just brew it! wrote:Yes, a hard real-time OS with appropriate "certification artifacts" documenting the software lifecycle is required. Certification artifacts need to be provided for the application code as well. The highest certification level (for critical flight systems) needs to achieve a (predicted) reliability of less than 1 failure per billion flight hours; this requires redundancy in the hardware, and extensive automatic fault detection and failover mechanisms.
Well, now I know why the AP-101 is still flying. Far cheaper to bolt new things on it than to start over from scratch.