July 2020, Volume 22 – Number 7 • cotsjournalonline.com
The Journal of Military Electronics & Computing
JOURNAL
When testing is not enough.
Software complexity drives technology Leaders to Adopt Formal Methods.
The Challenges of the Harshest Environments are met with the latest Rugged Laptops and Tablets
Special Product Listings
The Journal of Military Electronics & Computing COTS (kots), n. 1. Commercial off-the-shelf. Terminology popularized in 1994 within U.S. DoD by SECDEF Wm. Perry’s “Perry Memo” that changed military industry purchasing and design guidelines, making Mil-Specs acceptable only by waiver. COTS is generally defined for technology, goods and services as: a) using commercial business practices and specifications, b) not developed under government funding, c) offered for sale to the general market, d) still must meet the program ORD. 2. Commercial business practices include the accepted practice of customer-paid minor modification to standard COTS products to meet the customer’s unique requirements.
JOURNAL
—Ant. When applied to the procurement of electronics for he U.S. Military, COTS is a procurement philosophy and does not imply commercial, office environment or any other durability grade. E.g., rad-hard components designed and offered for sale to the general market are COTS if they were developed by the company and not under government funding.
SPECIAL FEATURES 14 When testing is not enough. Software complexity drives technology Leaders to Adopt Formal Methods.
By Yannick Moy & M. Anthony Aiello
DEPARTMENTS 6 The Inside Track
SYSTEM DEVELOPMENT 20
The Challenges of the Harshest Environments are met with the latest Rugged Laptops and Tablets
By By John Reardon, COTS Journal, Publisher
24
Special Product Listings
COT’S PICKS 24
Editor’s Choice for July
Cover Image The DT Research Rugged Tablets that feature touchscreens with Night Vision options, high performance Intel® processors. Which is one of our Special Products feautred on page 24.
COTS Journal | July 2020
3
The Journal of Military Electronics & Computing
JOURNAL EDITORIAL
EDITORIAL SUBMISSION AND RELEASES johnr@rtc-media.com
AD TRAFFIC Vaughn Orchard Vaughno@rtc-media.com
PUBLISHER/CEO John Reardon Johnr@rtc-media.com
FINANCE AND ACCOUNTING Paige Reardon paiger@rtc-media.com
CONTRIBUTING EDITORS
ADMINISTRATION/CIRCULATION Dawn Dunaway dawnr@rtc-media.com
Tom Williams
Glenn ImObersteg Robert Hoffman
ART AND PRODUCTION
CREATIVE DIRECTOR David Ramos drdesignservices@ymail.com DIGITAL MARKETING MANAGER Scott Blair Scott@blair-media.com
COTS Journal CORPORATE OFFICE RTC Media 3180 Sitio Sendero, Carlsbad, CA. 92009 Phone: (949) 226-2023 Fax: (949) 226-2050 www.rtc-media.com
PUBLISHED BY RTC MEDIA Copyright 2020, RTC Media. Printed in the United States. All rights reserved. All related graphics are trademarks of The RTC Group. All other brand and product names are the property of their holders.
4
COTS Journal | July 2020
ACCOUNT MANAGER
SALES MANAGER Vaughn Orchard Vaughno@rtc-media.com CUSTOM AND CONTRACT SERVICES John Reardon Johnr@rtc-media.com
The
INSIDE TRACK
NASA Awards Azul Placement in the EIS Agency Catalog Intelligence Community Now Has Access to the Best Java Platform for Secure Enterprise Performance and Support at the Best Cost
Azul, provider of the world’s most trusted open source Java platform, today announced that the Naval Information Warfare Center, Pacific (NIWC PAC) on behalf of the Department of Defense (DOD), awarded Azul an Enterprise Software Initiative (ESI) Agency Catalog under the National Aeronautics and Space Administration (NASA) SEWP V contract. The NASA Solutions for Enterprise-Wide Procurement (SEWP) Agency is a govern-
EPC and VPT, Inc. Announce Joint Venture – EPC Space – Targeting the Radiation Hardened Power Electronics Market for Mission Critical Applications EPC Space, a joint venture company, will provide advanced, high-reliability, gallium nitride (GaN) power conversion solutions for critical spaceborne and other high reliability environments. Efficient Power Conversion Corporation and VPT, Inc., A HEICO company announce the establishment of EPC Space LLC, a joint venture focused on designing and manufacturing radiation hardened (Rad Hard) GaN-on-silicon transistors and ICs packaged, tested, and qualified for satellite and high-reliability applications. EPC Space will provide advanced, high-reliability, power conversion solutions for critical spaceborne environments in applications including power supplies, light detection and ranging (lidar), motor drive, and ion thrusters. These GaN-based components offer superior performance advantages over traditional silicon-based solutions. Alex Lidow, CEO and Co-Founder of EPC noted, “VPT’s global leadership in power conversion solutions for avionics, military, and space applications is the perfect complement 6
COTS Journal | July 2020
ment-wide acquisition contract (GWAC) managed by NASA. Department of Defense, U.S. Coast Guard, and Intelligence Community customers may now order Azul software through the NASA SEWP Agency Catalog. “Federal agencies now have an opportunity to save millions of dollars while getting the best commercial support of Java on the market,” said Scott Sellers, Azul co-founder, president and CEO. “Because Oracle Java and Azul Zulu OpenJDK are based on the same open-source OpenJDK code, they have identical features and performance. The difference is in cost and support. When deploying Azul Zulu, customers typically save 50-90%.” The world of Java is going through a huge to EPC’s leadership in GaN-based power conversion devices.” Further, Dr. Lidow said, “The joint venture – EPC Space – is taking the superior performance of gallium nitride to the high reliability community offering electrical and radiation performance beyond the capabilities of the aging Rad Hard silicon MOSFET.” Dan Sable, Founder and CEO of VPT, Inc.
shake-up because of Oracle’s ending of free support and the consequent increase in costs for many customers. Azul has been the best-kept secret in Java but that is changing quickly. The largest company 100% focused on Java and the JVM and with the largest Java engineering team after Oracle, Azul has been shipping enterprise Java products for over 15 years. Based in Sunnyvale, Calif., Azul has presence in 14 countries, with channel partners covering 88 countries, and 100+ technology partners creating joint solutions for various industries and purposes. With over 500 customers globally including federal government entities such as the Department of the Interior, the Federal Reserve System, and US Courts, Azul is used by hundreds of thousands of Java developers and millions of connected devices. commented, “EPC’s GaN technology enables a new generation of power converters in space operating at higher frequencies, higher efficiencies, and greater power densities than ever achievable before. We are excited about this venture’s ability to provide mission-critical components and services to our high-reliability markets.”
The
INSIDE TRACK
Forward Area Air Defense Command and Control is Department of Defense system of choice for Counter-Small Unmanned Aerial System
Northrop Grumman Corporation’s Forward Area Air Defense Command and Control (FAAD C2) system has been selected by the U.S. Department of Defense (DOD) as the interim command and control system for future Counter-Small Unmanned Aerial System (C-sUAS) procurements. The decision follows the findings of a service board established by the DOD’s Joint Counter-Small Unmanned Aerial Systems (C-sUAS) Office to evaluate and provide an order-of-merit list for “best-of-breed” systems to counter small drones. The down-select
board was comprised of representatives from the U.S. Army, Navy, Marine Corps, Air Force and Special Operations Command, and senior representatives from the acquisition, technical, operational and other communities. FAAD C2 will serve as the current joint common C-sUAS C2 platform while an enduring solution is developed. “Our FAAD C2 has been saving lives at Forward Operating Bases and locations around the world since 2005,” said Kenn Todorov, vice president and general manager, combat systems and mission readiness, Northrop Grumman. “FAAD C2 continuously evolves to defend against new threats like small unmanned aerial systems and will continue to be the gold standard for protection of our troops whether stationed at bases or on the move.”
FAAD C2 is a battle-proven C2 system, deployed in several theaters of operation for the C-UAS and C-RAM (Counter-Rocket, Artillery and Mortar) missions for its proven performance and flexibility that enables easy integration with available sensors, effectors and warning systems to launch rapid, real-time defense against short range and maneuvering threats. It also has been selected as the C2 system for the Army’s Initial Maneuver Short Range Air Defense (IM-SHORAD) platforms. FAAD-C2 is built on the open architecture common to the Northrop Grumman all-domain C4I solution ecosystem and will ultimately converge into the US Army’s Integrated Air and Missile Defense Battle Command System (IBCS).
COTS Journal | July 2020
7
The
INSIDE TRACK
NASA Invests $51 Million in Innovative Ideas from US Small Businesses
NASA has selected 409 technology proposals for the first phase of funding from the agency’s Small Business Innovation Research (SBIR) and Small Business Technology Transfer (STTR) program. The contracts will provide approximately $51 million to 312 small businesses in 44 states and Washington, D.C. “NASA depends on America’s small businesses for innovative technology development that helps us achieve our wide variety of missions,” said Jim Reuter, associate administrator for NASA’s Space Technology Mission Directorate in Washington. “Whether we’re landing Artemis astronauts on the Moon, sending rovers to Mars, or developing next-generation aircraft our small business partners play an important role.” More than 100 of the selected companies will be first-time recipients of a NASA SBIR or STTR contract. Additionally, 27% of the small businesses are from underrepresented groups, including minority and women-owned businesses.
