DO-254

Abstract: RTCA document DO-297, Integrated Modular Avionics (IMA) Design Guidance and Certification Considerations, is one of several documents that are key to the approval of avionics and ultimately the certification of the host aircraft. The European Organisation for Civil Aviation Equipment (EUROCAE) equivalent of DO-297 is ED-124. The need for DO-297 is derived from the emergence of pioneering IMA architectures on the Airbus A-380 and Boeing B-787. Although DO-297 was too late to be part of the certification basis for these aircraft, the lessons learned from them did guide, in part, the content of DO-297. According to DO-297, IMA is a “shared set of flexible, reusable, and interoperable hardware and software resources that, when integrated, form a platform that provides services, designed and verified to a defined set of safety and performance requirements, to host applications performing aircraft functions”.

Abstract: The rapid growth in the use of software in airborne systems and equipment in the early 1980s resulted in a need for industry-accepted guidance for satisfying airworthiness requirements [1]. To assure the reliability of the software and to ultimately ensure the safety of passengers, the U.S. Federal Aviation Administration (FAA) has imposed software certifcation suited to the development of safety-critical systems. The FAA has accepted guidelines developed by the Radio Technical Commission for Aeronautics (RTCA) that respond to the necessity of reliability and safety, which are vital in this feld: DO-178B/EUROCAE ED-12B (DO-178B), titled Software Considerations in Airborne Systems and Equipment Certifcation [1]. DO-178B prescribes design assurance guidance for airborne software. The aim of DO-178B is to assure that software developed for avionics systems is reliable and safe to use in fight [2].

Abstract: The RTCA has recently released DO-178C and DO-278A as new certification guidance for the production of airborne and ground-based air traffic management software, respectively. Additionally, RTCA special committee SC-205 has also produced, at the same time, five other companion documents. These documents are RTCA DO-248C, DO-330, DO-331, DO- 332, and DO-333. These supplements address frequently asked questions about software certification, provide guidance on tool qualification requirements, and illustrate the modifications recommended to DO-178C when using model-based software design, object oriented programming, and formal methods. The objective of this paper is to first explain the relationship of DO-178C to the former DO-178B in order to give those familiar with DO- 178B an indication of what has been changed and what has not been changed. With this background, the relationship of DO-178C and DO-278 to the new DO-278A document for ground-based software development is shown. Last, an overview of the new guidance contained in the tool qualification document and the three new supplements to DO-178C and DO-278A is presented. For those unfamiliar with DO-178B, this paper serves to provide an entry point to this new certification guidance for airborne and ground-based CNS/ATM software certification.