Safety Critical Working Group
The Khronos Safety Critical working group is developing open graphics and compute acceleration standards for markets, including avionics and automotive displays, which require system safety certification and where streamlined APIs can reduce certification costs. The OpenGL® SC 2.0 specification defines a safety critical subset of OpenGL ES 2.0, and now the safety critical working group is working to adapt more recent Khronos standards including the new generation Vulkan™ API for high-efficiency graphics and compute. The Safety Critical working group is also developing cross-API guidelines to aid in the development of open technology standards for safety critical systems.
OpenGL SC 2.0
The Safety Critical Profile for OpenGL ES 2.0 is designed to be deterministic and testable to minimize implementation and safety certification costs – while bringing GLSL shader programmability to safety critical graphics for enhanced graphics functionality with increased performance and reduced power. The OpenGL SC 2.0 API addresses the unique and stringent requirements of high reliability display system markets, including FAA DO-178C and EASA ED-12C Level A for avionics, and ISO 26262 safety standards for automotive systems. Building on the large number of worldwide customer deployments and successful avionics certifications using OpenGL SC 1.0, OpenGL SC 2.0 enables high reliability system manufacturers to take advantage of modern graphics programmable shader engines while still achieving the highest levels of safety certification.
- The OpenGL SC 2.0 core API specification and header file are in the OpenGL SC API Registry
- Leave a comment on the OpenGL SC 2.0 feedback thread on the Khronos forums
OpenGL SC 1.0
The Safety Critical Profile for OpenGL is defined to meet the unique requirements of the for safety-critical applications such as avionics and automotive instrumentation displays. OpenGL SC 1.0 removes functionality from OpenGL ES 1.0 to minimize implementation and safety certification costs. It also adds functionality, such as display lists, that are required to support legacy and auto-generated display applications in safety critical markets.
For Safety Critical applications: OpenGL SC 1.0 is defined relative to the OpenGL 1.3 specification and is designed to meet the needs of the safety critical market in Avionics, Industrial, Military and Automotive applications including D0178-B certification.
- The OpenGL SC 1.0 core API specification and header file, as well as the guiding philosophy document, are in the OpenGL SC API Registry
Safety Critical Working Group
OpenGL SC 2.0 Target Applications
- Avionics - The FAA Mandated DO-178C Level A and the EASA ED-12C Level A certification process for software airplane cockpits demands 100% reliable graphics drivers for instrumentation, navigation and controls
- Automotive - Integrated dashboard applications developed to ISO 26262 will need OpenGL SC safety-critical reliability
- Industrial - Equipment for power plant instrumentation, transportation monitoring and control, networking, surveillance, etc., will all eventually be updated with COTS graphics that meets safety-critical certification
- Medical - Real-time display of medical data requiring 100% reliability for surgery
- Military - Primarily Avionics but increasingly embedded training and visualization on handheld devices.
OpenGL SC 2.0 in Detail
Why develop standards for safety critical graphics?
Developing standards for safety critical graphics allows implementers of OpenGL SC to use COTS instead of developing proprietary hardware and graphics systems. Implementers can take advantage of mainstream industry technologies which reduces time to market and implementation costs. Using a standard specifically designed to for safety critical systems will also reduce validation and certification costs. Existing mobile hardware is well suited to safety critical systems providing high performance graphics with low power consumption. This makes OpenGL SC a cost effective solution to providing 3D graphics in any safety critical system.
What makes OpenGL SC 2.0 safety critical?
OpenGL SC 2.0 is specifically designed to be able to be used in safety critical systems. The two primary requirements for any safety critical system are that the system is deterministic and fully testable. It will always produce the same output from a given initial state, and it is fully testable in accordance with industry safety critical certifications. OpenGL SC 2.0 is designed to meet FAA Mandated DO-178C Level A and EASA ED-12C Level A for avionics and ISO 262626 for automotive systems.
OpenGL SC 2.0 – Graphics for Safety Critical
OpenGL SC 2.0 provides the same programmable shader pipeline as popular gaming platforms, providing high performance accelerated 3D graphics for safety critical environments. All non-essential functionality has been removed to minimize the code footprint and avoid unnecessary certification costs.
Third party application developers can develop applications using a standard OpenGL ES 2.0 driver with the ROBUSTNESS extension added. OpenGL SC 2.0 is backwards compatible with OpenGL ES 2.0 to make it easy for developers who are used to developing applications for OpenGL ES 2.0 to develop applications for safety critical systems.
OpenGL SC 2.0 is designed to run on existing OpenGL ES 2.0 hardware. Billions of OpenGL ES units ship every year, and the many years of successful field testing of OpenGL ES 2.0 makes it the obvious hardware choice for OpenGL SC 2.0 based systems.