDRTec, Inc.
https://www.rdrtec.com/
Real-Time Innovations
https://www.rti.com/en/
Riverside Research
https://www.riversideresearch.org/
Rogerson Kratos
https://www.rogerson.com/
SAIC
https://www.saic.com/
ScioTeq LLC
https://www.scioteq.com/en
Skayl LLC
https://www.skayl.com/
Southwest Research Institute
https://www.swri.org/
Swarm Aero
https://swarmaero.com/
TABAS CO, LLC
https://tabasconsultingllc.com/
Terma North America Inc.
https://www.terma.com/
TES-SAVi
https://tes-savi.com/
Textron Systems
https://www.textronsystems.com/
Thales Avionics, Inc.
https://www.thalesgroup.com/en
Thales UK
https://www.thalesgroup.com/en/ countries/europe/united-kingdom
Trideum Corporation
https://www.trideum.com/
TTTech North America, Inc.
https://www.tttech.com/
TurbineOne
https://www.turbineone.com/
Twin Oaks Computing, Inc.
http://www.twinoakscomputing.com/
United Electronic Industries, Inc. https://www.ueidaq.com/
University of Dayton Research Institute
https://udayton.edu/udri/
Verocel
https://www.verocel.com/
ViaSat, Inc.
https://www.viasat.com/
wolfSSL
https://www.wolfssl.com/
Zodiac Data Systems
https://services.zodiacaerospace.com/s/ login/?ec=302&startURL=%2Fs%2F
Note: List as of 4/10/2023
www.opengroup.org/face FACE Special Edition 2023 | 11
FACE
Consortium Information
WHAT IS THE FACE™ APPROACH?
The Future Airborne Capability Environment (FACE) approach is a government, industry and academia developed software standard and business strategy with the goals to:
•Increase the affordability of capabilities
•Improve time-to-field, delivering new capabilities faster
The FACE approach integrates technical and business practices that establish a standard common operating environment to support portable capabilities across software systems.
Additional information on the FACE approach can be found in the FACE Business Guide. The FACE Business Guide can be downloaded at https://publications.opengroup.org/.
Q.IS THE FACE™ APPROACH ONLY FOR AIRBORNE PLATFORMS?
No, the FACE™ approach and FACE Technical Standard are applicable to many environments. The FACE Technical Standard focuses on embedded military avionics applications. Other domain experts have evaluated the standard and determined it can be applied beyond the military avionics domain in areas such as real time embedded, ground-based defense systems, industrial control, and enterprise environments.
Q.WHAT IS THE FACE™ CONSORTIUM?
The Open Group FACE™ Consortium is a government, industry and academic partnership to define an open software environment applicable to complex systems in multiple domains. The FACE Consortium provides a vendor-neutral forum for members to work together to consolidate open standards, best practices, guidance documents and business strategies. Visit the FACE Consortium website at https://www.opengroup.org/face for more details.
Q.WHO CAN USE FACE™ CONSORTIUM DOCUMENTS?
Anyone can use published FACE™ Consortium documentation free of charge. The published FACE Consortium documents can be downloaded at https://www.opengroup.org/face/docsandtools. For access to draft Consortium documents, you must be a member of the FACE Consortium. More information about joining the Consortium is available at https://www.opengroup.org/content/future-airborne-capabilityenvironment-face/contact-join.
Q.WHAT IS THE FACE™ TECHNICAL STANDARD?
The FACE™ Technical Standard defines the software computing environment intended for the development of portable software components, including requirements for architectural segments and key interfaces. The standard is comprised of five segments and three key interfaces. It provides the benefits of interoperability, affordability, portability, increased competition and improved time-to-field.
The FACE Technical Standard can be downloaded at https://publications.opengroup.org/.
Q.HOW DO I GET STARTED DEVELOPING TO THE FACE™ TECHNICAL STANDARD?
In addition to downloading and reading the FACE™ Technical Standard, there are other references available for download, including the FACE Reference Implementation Guide (RIG). The FACE RIG can be downloaded at https://publications.opengroup.org/.
TM
12 | FACE Special Edition 2023 www.opengroup.org/face
Q.WHAT IS THE FACE™ CONFORMANCE PROGRAM?
The FACE™ Conformance Program defines the processes to verify, certify, and provide formal recognition that registered software meets the requirements of the FACE Technical Standard. A software supplier can only claim that their product is “FACE Conformant” by successfully completing the FACE conformance process. For more information on the FACE Conformance Program, please visit https://www.facesoftware.org/registry.
Q.HOW DO I SPECIFY FACE™ REQUIREMENTS IN MY ACQUISITION?
The FACE™ Consortium has published a Contract Guide to assist both government and industry partners in adding FACE requirements to their RFPs and other solicitations. The FACE Contract Guide can be downloaded at https://publications.opengroup.org/.
Q.DOES USING THE FACE™ APPROACH REQUIRE SOFTWARE SUPPLIERS TO RELINQUISH INTELLECTUAL PROPERTY?
