IntroductionThe intent of this presentation is to ease the concernsof avionics systems developers and provide a briefoverview of the changes that have been implemented inthe recent release of DO-178C.DO-178C was released to provide clarification and toaddress inconsistencies in DO-178B, as well asintroduce technology advancements in the areas ofcertifiable software development.ENSCO, a leading supplier of DO-178B development,verification and certification solutions, is prepared toassist our customer’s move to DO-178C.
What is the difference between DO-178C & DO-178B? Frank Merlino Certification Manager September 2012
DO-178C Background• Released by RTCA in December 2011• Released in parallel with DO-278A – guidelines for ground-based system certification• FAA has yet to update Advisory Circular 20-115B to reflect DO-178C acceptance as a means of FAA software approval• Expected to take effect 4Q 2012
Summary of Differences• Known issues regarding errors and inconsistencies have been corrected, addressing the errata of DO-178B• More precise, clearer language, and consistent terminology provided• Reinforcement that the full body of the document should be considered to fully understand the recommendations. – Annex A now includes each activity as well as each objective.• Hidden Objective of DO-178B now presented in Annex tables – A-7 #9 : Level A object code that is not traceable to source is required to be identified and verified for correctness. – A-9 # 1 : Assurance is obtained that software plans and standards are developed and reviewed for consistency.
Summary of Differences (cont.)• DO-178B gaps addressed – MC/DC definition has changed to support masking and short circuit as well as unique cause – Derived requirements should be fed into all the system processes, rather than just the System Safety Assessment process.• Clarification of guidance that was subject to differing interpretations in DO-178B Examples: Clarified that structural coverage analysis of data and control coupling between code components should be achieved by assessing the results of the requirements based tests (18.104.22.168.c ) Clarified all tests added to achieve structural coverage are based on requirements (22.214.171.124.d) Deactivated code (126.96.36.199.d)
Summary of Differences (cont.)• Technology Supplements – One or more supplements may be used in conjunction with DO-178C to modify the guidance for specific techniques. Section 12 was impacted, since the planned supplements more completely address specific techniques. – Supplements DO-330 Software Tool Qualification considerations DO-331 Model-based Development and Verification Supplement to DO-178C and DO-278A DO-332 Object Oriented Technology and related Techniques Supplement to DO-178C and DO-278A DO-333 Formal Methods Supplement to DO-178C and DO- 278A
Summary of Differences (cont.)• Tool Qualification – The terms “development tool” and “verification tool” are replaced by three tool qualification criteria that determine the applicable tool qualification level (TQL) in regards to software design assurance level.• Coordinated System/Software Aspects – Section 2, which provides system aspects related to software development, was updated to reflect current system practices and in coordination with updates to ARP4754.
Summary of Differences (cont.)• DO-178C addresses general topics, resulting in changes to several sections. Topics include a variety of subjects, such as applicant’s oversight of suppliers, parameter data items, and traceability.• Parameter Data Items is a new topic introduced in DO-178C and includes two additional objectives in the Annex tables. – A-5 #8 Parameter Data Item file is correct and complete. – A-5 #9 Verification of Parameter Data Item file is achieved.• Trace Data is now identified as Software Life Cycle Data (11.21 objective tables A-2 & A-6)
Summary of Differences (cont.)• Number of objectives per the Annex tables to be satisfied based on the software design assurance level that changed – Note: Objectives may change or increase based on use of supplements Software DAL DO-178B DO-178C A 66 71 B 65 69 C 57 62 D 28 26 E 0 0
About ENSCO AvionicsENSCO Avionics, Inc. provides safety-critical avionics software andcomplex hardware solutions to the industrys leading aerospaceand defense companies.Our turnkey solutions and products include: • Software (DO-178B/C, DO-278A) & complex hardware (DO-254) development, test, verification and certification • Vision Systems Solutions utilizing synthetic, enhanced and combined vision technologies to solve Situational Awareness (SA) challenges • IData® Tool Suite – A cross-platform software development toolkit for creating and deploying Human Machine Interface (HMI) applications • IGL – A high performance and efficient OpenGL® SC (Safety-Critical) software GPUFor a full overview of ENSCO Avionics’ offerings, visit www.ensco.com/avionics
Managed Avionics Solutions For more than 30 years, ENSCO has been a leading provider of safety/mission- critical embedded systems and software engineering solutionsSupport at any stage of the development life cycle • Requirements, Architecture, Prototype • Design, development, test, integration, maintenance, upgrades • Full verification & validation (System, HLR, LLR) • Low-level testing services (Unit/Module Test) • Full turnkey test qualification solutions • FAA certification/compliancy services • Process gap analysis & process consultationCore expertise includes • DO-178B/C (thru level A) • DO-278A AS-9100C Certified • DO-254 (thru level A) • SEAL (thru Level 1) • Mil-Std-498/2167A, Mil-Std-1679
For more information …Tom MatareseDirector, Business DevelopmentENSCO Avionics, Inc.3 Holiday Hill RoadEndicott, NY 13827(O) 607-741-6332(C) firstname.lastname@example.org/avionics