SBIR contract to advance a safe and efficient air traffic control system for urban transportation systems in the sky. The system could help cities plan for commercial air taxi services. CU Aerospace in Champaign, Illinois, was selected for an SBIR award to develop a compact sterilizer for use on spacecraft materials and throughout the medical industry, including personal protective equipment. Paragon Space Development Corporation in Tucson, Arizona, was selected for an SBIR award to mature a system to collect and purify water found on the Moon. The research and development could inform how to generate products with local materials in space. Aegis Technology in Santa Ana, California, was selected for an STTR award in partnership with Cornell University to develop low cost lithium-ion batteries with more desirable performance, including longer lifespans. The batteries could benefit hybrid electric or all-electric power generation. Phase I awards are made to small business-
es to establish the merit and feasibility of their innovations. Phase I SBIR contracts last for six months and Phase I STTR contracts last for 13 months. Based on their progress during Phase I, companies may submit proposals to subsequent SBIR/STTR opportunities and receive additional funding. “A Phase I award is just the first step in helping these small businesses bring their technologies and ideas to market,” said NASA SBIR/ STTR Program Executive Jenn Gustetic. “We know these companies not only need funding, but business guidance and industry expertise to help them develop better products and grow. Our program aims to help each of them in their journeys to commercialization.” The structure of NASA’s SBIR/STTR program allows the agency to continuously invest in small businesses as their technologies reach different maturity stages. Phase II contracts support prototyping. The program also fosters rapid development and integration into the commercial marketplace and NASA missions through post-Phase II opportunities.
Companies will receive up to $125,000 for each of the Phase I selections. SBIR awards are made to only a small business, while STTR awards are made to a small business in partnership with a non-profit research institution. NASA has selected 409 technology proposals for the first phase of funding from the agency’s Small Business Innovation Research (SBIR) and Small Business Technology Transfer (STTR) program. The selected proposals represent a range of technologies that aim to benefit human exploration, including NASA’s Artemis program, as well as science, technology, and aeronautics. Many of the innovations also have potential applications on Earth. The following are among the selections. Opterus Research and Development in Fort Collins, Colorado, was selected for an SBIR award to develop high-power solar arrays to provide power on the Moon, Mars, and onboard spacecraft. Architecture Technology Corporation in Eden Prairie, Minnesota, was selected for an 8
COTS Journal | July 2020
NASA’s Mars 2020 Perseverance rover waits to be lifted onto its Atlas V launch vehicle at the Cape Canaveral Air Force Station in Florida on July 7, 2020. Image Credit: NASA/KSC
The
INSIDE TRACK
Satellite for US Air Force Successfully Launches as Part of L3Harris’ Responsive Constellation Contract
L3Harris Technologies launched the latest in a demonstration series of end-to-end small satellites as part of a U.S. Air Force constellation the company is responsible for developing. As the prime contractor for the firm fixed-price development space mission, L3Harris is designing, developing, building, testing and deploying the satellites. The company will task, command and control the satellite system, as well as perform onboard processing of data to deliver imagery products directly to warfighters on tactical timelines. “L3Harris has developed and supported various aspects of satellite missions over the
last several decades as a component supplier or hosted payload,” said Ed Zoiss, President, Space and Airborne Systems, L3Harris. “In collaboration with the U.S. Air Force, we pulled the pieces together to successfully plan, develop and execute an affordable, high-performance space mission, which is part of a responsive constellation contract.” The Evolved Expendable Launch Vehicles Secondary Payload Adapter, or ESPA-class, satellite system will use L3Harris’ fully reprogrammable payload platform — allowing operators to reconfigure smallsat payloads on orbit to changing missions. The company’s High Compaction Ratio unfurlable X-band reflector is also on board to enable high-speed data communication. L3Harris is an end-to-end solutions provider for affordable, responsive smallsat systems that deliver high value for the most challenging Department of Defense and Intelligence Community missions.
COTS Journal | July 2020
9
The
INSIDE TRACK
US Army awards Leidos task order to provide IEW&S system and software support Leidos announced it has been awarded a new task order by the U.S. Army Contracting Command – Aberdeen Proving Ground (ACG-APG) to provide Intelligence, Electronic Warfare and Sensors (IEW&S) system and software support to the U.S. Army’s Communications-Electronics Command (CECOM) Software Engineering Center (SEC), Sensors and Mission Equipment Division (SMED). The single-award, indefinite-delivery/indefinite-quantity, cost-plus-fixed-fee task order has a oneyear base period of performance, followed by four one-year options, and a total approximate value of $210 million if all options are exercised. Work will be performed primarily at Aberdeen Proving Ground, Md. CECOM is the Army’s materiel integrator for command, control, communications, com-
10
COTS Journal | July 2020
puters, cyber, intelligence, surveillance, and reconnaissance (C5ISR) readiness. As a major subordinate command of the Army Materiel Command (AMC), CECOM collaborates with Program Executive Offices, other AMC commands, and industry partners to provide, integrate, and sustain world-class C5ISR hardware, software, and mission command capabilities for the joint warfighter. Under the IEW&S contract, Leidos will provide system and software engineering support that will ensure reliability, maintainability, inter-operability, and configuration integrity of CECOM’s modern platform sensor and electronic warfare systems. Using its experience and investments in Secure Development Operations (SecDevOps), Leidos will implement its agile development process to the area of
Post-Production and Post-Deployment Software Support. Additionally, Leidos will leverage a portfolio management dashboard that is collaborative and tailorable to the needs of the customer to provide near real-time status of schedules and work efforts. “Leidos understands the criticality of C5ISR readiness as warfighters face the possibility of electronic warfare,” said Mike Rickels, Leidos Defense Group senior vice president, C4ISR Solutions. “We stand ready to help CECOM stay ahead of adversaries with secure software development and detailed production reporting.”
The
INSIDE TRACK
QuickLogic Announces Open Reconfigurable Computing Initiative
- QuickLogic Open Reconfigurable Computing (QORC) initiative, developed by Antmicro in collaboration with QuickLogic and Google, broadens access to company’s FPGA technology and eFPGA IP for all embedded systems developers - First programmable logic company to embrace open source FPGA development tools
QuickLogic Corporation announced its ground breaking QORC (QuickLogic Open Reconfigurable Computing) initiative, making it the first programmable logic vendor to actively embrace a fully open source suite of development tools for its FPGA devices and eFPGA technology. This initiative engenders the emerging trend toward open source tooling, significantly broadens access to the company’s products, and enables both hardware and software developers with tools supported by both the user community and QuickLogic. The company’s initial open source development tools, developed by Antmicro in collaboration with QuickLogic and Google, include complete support for its EOS S3 low power voice and sensor processing MCU with embedded FPGA, and its PolarPro 3E discrete FPGA family. Support for additional QuickLogic products, including QuickAI and support for its eFPGA IP offering will be added over the next few months.
EOS S3 Open Source Development Tools: • FPGA Development Flow: SymbiFlow – Open source tools for the optimization and automation of the FPGA design flow, from Verilog to bitstream generation. These tools enable innovation by making FPGAs more accessible to a broader community. • SoC Emulation: Renode – Antmicro’s Renode is an open source simulation framework for rapid prototyping, development and testing of multi-node systems. Utilizing Renode
gives developers the flexibility to fully evaluate multiple development board applications. • Zephyr Real Time Operating System (RTOS) – The Zephyr RTOS is an open source, vendor-neutral, compact, real-time operating system running on the Arm® Cortex®-M4F for connected, resource-constrained and embedded devices in applications that require security and safety. • QuickFeather Development Kit – A small form factor, 100% open source hardware development kit ideal for the next generation of low-power Machine Learning (ML) capable IoT devices. Traditionally, programmable logic vendors offered and supported only proprietary synthesis, place and route tools. Open source tools were relegated to hobbyists, academics, and independent consultants. However, the electronics industry is starting to see a shift toward open sourced hardware and software as it provides flexibility, vendor and community support, longevity, and adaptability to each engineer’s design flow. Google and Antmicro have been noteworthy influencers in this market, increasing the breadth of supported architectures and quality of results for the open source tools. They are now not only viable but desirable for the majority of the development community, including design teams at many of the industry’s largest companies. “QORC is QuickLogic’s initiative to embrace the rapidly growing open source FPGA tooling ecosystem, inspiring engineers to collaborate on the creation of exciting and innovative products,” said Brian Faith, QuickLogic’s president and CEO. “We believe that the wide adoption of open source tools represents a paradigm shift for the industry, and we’re proud to be at the leading edge.” “With its open source-centered approach, Antmicro has been moving the technological frontier, building whole ecosystems of non-proprietary solutions and overcoming the limitations inherent in closed technologies,” said Michael Gielda, Antmicro’s VP of business development. “We’ve been excited to participate in this historical first from QuickLogic, by contributing our expertise in software, hardware and tools to implement the necessary SymbiFlow, Renode and Zephyr support for their hardware platform – broadening their reach within the developer community.”
COTS Journal | July 2020
11
The
INSIDE TRACK
Eta Compute Partners with Edge Impulse to Accelerate the Development and Deployment of Machine Learning at the Edge
Purdue University, already known as the “Cradle of Astronauts,” is the first university to join a select group of space community leaders as a founding member of the newly formed Space Information Sharing and Analysis Center (ISAC).
Interested in getting your copy of
J O U R N A L
Dan DeLaurentis, professor of aeronautics and astronautics, will represent the university on the Space ISAC center’s board of directors. The board, which held its second meeting on Jan. 23, consists of members of space industry, cybersecurity and, now, academia. A second university is expected to be invited to join at a later date. The Space ISAC is unique by including academic participation in addition to predominately industry leaders on the board.
The new collaboration will help fill gaps in information sharing between the ISAC partners regarding cyber and non-cyber threats. The cybersecurity risks are different from those applying to land-, sea- and airbased systems. In the non-cyber realm, issues such as space debris, space weather and environment, the effectiveness of launch systems, and domestic and international policies are critical threats. Inadequate workforce capacity targeted to space needs is an overarching threat for which Purdue and its educational partners at all levels will have primary responsibility.
