Here we see a mixed-criticality PikeOS configuration, where multiple partitions of different safety levels coexist and share communication infrastructure.

Instead of using a non-certifiable stack like lwIP, this setup relies on SYSGO's Certifiable IP (CIP) — a minimal UDP/IP stack designed for safety projects.

CIP Key Features:

• Fully compliant with RFC networking standards
• Implemented as a PikeOS file provider
• Available via POSIX and native PikeOS APIs
• Includes a standard socket interface
• Suitable for guest operating systems like POSIX or PikeOS Native

This configuration allows deterministic, partitioned network access with minimal code size — essential for certification in environments like Avionics or Industrial Automation.

This PikeOS software architecture illustrates the black-channel communication model, where data integrity and timing are verified entirely at the endpoints, regardless of the Safety level of the transmission medium.

Black-channel networking is commonly used in:

• Industrial systems (e.g., hyper-automation with robotics, vision, and learning systems)
• Railway systems, where SIL-level separation is required

In this setup:

• A non-critical Linux partition provides the full TCP/IP stack
• Endpoints implement a safety protocol to verify the correctness and timeliness of received data
• If validity or timing constraints are violated, the system transitions to a safe state

To address this, the ARINC 664 Part 7 (AFDX®) standard defines a real-time, deterministic Ethernet-based network with:

• Redundant cabling
• Deterministic switching
• Fault-tolerant endpoints

While most implementations rely on dedicated FPGA hardware, SYSGO provides a software-based ARINC 664 stack that:

• Runs on standard COTS hardware
• Is fully compliant with Airbus AFDX® networks
• Can be deployed within PikeOS partitions

SYSGO’s AFDX®-compliant Software Stack