No, the FACE™ approach and use of the FACE Technical Standard does not require a software supplier to relinquish their rights to intellectual property. For various scenarios on this topic, please refer to the FACE Business Guide 2.0 and the FACE Contract Guide. Both documents can be found on the FACE website.
Q.HOW DO I KNOW I’M USING PROPER FACE™ TERMINOLOGY IN A PRESS RELEASE, ARTICLE OR PRODUCT DESCRIPTION?
Please review our FACE™ Trademark Usage Guidelines & Copyright Permissions document, which can be downloaded at https://www.opengroup.org/content/future-airborne-capability-environment-face/legal.
Q.WHAT DO I DO IF MY QUESTION IS STILL UNANSWERED?
Questions can be sent to ogface-admin@opengroup.org.
Q.WHAT IS THE KEY IMPETUS FOR THE FACE™ CONSORTIUM OPENING MEMBERSHIP TO THESE 4 COUNTRIES?
Our world is getting smaller and smaller. Cooperation between countries has increased including the development of standards. The United States (U.S.) Department of Defense (DoD) is calling for more cooperation with allies. Over the past several years, many organizations in these countries have inquired about joining the FACE™ Consortium. In addition, many existing FACE Consortium member organizations are international corporations, and have expressed a desire to enable their employees from other countries to participate. Since the US already has an alliance with these countries, the initial recommended international expansion was approved for this scope. Note: We do acknowledge that while there is an existing intelligence alliance among these countries, this is simply a coincidence, and has no relevance on membership in The FACE Consortium.
Q.HOW WILL INTERNATIONAL EXPANSION BENEFIT THE FACE™ CONSORTIUM OVERALL?
International expansion broadens participation in the FACE™ Consortium, allowing a more diverse group of members to create and evolve FACE Consortium work products that benefit the expanded market. It also brings in new ideas and expertise, allowing current members to learn from new members and vice versa. The expectation is a new synergy within the FACE Consortium.
Q.IS THE FACE™ TECHNICAL STANDARD SUBJECT TO EXPORT REGULATIONS OR DOES IT CONTAIN ANY U.S.-CONTROLLED INFORMATION?
Absolutely not! This is a common misunderstanding. The FACE™ Technical Standard is an open, non-proprietary specification that is publicly available without restrictive contracts, licensing terms, or royalties.
Email The Open Group ogface-admin@consortia.opengroup.org
For more information, visit www.opengroup.org/face
LinkedIn: https://www .linkedin .com/groups/4127663/
Twitter: https://twitter com/theopengroup
You Tube Channel: https://www youtube com/playlist?list=PL4uhUsJo0STm3ypYiR6bBHlMH55eHf0SV
(Information from https://www.opengroup.org/content/future-airborne-capability-environment-face/faqs)
www.opengroup.org/face FACE Special Edition 2023 | 13
FACE in military avionics systems: Now let’s integrate it
By Arun Subbarao
It’s hard to escape the headlines around the Modular Open Systems Approach (MOSA), open standards, and individual initiatives such as those from The Open Group FACE Consortium, the creators of the Future Airborne Capability Environment (FACE) Technical Standard. In 2004, the Open Systems Task Force published a Program Manager Guide titled “A Modular Open Systems Approach (MOSA) to Acquisition.” Since then, the industry has seen a progression in policy guidance that raised the profile of MOSA and its applicability within military systems to enable success on the battlefield while lowering acquisition costs and promoting innovation.
The MOSA [Modular Open Systems Approach] strategy made its way into the National Defense Authorization Act language that was first signed into law for fiscal year 2017. In turn, this has flowed into requirements at the program manager level under the now-famous Tri-Services Memo: “MOSA for our Weapon Systems is a Warfighting Imperative,” issued by the U.S. Department of Defense (DoD) in 2019.
The FACE [Future Airborne Capability Environment] Technical Standard – as one of the named open standards endorsed by U.S. policy – was recently described by U.S. Army Brigadier General Rob Barrie as “integral to MOSA success by enabling modularity and promoting software reuse.” Programs such as the U.S. Army’s Future Vertical Lift call out the FACE standard as a requirement.
In today’s digitized avionics, most of the functional capability is implemented in software. Anywhere from 70% to 90% of that functionality depends on the selected equipment and how extensively it relies only on displays for the human-machine interface. The reality is that software development is hard; testing and certifying the safety of that software is hard. The need for greater functionality and adaptation of that
FACE SPECIAL EDITION
Image courtesy Collins Aerospace.
14 | FACE Special Edition 2023 www.opengroup.org/face
software to new situations is constant. The reality is that the old way of getting that software into aircraft fleets – which traditionally took years if not decades –now needs to be completed in weeks or days, sometimes hours.
By codifying a modular architecture, standard interfaces, data models, and conformance criteria into a common operating environment and reusable components, there now exists the means to share capabilities not only across platforms but also across the military services and avionics vendors.
The business benefits: Customers need not redo the development of a capability just to place it on a different aircraft. Components from different programs can be reused, with new components obtained
from a wider variety of suppliers. This approach increases competition and the delivery of innovative solutions.