Contact us;
RTC Media
3180 Sitio Sendero, Carlsbad, CA. 92009 Phone: (949) 226-2023
www.rtc-media.com 12
COTS Journal | July 2020
DeLaurentis said involvement in the Space ISAC is a perfect fit for Purdue, citing the university’s ever-expanding contributions in space, long-standing cybersecurity leadership in academia and its nearly 30% of sponsored work funded by the private sector. “We are gratified that the Space ISAC charter recognizes the critical role that academia must play in sustaining the security of our nation’s most critical infrastructure,” he said. “The Space ISAC is positioned at the
nexus of three of Purdue’s highest priorities and core strengths: space, cybersecurity and strategic research partnerships with the private sector.” DeLaurentis said Purdue will contribute to defining and carrying out longer-term research for the group as well as educational and workforce development activities. As a benefit, the university will gain access to expansive information in the areas and help influence the direction of the Space ISAC,
especially through relevant expertise like Purdue’s Center for Education and Research in Information Assurance and Security (CERIAS). ISACs are organizations supported by the commercial sector with support from the federal government to collect, analyze and disseminate cyber and physical security threats and risk mitigation information to critical infrastructure owners, operators and members to increase resiliency. The Space ISAC has the goal of increasing the space community’s ability to prepare for and respond to vulnerabilities, incidents and threats; disseminate timely information; and serve as the primary communications channel for the sector with respect to this information. The Space ISAC is one of more than 20 representing industry sectors including automotive, aviation, national defense and emergency management. Space ISAC industry members include Lockheed Martin and Northrop Grumman, among others.
SPECIAL FEATURE
When testing is not enough. Software complexity drives technology leaders to adopt formal methods. By Yannick Moy & M. Anthony Aiello Executive Summary The size and complexity of software in embedded systems are growing at an astonishing rate. From aircraft and automobiles to medical devices, home appliances, and our homes themselves, products that were once hardware-only are now cyber-physical: they rely on software for much of their functionality. And we rely on that software for the dependability of those systems, especially their safety and security. Verifying correct software behavior is an increasingly challenging problem, given this growth in software size and complexity. Conventional (or traditional) testing methods are insufficient; there is simply too much ground to cover. This is especially true for software that is safety- or security-critical: software for which undiscovered defects (bugs) can result in catastrophic failure, loss of life, vulnerability to theft, and/or severe financial damage. This software verification challenge is a problem we can no longer ignore.
The impact of complexity on software reliability The complexity of software in embedded systems has grown at an exponential rate for years, as evidenced by the following graphs (Figures 1 and 2).
In software, size is an important measure of complexity. Larger software has more inputs, more states, and more variables. In other words: larger software has more things to test software complexity has meant an ever-increasing challenge in the verification of critical systems.
Figure 1 - Growth software complexity in aerospace systems over timei
Today, leading companies are finding relief from this problem through the use of formal methods. Long viewed as impractical or too expensive for commercial software development, formal methods have come of age thanks to advances in computing power and new tools that automate and simplify their application. In this article, we examine the problems being created by software’s increasing complexity. We look at why traditional verification methods are no longer adequate for highly dependable applications (and haven’t been for some time). We explore how formal methods can help solve the problem of verifying that critical software is reliable, safe and secure, without increasing life cycle costs. We look at what formal methods are, what to look for when choosing them, why now is an excellent time to begin applying them, and who is benefiting from formal methods today. 14
COTS Journal | July 2020
Figure 2 - Growth software complexity in automobiles over timeii
Critical systems include those requiring a high degree of dependability, including safety and security, and are typical of numerous industries, such as aerospace and defense, automotive, medical, energy generation and distribution, hazardous material management, and cybersecurity. The required maximum probability of failure in the most critical elements of these systems may be on the order of 10-7 to under 10-9 failures per hour. Cost and schedule impacts Software complexity impacts the cost and schedule of system development. The National Research Council (NRC) found that large software projects show very high rates of delay, cost overrun, and cancellation.iii Both dependable and typical commercial software programs suffer similar low success rates. The NRC found this unsurprising, “because dependable applications are usually developed using methods that do not differ fundamentally from those used commercially. The developers of dependable systems carry out far more reviews, more documentation, and far more testing, but the underlying methods are the same.” Accidents and disruptions As software has grown more complex, these underlying software-development methods have frequently failed to prevent disasters, even in systems developed to standards and extensively tested. • On January 15, 1990, an undetected defect in a new version of switching software brought down ATT’s global long-distance network for more than nine hours. ATT lost more than $60 million in unconnected calls and suffered a severe blow to its reputation.iv • In January 2017, the US FDA and Dept. of Homeland Security issued warnings against at least 465,000 St. Jude’s Medical RF-enabled cardiac devices. Software vulnerabilities in the devices could allow hackers to remotely access a patient’s implanted device and disable therapeutic care, drain the battery, or even administer painful electric shocks. Short-selling firm Muddy Waters had revealed these flaws in August 2016, based on a report by the security firm MedSec, alleging negligence in St. Jude Medical’s software development practices.v
Testing critical software takes centuries! No. of Replicates In their paper, The Infeasi bility of Experimental Quantification of Life-Critical Soft- 1 ware Reliability, Ricky Butler 10 and George Finelli published
the following table of ex- pected minimum test dura- tions for life testing of software requiring a maximum fault probability 10-9 (DO178 Level A, for example).
• The WannaCry ransomware attack of May 2017 encrypted the data of more than 200,000 computers across 150 countries. WannaCry made use of EternalBlue; a sophisticated cyberattack exploit stolen from the U.S. National Security Agency (NSA). EternalBlue exploits a vulnerability in Microsoft’s implementation of the Server Message Block (SMB) protocol in Windows and Windows Server. One month later, the NotPetya malware attack used EternalBlue to destroy data on computers across Europe, the U.S., and elsewhere. According to Kaspersky Labs, damage estimates from WannaCry range from $4 billion to $8 billion, while losses from NotPetya may total over $10 billion.vi These are just a few examples. As software complexity continues to grow, so do the chances that current software verification methods will fail to find such faults. As the NRC concluded, “the evidence is clear: these methods cannot dependably deliver today’s complex applications, let alone tomorrow’s even more complex requirements.” Testing can find bugs… but cannot prove no bugs remain Software testing is designed to reveal software defects. Software inputs are exercised in various sequences and combinations, and software outputs are monitored and compared with expected behavior. When the observed behavior differs from expected behavior, the source of the discrepancy is identified, and the software is corrected. As software complexity has increased exponentially, there has been a corresponding increase in the number of test cases and the time and cost required to execute them. The question then becomes, when can we stop testing? Testing can only establish the presence of defects, not their absence — unless all possible combinations of inputs and internal states are covered during testing. Thus, verification and validation by testing are—for all practical purposes—impossible. This has significant implications for critical software and has been known for quite a long time.
Expected Test Duration (Dt) 1010 hours = 1,141,550 years 109 hours = 114,155 years
100
108 hours = 11,415 years
10,000
106 hours = 114 years
Table 1: Expected Life Testing Duration for r =1
Exhaustive testing is practically impossible To prove dependability, test cases must cover all possible combinations of inputs and internal states. However, even for software of moderate size, exhaustive testing is practically impossible. A simple piece of software with three 32-bit inputs and one 32-bit internal state could easily require 3.4 x 1038 test cases to test exhaustively. Executing one million test cases per second, the required time to complete exhaustive testing would be over 1 x 1025—ten trillion trillion—years. Life testing doesn’t work on software To address the impossibility of exhaustive testing, alternative testing strategies have been proposed. One traditional method of verifying reliability is life testing. Life testing involves testing to failure on a statistically significant number of test specimens. Life testing works well on hardware. Physical failures occur when hardware breaks down due to a manufacturing or material defect, is eroded by adverse environmental conditions, or wears out from the repeated stress of normal operation. Software, however, doesn’t fail in the way hardware does. Software defects are introduced during development but are only revealed when the right combination of inputs and states is exercised. Otherwise, these defects lie dormant. In 1991, Ricky Butler and George Finelli, from the Formal Methods Group at NASA Langley Research Center, proved that life testing is impractical for verifying high-reliability software. They showed that to demonstrate a fault probability of <10-9, the duration of the required testing would range from hundreds of years ( for prohibitively high numbers of test specimens) to hundreds of thousands or even millions of years for normal numbers of test specimens (see sidebar below).vii Reliability growth models won’t work either Another method, reliability growth models, uses a repetitive process of testing and repairing a program to predict the reliability of the latest repaired iteration. This method, too, is infeasible for critical software.
The factor r is the number of observed failures after which the test is stopped. Butler and Finelli note that, “a value of r equal to 1 produces the shortest test time, but at the price of extremely high α and β errors (the probability of rejecting a good system and the probability of accepting a bad system, respectively). To get satisfactory statistical significance, larger values or r are needed and even more testing.” Thus, we can see that even if one had 10,000 specimens (code instances and test environments) available simultaneously, it would still take over one hundred years of testing to assure a fault probability of < 10-9. With a more realistic number of test specimens, even a fault probability of < 10-7 (DO-178 Level B) would take hundreds if not thousands of years to achieve. COTS Journal | July 2020
15
Reliability growth models require correction of software defects to improve the reliability prediction. At each subsequent iteration, however, the remaining defects become much harder to find and thus take much longer to remove. Butler and Finelli showed that to predict a fault probability below 10-9 the duration of the final test iteration—the time needed to remove just the last bug—would be on the order of tens of thousands to hundreds of thousands of years. Why testing won’t prove dependability That leaves us with the most common method: normal software testing. As previously described, software testing is valuable for finding defects. What testing doesn’t do, however, is prove the absence of defects, which is what is required to verify dependability. And yet, testing is an essential part of standards in critical software domains such as avionics. Given the impossibility of exhaustive testing, these standards have defined coverage criteria to decide when enough testing has been performed. Those criteria are no guarantee of dependability, however. For example, it would be a misunderstanding to attribute the safety of today’s avionics software to testing. It’s a common saying in that domain that verifying avionics software has become more a matter of achieving sufficient confidence in the developers and the development processes than of testing the software itself. Software quality is obtained mostly by a pervasive culture of safety encoded in the processes and assimilated by the people. Testing in that environment serves as one of the checks that the resulting software meets its requirements.
just build and test the bridge to discover if it will collapse under its own weight. Instead, they first analyze a model of the bridge, performing structural load calculations to prove the bridge won’t collapse. Likewise, when mechanical engineers design a new machine, they model and analyze the stresses the machine and its parts will have to withstand. Then, they specify parts that will handle those stresses. In the software world, formal methods enable software developers to perform analyses that are analogous to those made by those civil and mechanical engineers. Formal methods are techniques that reason about mathematical models of software. Using formal methods-based tools, software engineers can then rapidly gain assurance that their software behaves correctly by posing questions about software behavior, such as “can a race condition ever occur?” or “can a memory overflow ever occur?” or “does a certain critical variable ever exceed a safety threshold?” In short, formal-methods tools allow engineers to obtain answers to critical questions about their software.
