INTEGRITY-178B is the DO-178B–compliant and ARINC-653-1–compliant version of the INTEGRITY RTOS. It targets demanding, safety-critical applications containing multiple programs with different levels of safety criticality, all executing on a single processor.
INTEGRITY-178B is used in several military jets such as the B-2, F-16, F-22 and F-35, as well as the commercial airframes Airbus A380 and Boeing 787.
The INTEGRITY-178B kernel's design guarantees bounded computation times by eliminating features such as dynamic memory allocation. An MMU is used to provide full-system memory protection for all components, including user applications, device drivers, and inter-partition communications. Clocks and timers are protected with access permissions and implemented entirely in software. INTEGRITY-178B uses memory protection and error-handling to provide a secure system with built-in fault isolation and tolerance. At the lowest level, the kernel is protected from malicious access through its object-oriented design and access verification. The auditing and security engineering capabilities have allowed INTEGRITY-178B to obtain the EAL6 rating by the NSA. The TOE Architecture in the Security Target for the evaluation excludes components such as the file system and networking components from the definition of the TOE, focusing almost entirely on the core kernel itself. Other operating systems, such as Windows or Linux, though evaluated at lower levels of assurance, generally include these capabilities within their TOE.
Read more about this topic: Integrity (operating System)