Modularity and interchangeability: the vision of FACE
In short, this standardization of approaches for using open standards within military avionics systems promises to lower implementation costs, accelerate development, ensure robust architecture and consistently high-quality software implementation, and maximize opportunities for reuse. The FACE standard embraces these ideals by providing a modular reference architecture based on segments that can be integrated to meet final system requirements. (Figure 1.)
The content of each of those segments can and will vary depending on the preference of the system architect and the demands of the system under development. Despite those variations, modularity is ensured because the FACE standard defines the logical interfaces between the segments.
Each segment consists of one or more components. Each of those components must be shown to be fully conformant to the FACE standard applicable to the segment to which it contributes.
A FACE conformance test suite is used for that purpose, with a certification of conformance awarded following successful reviews by a FACE verification and certification
FACE SPECIAL EDITION
FACE InterfaceHardware (i.e.,MIL-STD-1553,Ethernet) Platform Devices Platform Sensors Platform Displays UserInput Devices Platform Radios Other Transports IO OperatingSystemSegment Platform-SpecificServicesSegment StandardizedUoP-leveldataproductsandindirect hardwareaccessareprovidedbythissegment I/OServicesSegment Standardized,butindirecthardware accessisprovidedbythissegment FACEdefined interfaceset FACEdefined interfaceset FACEdefined interfaceset Hardware DeviceDrivers TransportServicesSegment Allcommunication,includinginter-UoPcommunication, isachievedthroughmessage-basedtransport middlewarewhichresidesinthissegment TS TS PortableComponentsSegment CommonServicesandPortable Componentsresidehere
FIGURE 1 | FACE architectural segments are detailed.
www.opengroup.org/face FACE Special Edition 2023 | 15
COMPONENTS FROM DIFFERENT PROGRAMS CAN BE REUSED, WITH NEW COMPONENTS OBTAINED FROM A WIDER VARIETY OF SUPPLIERS.
authorities. That successful review is then recorded on the FACE registry with the FACE library administrator.
Any component that has been certified in this way is known as a “Unit of Conformance” (UoC).
FACE operating system segment
The foundational system services reside in the FACE operating system segment (OSS). These services are provided by OSS UoCs and include the control of access to the computing platform, support for the execution of all FACE UoCs, and the hosting of operating systems interfaces. (Figure 2.)
The OSS is where the foundational element of FACE conformant systems is laid out. The platform software that resides directly on hardware runs here. The benefit of writing this code using FACE APIs is that it becomes far easier to migrate this code between different systems and different hardware. When the FACE standard was being defined, the consortium chose to harness existing standards such as POSIX and ARINC, both of which have withstood the test of time.
From a security perspective, the use of built-in CPU virtualization features to isolate hardware security functions and separate application runtime services from hardware control interfaces goes a long way toward assuring system robustness. Such design techniques eliminate commonly exploited threat vectors that result in security policy bypass, privilege escalation and loss of CPU control altogether.
The ability for software partitions to be fortified and controlled with greater fidelity at the hardware level aligns perfectly with FACE ideals. Figure 3 introduces the notion of a hardware partitioning segment fulfilled by a hypervisor to the FACE reference architecture. The depiction shows a hypervisor isolating two sets of software on two different CPU cores, with each set configured with FACE conformant components. Each set of software is granted greater partitioning properties over a single OS-hosted design in which the
FACE SPECIAL EDITION
FIGURE 2 | Shown: Operating system segment with FACE.
FIGURE 3 | Example of FACE configuration with CPU virtualization-assisted hardware partitioning segment.
16 | FACE Special Edition 2023 www.opengroup.org/face
FIGURE 4 | Shown: the Collins Aerospace Tactical Combat Training System (TCTS) Increment II aircraft.
device drivers and internal service are separated.
Conformance: An example
The fact that the FACE conformance certification process is conducted using an independent assessment is the best way to assure customers that a product conforms to the requirements found within the FACE Technical Standard. The answer to preventing the “what could go wrong” using the FACE standard comes down to assuring 100% conformance to its requirements. Otherwise, the potential strongly exists for reuse to be denied and integration costs to rise because an interface mismatch can occur.
Collins Aerospace is committed to FACE conformance and earned the industry’s first FACE conformance certification in 2016. The company has found that these certificates provide an outstanding marketing vehicle to show proof that it is an open system software provider that adheres to MOSA.
The Tactical Combat Training System (TCTS) Increment II program (Figure 4) is one important example of using open standards to provide multidomain live, virtual and constructive (LVC) training capabilities to modern warfighters. The underlying system – called the Joint Secure ACMI System (JSAS) – uses an open systems architecture leveraging FACE and other industry interface standards to enable interfacing with a variety of monitoring and debriefing systems.
Proof of FACE lies in its ability to win business
Mandatory FACE conformance requirements have flowed down for nearly every applicable military program since the publication of FACE 2.0.