In general, as software complexity has risen, testing to coverage criteria has become more and more a matter of “test until you run out of time or budget.”
Broadly, formal-methods analyses fall into three categories: (1) abstract interpretation, which models software semantics imprecisely but enables rapid identification of potential defects; (2) model checking, which attempts to verify that a property holds over bounded or exhaustive search of a model of software behavior; and (3) theorem proving, which attempts to apply deductive reasoning to verify that a property holds over all permitted inputs and internal states of the software. These analyses fall on a spectrum from more automatic but less precise (abstract interpretation) to less automatic but more precise (theorem proving) and are highly complementary.
Why formal methods are needed to verify critical software When civil engineers design a bridge, they don’t
Why formal methods are a better verification solution for critical software Unlike testing, which samples software behav-
16
COTS Journal | July 2020
ior in order to reveal defects, formal methods analyze the behavior of the software and establish the presence or absence of defects. Software engineers can identify specific conditions that must or must not occur and use formal methods to prove that those conditions always or never occur. Thus, formal methods can be used to guarantee the absence of buffer overruns, integer overflow conditions, and other defects that lead to unpredictable behavior. The guarantees provided by formal methods deal with all possible inputs and all possible internal states, rather than only those inputs and states covered by executed test cases. Engineers can be confident a latent defect will not be revealed by an unforeseen, unusual sequence of inputs — as was the case in the examples we considered earlier. Formal methods aren’t new Formal methods are the foundation upon which computer science was based: even before practical, general-purpose computers appeared, models of computation were developed and analyzed. The introduction of high-order programming languages in the 1950s and 1960s provided a concrete representation for these concepts, and, in the late 1960s, C.A.R. “Tony” Hoare developed what became known as Hoare logic as a means to express a computation formally. It was nearly three decades; however, before advances in computing methods made the widespread application of formal methods truly practical. Since the late 1990s, thanks in large part to the Pentium FDIV bug, formal methods have been used extensively in the electronics industry to verify integrated circuit designs.viii, ix More recently, formal methods have entered the mainstream of software verification. This uptake of formal methods has been made possible by several primary factors: • Advances in the state of the art in Satisfiability Modulo Theory (SMT) solvers, which provide the heavy lifting for most modern formalmethods analyses;
• Ever greater compute power in personal computers and in the cloud; • The design of programming languages (in fact subsets of general-purpose languages) that are simple enough to be formally analyzable but expressive enough for coding real-world software applications; and • Improvements in the overall usability of formal methods-based tools. These innovations have enabled software companies to quickly apply and benefit from formal methods—even without prior formalmethods xperience. Today, companies large and small are using formal methods on a day-to-day basis in software development. Who will benefit from using formal methods? Any organization that develops critical software to meet the highest dependability standards — i.e., software whose failure is unacceptable — will benefit from using formal methods in verification. Safety-critical modules in avionics, medical devices, automotive vehicle control, nuclear power control and monitoring, and other hazmat management applications are prime candidates for formal verification. Critical infrastructure applications like energy distribution and telecom switching, connectivity, and other secure-data applications, and critical computing components like OS kernels will also benefit by having their reliability proven by formal methods. Who is using formal methods and why Today, formal methods are being used for software verification across many industries and applications. Practitioners include: • Aerospace giants, including Lockheed Martin, Airbus, Rockwell Collins, Thales, and NASA • Major automakers, including Toyota • Computer industry leaders, including Microsoft, NVIDIA and Amazon • Multinational conglomerates, including GE These companies and many others have turned to formal verification to: • Assure the dependability of critical software modules • Eliminate vulnerabilities to malware attacks • Reduce software verification schedules • Eliminate defects early before they become more costly to remove Case study: Amazon Web Services s2n In June 2015, Amazon Web Services (AWS) introduced a new Open Source implementation of the SSL/TLS network encryption protocols. They’ve called this implementation Amazon s2n (“signal to noise”). Because of s2n’s security-critical role, AWS decided to use it as a proving
ground for new automated reasoning, testing, and assurance techniques that could be built upon for broader adoption.x AWS hired Galois, a research and development firm that specializes in applied formal methods, to simplify this process and make it developer-friendly. Galois developed a tool chain that
allows AWS to formally verify important aspects of s2n, which they integrated into the s2n build environment. Now, anyone with the prerequisites installed can run the same proofs on their own s2n code. Plus, they designed the reports generated from these automated proofs so that they’re easy to understand—even by people with no formal methods training.xi
Choosing a formal-methods solution Different formal-methods solutions are geared toward different software development environments and organizational needs. Consider the following when selecting a formal method. We illustrate each topic using SPARK, a formally analyzable subset of Ada. 1. Expressivity versus Automation Expressivity refers to how easily engineers can describe desired functionality in a given formal language. Automation refers to how easily formalmethods tools can complete analysis without human guidance. In general, greater expressivity results in lower automation. SPARK provides a good balance between expressivity and automation. The language inherits Ada’s strong typing and support for safety-critical development. SPARK excludes only those very few Ada features that limit automation or increase the likelihood of defects. The SPARK tools can complete most analyses with limited human guidance; additional guidance, when necessary, is provided using the SPARK language and is integrated into the software. 2. Soundness Soundness means that analysis results are accurate and trustworthy: if a methodology or tool is claiming to verify a given program property ( for example, that an index into an array is within the array bounds), then it must detect any and all violations of that property. This is a critical characteristic of formal methods. Many tools attempt to spot bugs automatically, but such tools are generally unsound; they cannot prove the absence of specific classes of bugs. SPARK is sound. When SPARK proves absence of runtime exceptions, the proof is an ironclad guarantee that no such exceptions will occur in the part of the software written in SPARK. 3. Integration Formal methods typically offer much smaller libraries of common programming tasks, as compared to traditional programming languages. Developers will, herefore, need to be able to integrate the part of the software written in the formal language with the part of the software that depends upon existing libraries. SPARK makes this easy, by integrating with full Ada and with C and C++ as well. SPARK can also interface with other popular languages, such as Java and Python. 4. Incrementality Formal methods are rarely applied in all-new software development. Instead, formal methods can be incrementally applied to existing software and within SPARK enables incremental adoption within existing development efforts. SPARK brings immediate benefits, because the language omits a few Ada features that can challenge developer understanding and possibly increase the likelihood of defects. Another way SPARK supports gradual adoption is by providing several levels of analysis. Each level requires more investment from developers but results in stronger guarantees. 5. High-Quality Tooling and Developer Support Many formal methods are not professionally developed or supported, which may challenge their adoption in industrial software-development efforts. SPARK provides high-quality tooling and is professionally supported. SPARK is integrated into AdaCore’s professional IDE and provides detailed information about failed proofs—including counterexamples— which greatly assists developers in fixing errors so that the proofs can be completed. 6. Active User Community Active user communities are as important for formal methods as they are for typical programming languages. User communities contribute to library development, offer a broader support network, and offer diverse opportunities for learning how to use formal methods. SPARK has a diverse community that is active on several platforms, including GitHub, Stack Overflow, Reddit, LinkedIn, Twitter, Facebook, and AdaCore.com. COTS Journal | July 2020
17
More broadly, AWS is proving that more and more of their code is correct using formal methods. For example, they have formally verified s2n’s implementation of HMAC, an important algorithm used extensively within the TLS/SSL protocols and elsewhere. In addition, they are using automated formal methods tools to continuously enhance AWS security and to provide functionality to customers through the AWS services Con_g, Inspector, GuardDuty, Macie, Trusted Advisor, and the storage service S3.xii “Proof is an accelerator for adoption,” says Byron Cook, Director of Automated Reasoning at AWS. “People are moving orders of magnitude more workload (to AWS) because they’re (saying) ‘in my own data center I don’t have proofs, but there (at AWS) they have proofs.’ ” xiii Case study: seL4 open-source separation kernel A separation kernel is a type of security kernel used to simulate a distributed environment. As such, the environment must appear as though each regime is a separate, isolated machine. “One of the properties we must prove of a separation kernel, therefore, is that there are no channels for information flow between regimes other than those explicitly provided,” said John Rushby, who conceived the device.xiv Without a formal guarantee of the absence of run-time errors in the separation kernel, however, you have no guarantee of security, even if other critical parts of the system have been formally verified. Fortunately, separation kernels proven free of runtime errors are now becoming commercially available. The seL4 is a third-generation microkernel developed by the NICTA group as a basis for highly secure and reliable systems. The world’s first operating-system kernel with an end-to-end proof of implementation correctness and security enforcement—formal verification of its functional correctness was completed in 2009—seL4 became available as open source in July 2014. xv The seL4 is no longer unique in that regard, however. The Muen kernel, a small separation kernel written primarily in SPARK, has also been proven error-free using formal methods.xvi These kernels are good examples of how formal verification can help establish a guaranteed error-free base upon which to build better, more reliable systems. Case study: Tokeneer ID Station To demonstrate that developing highly secure systems to the level of rigor required by the higher assurance levels of the Common Criteria is possible and practical, the United States National 18
COTS Journal | July 2020
