NEW YORK and PARIS, February 5, 2019 – AdaCore, a trusted provider of software development and verification tools, today announced it is working with NVIDIA to implement Ada and SPARK programming languages for select security-critical firmware used for applications that demand stringent safety and security capabilities, like automated and autonomous driving.
Some NVIDIA system-on-a-chip product lines will migrate to a new architecture using the RISC-V Instruction Set Architecture (ISA). Also, NVIDIA plans to upgrade select security-critical firmware software, rewriting it from C to Ada and SPARK. Both moves are intended to increase verification efficiencies to achieve compliance with the functional safety standard ISO-26262.
“NVIDIA’s selection of Ada and SPARK ushers in a new era in the history of safety- and security-critical software development,” said Quentin Ochem, lead of Business Development at AdaCore. “We are proud to be contributing to the industrial standards set by such a market leader.”
Ada and SPARK are designed to help meet the most stringent software requirements for safety and security. The Ada programming language has numerous built-in features that detect code defects early in the software life cycle, expediting the peer review and testing effort. The SPARK language — a restricted set of Ada features designed to perform a formal mathematical proof — increases the certainty of catching defects early that might not have been detected otherwise. SPARK facilitates static analysis that can formally demonstrate certain properties of the code, ranging from correct data flows and absence of run-time errors such as overflow, to more advanced assertions and satisfaction of functional requirements.
“Self-driving cars are extremely complex and require sophisticated software that needs the most rigorous standards out there,” said Daniel Rohrer, vice president of Software Security at NVIDIA. “Taking measures like incorporating Ada and SPARK languages into NVIDIA platforms can improve the robustness and assurances of our automotive security.”
Founded in 1994, AdaCore supplies software development and verification tools for mission-critical, safety-critical and security-critical systems. Four flagship products highlight the company’s offerings:
- The GNAT Pro development environment, a complete toolset for designing, implementing, and managing applications that demand high reliability and maintainability. GNAT Pro is available for Ada and also for C and C++.
- The CodePeer advanced static analysis tool, an automatic Ada code reviewer and validator that can detect and eliminate errors both during development and retrospectively on existing software. CodePeer can detect a number of the “Top 25 Most Dangerous Software Errors” in the MITRE Corporation’s Common Weakness Enumeration (CWE).
- The SPARK Pro verification environment, a toolset based on formal methods and oriented toward high-assurance systems.
- The QGen model-based development tool suite for safety-critical control systems, providing a qualifiable and customizable code generator and static verifier for a safe subset of Simulink® and Stateflow® models, and a model-level debugger.
Over the years customers have used AdaCore products to field and maintain a wide range of critical applications in domains such as commercial and military avionics, automotive, railway, space, defense systems, air traffic management/control, medical devices and financial services. AdaCore has an extensive and growing worldwide customer base; see www.adacore.com/industries/ for further information.
AdaCore products are open source and come with expert online support provided by the developers themselves. The company has North American headquarters in New York and European headquarters in Paris. www.adacore.com/