Ultimately, the proof of the principles lies in the ability to win business through their application. That ability is ably demonstrated, in one instance, by the success of Collins Aerospace’s Tactical Combat Training System (TCTS) Increment II program, whose underlying system uses an open systems architecture incorporating FACE and other industry interface standards. ■
Arun Subbarao is vice president of engineering at Lynx Software Technologies, responsible for the development of products for the internet of things and cybersecurity markets. He has more than 20 years of experience in the software industry working on security, safety, virtualization, operating systems, and networking technologies. In this role, he spearheaded the development of the LynxSecure separation kernel and hypervisor product as well as other software innovations in cybersecurity leading to multiple patents. He is also a panelist and presenter at several industry conferences. He holds a BS in computer science from India, an MS in computer science from SUNY Albany, and an MBA from Santa Clara University.
Lynx Software Technologies • https://www.lynx.com/
RTI
TSS uniquely delivers an open standardsconformant software connectivity framework that accelerates the development of modular and scalable safety-critical avionics systems.
rti.com/TSS
Connext TSS
Now Certified FACE 3.1 Conformant with DO-178C DAL A Safety Evidence
www.opengroup.org/face FACE Special Edition 2023 | 17
Connext®
MOSA systems: The benefits of deploying a datacentric architecture
By Andre Odermatt
A Modular Open Systems Approach (MOSA) – the method recommended by the U.S. Department of Defense (DoD) for the implementation of open systems – uses a decoupled system architecture that enables components to be incrementally added, removed, or replaced throughout the life cycle of a platform, providing opportunities for enhanced competition and innovation.
The U.S. Department of Defense (DoD) recognizes the importance of data and considers data as a strategic resource. A datacentric architecture is uniquely able to accomplish this goal because it not only enables systems to be decoupled and independent from each other, but also focuses the systems on the data itself. This approach supports both MOSA [Modular Open Systems Approach] and DoD data strategies. A datacentric architecture makes data the common element for systems to act on and consume, while also producing data that other systems can use such as
uncrewed aircraft system (UAS) payloads generating ever increasing amounts of intelligence, surveillance, and reconnaissance (ISR) data.
A datacentric architecture can be achieved by using open standards, which are at the core of MOSA. Current DoD standards, including the Future Airborne Capability Environment (FACE) Technical Standard, already embrace a datacentric architecture by emphasizing the importance of data. For example, the FACE approach encourages the use of a data model and requires FACE Units of Conformance (UoCs) to have a well-defined data model that can provide the structure to communicate through the Transport Services Segment (TSS) of the FACE architecture.
A datacentric architecture is an excellent use case for a publish-subscribe architecture, based on the open Data Distribution Service (DDS) standard, which also emphasizes the importance of data. Individual systems declare the intent to subscribe to data or advertise the data they have to offer. The publish-subscribe protocol then
FACE SPECIAL EDITION
Implementation of a Modular Open Systems Approach (MOSA) on uncrewed aircraft systems (UASs) are intended to enable multiple new standards for command and control, Future Airborne Capability Environment (FACE), Open Mission Systems (OMS), Universal Armament Interface (UAI), and a vehicle for segregating the flight/mission systems’ hardware and software. Photo courtesy General Atomics Aeronautical Systems, Inc. (GA-ASI).
18 | FACE Special Edition 2023 www.opengroup.org/face
matches publishers and subscribers with each other and makes sure the data gets to the right place at the right time. New participants can join at runtime without the need for code modifications, enabling rapid updates and technology refreshes using the existing data architecture.
Datacentricity and the system
Most software developers and system architects take an application-focused view on defining systems. They start off with defining the applications which are needed in a system (e.g., a GUI, processing, and the like). The next step is defining what the interfaces should be, and what is needed by each application. The interfaces keep evolving as new functionality is added and in most cases requires additional information. However, what really matters is the data, not the application; the application is
simply a way to display the data of interest. The same data is as important if it is displayed in a different application. For example, revenue numbers can be viewed in Excel, Word, Notepad, Vi, etc. The way the application displays the data may make it easier for the user to understand; however, the data – and not the application – has the key information and not the application. The information is in the data. (Figure 1.)
In contrast, datacentricity puts data at the center of the architecture; in other words, data is the primary asset of the system. (Figure 2.)
Realizing the importance of data, FACE requires a data model which provides a standard method for defining the data format and meaning for information-sharing between software components (e.g., FACE Unit of Portability (UoP)). The FACE data
FACE SPECIAL EDITION
FIGURE 1 | An application-centric approach to a system is shown.
www.opengroup.org/face FACE Special Edition 2023 | 19
FIGURE 2 | A datacentric approach to architecture is shown.
architecture is a key component of the FACE approach and is essential to designing systems and developing interoperable UoPs.
The DoD is rapidly transitioning to a datacentric enterprise. Datacentricity enables decision dominance at the speed of war and supports DoD efforts such as Joint AllDomain Command and Control (JADC2) that integrates sensors to command and control (C2) to effector systems across different operational commands, from the tactical edge to the cloud. This aligns exactly with the DoD Data Strategy announced in September 2020 that directs DoD leaders to evolve all DoD assets into datacentric assets that treat data as a weapon system.
