Length: 3 Days
Print Friendly, PDF & Email

Avionics Software Safety Certification Bootcamp, Airborne Software Development Assurance

Modern avionics systems requiring certification by the FAA or EASA, must  satisfy the requirements of both DO-178C for safety considerations and DO-326A (set) for security.

The amount of software used in safety-critical systems is increasing at a rapid rate – this is particularly true in the area of avionic software safety for both civil and military aircraft.

Safety has always been a critical factor for aviation, but with increased interconnectivity of networked systems and potential vulnerability for malicious attacks, security and safety have become even more important.

Today, almost all aspects of the design, production, and operation of civil aircraft are subject to extensive regulation by governments.

Certification is a critical element in the safety-conscious culture on which civil aviation is based. The legal purpose of avionics certification is to document a regulatory judgment that a device meets all applicable regulatory requirements and can be manufactured properly.

At another level, beneath the legal and administrative machinery of regulatory approval, certification can be regarded differently. It can be thought of as an attempt to predict the future.

New equipment proposed for certification has no service history. Certification tries, in effect, to provide credible predictions of future service experience for new devices — their influences on flight crews, their safety consequences, their failure rates and their maintenance needs.

While certification is not a perfect predictor, historically it has been quite a good one.

Avionics Software Safety Certification Bootcamp, Airborne Software Development Assurance Course by Tonex

Avionics Software Safety Certification, Airborne Software Development Assurance Bootcamp is a 3-day training program focusing on Software Considerations in Airborne Systems and Equipment Certification.

This course presents considerations and methods of developing and analyzing avionics software and highlights managing a software safety program.  Airborne Software Development Assurance with acceptable means for showing compliance with the applicable airworthiness regulations for the software aspects of airborne systems and equipment in type certification or authorization.

Software planning, analysis, design, development and testing principles will be taught to create avionics systems that are fault tolerant and acceptably safe.

Training Bootcamp Objectives

To provide an understanding of the nature of software hazards, root causes, and the methods by which these hazards may be prevented or discovered.  The course will also provide instruction in administrative methods and documentation needed to establish and manage a software safety program.  Providing evidence for a safety case or proof will also be covered.

Who Should Attend

This course is designed for system engineers, system safety engineers and software engineers , analysts, developers, programmers, modelers,  quality, reliability, safety employees with little or no avionics software experience. The course is also useful for those who have experience with avionics software but have never had any formal training on the standard.

What You Will Learn

  • An overview of the avionics software considerations and development lifecycle
  • A summary of tools and applications.
  • Technical overview of RTCA DO-178C / EUROCAE ED-12C
  • Software development process, methods, their strength, and their effectiveness in dealing with the complexity of complex avionics system development, integration/operation processes.
  • DO-178 Compliance (DO-178 for UAV or UAS, and Military)
  • Overview of RTCA DO-330/ED-215
  • Software Tool Qualification Considerations
  • Overview of RTCA DO-331 / EUROCAE ED-218
  • Model-Based Development and Verification Supplement to DO-178C and DO-278A
  • Overview of RTCA DO-332 / EUROCAE ED-217
  • Object-Oriented Technology and Related Techniques Supplement to DO-178C and DO-278A
  • Overview of RTCA DO-333 / EUROCAE ED-216
  • Formal Methods Supplement to DO-178C and DO-278A

Program Structure

Lectures, hands-on and problem-solving practices using simple tools and methodologies. The course is designed to provide the participants with tools and best practices to analyze complex systems (system manufacturing, integration, and operation) to identify the root causes of problems.

  • Comprehensive Training Course Manual
  • Cheat Sheet
  • Tonex’s Analysis Tools, Techniques and Templates

Course Agenda/outline

Introduction to Airborne Software Development Assurance

  • Guidance for establishing software
  • Software life cycle planning, development, verification, configuration management, quality assurance and certification liaison processes to be used in development of software for airborne systems.
  • Objectives for software life cycle processes
  • Activities that provide a means for satisfying the objectives
  • Descriptions of the evidence that indicate that the objectives have been satisfied.
  • High-Level Overview of EUROCAE ED-12C/RTCA DO-178C, Software Considerations in Airborne Systems and Equipment Certification
  • High-Level Overview of EUROCAE ED-215, RTCA DO-330, Software Tool Qualification Considerations
  • High-Level Overview of EUROCAE ED-218, RTCA DO-331, Model-Based Development and Verification Supplement to ED12C and ED-109A or DO-178C and DO-278A
  • High-Level Overview of EUROCAE ED-217, RTCA DO-332, Object-Oriented Technology and Related Techniques, Supplement to ED-12C and ED-109A or DO-178C and DO-278A
  • High-Level Overview of EUROCAE ED-216, RTCA DO-333, Formal Methods Supplement to ED-12C and ED-109A or DO-178C and DO-278A

Details of RTCA DO-178C / EUROCAE ED-12C 

  • Software Considerations in Airborne Systems and Equipment Certification
  • Overview of DO-178C
  • System Aspects Relating to Software Development
  • Software Development Life Cycle
  • Software Safety Considerations
  • Overall Functional Hazard Assessment
  • Preliminary Assessment
  • Software Planning, Requirements Analysis, Architecture, Design and Test
  • Software Planning Process
  • Software Development Processes
  • Software Verification Process
  • Software Configuration Management Process
  • Software Quality Assurance Process
  • Certification Liaison Process and Certification Overview Process
  • Software Life Cycle Data

Overview of RTCA DO-330/ED-215

  • Software Tools Qualification Considerations (DO-330/ED-215)
  • Rationale for a Tool Qualification
  • Software tools for construction and safety certification of airborne systems software
  • Application of DO-330/ED-215
  • Assessment of software development and verification tools
  • Fundamental pre-conditions to establish for the project the tool qualification criteria
  • Tool Qualification Levels (TQLs)
  • DO-178/DO-330 development tool (Category 1) qualification
  • DO-178/DO-330 development tool (Category 2) qualification
  • Verification tools that automate the verification activities
  • DO-178/DO-330 verification tool (Category 3) qualification

