News

May 7, 2019

Radically different software architectures

Our drone is designed to pull a cable with a 4200 kg lift force (enough to lift a fully loaded small truck); to fly with an angle of attack (angle between wing chord and apparent wind) that is close to the maximum allowable, and to fly 24/7 in all sorts of weather conditions. The control of these dynamics is fully automatic even for failure recovery and in all flight phases: launch, power generation, land, storage and relaunch. Last but not least, the drone has to meet safety and reliability levels approaching that of commercial aviation.

Designing the software for our drone (AP-3) started with a clean sheet design. The AP-3 software had to be fully deterministic: it had to respond in a totally predictable and verifiable way, not only in terms of functionality but also in terms of time. This has forced the software team to adopt radically different software architectures than what is commonly done in embedded software outside of the safety-critical and aviation world. Initially the team focused on whiteboard architecture and prototyping, then when those were validated the 5 headed team moved on to building the invisible parts of the software iceberg: the foundations libraries, drivers, code generation tools, etc. Today the team is releasing the visible parts, and getting them integrated on the hardware boards.

An increasing number of software packages have reached or are currently reaching a pre-integration level of readiness. Bruno Santos, Software Engineer: “One of the packages we are working on is the software driving the actuators spread around the aircraft and their sensors. The next milestone is the system integration: getting all the items to work as a whole, which has been happening already at small scale and is ramping up quickly as more and more items achieve the required level of completeness.”

"It's easy to forget what we're all working for when sitting behind our computers day in, day out. Getting to the flight test phase will be a great reward at the end of this long process of developing a brand new technology."

Bruno SantosSoftware Engineer

The team has adopted rigorous processes in order to meet the safety requirements from the aviation industry. These ensure high quality software standards. Bruno:” We’re constantly revising our work and our practices and the result can be seen already in our productivity and the maturity achieved by many of our software items, supporting libraries and tooling. However the biggest benefits are still to come when the software goes through certification and when the emphasis shifts from development to formal verification and maintenance.”

“It’s easy to forget what we’re all working for when sitting behind our computers day in, day out. Getting to the flight test phase: the maiden flight, the first autonomous flight, first tethered flight etc will be a great reward at the end of this long process of developing a brand new technology. With the test and integration efforts ramping up we will surely experience challenges, but the rewards will be great too.”