Many people—and certainly most developers—have come to accept that there’s no such thing as bug-free software. Yet, when we board an airplane and take off for some distant place, we all assume that the airplane will stay in the air throughout the entire journey and safely land at its end.
Why do we put so much faith into such complex machines as modern airplanes, where thousands of intricate components are controlled by embedded software, whose development is a monstrous task where a single mistake can have disastrous consequences?
Because the development of embedded aeronautics systems adheres to strict aviation standards, guidelines, and specifications like DO-178C, whose purpose is to keep software bugs from compromising the safety of passengers and crew alike.
What Is DO-178C?
Also known as Software Considerations in Airborne Systems and Equipment Certification, DO-178C is an important standard applied in aviation development to guarantee the airworthiness of software systems used in civilian aircraft.
The standard is jointly published by Radio Technical Commission for Aeronautics (RTCA), a United States volunteer organization that develops technical guidance for use by government regulatory authorities and by industry, and the European Organisation for Civil Aviation Equipment (EUROCAE), the European leader in the development of worldwide recognized industry standards for aviation.
DO-178C replaces DO-178B, whose latest version was published in 1992 and is often associated with DO-254 that legislate hardware systems. Just like its predecessor, DO-178C classifies safety in five levels, with each level corresponding to the consequence of a software failure:
- Level A (Catastrophic) – A catastrophic failure may cause deaths and usually results in the loss of the airplane.
- Level B (Hazardous) – A hazardous failure has a large negative impact on safety or performance, or reduces the ability of the crew to operate the aircraft due to physical distress or a higher workload, or causes serious or fatal injuries among the passengers.
- Level C (Major) – A major failure significantly reduces the safety margin or significantly increases crew workload and it may result in passenger discomfort or even minor injuries.
- Level D (Minor) – A minor failure slightly reduces the safety margin or slightly increases crew workload. Examples of minor failures might include causing passenger inconvenience or a routine flight plan change.
- Level E (No Safety Effect) – This failure has no impact on safety, aircraft operation, or crew workload. An example might include a bug in the in-flight entertainment system.
For each of the five safety levels, a certain number of objectives must be satisfied in order to meet airworthiness requirements and obtaining approval of software used in civil aviation products:
|Level||Failure Condition||Objectives||With independence|
|E||No Safety Effect||0||0|
The phrase “with independence” means that the objective cannot be satisfied unless there is a clearly documented separation of responsibilities.
Since DO-178C became available for sale and use in January 2012, it has become the primary document by which the certification authorities such as FAA (a governmental body of the United States with powers to regulate all aspects of civil aviation), EASA (an agency of the European Union with responsibility for civil aviation safety), and Transport Canada (the department within the Government of Canada responsible for developing regulations, policies and services of road, rail, marine and air transportation in Canada) approve all commercial software-based aerospace systems.
It’s important to note that DO-178C is a non-prescriptive standard, which means that it doesn’t describe what must be done to meet the safety objectives it provides. As such, it gives the developers of software systems used in civilian aircraft a lot of flexibility, but it also sometimes creates ambiguity.
How to Support DO-178C?
The immense complexity of avionics software development necessitates the automation of manual processes for requirements management. The developers of avionics software systems need a centralized repository for requirements that allows them to easily trace back to the origin of each requirement and see every change made to it.
While Microsoft Word and Excel may be suitable requirements management tools in certain industries, they leave way too much to be desired when it comes to avionics software development, which is why the developers of avionics software systems embrace sophisticated requirements management tools, such as Visure Requirements ALM Platform.
Supporting DO-178C with Visure Requirements
Providing integral support to the complete requirement process, Visure Requirements is a state-of-the-art requirements management software solution capable of managing all requirement related information (like requirements, tests, change requests, risks, etc.), their relationships and their interactions with the users.
Visure Requirements offers comprehensive and agile requirements management for the development and verification of avionic embedded systems, allowing the developers of avionics software systems to standardize and streamline their processes related to DO-178C by providing a single centralized repository for all DO-178C objectives.
Visure Requirements can create, enforce, and manage many-to-many bi-directional traceability links, and it can automatically generate useful traceability matrices and reports to support effective decision-making and ensure timely completion of all objectives.
These and other qualities make Visure Requirements an indispensable requirements management tool that far exceeds the capabilities of Microsoft Office and Excel, keeping everyone on the same page and ensuring that customers get exactly what they paid for.
There’s no place for manual processes using Microsoft Word or Excel for requirements management in the avionics industry. Modern airplanes are such immensely complex machines that their development necessitates adequately complex methodologies, standards, and tools. DO-178C has become the de-facto gold standard for avionics software certifications, and achieving compliance with it requires traceability on all work items from requirements all the way to the released product. Smart software solutions such as Visure Requirements can help manage aviation-specific requirements and ensure the visibility of all development processes during the entire software lifecycle.