In a datacentric system, the design starts with the data model. What data do I need, and how will it be represented? Different components can access shared data and communicate through shared data. Access rules can be put in place so only allowed and authenticated users can access the data. Since the data scheme is defined and all applications act on the same data, integration of new components is minimal and in most cases no data transformation is required. An example of a datacentric architecture is a database architecture. A common database schema is created and accessed through a defined protocol. Another advantage of this approach is that there are no dependencies between applications as the applications do not directly communicate with each other. All communication is done through accessing (reading or writing) data.
For a real-time system, it is not practical to exchange data by writing and reading data into a central database. In addition to the latency, the database server would be a single point of failure. To facilitate communication in a real-time system, the DDS standard, managed by the Object Management Group (OMG), was developed. DDS not only
supports a datacentric architecture; it also uses a simple publish-subscribe paradigm. As was established earlier, a datacentric approach focuses on data and has a data model. DDS requires a data model and is aware of the data being exchanged. In addition, the publish-subscribe paradigm with the discovery feature allows new applications to subscribe or publish any of the data defined in the data model.
The benefit of the publish-subscribe system is that the application does not need to know where to send the information or from where to request the information. To illustrate this, look at a classic message system similar to email: As a participant, I must email a status report every week, I need to know whom to send it to, and I need to list all the recipients. If there is a new person who is also interested in the weekly status email, that person needs to let me know so I can add the address to the future status-report emails.
Automate FACE ™ Conformance with the LDRA tool suite ®
LDRA has more than 45 years of experience providing software quality tools that help ensure functional safety, security, and standards compliance. The LDRA tool suite helps software suppliers achieve FACE™ Conformance through automation, coding standards compliance, traceability, and artifact generation. Furthermore, the LDRA tool suite supports DO-178B/C certification up to and include Software Level A. LDRA is a member of the FACE Consortium helping advance and promote the use of the FACE Technical Standard.
LDRA’s FACE Conformance Packages and FACE Verification Authority (VA) services reduce the risk, cost, and schedule of developing and deploying FACE Conformant UoCs.
FACE Conformance Packages (FCPs)
› Execution and production of FACE conformance reports, including FACE Conformance Verification Matrix (CVM) traceability
› Includes automated coding standard checking as prescribed in the FACE Technical Standard
FACE Verification Authority (VA) Services
› UoC Independent Validation and Verification – IV&V activities based on submittal of one or more UoCs and the associated Conformance Statement to the FACE Conformance Workflow Tool.
› UoC Lifecycle Support – effective performance of SQA oversight that prepares the UoC for formal validation and Conformance Test Suite Testing
FACE SPECIAL EDITION
ldra.com/face info@ldra.com 855-855-5372 www.linkedin.com/ company/ldra-limited @ ldra_technology
20 | FACE Special Edition 2023 www.opengroup.org/face
Publish-subscribe works more like social media, where I post my status and whoever follows me receives the update. If a new person is interested in the status, that person can follow (subscribe) to my status and automatically get the updates. I do not need to know how many followers I have. All I do is post (publish) my status update. DDS has another advantage: Since it is datacentric, I can apply filters on any of the data elements. Instead of getting a notification of every new status report, I now get updates only when a filtering criteria is met. Instead of getting every status report, I only get the status reports which have relevant information. The filter criteria can be changed at any point if the data of interest changes.
The Data Distribution Services (DDS) standard
Let’s take a closer look at DDS. The DDS standard is a set of standards which define the application API as well as the real-time publish-subscribe (RTPS) wire protocol that enables a transportagnostic, open standards-based capability to rapidly connect applications from a wide range of programming languages, operating systems, and computing platforms. DDS enables the user to separate transport from the application logic. The DDS standard currently includes the following:
› High-performance, scalable, secure, and datacentric publish-subscribe abstraction.
› Completely decentralized architecture with dynamic discovery service that automatically establishes communication between matching peers.
› Rich quality of service (QoS) characteristics for control over every aspect of data distribution, such as data availability, resource usage, reliability, and timing.
› Interoperable data sharing, platform-independent extensible data modeling, encoding, and representation.
› Recent extensions for remote procedure calls (RPC), security, resource-constrained devices, web integration, and OPC UA integration.
DDS provides data-sharing that is controlled by QoS policies. Applications communicate by publishing and subscribing to DDS topics identified by their topic name. Subscriptions can specify time and content filters and receive a subset of the data being published on the topic. Different DDS domains are completely independent of each other, as they do not share any data communication. In the case of UDP, this is achieved by using separate ports for each domain. There is no data-sharing across DDS domains. Figure 3 is an example of DDS communication using a single domain.
DDS participants can be on the same machine or across a network. In either case, the application uses the same DDS API for communications. Because there is no need to know or configure IP addresses or consider the differences in machine architectures, the process of adding additional communication participants on any operating system or hardware platform becomes an almost trivial task.
How DDS and datacentricity support MOSA
MOSA is a technical and business strategy for designing affordable and adaptable systems. The five principles of MOSA are:
1. Establish an enabling environment
2. Employ modular design
3. Designate key interfaces
4. Use open standards
5. Certify conformance
The first principle of establishing an enabling environment is really a business practice which supports the program manager in deploying MOSA throughout the acquisition life cycle.
