- protect applications from harming one another or the kernel itself
- guarantee CPU time for higher-integrity code in systems that combine applications of different safety integrity levels
- allow the developer to predict when processes will be scheduled for execution
- prevent applications from acccessing or corrupting internal kernel information
Achieving such a low risk of failure is non-trivial, to say the least. In fact, it's well-nigh impossible to satisfy the above requirements unless they are baked into the very design of the kernel.
Recently, Chris Hobbs of QNX wrote an article on the characteristics of SIL3-certified kernel. The article, published last week in Industrial Embedded Systems magazine, also touches on some development techniques for creating safety-related applications. To read the article, click here.
If you are attempting to navigate the complexities of the IEC 61508 certification process, you might also want to check out QNX's IEC 61508 Certification Support Package.