MOBILITY ENGINEERING Produced by SAE Media Group
MOBILITY ENGINEERING
Magazines
Magazine cover

Current Issue

Archives

Magazine cover

Current Issue

Archives

Magazine cover

Current Issue

Archives

Magazine cover

Current Issue

Archives

Nvidia Partners with AdaCore to Secure Self-Driving Firmware

AdaCore’s open source Ada and SPARK software will enhance the security of Nvidia’s self-driving solutions.

(Image courtesy: Nvidia Corporation)

As mobility software becomes increasingly complex and connected, so does the risk of human error and system safety. To combat this, New York-based software company AdaCore  will work with Nvidia Corporation  of Santa Clara, California to apply open-source Ada  and SPARK  programming languages for select software security firmware elements in highly-complex, safety-critical systems like Nvidia’s DRIVE AGX automated and autonomous vehicle solutions.

Both Ada and SPARK are designed to help meet the most stringent software requirements for safety and security. The Ada programming language has numerous built-in features that detect code defects early in the software life cycle. According to Shri Sundaram  , who leads product management for the Nvidia DRIVE PX AI car computer for autonomous driving, these Ada features reduce the potential for human error and the need for extra cycles of testing and peer review after development.

The SPARK language – a restricted subset of Ada features designed to perform a formal mathematical proof – increases the certainty of catching defects early that might not have been detected otherwise. SPARK facilitates static analysis that can formally demonstrate certain properties of the code, ranging from correct data flows and absence of run-time errors such as overflow, to more advanced assertions and satisfaction of functional requirements.

Nvidia’s DRIVE AGX self-driving solutions are built on Nvidia’s Xavier autonomous driving processor. Xavier, an auto-grade, system-on-a-chip (SoC) is currently in production. It incorporates six different types of processors to run redundant and diverse algorithms for artificial intelligence (AI), sensor processing (camera, lidar, radar, and ultrasonic), mapping, and driving.

Read more: Nvidia’s newest AV processor: 30 trillion operations per second on 30 watts

“By integrating these languages into Nvidia hardware, the potential for the software to malfunction or be exploited is minimized. This verification process can happen faster and sooner in the development cycle, reducing waste,” writes Sundaram in his recent blog post, " Maximum Security Vision: Securing the Future of Safe Autonomous Driving  ."

For industries that have strong safety, reliability, and security standards, like aerospace and automotive, languages that perform verifications can translate to nearly 40 percent cost and time savings from enhanced software verification, according to a study by consultancy VDC Research  .

Read more: Nvidia’s new Level 2+ autonomy platform is making cars safer today

“Nvidia’s selection of Ada and SPARK ushers in a new era in the history of safety- and security-critical software development,” said Quentin Ochem, lead of Business Development at AdaCore. “We are proud to be contributing to the industrial standards set by such a market leader.” According to AdaCore, some Nvidia SOC product lines will migrate to a new architecture using the RISC-V Instruction Set Architecture (ISA) to facilitate this change. Also, Nvidia plans to upgrade select security-critical firmware software, rewriting it from C to Ada and SPARK. Both moves are intended to increase verification efficiencies to achieve compliance with the functional safety standard ISO-26262.

Read more: SAE International Cybersecurity Guidebook for Cyber-Physical Vehicle Systems

“Self-driving cars are extremely complex and require sophisticated software that needs the most rigorous standards out there,” said Daniel Rohrer, vice president of Software Security at Nvidia. “Taking measures like incorporating Ada and SPARK languages into Nvidia platforms can improve the robustness and assurances of our automotive security.”

AdaCore solutions have been fielded globally over the years to maintain a wide range of critical applications in domains such as commercial and military avionics, automotive, railway, space, defense systems, air traffic management/control, medical devices, and financial services.<>/p

William Kucinski  is content editor at SAE International in Warrendale, Pa. Previously, he worked as a writer at the NASA Safety Center in Cleveland, Ohio and was responsible for writing the agency’s System Failure Case Studies. His interests include literally anything that has to do with space, past and present military aircraft, and propulsion technology.

Contact him regarding any article or collaboration ideas by e-mail at This email address is being protected from spambots. You need JavaScript enabled to view it..

Topics:
Aircraft Analysis methodologies Architecture Artificial Intelligence Artificial intelligence (AI) Automated Vehicles Automotive Automotive Testing Autonomous vehicles Autonomy Avionics Buses Buses Commercial Vehicles Commercial vehicles Communication protocols Communication systems Communications Computer-Aided Design (CAD) Connectivity Cybersecurity Cybersecurity Data Acquisition Data acquisition and handling Data exchange Data management Displays Displays/Monitors/HMIs Electronic control systems Electronics Failure analysis Failure modes and effects analysis Global positioning systems (GPS) Highly automated vehicles Imaging Imaging and visualization Internet Internet of Things Internet of things (IoT) Manufacturing & Prototyping Navigation and guidance systems On-board diagnostics (OBD) Optics Optics Power Transmission Product Development Product development Propulsion Real-time data Remote sensing Risk management Safety critical systems Satellite communications Satellite/Spacecraft Communications Security systems Sensors Sensors and actuators Telecommunications Telecommunications systems Test & Measurement Transportation Trucks Trucks Unmanned Ground Vehicles (UGVs) Unmanned ground vehicles Vehicle drive systems Vehicles Wireless Wireless communication systems

