Skip to main content

Process improvement experiment of a code generator to the Ariane launcher


The share of software is dramatically increasing in AEROSPATIALE business, therefore one of the main focuses of management is to improve software development practices in order to be more competitive.
To stay in business in the long term, it is foreseen that it will be necessary to be able to master rigorous techniques in the development of security and safety related systems. In particular since the complexity of the critical software is increasing. Currently this has the effect that the cost of development and maintenance of the Control/Command systems is increasing significantly (up till 20 % of the entire launcher program costs).
One of the main problems we have at the moment with our software development is that the currently used informal methods do not promote the early detection of faults during the development. The majority of faults are consequently discovered late. The cost of their correction is therefore higher, and the development life cycle is too long.


The PIE will be based on using the VDM technology through a parallel development of an important component of a next generation workshop to be used to produce highly reliable software.
The component which will be considered in this project is the code generator which automatically translates AS-SCALA specifications into C code, because:

- it is the most difficult software piece of the SCALA workshop to design and validate,

- and because it is a component which is very suitable for being developed using formal methods (other code generators have already been developed using the VDM technology). This component is being used to produce security critical code and for such components it is becoming more and more common that a high level of certification is required.

AEROSPATIALE ESPACE & DEFENSE employs 5000 people, 10% are involved in software engineering. The unit where PICGAL is evaluated has a staff of 20 people.


The main expected commercial impacts from the PICGAL PIE are :

- shortening of development cycle, and furthermore reduction of the time to implement a modification (number of peoples involved, days number compared to software volume),
- improvement of software reliability without increase in development costs ( test proportion and remaining bugs number expressed in a reliability rate),
- improvement of delivered quality without increase in development costs.

These impacts should increase the competitiveness of Aerospatiale offer for Aerospace systems.

The primary anticipated benefit from this PIE project is an assessment of the feasibility and benefits of a more efficient process, based on the possibility of shortening the lead time due to the fact that correctness of the model could be achieved as early as the specification stage. This is particularly relevant for safety critical software such as Control/Command systems where the need to implement late changes/enhancements cannot be properly solved by the traditional step by step software process (specification, design, coding, unit test, integration, and validation).

Funding Scheme

ACM - Preparatory, accompanying and support measures


Aerospatiale Sni
Boulevard De Montmorency 37
75781 Paris