Date of Original Version
Abstract or Table of Contents
Databus and data network technology continues to play an ever-increasing role in aviation digital electronics architectures throughout the range of aviation markets. The evolution of integrated modular aviation digital electronics architectures comprising multiple subsystems integrated into single and redundant data networks is increasing the influence of data networking. The criticality of data networks has previously led avionics manufacturers and aircraft original equipment manufacturers to design specific aerospace solutions to meet their requirements. In recent years, cost challenges have led to the adoption of commercial off-the-shelf (COTS) communication solutions in avionics. Although attractive from a cost perspective, the adoption of COTS presents certification issues, particularly as the complexity and increased leverage of technology continues to evolve. Subtleties may escape the system designer and leave dependability holes. An example is the interference of the Controller Area Network bit-error stuffing mechanism with message cyclic redundancy code coverage. COTS can be adopted as is, or with fixes added so it is a better fit for dependable avionics requirements, i.e., the adaptation of Ethernet to Aeronautical Radio, Incorporated (ARINC®) Part 7. Helping this trend is the arrival of “safety-critical COTS” in the marketplace, particularly in automobile and process-control areas. However, even with designed-for-purpose technology, it is necessary to ensure that the technology has dependability consistent with real-world requirements and redundancy management schemes.
Development and evaluation of aviation digital electronics data networks that are suitable for safety-critical aviation digital electronics is a complex subject area. It requires detailed knowledge of communications systems, aviation communication and application requirements, mechanisms for creating dependable architectures, certification expectations, and assurance strategies. It is also important to note that, with correct architectural mitigation, almost any data network may be used in a certified system. For example, a layer of fault tolerance can be placed above the network to fix any of its shortcomings.
The objective of this Handbook is to provide criteria for evaluating data network technology for use in safety-critical applications. However, this should not be taken to mean that these criteria can be used to rank data networks in a scale of absolute goodness, independent of the avionics systems in which they are employed. Because the operation of a data network is so entangled with the avionics system it supports, it is not possible to make an evaluation of a data network on its own. The goal is to create a sufficient breadth of criteria that can be used to evaluate the widest range of data networks with respect to the avionics systems in which they may be employed.