Module 5: Digital Techniques and
Electronic Instrument Systems
5.13 Software Management Control
DO178B is a document published by EUROCAE
(European Organization for Civil Aviation Equipment)
dealing with the safety of software used in aircrafts.
Provides guidance to determine if the software will
perform reliably in an airborne environment.
DO178B is titled “Software Considerations in
Airborne Systems and Equipment Certification”.
A software component to be approved for use in the
aircraft needs a document called Declaration of
Design and Performance.
This document is provided by the manufactures to the
CAA for approval.
The manufacturers provide evidence to the CAA that the
software component is designed and tested according to
the CAA regulations.
The applicants use as a guidance DO178 document.
The same procedure takes place in software
modifications (e.g. updates) made by the
Software Criticality Category
The aircraft constructor has assigned a Software Critically category to each software-
The classification is described in the DO178 document.
Level A: Catastrophic failure: Failure that prevents continued safe flight and landing.
Must be extremely improbable: 10-9
Level B: Hazardous / Severe Major Failure: Failure conditions that reduce the capability of
the aircraft or the crew ability to cope with operating conditions.
Examples: A large reduction in safety margins, very high workload or physical distress of the crew
due to a failure, serious or fatal injuries to a small number of the occupants.
Must be extremely remote: between 10-7 and 10-9
Level C: Major failure: Failure conditions that reduce the capability of the aircraft or the crew
ability to cope with operating conditions.
Examples: A significant reduction in safety margins, significant increase in workload or physical
distress of the crew due to a failure, discomfort to occupants, possible injuries.
Must be extremely improbable: 10-5 and 10-7
Level D: Minor failure: Failure conditions that do not reduce the capability of the aircraft and
involve crew actions which are within their capabilities.
Examples: A slight reduction in safety margins, a slight increase in workload of the crew due to a
failure. (e.g. routine flight plan changes).
Must be probable: more than10-5
Level E: No effect: Do not affect the capability of the aircraft or crew workload.
System and Equipment description.
Organization of software.
Criticality Categories and Software Levels.
Development procedures that ensure quality.
Software Verification Plan.
Description of testing procedures that have been taken and results.
Configuration principles (e.g. ways to modify it).
Procedures related with the quality assurance of the software and the relation
between the software and other aircraft components.
A schedule detailing the relationship between the current and past certified
Organization and Identification of the Documents
Description of any known errors, functional limitations and future upgrades.
A particular slide catching your eye?
Clipping is a handy way to collect important slides you want to go back to later.