Security Agency (NSA) asked the UK consultancy firm Altran to undertake a research project: develop part of an existing secure system (the Tokeneer System) in accordance with Altran’s formal methods-based Correctness by Construction development process. The resulting Tokeneer ID Stationxvii project demonstrated that formal methods can produce a high quality, low defect system, conformant to the Common Criteria’s Evaluation Assurance Level (EAL) 5 and above, in a cost-effective manner. The project effort was carefully monitored, and the resulting productivity was 38 lines of code per day overall and 203 lines of code per day during the coding phase while achieving the ultrahigh reliability that was required. Conclusions Software testing has never been adequate for guaranteeing the dependability of critical software, as was proven mathematically in the 1990s. Moreover, as software has continued to grow exponentially, the inadequacy of software testing has manifested itself with increasing frequency in the form of costly system failures caused by latent software defects. Now more than ever, developers of critical software need to join the leaders in their industry and embrace formal methods. Advances in technology and improvements to usability have made the application of formal methods feasible and practical for software verification. Current formal methods-based tools have made it easier than ever to get started. Using formal methods, leading companies are now obtaining guarantees of correct functionality and dependability, while saving total life cycle cost. Far from a researchfocused, esoteric application, formal methods have become a key differentiator in highprofile applications — a point underscored by Byron Cook, Director of Automated Reasoning at AWS. “AWS customers love this work!” says Cook, referring to Amazon’s use of formal verification. “Soundness is key. Customers don’t want to hear about how many more hours we’ve spent on testing. But when you talk about proof, the conversation changes.” Additional Information Besides software verification, formal methods are also being applied in related disciplines. Follow the links below to find more information on some of those domains, including: System requirements • www.ccs.neu.edu/home/pete/pub/re-2018.pdf • http://loonwerks.com/tools/spear.html • http://loonwerks.com/publications/waner2017nfm_spear.html
Software architecture • http://loonwerks.com/tools/agree.html Model-based design • https://www.mathworks.com/products/sldesignverifier.html • https://ieeexplore.ieee.org/document/ 7423151 Software specification • http://pvs.csl.sri.com/ • https://en.wikipedia.org/wiki/Z_notation Notable formal methods centers include: NASA LaRC: https://shemesh.larc.nasa.gov/fm/ SRI CSL: http://www.csl.sri.com/programs/formalmethods/ Collins Aerospace (http://loonwerks.com) Galois (https://galois.com/)
References
i Motivation for Advancing the SAVI Program, Aerospace Vehicle Systems Institute, Texas A&M University (accessed: August 2019). ii Khan, Z. H. and Khan, A.H., Perspectives in Automotive Embedded Systems: From manual to fully autonomous vehicles, SAME, November 2015. iii Jackson, D., Thomas, M. and Millett, L., editors, Committee on Certifiably Dependable Software Systems, National Research Council, Software for Dependable Systems: Sufficient Evidence?, National Academy of Sciences, 2007. iv Burke, D., All Circuits are Busy Now: The 1990 AT&T Long Distance Network Collapse, California Polytechnic State University, November 1995. v 465,000 Abbott pacemakers vulnerable to hacking, need a firmware fix, CSO, September 2017. vi Snow, J., Top 5 most notorious cyberattacks, Kaspersky, December 2018. vii Butler, R. and Finelli, G., The Infeasibility of Experimental Quantification of Life-Critical Software Reliability, NASA, December 1991. viii Van Eijk, C. A. J., Formal Methods for the Verification of Digital Circuits, Technische Universiteit Eindhoven, September 1997. ix Marques-Silva, J. and Guerra e Silva, L., Solving Satisfiability in Combinational Circuits, IEEE, July 2003. x MacCarthaigh, Colm, Automated Reasoning and Amazon s2n, Amazon Web Services, September 2016. xi Tomb, A., Magill, S., et al, Proving Amazon’s s2n correct, Galois, 2016. xii Cook, B., Formal reasoning about the security of Amazon Web Services (paper), FLoC, July 2018. xiii Cook, B., Formal reasoning about the security of Amazon Web Services (presentation), FLoC. July 2018. xiv Rushby, J., The Design and Verification of Secure Systems, Eighth ACM Symposium on Operating System Principles, pp. 12-21, Asilomar, CA, December 1981. (ACM perating Systems Review, Vol. 15, No. 5) xv Potts, D., et al, Mathematically Verified Software Kernels: Raising the Bar for High Assurance Implementations, General Dynamics, July 2014. xvi Buerki, R. and Rueegsegger, A., Muen - An x86/64 Separation Kernel for High Assurance, University of Applied Sciences Rapperswil, August 2013. xvii Cooper, D. and Barnes, J., Tokeneer ID Station EAL5 Demonstrator: Summary Report, August 2008. https://www.adacore.com/uploads/downloads/Tokeneer_Report.pdf
SYSTEM DEVELOPMENT
The Challenges of the Harshest Environments are met with the latest Rugged Laptops and Tablets By John Reardon, COTS Journal, Publisher In choosing a rugged tablet or laptop the options can be a bit daunting and can cause costly mistakes. Take your time to choose based on your application needs. The term Rugged amplifies the price in a way that makes a poor decision much more costly than the same mistake in a commercial solution. And conversely, when buying beyond your applicationâ&#x20AC;&#x2122;s needs, you may be leaving money on the table with costly features that bring no added value.
Processor selections, memory compliments, I/O, and battery life for the most part will be familiar to you. Choosing the right processor and clock speed will be based on the computational needs of the applications and this follows with memory, I/O, and battery life. There is no need to fixate on battery life, if the environment supports an abundance of power, for example being on a large ship. Having a full-keyboard for many appli-
cations can reflect an unneeded expense that just adds weight. So what makes a Rugged tablet or laptop Rugged? Many things can inherently raise the fault-tolerance of a system. Environments that threaten with moisture or immersion are addressed with the standard referred to as IP67 or Immersion Protection 67. This IEC standard defines that the laptop could be dropped in 1.5
Image 1 - Lean Services Architecture enables military equipment to communicate using equipment provided by multiple vendors, over low bandwidth comms and using relatively slow computers, while remaining compatible with legacy systems. Crown copyright image courtesy of Ministry of Defence. 20
COTS Journal | July 2020
Image 2 - Epson printers in space
meters of water for a half-hour. It goes on to address dust and other contaminants that it might be subject to. For concerns related to shock and vibration, Mil-STD 810 addresses environmental engineering considerations as defined by the US
Military. It simulates conditions that the device will face throughout its service life. The core of the criteria is a chamber test that replicates the environment with cycle testing. Mil-STD 810 is primarily used for military applications, but the manufacturers have adopted it as a standard for commercial applications as well.
Other concerns beyond Shock and Vibration, extended temperature and humidity, and ingress protection are things like low pressure or electromagnetic interference. Addressing the impact of altitude, Mil-STD-810F/G, Method 500.4 defines criteria for operations up to 12,500 feet. It also addresses non-operational trans-
COTS Journal | July 2020
21
Image 3 - By utilising commercially-available, off-the-shelf (COTS) hardware, the possibility of repair in the field in some of the austere and remote locations the systems are deployed is maximised.
port up to 40,000 feet. Tempest certification addresses the need for shielding in those instances where electronic emissions are of concern. This might be crucial with systems that are subject to being spied upon by the enemy in key front line positions, for example within an embassy. Although each manufacture addresses these challenges a bit differently, the use of a magnesium alloy enclosure is commonly used to achieve the strength-to-weight required. Known to be five times stronger than titanium and one third lighter than aluminum, magnesium offers an attractive solution. Coupled with rubberized bumpers and internal shock isolators to attenuate impacts, these laptops and tablets are set apart from their cousins in the commercial world. Of course in those instances where the frequency of vibration is outside the normal use of a warfighter or the altitude demands create a low pressure or exposure to radiation beyond the benchmark specs, system demands should be discussed with the manufacture. Beyond the rugged, good looks of these devices, the issues surrounding I/O has become another factor to consider. The resolution of the screen in direct sunlight, the ability to wear gloves during operations, or the use of touch are just a few of the many features that should be considered. In the recent purchase of the GETAC F110 by the Air Force the need for monitoring the 22
COTS Journal | July 2020
movement of munitions called for accessories such as a barcode reader and a docking station. As 54% of the security breaches involving laptops and tablets come from user error. This might be as simple as leaving the system operable as the user walks away or it could be using an unsecured software tool. Products like the Kensington cable lock deter someone from walking off with the whole system. Other considerations such as the accessibility of USB ports that could be used to either download information or upload malware should be considered. Whatever the case, reviewing the possible use of a finger touch ID may prove to be invaluable and offer a user a convenience that reduces the chance of an open system getting into the wrong hands. Other I/O features that are popular are GPS modules and Databus modules. Whether navigation, geo-spatial intelligence, or one of the many scientific applications, the use of GPS in military applications have become ubiquitous. Use of Databus I/O modules such as 1553, NTDS, ARINC 429, and their many variations allow for direct connections to key assets in real-time. Whether this is on a flight line or in the hold of a ship, the utility of being able to have this much compute power readily available makes the convenience of these devices immeasurable.
The consideration of battery life is similar to that in the commercial market. The Panasonic Toughbook 55 claims to have a 40-hour battery life, which is impressive in this market. Battery size will vary from laptops to tablets, which will also contribute to use time. Some vendors have addressed this through an easy click-in â&#x20AC;&#x201C; clickout battery replacement. An I/O option that is on the horizon is LiFi. The use of light sources for an internet connection. This technology was released in 2017 and is gaining traction as it has some security advantages. The use of optical transmission of a signal is not new, but when every light in a building enhances the transmission of data it addresses a number of the issues surrounding signal strength. Disadvantages are primarily around the concept of â&#x20AC;&#x153;being in the darkâ&#x20AC;?. Transmission is subject to light and cannot bend or transit walls. A number of vendors are exploring the idea of incorporating the optical sensors integral to their products, but aftermarket solutions are compatible through standard USB ports. Your choice of a laptop or tablet will be based on the application addressed. There are applications like asset tracking; inventory management and system monitoring that lend themselves to the selection of tablets due to their limited need for keying in data. The selection of a laptop
tends to lend itself to either general purpose; less defined applications and or those that require data entry in the field. Be careful that your sense of convenience does not cause you to under-purchase a system. Another recent change is AT&T FirstNet. Designed for first responders, FirstNet is dedicated to those in the field that require a reliable, full-bandwidth solution during a crisis. Supporting 5G and limited to a select few, FirstNet will allow for high-speed data transfers of large files during times when a normal network might be overtaxed by civilians. Releases of FirstNet compatible laptops and tablets have spurred the release of new models to the market. The rugged market closely follows the commercial market with an emphasis on the extreme. Some manufactures pursue the idea of a broad-based tool to be used in applications reflective of their commercial use but inherently more rugged and yet other manufactures are more targeted with specific applications in mind. All-in-one solutions that have gained popularity and will continue to afford users with a level of flexibility in applications where space weight and power are key. The following is a list of manufactures that offer interesting solutions that are tailored to match your application.
