Airborne Software Certification Explained

DO-178C Update The RTCA/EUROCAE’s DO-178 avionics safety standard went through a revision that ended with the publication of the new DO-178C standard in December 2011. The core document is substantially the same as DO-178B, with a number of clarifications and a few minor corrections. The major change is the inclusion of several supplements. One supplement deals with tool qualification, and three others adapt the core document guidance when specific technologies are used: Model-Based Development, Object-Oriented Techniques, and Formal Methods.

From the Ada Connection 2011 talks, Dewi Daniels from Verocel gives an overview of DO-178C/ED-12C

Relevant Documents
  • DO-178C/ED-12C: Software Considerations in Airborne Systems and Equipment Certification. Can be purchased from RTCA here.
  • DO-178B/ED-12B: The official guidance document for Airborne Systems. Can be purchased from RTCA here or from Eurocae here
  • DO-248B : The official clarification on DO-178B in the form of a FAQ. Can be purchased from RTCA here
  • CAST papers: Several Position Papers from the Certification Authorities Software Team can be found here
What is DO-178B/ED-12B? The purpose of this document is to provide guidelines for the production of software for airborne systems and equipment that performs its intended function with a level of confidence in safety that complies with airworthiness requirements. The guidelines are in the form of:
  • Objectives of software life cycle processes
  • Description of activities and design considerations for achieving these objectives
  • Description of the evidence that indicate that the objectives have been satisfied
The document discusses those aspects of airworthiness certification that pertain to the production of software for airborne systems and equipment used on aircraft or engines.

DO-178B Safety Levels

The levels are defined in term of the potential consequence of an undetected error in the software certified at this level. Here are such consequences for each defined level:
  • Level A: Catastrophic: prevents continued safe flight or landing, many fatal injuries
  • Level B: Hazardous/Severe: potential fatal injuries to a small number of occupants
  • Level C: Major: impairs crew efficiency, discomfort or possible injuries to occupants
  • Level D: Minor: reduced aircraft safety margins, but well within crew capabilities
  • Level E: No Effect: does not effect the safety of the aircraft at all
These relate to the criticality of the airborne system. Flight control, navigation, and all fly-by-wire systems are flight critical and require DO-178B Level A certification. Entertainment systems fall at the other end of the criticality spectrum and would be Level E systems (except for the crew’s ability to override it when making public announcements “PA”).

DO-178B Documentation Requirements

DO-178B requires a thorough definition and documentation of the software development process. The base set of required documentation and life cycle artifacts include:
  • Plan for Software Aspects of Certification (PSAC)
  • Software Quality Assurance Plan
  • Software Configuration Management Plan
  • Configuration Control Procedures
  • Software Code Standard
  • Software Design Standard
  • Software Requirements Standard
  • Software Development Plan
  • Software Verification Plan
  • Source, Executable Object Code, SCI and SECI
  • Software Design Document
  • Software Requirements Document
  • Traceability
  • Test Cases and Procedures
  • Verification Results
  • Quality Assurance Records
  • Configuration Management Records
  • Problem Reports
  • Software Accomplishments Summary
  • Categories

  • Open-DO Projects

  • Want to get involved?

  • Contact

    info @ open-do.org