1 Introduction
Real-Time Operating Systems (RTOSs) supporting critical avionics applications must provide time partitioning; that is the ability to guarantee a certain amount of execution time to applications in one time partition regardless of resource requests from applications in a different time partition. Time partitioning permits applications of differing criticalities to be cohosted on a single processor leading to reduced hardware architecture costs and reduced verification costs. For example, applications of DO-178B Level A (with anomalous behavior leading to catastrophic failure conditions in the aircraft) to Level E (with anomalous behavior causing no effect on aircraft capability or pilot workload) [5] can be co-hosted on a single processor. The transition in the 1980's away from federated avionics architectures to integrated modular avionics (IMA) architectures resulted from the spectacular increases in processing power. Among the IMA concepts [6] for building avionics systems was the use of time partitions where each application program (software module) would be robustly partitioned from other applications (modules), accomplishing separation of aircraft system functions while sharing the same hardware resources.