COTS Journal | July 2020
23
SYSTEM DEVELOPMENT
Special Product Listings Cybernet
The Cybernet Rugged X10 is a rugged 10.1” Windows tablet that has been tested and certified to meet military grade standards, having earned MILSTD-810G certification. It is IP65 rated, meaning it is dust proof and water resistant. Despite its rugged construction the Rugged X10 features an ergonomic handle and can be fully customized. It can be equipped with optional RFID and fingerprint scanners as well as a 2D barcode scanner. 4G/3G LTE connectivity complete this versatile tablet’s feature set.
Estone Technology
Grid 1590
https://estonetech.com/products/ruggedtablets/md-100-rugged-tablet
www.griduk.com
Our fully rugged Tablet MD-100 features our best combination of Field-and-Office design specs and options, including an incredibly fast Apollo or Kaby Lake Intel processor, drop in docking, long-life, swappable batteries, and an array of great tools and security features – all in a MIL-STD-810G Rugged and IP-65 Waterproof tablet.
Developed specifically for the defense and aerospace industry, the GRiDCASE 1590 is a fully ruggedized, 15” Laptop built to withstand any environment. As with the entire GRiD product range, the GRiDCASE 1590 meets the relevant Defense and Military Standards but remains fully configurable with tailored interfaces, connectors and PCI expansion to suit individual project requirements.
https://www.cybernetman.com/
DT Research
DT Research Rugged Tablets feature touchscreens with Night Vision options, high performance Intel® processors, and fully integrated data capture such as CAC/smart card reader, RFID, cameras (3D), WiFi/Bluetooth, and GNSS. Ranging from 6” to 14”, these rugged tablets support IP and MIL-STD ratings, for mission critical environments. With twenty five years of experience, the engineering-strong DT Research team delivers purpose-built solutions targeting exact requirements.
GETAC B360 NOTEBOOK
Getac’s all new B360 fully rugged notebook computer features a 10th Generation Intel® Core™ processor. It is MIL-STD-810H, MIL-STD-461G and IP66 certified weighing in at only 5 lbs. The B360’s sunlight-readable capacitive touchscreen delivers brightness up to 1400nits and is responsive to a finger, pen or glove. Getac’s B360 is also engineered to be 5G-compatible.
Juniper Systems
dtresearch.com/
www.getac.com
https://www.junipersys.com/
24
COTS Journal | July 2020
With best-in-class features including an ultra-rugged ergonomic design, sunlight-readable display, and all-day battery life, the Mesa™ 3 Rugged Tablet is the ultimate rugged device. Running on Windows 10 or Android 9.0, the Mesa 3 can carry out the entire data collection process with ease from start to finish. The Mesa 3 is available with a CAC/PIV smart card reader.
One Stop Systems
The SCORPION product line is a series of rugged tablet and handheld models featuring display sizes with 4 to 12-inch screen diagonal. All tablets and handhelds have a variety of IP6X and MIL-STD-810G certifications, which make them particularly resistant to mechanical or weather-related influences. SCORPION products can be preinstalled with either Windows 10 IoT or Android operating system.
https://www.onestopsystems.com/
Samsung Electronics America
As a global tech leader, Samsung is working to deliver cutting-edge end-to-end mobile technology solutions that meet the needs of civilian and defense government missions. From seamless mobile desktops and defense-grade security to command and control center display technology and purpose-built tactical mobility and ruggedized solutions, Samsungâ&#x20AC;&#x2122;s portfolio is uniquely suited to meet and exceed even the most challenging mission requirements..
Panasonic
The TOUGHBOOK 55â&#x20AC;&#x2122;s modular design supports the demands of public safety, enterprise and government customers alike which offers unparalleled customization that can simplify ordering, shorten lead times, decrease downtime and help future proof their purchase as work needs change. Expansion packs offer a variety of additional features such as I/O ports, a fingerprint reader, dedicated graphics and a second storage drive. Both the main storage drive and optional second storage drive are quick-release for easier installation and access to the drives. The RAM and keyboard are both user-upgradeable.
https://estonetech.com/products/ruggedtablets/md-100-rugged-tablet
https://na.panasonic.com/us/ computers-tablets-handhelds COTS Journal | July 2020
25
SYSTEM DEVELOPMENT
Special Product Listings
Teguar Computers
Teguar’s TRT-5180-12 Rugged Tablet runs Windows 10 with Intel’s Skylake or Kabylake power efficient mobile processor. The 12.2” IP65 Tablet weighs only 3.4lbs, while maintaining MIL-STD-810G, making it incredibly mobile and durable. This tablet has a chemically strengthened Gorilla Glass PCap touchscreen and a Hot-swappable battery, for 24/7 operation. Additional I/Os and accessories include USB Type C, for data or charging, LAN, RFID, 4G LTE, WiFi/ BT, GPS, Keyboard, and Docking Stations, so it can reliably interface with military and aerospace-systems.
https://teguar.com/
Winmate
Winmate Inc., the leading manufacturer of rugged tablet computers has announced the newest ultimate mobility solution for military applications – 8.4-inch, 10.4-inch and 13.3-inch ultra-rugged tablets with the latest processing and data storage. Powerful computing platform packed in a rugged mobile housing is designed for use in extreme conditions and meet specific defense department defined specifications. Ready for diverse and challenging requirements, Winmate’s Military-Grade Ultra Rugged Tablets are tailored for military and government customers to achieve complete situational awareness and real-time data analysis.
https://www.winmate.com/
Trimble
Zebra
https://geospatial.trimble.com/
https://www.zebra.com/us/en.html
Big screen. Giant potential. Redesigned from the ground up, the Trimble® TSC7 controller with Trimble Access™ field software combines the power of a tablet, laptop and survey-rugged design into one device. Bringing the latest in field technology, this powerful combination of hardware and software unleashes a competitive advantage for how you survey in the field.
Zebra’s ultra-rugged and versatile L10 tablet family includes three models that go beyond Mil-Spec and are available with a variety of enterprise-class security, connectivity and accessory options. The L10 series is available with the Windows 10 or Android operating system and can be mounted or used inhand making it ideal for a wide range of logistics and mission-critical applications.
COTS Journal | July 2020
27
July2020
COT’S PICKS Green Hills Software Extends Multicore Interference Mitigation to Arm Cortex-A72 for DO-178C Level A Applications INTEGRITY-178 tuMP Multicore RTOS Helps Avionics Integrators Meet CAST-32A Green Hills Software announced that it has extended its solution for DO-178C Level A multicore interference mitigation to Arm® Cortex®-A72 processor cores. As part of the INTEGRITY®-178 Time-Variant Unified Multi-Processing (tuMP™) RTOS, the Bandwidth Allocation and Monitoring (BAM) functionality enables software architects to allocate and enforce bandwidth limits to shared resources for each processor core. By guaranteeing access to shared resources based on application requirements or assurance level, BAM effectively mitigates multicore interference and minimizes multicore worst-case execution time (WCET). Multicore interference occurs when multiple processor cores attempt to access the same shared resource, such as memory, shared cache, I/O, or the on-chip interconnect. Interference is a significant enough problem to warrant an entire position paper from the Certification Authorities Software Team (CAST32A) dedicated to identifying problem areas relating to safety, performance, and integrity of software executing in an airborne multicore system. Green Hills Software has demonstrated application WCET growing 8 times longer from
just a single interfering core, and up to 13 times longer with 3 interfering cores. The BAM interference mitigation functionality monitors and strictly enforces the use of the shared resources as defined by the system integrator. When coupled with Green Hills Software’s multicore SoCspecific WCET utility libraries, BAM ensures that critical partitions meet their required deadlines while enabling other lower criticality partitions to execute on other cores simultaneously with no impact on the critical applications. This remains true even as the other partitions are modified or as new partitions are introduced into the system. This is a vital capability for sustainment and growth of critical systems based on multicore architectures. Even though CAST-32 was first published in 2014 and updated in 2016, some RTOS suppliers are only just now acknowledging that multicore interference is a serious problem and are starting to look for a solution. For example, Lynx Software is “involved with multiple researchers,” including the EU-funded MASTECS project. That project is due to complete in November 2021, with the expected output being timing analysis software tools, not mitigation solutions. Other operating system suppliers just leave this multicore interference for the system integrator to solve. The BAM functionality provides the solution today and has been shipping to customers for years, beginning with Power Architecture® e500mc cores. “Green Hills Software has been leading the charge for multicore interference mitigation
with DAL A-compliant solutions across multiple multicore architectures,” said Dan O’Dowd, founder and chief executive officer of Green Hills Software. “Our competitors, such as Lynx Software, noted recently that ‘the FAA has promised to allow the use of multiple cores in a multicore processor chip but only if adequate mitigations can be demonstrated to certifiers, based [on] the CAST-32A specifications.’ Yet no RTOS supplier other than Green Hills Software provides a DO-178C Level A-compliant solution for multicore interference mitigation that meets the CAST-32A requirements.” Although some level of mitigation at the application level is possible, generally it requires retesting and re-verification of all the applications executing on the multicore system when any single application changes, thereby incurring significant costs and delays that contribute to vendor lock. In the same way that MMU support and partition schedules need to be implemented in the OS, the enforcement of the multicore interference mitigation needs to be in the OS in order to achieve robust multicore partitioning. INTEGRITY-178 tuMP provides a general solution to multicore interference mitigation, thereby minimizing retesting and verification after any application changes or additions. Green Hills Software recognized the problem of multicore interference early on and started investing in a solution in 2010. Based upon more than 60 staff-years of research and development into multicore interference analysis and mitigation strategies, the DAL A compliant BAM functionality monitors and enforces the bandwidth allocation of the chip-level interconnect to each of the cores. Because the chip-level interconnect is at the center of interactions between the cores and other shared resources, it is the ideal place to observe and enforce limits on the use of shared resources. BAM emulates a high-rate hardware-based approach to ensure continuous allocation enforcement of the cores’ use of shared multicore resources. This contrasts with a “safety net” approach using coarse-grain threshold and fault detection to kill or suspend rogue processes. BAM regulates the bandwidth smoothly throughout the application’s execution time window, thereby allowing other applications in the same execution time window to acquire their allocated portion of the shared resources. These capabilities greatly lower integration and certification risks while also enabling integrators to gain the maximum performance advantages of multicore processors. Green Hills Software www.ghs.com
28
COTS Journal | July 2020
June 2020
COT’S PICKS Pentek Accelerates Real-Time Recording with New Talon Recorder for Quartz RFSoC • Records full 100 GbE bandwidth, supporting up to four independent UDP streams • Fifty percent faster recording rates than previous generation Talon recorders • Front-panel removable NVMe storage up to 122 TB • SystemFlow software GUI with Signal Viewer analysis tool • Optimized for Pentek Quartz RFSoC products Pentek, Inc. introduced a new addition to the Talon® Series of recorders, the Model RTR 2757 4U 19inch rackmount recorder. This new recorder complements Pentek’s Quartz® RFSoC products that stream digitized wide bandwidth signals across 100 Gigabit Ethernet. The RTR 2757 is capable of capturing these streams in real time at rates as high as 12.5 Gigabytes per second. “The Quartz RFSoC has gained tremendous popularity with our customers. However, its multi-channel wideband A/D converters produce data at a rate that pushes the limits of data recorders,” stated Chris Tojeira, product director of Pentek’s Recording Systems. “We leveraged the performance enhancements of today’s storage technology and updated our design architecture to handle these challenging requirements,” he continued.
