Open or Out: U.S. Military Requirements for Modular Open Systems Architectures
Now that the Army has chosen its preferred Future Long Range Assault Aircraft in Bell’s V-280 advanced tiltrotor, the race is on to populate it with mission systems that will allow the machine to operate through adversaries’ sophisticated air defense systems.
Built to rigidly defined modular, open-architecture system standards, the barrier to entry is minimal to industry as long as the software or hardware meets those strictures.
Now MOSA has graduated from an engineering philosophy to requirements mandated from the highest levels of the Defense Department. In January 2019, MOSA was enshrined in federal law. The secretaries of the Army, Navy, and Air Force at that time all signed a memo that modular open systems standards should be “included in all requirements, program and development activities for future weapon systems, system modifications and new-start development to the maximum extent possible.”
Collins Aerospace is leading the charge to develop some of those standards for future Army rotorcraft as part of the Future Vertical Lift line of effort.
Thomas von Eschenbach, Director, Program Management, Army Rotary Wing Solutions & Huntsville Site Lead Collins Aerospace/Raytheon Technologies and a board member of the Vertical Lift Consortium, said a modular open systems development approach is perhaps the most important line of effort within the Army’s Future Vertical Lift program.
Three of the FVL line items—the Future Long Range Assault Aircraft, the Future Attack Recon Aircraft, and the Future Tactical Unmanned System—are platforms. The figurative glue that holds them together and will allow them eventually to operate together in a united aviation ecosystem is MOSA, Von Eschenbach said.
“I would argue that open systems is not just an evolutionary but a revolutionary approach, because there are so many things that it changes, whether it's how you write requirements, how you procure requirements, how you fund those capabilities, and then certainly, how do you certify and provide airworthiness certifications to modularity,” Von Eschenbach said in a recent interview.
Collins has entered a cooperative research and development agreement, or CREDA, with the Army to define standards for multi-core processors so that they and similar components can be more efficiently and affordably certified.
“If you brought a fully built Lego system, and then you certified it when you take a Lego out, are you recertifying the whole thing, or is this one Lego that's going to be ‘plug-and-play’ and have to be the one thing that you have to guarantee and understand?”
The CREDA is in direct support of the Army’s FVL program and will establish best practices for developing processors for the aircraft. The agreement, which is with the Army's Combat Capabilities Development Command Aviation & Missile Center, is to "develop best practices, approaches, processes, and methods for airworthiness certification of multicore processors" to "provide faster integration of new capabilities, greater mission flexibility and lower acquisition cost" for FVL platforms, Collins said in a statement announcing the agreement.
Collins Aerospace also opened a "MOSA Center of Excellence" in Huntsville, Alabama, the headquarters of Army aviation.
"[W]e will focus on shortening certification timelines and enhancing affordability" for the Army and industry, a company official said in the statement.
The CREDA has four phases, the first of which is simply a deep technical understanding of what Collins and the Army agree to develop. The standards are now being written in a second phase. Collins will then attempt a real-world use case of a multi-core processor built to those standards. Finally, the Army’s airworthiness directorate’s systems readiness director will publish the criteria as a sera service-wide requirement Eschenbach said.
“Then, not only do companies better understand what's being asked of them. When they deliver it, the software integration lab that the Army has would be able to test if it meets the standards,” Von Eschenbach said. The real benefit is once it's installed on an aircraft, if you want to use the iPhone as an example, if you want to add another app onto that and drop that software into that processor, you can then go back and only do a portion of the recertification.”
Several parallel efforts exist to establish open standards for procurement within the Army. Foremost is the Sensors Open Systems Architecture, or SOSA, technical standard. These development standards apply to sensor systems as well as control, communications, computers, and cyber systems.
Because those systems can be very complex, they often are costly to develop and procure. SOSA aims to establish modularity within C5 systems using non-proprietary open standards to reduce cost, complexity, and risk. Similar work is being done through CMOSS, which stands for C5ISR/EW Modular Open Suite of Standards, a modular open systems architecture intended to make Army command-and-control capabilities work seamlessly in a single rugged battlefield network.
Army’s VICTORY (Vehicular Integration for C4ISR Interoperability) architecture drives C4ISR and EW interoperability. It helps provide a “reference architecture” using a data bus-centric design, with open standards at both the hardware and software layer, all to provide better modularity and affordability.
Gregory Sikkens, Senior Product Line Manager for safety-certifiable board-level product lines at Curtiss-Wright, said MOSA and SOSA standards, as defined by U.S. industry members, are easing safety certification of avionics hardware and software throughout the world.
“I'm seeing a lot of interest in modular open standards in everything new that we do,” Sikkens said. He also used Lego as an example of how aircraft components, built to a set of predefined standards, can streamline the insertion of technology and the subsequent safety certification process.
“As they see these building blocks, you know, they can fill in the system of a building block like Lego bricks, with different systems together in different configurations and do it a lot more cost effectively than doing that through a traditional process. With SOSA and CMOSS, and all of these things, it now blends all that into one level playing field. So the challenge becomes finding the differentiator in your product because now you've pretty much taken the processor off the table. Everybody has the same processor. Everyone has the same amount of memory, so then what's the value added?”
Even existing, off-the-shelf avionics components and software must be certified when added to an aircraft or updated, Sikkens said.
“You have to tailor everything to those safety requirements in particular that were downloaded,” he said “Whether or not you have pre-developed and previously developed hardware, you've still got to go through a process, so there's still a cost with that and so you have to customize because you got the requirements given to you, but you haven't really played with the definition. So that's what's traditionally done.”
In the automotive world, upgrades to safety-critical components are called a “safety element out of context” and can be certified without taking a whole vehicle back through the process. Curtiss-Wright has borrowed from the automotive industry’s ISO 26262 compliance template to develop commercial off-the-shelf (COTS) safety-certifiable computer boards, Sikkens said. Curtiss-Wright’s boards are developed to a set of standards that are now harmonized between the FAA and European Aviation Safety Administration and meet U.S. military airworthiness standards, he said. Any boards built to those standards are essentially plug-and-play interoperable with certified aircraft, he said.
“Everything is on the shelf once we get the development completed,” Sikkens said. “Customers can then place an order for a safety certifiable module. You're looking at probably 12, 18 months of development before you actually have hardware that you can say is safe, certifiable, it's under control, and you've got documentation for it. Versus, you know, substantially less time once the hardware adheres to the pre-defined standards.”