MOSA requires a system architecture that allows several major system components at the appropriate level to be incrementally added, removed, or replaced throughout the life cycle of a major system platform, to afford opportunities for enhanced competition and innovation. Using a datacentric approach addresses principles two and three. A datacentric architecture inherently enables a module design as all components access a common set of data which also serves as the interface description. Creating a data model or using a standard data model is the foundation of a successful datacentric MOSA system. This can be a separate domain-specific data model or can be part of a specification (e.g., UMAA [Unmanned Maritime Autonomy Architecture] or ROS [Robot Operating System libraries]).
www.opengroup.org/face FACE Special Edition 2023 | 21
FIGURE 3 | A diagram shows the datacentric Publish-Subscribe approach.
Using open standards is another key principle. With open standards, application developers are not locked into a specific technology or vendor. The market decides which technologies are the most viable. Open standards establish protocols and building blocks that can help make applications more functional and interoperable which streamlines product development. Many of the open standards have multiple revisions and have improved from lessons learned over time. Using open standards is much more cost- and time-effective than new development. DDS is an example of an open standard that fits perfectly in many of the MOSA applications. The DDS standard has an active and vibrant community continuously working to extend its applicability. (Figure 4.) The DDS standard currently includes the following:
› Core specification (DDS, RTPS, DDS- XTypesTM, DDS-SECURITY)
› Language mappings
› APIs: C, C++, Java, and others
› Gateways (XRCE, Web, OPC)
DDS is also used in many other standards including FACE, UMAA, ROS, and GVA. Figure 5 shows some of the standards where DDS is used.
DDS use cases
DDS and RTPS packets are used for mission-critical applications, connecting embedded systems as a reliable communication layer between sensors, controllers, and actuators. DDS runs many of the most complex systems in the world: It powers the largest energy plants in North America, connects perception to control in autonomous vehicles, coordinates combat management in defense systems, drives a new generation of medical robotics, controls hyperloop and flying cars, provides 24/7 medical intelligence for hospital patients and emergency victims, and more.
At the TSOA-ID 2022 conference, RTI demonstrated interoperability between different native DDS applications (e.g., Unity and Epic Games Unreal Engine) and standards using DDS (e.g., FACE, ROS). The demonstration consists of two
FACE SPECIAL EDITION
FIGURE 6 | The architecture of the TSOA-ID native DDS interoperability demo is shown.
FIGURE 5 | Shown: Some of the standards where DDS is used.
22 | FACE Special Edition 2023 www.opengroup.org/face
FIGURE 4 | A timeline of individual data distribution services (DDS) specifications is shown.
drone simulators: one using the Unity gaming engine, and the other using the Epic Unreal Engine gaming engine. These drone flight simulators publish location, video, and lidar using the Sensor Open Systems Architecture (SOSA) Interaction Binding and publish data through a SOSA aligned plugin. The lidar data is displayed using the RVIZ, a ROS 2 application, while location is fed into different cockpit display systems (CDSs). Figure 6 shows the architecture of the demonstration. The integration of all those components was made possible by using a common data model. New components can easily be added, and variations of the demo have been demonstrated at different trade shows.
MOSA: No more vendor lock
MOSA recognized that to reduce cost, time to market, and to develop better, more flexible solutions, it must embrace open architectures. The era of black box and vendor-locked technologies has ended, and the industry must embrace open standards in all types of software ranging from commercial off-the-shelf to open source. MOSA is not just an
innovative idea, it is a legal requirement – specifically, Title 10 U.S. Code 2446a.(b), Sec 805 of DoD Acquisition Regulations – to achieve the development of affordable, adaptable systems.
It has been a few years since the DoD Data Strategy was created, and the DoD continuously makes strides toward its goal of transforming into a datacentric agency. To support that transition, new systems also need to embrace a datacentric strategy. Open standards such as DDS will become an essential part in supporting the DoD’s transition to a datacentric world. A datacentric open standard such as DDS enables the fundamental step for designing, developing, and deploying next-generation, distributed mission-critical systems and supports the MOSA principles of achieving lower life cycle costs in deployment and maintenance, faster time to market, and improved reliability during deployment in crewed and uncrewed systems. ■
Andre Odermatt is a principal application engineer at Real-Time Innovations (RTI). Before joining the Products & Markets group at RTI, Andre was a field application engineer at RTI for five years, working closely with customers on distributed systems. He has been participating in the FACE Consortium Integration Workshop Standing Committee (IWS) meetings for years. As a Field Application Engineer, he supported multiple projects such as the Ship Self Defense System (SSDS), General Atomics Ground Control Station, and Boeing AWACS, among others. Andre has over 30 years of experience with embedded systems, distributed applications, and communications protocols. He is an active participant in the FACE Consortium TWG Transport Services Segment (TSS) technical working group. Andre is the chair of the FACE integration workshop (IWS) standing committee.
RTI • https://www.rti.com/en/
Uncrewed Systems Virtual Conference: Enabling artificial intelligence, safety certification, and MOSA in
military unmanned platforms
Powered by Military Embedded Systems, the Uncrewed Systems Virtual Conference drives awareness and thought leadership around embedded electronics technology for autonomous systems from artificial intelligence (AI) to signal processing to avionics safety certification. It also examines strategies for applying a Modular Open Systems Approach (MOSA) in such designs.