movable via eight individual drive trays. The independent operating system drive is also removable via the front panel. This architecture improves the recording speed by fifty percent over previous generations of Talon recorders. The industrial grade 4U rackmount chassis of the RTR 2757 houses a dual Xeon server class motherboard. It is optimized for cooling and ruggedized to operate in challenging environments. A single QSFP28 optical port supports up to four independent UDP streams for a combined real-time recording rate up to 12.5 GB/s (100 Gigabits/s). This allows users to stream data from four of the RFSoC’s A/D channels over 100 Gigabit Ethernet and capture them as independent files on the recorder. The recorder captures only the Ethernet payload, providing data files similar to other Talon recorders and compatibility with the SystemFlow® signal analysis tools. Ease of Operation All Talon recorders are built on a Microsoft
Windows platform and include Pentek’s SystemFlow software, featuring a GUI (graphical user interface), the Signal Viewer and API (Application Programming Interface). The GUI provides intuitive controls for out-of-the-box turn-key operation using pointand-click configuration management. Configurations are easily stored and recalled for single-click setup. The Signal Viewer provides a virtual oscilloscope and spectrum analyzer to monitor signals before, during and after data collection. The C-callable API allows users to integrate the recorder control into larger application systems. Enhancements to the GUI allow more efficient configuration of the recording channels. The data format used for storage follows the NTFS standard, allowing users to remove drives from the instrument and read the data using standard Windows-based systems, eliminating the need for file format conversion. Pentek, Inc. www.pentek.com
The RTR 2757 was designed with performance and rugged environments in mind. It includes up to 122 TB of NVMe (Non-Volatile Memory Express) storage, using high-performance NVME U.2 drives in a RAID0 configuration to provide extremely highspeed real-time recording. Drives are front-panel re-
EKF presents the SPY-R IG EKF presents the SPY-R IG, a CompactPCI® Serial carrier card for eight WWAN modems (3G, 4G and forthcoming technologies). Four M.2 sockets are provided to accommodate M.2 3042 style modules, and another four modems are directly soldered to the PCB. The module RF I/Os are strapped to on-board combiner circuits, for attachment of external antennas via two SMA front panel connectors (main and auxiliary). The SPY-RIG is well suited for applications which require WWAN bandwidth aggregation and redundancy. EKF System www.ekf.de
COTS Journal | July 2020
29
July 2020
COT’S PICKS New PXI Multi-Function Card from Marvin Test Solutions
long-term supportability, and the flexibility to adapt to future test needs.”
Marvin Test Solutions, Inc announced the release of the new GX3788 High-Performance FPGA Multi-Function Instrument combining A/D, D/A and digital I/O functionality.
The module’s FPGA is pre-programmed, providing access to all digital and analog functions. Alternatively, users can program or modify the FPGA, allowing the instrument to be adapted to evolving test needs using free online design tools.
The virtual front panel can be used to interactively program and control the instrument, in addition interface files are provided that support access to programming tools and languages such as ATEasy Test Executive and Development Studio. Marvin Test Solutions, Inc www.marvintest.com
The GX3788 is a user configurable 3U PXI hybrid slot compatible instrument, with flexible digital and analog test capabilities, making it the ideal choice for challenging functional test applications. The A/D channels can be configured as 8 differential or 16 single ended inputs and support sampling rates of up to 250 KS/s. Alternately, two channel operation can support a sampling rate of 1 MS/s. The D/A channels support a simultaneous sampling rate of 1 MS/s, while the digital I/O channels are TTL compatible and can be programmed as inputs or outputs. “User programmable FPGAs allow test engineers to create custom instrumentation and interfaces for complex, mission critical applications from the flightline to the factory,” said Jon Semancik, Director of Marketing at Marvin Test Solutions. “The GX3788 leverages the flexibility of both the PXI platform and FPGA-based technology to provide the user a streamlined design process,
DATA MODUL introduces new touch controller board solutions for small and medium-sized diagonals DATA MODUL AG presents two new controller board solutions especially designed for PCAP touch applications in displays with small and medium-sized diagonals. The two new controller board solutions rely on different controller chips from the IC partners MICROCHIP and ILITEK and have different interfaces, which cover different sizes. While the I2C controller board with the mXT640U chip from MICROCHIP is suitable for small diagonals up to 10.4”, the USB board is based on the ILITEK ILI2510 chip and supports the medium-sized diagonals of up to 21.5”. Upon request, the USB board is also available in combination with a matching 15.6” film based sensor. With its two new controller board versions for small and medium-sized displays, the technology company is expanding its controller board portfolio, which up to now covered large-format diagonals with USB boards and ILITEK controllers. 30
COTS Journal | July 2020
“For a perfectly functioning PCAP touch system, the right controller and expertise in fine-tuning are essential. In order to be able to operate touch systems using gloves, multi-touch and under the influence of water, a sensor must have high resolution as well as be developed and offered with the right controller. Complete controller board solu-
tions have the advantage of being very easy to connect to customer systems and require no additional connectors,” explains Markus Hell, Head of Product Management for Touch Solutions at DATA MODUL. DATA MODUL AG www.data-modul.com
July 2020
COT’S PICKS Lynx moves to strengthen Mission Critical Edge Computing with LYNX MOSA.ic™ bundles
LYNX MOSA.ic bundles to bring Edge efficiency to Mission Critical Industrial, Avionics, Satellite and UAV Applications Lynx Software Technologies, an innovator in modern platform software technologies, today announced LYNX MOSA.ic™ based bundles that bring the flexibility, scalability, and intelligent functionalities of edge computing to mission critical use cases. Lynx refers to this as the Mission Critical Edge, which it estimates to be a $16B software opportunity. Lynx is initially rolling out three new MOSA. ic bundles. LYNX MOSA.ic for Industrial, LYNX MOSA.ic for UAVs/Satellites, and LYNX MOSA. ic for Avionics allow developers to access burgeoning market opportunities associated with industrial digital transformation, drones, personal aviation, commercial spaceflight, and more. Bypassing the restrictions imposed by typical embedded approaches to mission critical systems, these bundles allow developers to create flexible and intelligent Edge Computing solutions that feature robust system-safety mechanisms, stateof-the-art security, and real-time determinism with sub-microsecond latency. At the core of these software bundles, Lynx’ secure hypervisor technology has been proven in mission critical environments including commercial aviation, healthcare, and military aircraft and heli-
New Development Chassis From Pixus Technologies Supports Dual Board Depths, SpaceVPX Pixus Technologies, a provider of embedded computing and enclosure solutions, now offers an OpenVPX chassis platform that supports both 160mm deep (standard OpenVPX) and 220mm deep (SpaceVPX™) boards. The open frame chassis features up to four slots at 1.0” pitch of each board depth type. The modular enclosure allows various board pitches to be utilized at 0.2” increments. Card guides to support both air-cooled boards and conductioncooled boards are standard. There are also 220mm deep card guides that are wider to support extra
copters including the F-35 Joint Strike Fighter Technology Refresh 3 (TR-3) modernization program referenced in recent Company announcements. “These new bundles leverage the proven safety and reliability of LYNX MOSA.ic to enable mission critical edge computing,” said Pavan Singh, VP Product Management at Lynx, “Each is designed to let developers of security and safety critical systems, in-
Tailored to handle emerging use cases, such as industrial robotics, drone aviation, and increasingly large and complex satellite constellations carrying payloads owned and accessed by multiple users, the LYNX MOSA.ic bundles provide the tools needed to deploy systems of systems efficiently and manage assets securely and safely. Each lets developers create, certify, and deploy robust platforms cost-effectively. The three domain-optimized bundles contain common features of the LYNX MOSA.ic software framework, which brings together resources that include real-time operating systems (RTOS), bare metal, and third-party operating systems. LYNX MOSA.ic for Avionics and LYNX MOSA.ic for UAVs/Satellites support Arm® and x86 processor architectures. Both include LynxOS-178, Lynx’s proven DO-178 certified operating system, the LynxSecure separation kernel hypervisor, Linux, a rich set of tools, and support for the SR-IOV extension to the PCIe specification. The initial alpha release of MOSA.ic for Industrial removes Lynx’s RTOS and adds Azure IoT Edge and Windows 10 support for x86 platforms, as well as providing Virtual PLC functionality to let manufacturing organizations quickly scale, reconfigure, and update software-driven capacity.
cluding certifiable systems, take advantage of powerful workflows and techniques such as containers and sensor fusion, easily connect to cloud services, and to scale and adapt intelligently to changing market requirements.”