More From SAE Media Group

    Transcript

    00:00:08 [Music] software pervades Our Lives more and more larger software systems rule all Finance our transportation systems the complexity of these systems keeps increasing software is now not just in you know military jets but it's all over it's in our smartphone it's in our car something like 10 million lines of code uh on the Chevy Vault and there were 8

    00:00:35 million lines of code on the Boeing 787 more and more devices carry some safety critical functionality where uh depending at every turn on uh software and increasingly we have to uh look in the direction of making software reliable Ada is becoming more relevant than ever I would say because we're now putting more and more intelligence into our software we're now expecting it to

    00:00:59 do things that it we used to rely on a human to do there was a an aim in the Ada design to not guarantee safety or or reliability of software but to provide all the tools that the language can provide uh to assist in that how can you do things better how can you do things safer if you can make software a part of the solution instead of a part of the problem that's a start most programming

    00:01:25 languages have some built-in Evolution mechanism Ada has a very formal model model in place with a um language design team we've um Incorporated the best uh understandings of research and in programming technology and language I think one of the things that makes Ada 2012 uh really interesting to new programmers is that it combines the advanced features that you might think

    00:01:49 of only appear in languages such as C++ and so on with an overriding interest in producing correct programs safe programs secure programs Ada 2012 has a strong EMP emphasis on um add additions to the language that allow the programmer to say this piece of code should do this and if it doesn't something is wrong the big thing is this notion of contracts uh the ab ability to specify the

    00:02:14 preconditions post conditions variance and so on if you have a clear statement of what the program does then you're in a position to use mathematical tools to show that the uh program is doing what it should everybody is talking about static analysis about testing about verification even about formal proof and that's new I think some of the strengths of ADA have emerged particularly in the

    00:02:36 security framework where safety to some extent you can test to see if a system is safe by trying various different modes security you almost have to prove that it's secure you can't as easily test that something is secure and that typically involves mathematical proof and that really requires that the language be very well defined youth indicate some kind of conversion of uh

    00:02:56 formal methods and conventional programming uh which is much more more flexible than what was available so far it's clear in in some programming languages you can spend 80 90% of your time after you've written the program after you've designed it just trying to get it to work properly because of all of the Hidden errors in Ada that that amount of time shrinks dramatically the

    00:03:17 case can be made that even if uh the initial design of a system takes a little bit longer uh if the system is reliable the financial advantages are obvious and now with this additional a to 2012 uh contract based features you can also dramatically shrink some of the test phases because the testing is essentially built in to the language itself and that's really a unique

    00:03:44 capability which should and could dramatically reduce the cost of test and debug uh the uh issue of multi-course is likely to become more and more important there is already a huge amount of research being poured into the area multic course are the new architectures where where um a single silicon chip contains not one Processing Unit but uh 24816 I just read about one that is up

    00:04:09 to 64 different processing units the proper way of programming those things to get uh efficient use of all this Hardware is still uh somewhat an open-ended research problem and uh we think that what Ada 2012 has done in that direction is an excellent First Step it's inefficient to just let all the tasks roam across all the processors we can do that but it's inefficient so

    00:04:34 you need ways of saying these tasks should execute on these processors these Tas should actually on these processes and that's an example of one of the many new features in Ada 2012 gives control over that so you know it's a language for the future in that respect there is a bunch of little feature here and there little enhancement that makes things much more easy uh you have enhancement

    00:04:55 on access type enhancement on containers iterators and these new features will make it easier to generate Reliable Software in all sorts of ways you have all of the flexibility and power that you could ever want in terms of full object-oriented programming with multiple inheritance you've got uh interfaces for synchronizing multi-threading and so on all of this

    00:05:18 really great power and then you've got this capability of specifying what you want the program to do and having the compiler and the tools and so on actually verify that it does what it's supposed to do and that's really a nice feeling where where not only can you say I've I've used all these great new features and I've got all this power and I can do these amazing things and I can

    00:05:36 prove to myself and to my boss and to the world that this actually does the right thing it's not just that it does cool stuff and and this could be used to control the commercial avonas control some anti-lock braking system control some you know space vehicle and I wouldn't be up all night worrying about it because I know it's safe I know it's secure and that's a pretty that's a

    00:05:58 pretty cool feeling

    Top Stories

    INSIDERManned Systems

    Feature Image New Copper Alloy Could Provide Breakthrough in Durability for Military Systems

    Technology ReportAR/AI

    Feature Image SkillReal Signs Tier 1 Supplier for NVIDIA-Powered AI Inspection

    INSIDERRF & Microwave Electronics

    Feature Image Metamaterials Antenna Makes Generational Leap in Multi-Band Connectivity

    INSIDERCommunications

    Feature Image Boeing to Develop New Space Force Nuclear Communications Satellites

    INSIDERUnmanned Systems

    Feature Image Regulation and Technology Changes Needed for Drone Detection, Mitigation in US...

    INSIDERDesign

    Feature Image Venus Aerospace’s Rotating Detonation Rocket Engine Completes First Flight...

    Webcasts