Keynote: “Accelerating Dual-Use Technology for the Warfighter,” plus sessions including “Autonomous ISR payloads: Leveraging AI and Commercial Technology for Actionable Intelligence,” “Navigating Safety Certification in UAS Platforms,” “Leveraging MOSA Strategies for Autonomous Systems.”
Watch the webcast: https://bit.ly/3MVlBsB (This is an archived event.)
WATCH MORE WEBCASTS: https://militaryembedded.com/webcasts/ www.opengroup.org/face FACE Special Edition 2023 | 23
RVS provides an efficient verification solution for safety-critical avionics software. With solutions for functional testing, structural coverage analysis and execution time measurement, RVS supports achieving key DO-178C verification objectives. DO-178C (DO-330) qualification kits provide a straightforward path to tool qualification, and with both instrumentation-based and object code analysis solutions, RVS supports verification whatever your project’s needs.
Key effort-saving features improve efficiency and reduce time to market. Automatically merge results through a qualified merge utility, apply justifications for coverage gaps that migrate when your code changes, and run your coverage testing in fewer builds with the lowest on-target coverage analysis overheads on the market.
As the RVS instrumenters are qualified, there’s no need for manual review of instrumentation. Flexible licensing allows users across the globe to share the same pool of licenses.
FEATURES
Ą On-target and on-host software verification
Ą Functional requirements-based testing
Ą Structural coverage analysis up to MC/DC
Ą Worst-case execution time measurement
Ą Object code analysis solutions
Ą DO-330 qualification kits
Ą Qualified instrumenters – no need for review
wolfSSL Embedded Crypto Library
Does your device or application need FIPS or DO-178 based TLS or Cryptography? wolfSSL’s Cybersecurity products are currently in service in the sky and space protecting assets from compromise. wolfSSL’s TLS, secure boot and cryptography libraries are used by every branch of the US military. Our cryptography is developed and supported from here in the USA, as opposed to other packages like OpenSSL, which has code and developers from known adversaries. wolfBoot, our secure bootloader, secures assets by ensuring that any firmware update is signed and verified by our wolfCrypt FIPS 140-3 cryptography library. We also support TLS 1.3 or SSH for secure delivery of the updated firmware, should you be concerned about the security of your network connection and potentially subject to man in the middle attacks. wolfSSL can run ‘over the top’ of the various communications standards. To hear more about our wolfSSL library, the wolfCrypt encryption engine, wolfBoot Secure Bootloader, wolfSSL Support for DO-178C DAL A, etc. contact us!
FEATURES
wolfCrypt – Embedded Crypto Engine
Supports FIPS 140-2 or FIPS 140-3
RTCA DO 178C DAL A Support
Low resource use with Bare Metal Support
wolfBoot – Secure Boot Loader
wolfSSH – Lightweight SSH Library
TLS 1.3 and DTLS 1.3
https://www.wolfssl.com/products/wolfssl/ wolfSSL www.wolfssl.com
FACE Special Edition Profi les
kajal@wolfssl.com 425-503-2347 www.linkedin.com/company/wolfssl/ @wolfSSL
Platform-Specific Services Segment (PSSS)
https://www.rapitasystems.com/products/rvs Rapita Systems www.rapitasystems.com marketing@rapitasystems.com +44 (0)1904 413945 www.linkedin.com/company/rapita-systems @rapitasystems
Rapita Verification Suite
Portable Components Segment (PCS) 24 | FACE Special Edition 2023 www.opengroup.org/face
LynxOS-178 is a native POSIX, hard real-time partitioning operating system developed and certified to FAA DO-178C DAL A safety standards. It is the only commercial off-the-shelf (COTS) OS to be awarded a Reusable Software Component (RSC) certificate from the FAA for reusability in DO-178C certification projects.
LynxOS-178 is the primary host for real-time POSIX and Future Airborne Capability Environment™ (FACE) Technical Standard applications within the LYNX MOSA.ic™ development and integration framework. LynxOS-178 native POSIX implementation satisfies the PSE 53/54 profiles for both dedicated and multi-purpose real-time as well as FACE™ applications.
LynxOS-178 has passed the conformance testing for version 3.1 of the FACE specification for the x86, Arm, and PowerPC platforms. It is based on open standards and is designed specifically to fulfill the stringent needs of multithread and multiprocess applications in safety-critical real-time systems, providing security and safety through strict, hardware-enforced isolation between real-time processes, applications, and the RTOS kernel services and drivers. Our partnership with Adacore/Ferrous brings a reliable Rust toolchain into the Lynx developer environment, which enables customers to create applications in Rust for deployment on LynxOS-178 and/or the Lynx Unikernel.
LynxOS-178 provides previously certified software and artifacts in order to fully satisfy, right out of the box, the DO-178C level A requirement that every line of software in the system be verified with Modified Condition/ Decision Coverage. The DO-178C certification process is so time- and laborintensive that vendors may experience an output of just 125 lines of code per man-month. Testing of complex code could quickly add up to millions of dollars.