Future code drops will further extend capabilities including guest operating systems, IoT connectivity, and processor architectures. Lynx Software Technologies www.lynx.com
thick SpaceVPX conduction-cooled boards per VITA 78. Pixus offers a wide range of 3U or 6U OpenVPX backplanes, including versions that utilize the ultra rugged KVPX connector per VITA 63. The chassis includes an optional modular 600W or 1200W power supply for up to 6 VPX voltages. Power interface boards per VITA 62 are also an option. Pixus offers backplanes, chassis platforms, and specialty products in various modular open standard architectures. The company provides enclosure solutions in 19” rackmount, ATR/Rugged, development, and specialty small form factor designs. Pixus Technologies https://pixustechnologies.com
COTS Journal | July 2020
31
July 2020
COT’S PICKS ACEINNA Launches Ultra Reliable and Highly Accurate 1.3°/hr IMU Sensor
ACEINNA announced high volume availability of the new ACEINNA IMU383ZA, which integrates triple-redundant, 3-axis MEMS accelerometer and gyroscope sensors. This miniature module is factory-calibrated over the -40C to +85C industrial temperature range, to provide consistent performance through extreme operating environments for a wide variety of applications including automotive ADAS, autonomous systems, drones, robotics, agricultural, construction, and other industrial machines. The IMU383ZA offers improved performance, in addition to a unique fault-tolerant sensor architecture for improved reliability. The IMU383ZA pro-
Digilent Releases USB104 A7-100T Artix-7 FPGA Development Board in PC/104 Form Factor The first Digilent board to adhere to an industry-standard form factor, the USB104 A7 brings power and versatility to your PC/104 stackable PC. The board measures 95.89 mm x 90.17 mm and provides the standard mounting holes with standoffs included. The USB104 A7 features the industrial temperature rated Xilinx Artix-7 XC7A100T. Artix®-7
32
COTS Journal | July 2020
vides a standard SPI bus for cost-effective board-toboard communications. Other critical new features include advanced synchronization and a bootloader for field upgradeability.
ular IMU381ZA,” explains Michael Murphy, Executive VP at ACEINNA. “It offers high performance (1.3 deg/hr, 0.08 deg/root-hr), and a triple-redundant sensor architecture for ultra-high reliability.
Measuring only 24mm x 37mm x 9.5mm, the ACEINNA IMU383ZA integrates a triple-redundant architecture, that, combined with the small, lowcost packaging, meet the challenging performance, reliability and cost requirements of the automotive market including the areas of Autonomous Vehicles, Self-Driving Taxis/Delivery Vehicles. ADAS Systems, Electronic Stability Control, Lane Keep Assist applications, etc.
The IMU383ZA triple-redundant sensor architecture consists of three independent, 3-Axis Accelerometer and 3-Axis Gyros for excellent accuracy and reliability. By embedding a triple-redundant sensor array, the IMU383ZA uses ACEINNA’s proprietary voting scheme to utilize only valid sensor data. Any defective sensor output or errant dataset will be ignored or de-rated in importance.
“The recently developed ACEINNA IMU383ZA is an improved, pin-compatible version of our pop-
devices provide the highest performanceper-watt fabric making the USB104 A7 ideal for size, weight, and power (SWaP) constrained projects. I/O is provided through a multitude of interfaces, including Pmod and the new SYZYGY-standard Zmods. Digilen’t Adept 2 software application provides convenient host-to-FGPA data transfer, especially useful for deployed systems. Digilent Inc. store.digilentinc.com
ACEINNA, Inc. www.aceinna.com
Juky 2020
COT’S PICKS 112Gb/s PAM4 ADC-based SerDes Model in Simulink and IBIS AMI for IEEE 802.3ck SeriaLink Systems Ltd announces a behavioral model for a 106Gb/s PAM4 ADC-based SerDes in Simulink and IBIS AMI. In collaboration with MathWorks, SeriaLink Systems is proud to announce a behavioral model of a highspeed ADC-based multi-standard SerDes developed with MATLAB and Simulink, a block diagram environment for simulation and Model-Based Design of multidomain and embedded engineering systems. An automated flow configures the model for a desired communication standard using COM reference transceiver parameters. The configuration flow augments the COM parameters with analog design data when
necessary. Using the SerDes Toolbox, the model automatically generates dual IBIS AMI models (statistical and time domain). This enables leveraging the signal integrity (SI) simulation infrastructure to explore the SerDes performance beyond COM capabilities, accounting for time-varying and non-linear effects due to CDR, ADC, and non-linearities in the system. The implementation in MATLAB and Simulink allows the model refinement with the design data through the project lifecycle. “With data rates reaching 106Gb/s, SerDes designers must rely on ADC-based topologies and PAM4 modulation. This fuels the need to account for non-linear and time-varying effects early in the architectural development phase. Our modeling framework expands the simulation capabilities beyond linear COM analysis while
maintaining the model flexibility. Furthermore, exporting the models to IBIS AMI with minimum effort facilitates a more efficient interaction between all participants of the ecosystem: SerDes IP providers, component vendors and system integrators,” says Aleksey Tyshchenko, CEO of SeriaLink Systems. “SerDes designers developed IBIS-AMI models correlated with the silicon results using the SerDes Toolbox, and it took a fraction of the time required by alternative methodologies. Now, thanks to SeriaLink Systems, these designers can also use COM to configure the model and go beyond COM’s limitations,” says Barry Katz, development manager at MathWorks. SeriaLink Systems Ltd www.seriallink.net
COTS Journal | July 2020
33
June 2020
COT’S PICKS
EIZO Releases 6-channel XMC Graphics/GPGPU Card for Simultaneous Capture of Analog/Digital Video and Audio with Low Latency
EIZO Rugged Solutions Inc released the Condor NVP2102AxX – a new 6-channel rugged XMC graphics card that simultaneously captures analog/digital video and audio with exceptionally low latency. The Condor NVP2102AxX card has a chip-down NVIDIA® Quadro® P2000 (GP107) design supporting four 3G-SDI inputs, two CVBS (NTSC/PAL), and two audio inputs, as well as two 3G-SDI and two DVI or DisplayPort video outputs. This rugged XMC graphics card embodies high performance with its 768 CUDA cores and 4GBytes of GDDR5 memory. At maximum power consumption, the Quadro P2000 GPU delivers 2.3 TFLOPs of single-precision floating-point compute performance (FP32). The new XMC card is designed for customers who want to combine legacy videos with newer digital video formats in high-end surveillance applications. The Condor NVP2102AxX card is an all-in-one solution with the ability to capture, process, encode, decode, display, and stream video data. The card also supports CUDA and OpenCL based GPGPU computing, AI processing (artificial intelligence), deep learning, and H.265/H.264 encoding/decoding. High-speed data transfer and exceptionally low latency levels are achieved with the Condor NVP2102AxX graphics processor by optimizing NVIDIA’s GPUDirect RDMA (remote direct memory access) feature. This enables video data to be sent over PCIe, bypassing system memory, directly to GPU memory for analysis/processing. In GPU memory, the applications can do processing such as image analysis, image enhancement, 360-degree video stitching, sensor fusion, and target detection using the GPGPU (CUDA/OpenCL™) technology. Selwyn L. Henriques, president, and CEO of EIZO Rugged Solutions said: “This new product offers a bridge for customers who want to combine legacy video with the newer, digital video formats. For example, one of our military airborne customers was looking to upgrade a gimbal/sensor pod running analog video to a digital solution. This dual analog/ video graphics card provided that transition in a single card solution while dramatically lowering CPU overhead, reducing latency, and delivering improvements in data transfer times.” Built to survive in harsh environments, the Condor NVP2102AxX is tested to withstand high temperatures, shock, and vibration (MIL-STD-810G). It 34
COTS Journal | July 2020
is available in conduction-cooled or air-cooled variants with rear XMC I/O on Pn6. The rear XMC pin-out is compatible with VPX systems that follow VITA 46.9 x12d+x8d+24s. 3U VPX and PCIe™ form factors are supported by carrier boards. EIZO Rugged Solutions offers flexibility and responsiveness to customer requirements through the customizability of its products. The Condor NVP2102AxX customization options include support for other video input and output formats such as additional DVI, DisplayPort, STANAG 3350, or ARINC 818. Special analog Sync-on-Green video formats
such as RS-343 are also available. The XMC IO can be re-routed as PMC IO or to the front panel. EIZO Rugged Solutions Inc www.eizorugged.com
COTS COTS
ADVERTISERS
Index
Company
Page#
Website
Alphi Technology Corporation .................................. 10 ........................................... www.AlphiTech.com Annapolis Micro Systems ...................................... 34 ........................................ www.annapmicro.com Behlman Electronics ............................................ IFC/26 ............................................ www.behlman.com Fairview Microwave ............................................... IBC ............................. www.fairviewmicrowave.com Milpower Source ..................................................... 33 ............................................ w ww.milpower.com MPL ..................................................................... 4 .................................................... www.mpl.com Neonode ................................................................ 19 ............................................. www.neonode.com OSS ........................................................................ 5/IBC ............................... www.onestopsystems.com Pasternack ............................................................ 11 ........................................ www.pasternack.com Percepio ............................................................... 27 ............................................ www.percepic.com Pentek .................................................................. 13 ............................................... www.pentek.com PICO Electronics, Inc ............................................. 9/25 ................................... www.picoelectronics.com Pixus Technologies ................................................ IBC .............................. www.pixustechnologies.com Sealevel ................................................................. 23 .............................................. www.sealevel.com University of Cincinnati Online............................... 21 .............................................. www.online.uc.edu Versalogic ............................................................. 22 ............................................ www.versalogic.com COTS Journal (ISSN#1526-4653) is published monthly at; 3180 Sitio Sendero, Carlsbad, CA. 92009. Periodicals Class postage paid at San Clemente and additional mailing offices. POSTMASTER: Send address changes to COTS Journal, 3180 Sitio Sendero, Carlsbad, CA. 92009.
