AdaCore + Space

AdaCore has a long history of providing tools and expertise to the Space industry, helping developers build mission critical applications that extend to the farthest reaches of human exploration.

Space technology is the backbone of modern digital life, helping us to communicate, find our way, monitor the Earth for changes in climate, and literally go where no man has gone before. Still, millions of dollars are spent developing space and satellite projects, and, in most cases, you only get one shot for this kind of application to work, so it is critical to produce safe and totally reliable software. 

AdaCore has years of experience working with Space customers and has a deep understanding of the software standards involved and the tools and services needed to ease the workflow and manage costs.

Tools, Runtime Libraries and Qualification Materials

AdaCore tools can be used to meet verification objectives including coding standard compliance, code accuracy (prevention of errors such as buffer overrun, integer overflow, and references to uninitialized variables), and structural coverage analysis up to MC/DC. Specialized high-assurance run-time libraries, including one that implements the Ravenscar tasking profile, are simple enough to be included in qualified systems but expressive enough to support the needed functionality for hard real-time space software. Qualification material for the run-time libraries can be developed for the ECSS standard and adapted to new project contexts.

Sustained Branches

Maintaining qualified software brings unique challenges, since the customer needs to "freeze" on a specific version of the technology for stability, but still might require updated releases if a problem is encountered as the software evolves. AdaCore provides GNAT Pro Assurance subscription which includes a special "sustained branch" service, that supports this requirement

Our Experience with Qualification for Space

AdaCore has extensive experience helping our aerospace customers meet the European Space standards ECSS-E-ST-40C and ECSS-Q-ST-80C. AdaCore has already qualified several versions of the run-time libraries.

ECSS-E-ST-40C and ECSS-Q-ST-80C

The European Cooperation for Space Standardization is an initiative established to develop a coherent, single set of user-friendly standards for use in all European space activities. ECSS-E-ST-40C and ECSS-Q-ST-80C are the software-related standards for use in all European space projects and applications.



Customer Projects: Space

  • MDA

    International Space Station Communication Subsystem

    MDA, a business unit of Maxar Technologies, selected the GNAT Pro Assurance Ada development environment for the LEON3 target processor, to produce the software for a Ku-Band communication subsystem that will replace the current version. This critical International Space Station (ISS) subsystem has to work reliably over the long term, a requirement that led MDA to maintain Ada as the implementation language.

  • Vermont Technical College

    Lunar CubeSat

    Vermont Technical College successfully launched a lunar cube satellite into earth orbit, where it will remain for about three years to test the systems that will be used for the eventual lunar mission. The CubeSat’s navigation and control software was developed in SPARK/Ada using AdaCore’s GNAT Programming Studio (GPS) IDE and GNAT Pro compiler and exploiting Altran’s SPARK toolset to prove the absence of run-time errors.

  • Astrium

    International Space Station

    Astrium has selected GNAT Pro development environment and PolyORB middleware toolset for use in the Core Ground System (CGS) - CGS forms the basis to operate the Columbus laboratory, the European contribution to  the International Space Station (ISS). 

  • Thales

    Argos Satellite Project

    The GNAT Pro High Integrity Edition is being used by Thales to develop onboard instrument software for a unique, satellite-based worldwide location and data collection system dedicated to studying and protecting the environment.

View all customer projects »

AdaCore offers a variety of tools and services designed to meet the demands associated with building applications for space vehicles and satellites. The cornerstone is GNAT Pro Assurance, a complete Ada development environment specially oriented towards critical systems.

GNAT Pro Assurance

GNAT Pro Assurance includes a specialized service known as sustained branches, which allows a project to continue its use of a specific version of the technology, including upgrades to repair critical issues. It supports all versions of the Ada language standard (from Ada 83 to Ada 2012), and C support is an optional add-on. A full toolsuite is supplied, as well as a configurable run-time library and several specific run-times that are especially suited to high-assurance systems.





SPARK Pro

SPARK Pro is a language and toolset specifically designed for developing applications where correct operation is vital for safety or security. The SPARK Pro toolset offers static verification that is unrivalled in terms of its soundness, low false-alarm rate, depth and efficiency. The toolset generates evidence for correctness that can be used to meet the requirements of safety and security certification schemes.





CodePeer

CodePeer is an Ada source code analyzer that detects runtime and logic errors. It assesses potential bugs before program execution, serving as an automated peer reviewer, helping to find errors efficiently and early in the development life-cycle. It can also be used to perform impact analysis when introducing changes to the existing code, as well as helping vulnerability analysis. Using control-flow, data-flow, and other advanced static analysis techniques, CodePeer detects errors that would otherwise only be found through labor-intensive debugging.





GNATcoverage

GNATcoverage allows coverage analysis of both object code (instruction and branch coverage), and Ada or C language source code (Statement, Decision and Modified Condition/Decision Coverage - MC/DC)






QGen

QGen is a model-based development toolsuite for Simulink® and Stateflow® reduces the development and verification costs for developers of safety- and security-critical applications, through qualifiable code generation, model verification, and tight integration with AdaCore’s qualifiable target emulation and structural coverage analysis tools. The QGen code generator can generate MISRA C, but can also generate the verifiable SPARK subset of Ada, from Simulink® and Stateflow®. By selecting SPARK for code generation, can formally prove important safety and security properties of their software, not only enhancing quality but also decreasing testing costs.