Engineering mixed-criticality interactive applications

In the field of critical systems, safety standards such as DO-178C define Development Assurance Levels (DALs) for software systems (or sub-systems). The higher the consequence of a failure the higher DAL is required by certification authorities. Developing a system at a DAL A requires the use of formal description techniques and is thus expensive. For lower DALs, standard software development is accepted. While operating such systems, reaching a given goal might require operators to perform tasks using sub-systems of different DALs. Operations thus take place via mixed-criticality systems developed using several different techniques. In order to guarantee the effectiveness of the developed systems, it is necessary to ensure the compatibility of the operators' tasks and the system (whatever technique has been used for its development). While DAL identification is outside the scope of the paper, this article presents a task-model based approach for addressing multiple DALs for mixed-criticality interactive software. That approach proposes a systematic process for engineering mixed-criticality interactive applications. This process is supported by a software modeling and development environment integrating both formal description techniques and standard software programming techniques. The process and the development environment are illustrated with a case study of a mixed-criticality interactive cockpit application.