LynxOS-178 RSC is more than just a set of DO-178C artifacts. The docu-
mentation set includes a detailed partitioning and interface analysis that focuses on time, space and resource partitioning as well as timing margin analysis so developers can allocate budgets to use operating system services. The set of RSC guidance documentation includes requirements, design data, test suites and coverage analysis to meet DO-178C requirements.
LynxOS-178 has been deployed in certified commercial and military avionics systems that have flown hundreds of millions of hours.
FEATURES
Certified to FAA DO178C DAL A safety standards
Reusable Software Component (RSC)
Conformance to Open Standards
Certifiable Networking
FACE 3.1 Conformant
Support for Arm, PowerPC and x86 Architectures
GNU C/C++ Compiler, Eclipse Toolchain Support and RUST Compiler Support
Lynx Software Technologies www.lynx.com inside@lynx.com (408) 979-3900 www.linkedin.com/company/lynxsoftwaretechnologies/ @ lynxsoftware Operating System Segment (OSS) FACE Special Edition Profiles www.opengroup.org/face FACE Special Edition 2023 | 25
LynxOS-178 RTOS
https://www.lynx.com/products/lynxos-178-do-178c-certified-posix-rtos
AWESUM, FAME, and FACE™ Libraries
AWESUM® is an end-to-end tool suite supporting FACE™ Digital Engineering, purposely designed to optimize the Systems Development process to reduce effort, schedule and cost while increasing quality and supporting emerging technologies and processes including the Modular Open System Approach (MOSA). AWESUM unifies lifecycle activities through a Digital Engineering Modelbased Modular Open Systems Approach process (MMOSA). This enables your team to develop software intensive systems of the highest quality while achieving safety conformance for Commercial and Military systems.
A key component of AWESUM and MMOSA is the ability to develop and integrate device control software for Avionics devices and interfaces. Devices such as communications equipment, networking, weapons, etc. have been generated through AWESUM’s advanced modeling, development and integration capabilities.
FAME™ is a subset of AWESUM providing a powerful, user-friendly tool designed for creating, editing, and validating models conforming to the Future Airborne Capability Environment™ (FACE) Technical Standard..
Both tools streamline the FACE data modeling and component integration process through:
• Natural Language Processing (NLP) tools for building conceptual models
• Built-in model validation and QuickFix of common mistakes
• Generation of FACE conformant code, functional tests and documentation
• User-friendly, graphical modeling environment with all the tools needed for rapid conformant FACE Data Architecture Development
• Supports FACE 2.1.x and 3.x directly; provides automatic conversion between editions
• Provides full round trip model support simplifying tool chain integration
• Handles multiple USMs and DSDMs in the same project
The AWESUM and FAME tools offer unparalleled solutions for developing and managing cyber-physical systems while improving system products and reducing program risk through continuous validation and verification.
SAVi personnel are here to help you through development expertise, professional training and hands on support ensuring your success.
FEATURES
Cost-effective solution for mission-critical systems
Comprehensive system design and integration support Reduces schedule for highly reliable systems
Aligned to DO-178C, DO-331, AC 20-148, AR 70-62, FACE™, SOSA™ and HOST
Streamlines device control development and integration: SNMP MIBs, Bit & Tag ICDs, and APIs
Supports of Continuous Integration/Continuous Deployment (CI/CD)
Integrates with other modeling and development tools
Integrates with several vendor Transport Services
FACE Special Edition Profiles
www.tes-savi.com TES-SAVi www.tes-savi.com info@tes-savi.com (520) 498-0490 www.linkedin.com/company/tes-savi/ Transport Services Segment (TSS) 26 | FACE Special Edition 2023 www.opengroup.org/face
The FACE Approach
The Future Airborne Capability Environment™(FACE) Approach is a Government-industrydeveloped software standardand business strategy withthe
goals to:
• Increase the affordability of capabilities
• Improve time-to-field, delivering new capabilities to the warfighter faster
The FACE Approachintegratestechnical andbusiness practices thatestablish a standard commonoperatinn---..... environment to support portable capabilities across avionics systems.
The FACE Technical Standard defines the requirements for architectural segments and key interfaces that link thesegments together. This enables the reuse of capability-basedsoftware componentsacross different hardware computing environments.
The ideais to avoid "reinventing the wheel" for every new platform system. It also enables rapid replacement of older softwareand insertion with new andimproved capabilities throughout the system lifecycle. The FACE Approach is relevant to both enduring systems and future systems, including new system designs, system-level upgrades, and component upgrades.
Agovernment and industry partnershipto definean openavionicsenvironment for allmilitaryairborne platform types.
The Open Group:Leading the development ofopen, vendor-neutral technologystandards and certifications
The Open Group is a global consortium that enables the achievement of businessobjectives through technology standards. With more than 900memberorganizations, wehavea diverse membership that spans all sectorsof the technology communitycustomers, systems andsolutions suppliers, tool vendors, integrators, and consultants, as well asacademicsand researchers.
futureAirborne CapabilityEnvironmentTM
OTHE 0P!{/fvp