GNAT Pro Safety-Critical is ideal for developing systems that must meet the RTCA DO-178B / DO-178C (EUROCAE ED-12B / ED-12C) certification standards for airborne software.

GNAT Pro Safety-Critical is a complete development environment -- an enhanced version of GNAT Pro designed for building safe and secure software. Through its specially designed run-time libraries and its comprehensive tool suite, it helps reduce the cost of developing and certifying systems that have to meet software standards such as RTCA DO-178B / DO-178C (also known as EUROCAE ED-12B / ED-12C). The product’s fully configurable and customizable run-time libraries include several predefined profiles corresponding to particular sets of features that are especially applicable in real-time systems requiring safety certification.

Avionics Industry Standards

The purpose of RTCA DO-178B / EUROCAE ED-12B is to provide “guidance for determining, in consistent manner and with an acceptable level of confidence, that the software aspects of airborne systems and equipment comply with airworthiness requirements.” The guidance comprises:

  • Objectives related to the various software life cycle processes
  • Activities for achieving these objectives
  • Artifacts (life cycle data) demonstrating that the objectives have been met

The document discusses those aspects of airworthiness certification that pertain to the production of software for airborne systems and equipment used on aircraft or engines.

More on DO-178B

The RTCA/EUROCAE DO-178B/ED-12B avionics safety standard went through a revision that ended with the publication of the new DO-178C/ED-12C standard in December 2011. The core document is substantially the same as DO-178B, with a number of clarifications and a few minor corrections. The major effect of the update effort is the creation of a new "Tool Qualification Considerations" document and three supplements that adapt the core document guidance when specific technologies are used: "Model-Based Development and Verification", "Object-Oriented Technology and Related Techniques", and "Formal Methods". AdaCore participated in the DO-178C revision process, with Dr. Cyrille Comar contributing to the subgroup on Object-Oriented Technology and Related Techniques.

The Ada language and the AdaCore tools that are designed to help in DO-178B certification are equally useful for the new DO-178C standard. These include GNAT Pro Safety-Critical, SPARK Pro, GNATcoverage, GNATcheck, GNATstack, Qualification material, Traceability studies, specific runtimes, etc.

More on DO-178C


CodePeer has been qualified as a Verification Tool under DO-178B, a software standard for commercial airborne systems, automating a number of activities associated with that standard’s objectives for software accuracy and consistency. CodePeer has also been qualified for EN50128, the highest international standard for safety integrity concerning software for railway control and protection. The EN50128 qualification material addresses boundary value analysis (detecting errors such as buffer overflow), control flow analysis (detecting errors such as unreachable code), and data flow analysis (detecting errors such as references to uninitialized variables). Learn More about CodePeer »

Featured Project

Advanced Jet Avionics Display by Barco

Barco has developed an advanced business jet avionics display system using the AdaCore GNAT Pro Ada development environment. Barco selected the GNAT Pro High Integrity Edition, along with the Traceability Kit, running on Wind River’s VxWorks 653 RTOS in order to meet the highest levels of safety standard DO-178B.

Key Features of GNAT Pro Safety-Critical

  • Configurable Run-Time Library
  • Full Ada 2005 / 2012 Implementation
  • Advanced Static Analysis
  • Simplification of Certification Effort
  • Traceability
  • Safety-Critical Support and Expertise
Learn More »


Knowledge Center


  • When it comes to unmanned aircraft systems (UAS), virtually everyone is talking about and concerned with privacy issues – as though drones were robotic peeping Toms. The much larger and more critical issue, however, is security – without it, the potential exists for control of drones and even swarms of drones to be usurped and used to inflict harm. UAS hardware and software must be designed with development tools proven to be effective in the design and deployment of safety-critical and mission-critical systems and vehicles. In this webinar Robert Dewar will discuss the selection of optimal development tools and processes to ensure the safety, security, and reliability of real-time unmanned aircraft, onboard software, and ground control solutions.
  • The InSight webinar series continues with a webinar demonstrating how to write unit tests in a cost-effective way using the AdaCore toolset. More precisely it will show how to generate the unit testing framework using GNATtest, how to run the tests on an emulator such as GNATemulator and how to extract coverage results using GNATcoverage. This is primary aimed at developers and projects managers that already have unit testing infrastructure in place and are looking to reduce maintenance costs, as well as teams that are looking at implementing such techniques with minimal effort.

Developer Gems    

  • Gem #63: The Effect of Pragma Suppress

    Ada Gem #63 — The features of Ada have generally been designed to prevent violating the properties of data types, enforced either by compile-time rules or, in the case of dynamic properties, by using run-time checks. Ada allows run-time checks to be suppressed, but not with the intent of allowing programmers to subvert the type system.

  • Gem #53: Safe and Secure Software: Chapter 12: Conclusion

    Gem #53 is the concluding chapter of John Barnes' new booklet:

    Safe and Secure Software: An Introduction to Ada 2005.

    We hope you have enjoyed this series. In the attachment at the bottom of Gem #30 you can access the contents and bibliography for the entire booklet.