Safety-Critical Java: The Mission Approach

  • James J. Hunt
  • Kelvin Nilsen


Safety-Critical Java is designed to simplify the runtime environment and code generation model for safety-critical applications compared with conventional Java, as well as improve the reuse and modular composability of independently developed software components and their corresponding certification artifacts. While the conventional object-oriented abstractions provided by the Java language already enable strong separation of concerns for passive components such as subroutines and data structures, safety-critical Java’s Mission abstraction generalizes these encapsulation benefits to the domain of active software components.Example active components that can be built as a Mission include device drivers, network communication stacks, plotting of RADAR and SONAR data, track management of RADAR and SONAR plots, and implementation of graphic user interfaces. These various active software components will likely be reused, reconfigured, and combined in different ways for different applications. Each safety-critical mission is comprised of one or more logical threads of execution which are generally structured as a set of periodic event handlers, asynchronous event handlers, and no-heap realtime threads.The Safety-Critical Java specification enforces strong separation of concerns between independently developed missions. And outer-nested missions are never allowed to access the data contained within inner-nested missions. A safety-critical Java application consists of one or more missions running in sequence or concurrently. This chapter introduces the concept of Safety-Critical Java Missions and motivates their use as a tool for software engineering abstraction.


Garbage Collection Event Handler Memory Area Cyclic Schedule Backing Store 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 3.
    aicas. Hija safety critical Java proposal. Available at, May 2006.
  2. 28.
    John Barnes. High Integrity Software, The SPARK Approach to Safety and Security. Praxis Critical Systems Limited, 2006.Google Scholar
  3. 65.
    G. Bollella, J. Gosling, B. Brosgol, P. Dibble, S. Furr, and M. Turnbull. The Real-Time Specification for Java. Java Series. Addison-Wesley, June 2000.Google Scholar
  4. 89.
    A. Burns, B. Dobbing, and T. Vardanega. Guide to the use of the ada ravenscar profile in high integrity systems. Technical Report Technical Report YCS-2003-348, University of York (UK), 2003.Google Scholar
  5. 132.
    P. Dibble and et al. The Real-Time Specification for Java 1.0.2. Available at
  6. 138.
    DIN. Bahnanwendungen - Telekommunikationstechnik, Signaltechnik und Datenverarbeitungssysteme - Software fĀr Eisenbahnsteuerungs- und Āberwachungssysteme, deutsche fassung edition, 2001. No. EN 50128; VDE 0831-128:2001-11.Google Scholar
  7. 155.
    EUROCAE. Object-Oriented Technology Supplement to ED-12C and ED-109A. No. ED-217.Google Scholar
  8. 156.
    EUROCAE. Software Considerations in Airborne Systems and Equipment Certification. No. ED-12B.Google Scholar
  9. 157.
    EUROCAE. Software Considerations in Airborne Systems and Equipment Certification. No. ED-12C.Google Scholar
  10. 158.
    EUROCAE. Software Standard for Non-Airborne Systems. No. ED-109.Google Scholar
  11. 159.
    EUROCAE. Final Annual Report for Clarification of ED-12B, 2001. No. ED-94B.Google Scholar
  12. 222.
    International Electrotechnical Commission. IEC61508. Standard for Functional Safety of Electrical/Electronic/Programmable Electronic Safety-Related Systems (E/E/PES), 1998. No. IEC 61508.Google Scholar
  13. 255.
    Lockheed Martin. Joint Strike Fighter Air Vehicle C++ Coding Standards for the System Development and Demonstration Program, December 2005.Google Scholar
  14. 275.
    MIRA Limited, Warwickshire, UK. MISRA-C: 2004 Guidelines for the use of the C language in critical systems, October 2004.Google Scholar
  15. 331.
    RTCA. Software Considerations in Airborne Systems and Equipment Certification. No. DO-178C.Google Scholar
  16. 332.
    RTCA. Software Standard for Non-Airborne Systems. No. DO-278.Google Scholar
  17. 333.
    RTCA. Final Annual Report for Clarification of DO-178B, 2001. No. DO-248B.Google Scholar
  18. 335.
    RTCA/DO-178B. Software Considerations in Airborne Systems and Equipment Certification, December 1992.Google Scholar
  19. 417.
    United States Government. Ada’83 Language Reference Manual, 1983.Google Scholar

Copyright information

© Springer Science+Business Media, LLC 2012

Authors and Affiliations

  1. 1.aicas GmbHKarlsruheGermany
  2. 2.AtegoNorth America

Personalised recommendations