The slide can be used by students or instructor for module 5 preparation. It does not contain all the required knowledge and it is expected to be delivered by an instructor.
2. EASA SYLLABUS
5.13 Software Management Control
Level 2
Awareness of restrictions,
airworthiness requirements and
possible catastrophic effects of
unapproved changes to software
programmes.
3. AIM
Awareness of restrictions using the
software for aircraft
Airworthiness requirements and
approval procedure
Possible catastrophic effects of
unapproved changes to software
programs
4. INTRODUCTION
Computer software used to drive
many type of system in aircraft
Can not be allowed it to fail during
operation
Requirements to evaluate, test and
verify for fail safe design
Failure prevention.
5. APPLICATION OF
SOFTWARE
Some example are:
primary and secondary flight controls
engine controls
electrical generation and distribution
brakes
radio and navigation equipment
flight instruments
automatic flight control
6. SOFTWARE APPROVAL
Software must be verify by authority for
approval and quality control.
Initial certification :
◦ Software must be design by approved company
◦ Approved by Design Organization
◦ Software must comply with authority requirement
(BCAR sec A)
◦ Software Validation process approved by local
authority.
Post-Certification Modifications
◦ Modification must based on rule apply to the
application on hardware
◦ Modification which effect software must be approved
by the Design Organization
7. DOCUMENTATION APPROVAL
Malaysian AN 57 issue in order to
recognize RTCA/EUROCAE document
with appropriate guidance material.
Include in RTCA/EUROCAE :
◦ DO-178/ED-12 : Application form for software
approval and guidance
◦ Requirement for software control
◦ Software documentation procedure
◦ Requirement for configuration management
◦ Rule for upgrading software
◦ Differential of software level
8. SOFTWARE TESTING
Every software must be provide the
testing method to maintain its
functionality.
Purpose is to determine all data process
corectly with the correct output.
Test should include :
◦ Typical data : test the comonly use program
path
◦ Unusual but valid data : test the exception
program path ( fail safe design)
◦ Incorrect, incomplete data : test the error
9. ABOUT RTCA
RTCA, Inc. (known as Radio Technical
Commission for Aeronautics until their re-
incorporation in 1991 as a not-for-profit
corporation) is a US volunteer organization that
develops technical guidance for use by
government regulatory authorities.
RTCA's objectives include but are not limited to:
◦ ensuring the safety and reliability of airborne systems;
◦ developing minimum operational performance
requirements for document-specific systems;
◦ developing guidelines for use by a regulatory
authority, the given authority determines appropriate;
◦ providing administrative and logistics resources that
enable teamwork among the world-wide aviation
community.
10. ABOUT EUROCAE
EUROCAE, the European Organisation for
Civil Aviation Equipment was formed
in Lucerne on 24 April, 1963.
EUROCAE has now been operating for more
than 40 years as a non-profit organisation whose
membership exclusively comprises aviation
stakeholders made up of Manufacturers (aircraft,
airborne equipment, ATM systems and ground
equipment), Services Providers, National and
International Aviation Authorities and Users
(Airlines, Airports, operators) from Europe and
elsewhere.
EUROCAE has developed performance
specifications and other documents exclusively
dedicated to the Aviation community.
11. DO 178C
DO-178C, Software Considerations in
Airborne Systems and Equipment
Certification is the title of the recently published
document fromRTCA, Incorporated, in a joint
effort with EUROCAE.
Replace DO-178B to be the primary document
by which the certification authorities such
as FAA, EASA and Transport Canada will
approve all commercial software-based
aerospace systems. Certification Authority
approval is pending.
The new document is called DO-178C/ED-12C
and was completed in November 2011 and
approved by the RTCA in December 2011. It
became available for sale and use in January
2012.[1
12. SOFTWARE LEVEL
JAA AMJ 25 FAA
RTCA/EUROCAE Effect on Aircraft and Occupants of
Criticality Criticality Failure or Design Error
Software Level
Category Category
1. Slight reduction of safety margin
2. Slight increase in workload (routine changes in
Minor Effect Non-Essential Level D
flight plan)
3. Physical effects but no injury to occupants
1. Significant reduction in safety margins
2. Reduction in the ability of the flight crew to cope
Major Effect Essential Level C with adverse operating conditions impairing their
efficiency
3. Injury to occupants
1. Large reduction in safety margins
2. Physical distress or workload such that the flight
Hazardous crew cannot be relied upon to perform their tasks
/severe-Major Essential Level B
Effect accurately or completely
3. Serious injury to or death of a relatively small
proportion of the occupants
Catastrophic 1. Loss of Aircraft
Critical Level A
Effect 2. Fatalities
13. FAILURE CONDITION
Minor
◦ Slight reduce safety margin of functional
capabilities, slight increase crew workload and
some inconvenience to occupants.
Major
◦ Reduce capability of aircraft, significant reduction in
safety margins or functional capabilities, increace in
crew workload and discomfort occupants.
Hazardous
◦ Reduce capability of aircraft , large reduction of
safety margin or functional capabilities, physical
distresser to crew and serious injury to some of
occupant
Catastrophic
◦ Failure condition prevent continue safe flight and
landing
14. INTRODUCTION TO
SOFTWARE LIFECYCLE
Initiation
Requirement
Design
Code, (Implementation)
Integration and Test
Installation
Operation and Maintenance
17. RESOURCES
CAA UK Recommended Books
Title Author
My Blog Aircraft Electricity and Eisman 0-02-801859-1
Electronics
Art of Electronics Horowitz 0-521-37095-7
Horowitz /Hill /Hill
Elements of Hickey/ 0070286957
Electronics Villines
Modern Aviation Helfrich 0-13-118803-8
Electronics
Micro Electronics in E Pallet 0-273-08612-X
Aircraft systems