Overview of RTCA DO-331 / EUROCAE ED-218

  • Model-Based Development and Verification Supplement to DO-178C and DO-278A
  • Model-Based Development and Verification (RTCA DO-331 / EUROCAE ED-218)
  • System’s requirements, design architecture, and/or behavior with modeling language
  • Context of model-based development
  • Automatically generate code
  • Automatically generate test cases
  • Using a qualified modeling tool
  • Shortened/simplified life cycle
  • Precise (and understandable) specification of requirements
  • Model-based development challenges
  • Merging of system and software life cycle processes
  • Role of traceability, and the question of what coverage analysis means in the. The guidance in DO-331 addresses these issues.

Overview of RTCA DO-332 / EUROCAE ED-217

  • Object-Oriented Technology and Related Techniques Supplement to DO-178C and DO-278
  • Object Orientation design approach
  • Object-Oriented System and Software Engineering
  • System architecture is based on the kinds of entities that the system deals with, and their
  • DO-332’s verification objective for type substitutability

Overview of RTCA DO-333 / EUROCAE ED-216

  • Formal Methods Supplement to DO-178C and DO-278A
  • Formal Methods (RTCA DO-333 / EUROCAE ED-216)
  • Use of formal (i.e., mathematically based) methods in software verification
  • Formal methods compliance

DO-178C Guidance:  Airborne Software Development Assurance

  • DO-178C guidance six key areas
  • Planning, development, verification, configuration management, quality assurance and certification liaison Objectives associated with the software level assigned to the software
  • Develop all of the associated life cycle data demonstrating satisfaction of the applicable objectives
  • Assigned Software Level
  • DO-178C testing as the overall process of complying with the guidance in DO178C, Software Considerations in Airborne Systems and Equipment Certification
  • Role of certification authorities FAA, EASA and Transport Canada approve all commercial software-based aerospace systems
  • Enabling Secure Boot & Secure Firmware Update for Avionics
  • DO-178 dead code
  • Executable (binary) software that will never be executed during runtime operations
  • DO-178 deactivated code
  • Software for ground maintenance or special operations
  • DO-178 Requirements Traceability
  • Software language checklist for avionics software
  • High order languages
  • Ada, C and C++
  • DO-178 Configuration Management (CM) tools
  • Configuration management of all software lifecycle artifacts
  • Managing requirements, design, code, tests, documentation
  • Certifiable products and RTOS
  • DO-178 Software Safety
  • Avionics ARP-4761
  • ARP-4754
  • Fault Tree Analysis (FTA)
  • Failure modes effect analysis (FMEA)
  • Safety Assessments
  • Functional Hazard Analysis (FHA)

DO-178C Design Assurance Levels (DAL)

  • DO-178C to facilitate cost-effective assurance is the definition of Design Assurance Levels (DAL)
  • DO-178 Criticality Level
  • DO-178 Level A
  • What is DO-178 Level B
  • DO-178 Level C
  • DO-178 Level D
  • DO-178 Level E
  • Consequences of potential software failure to the system as a whole
  • System safety assessment process (which precedes the application of DO-178C)
  • The five DALs to determine the amount of rigor required in the development and testing of a specific piece of airborne software
  • Requirements management
  • Traceability forms the basis or “foundation” (in the architectural sense) of DO-178C development and verification
  • System requirement traceability to one or more high-level or derived software requirements
  • software requirements traceability to one or more low-level requirements which then trace to source code
  • Demonstration of top-down traceability in requirements analysis

DO-178C Verification

  • Development of a Software Verification Plan (SVP)
  • Review of plans, design artefacts and traceability
  • Testing to software requirements
  • Analysis where testing
  • DO-178C software verification coverage requirements by Design Assurance Level (DAL)
  • DO-178 Structural Coverage
  • Statement coverage (SC)
  • Coverage criteria
  • Decision coverage
  • Modified condition/Decision coverage
  • Criteria for coverage as defined in DO-178C
  • Verification documentation
  • Software verification cases and procedures (SVCP)
  • Software verification results (SVR)
  • Reports on reviews of all requirements, design and code
  • Executable object code testing results
  • Code coverage analysis report

Evaluating DO-178 Certification Risks

  • Incomplete and general data within the five key DO-178 process plans
  • Missing design/low-level software requirements
  • Insufficient checklists for reviews
  • Incorrect or Incomplete traceability between components
  • Incomplete structural coverage for decision and MCDC (Modified Condition/Decision Coverage) coverage
  • Missing or improper tool qualification

Workshop 1: Working on a Simple Project using DO-178C Considerations

  • DO-178C Plan for Software Aspects of Certification
  • DO-178C Software Accomplishment Summary
  • DO-178C Software Coding Standard
  • DO-178C Software Configuration Management Plan
  • DO-178C Software Design Standard
  • DO-178C Software Development Plan
  • DO-178C Software Quality Assurance Plan
  • DO-178C Software Requirement Standard
  • DO-178C Software Verification Plan

Workshop 2:  Creating DO-178C Avionics Software Using Tonex’s Templates and Artifacts

  • DO-178C Plan for Software Aspects of Certification
  • DO-178C Software Accomplishment Summary
  • DO-178C Software Coding Standard
  • DO-178C Software Configuration Index
  • DO-178C Software Configuration Management Plan
  • DO-178C Software Design Data
  • DO-178C Software Design Standard
  • DO-178C Software Development Plan
  • DO-178C Software Quality Assurance Plan
  • DO-178C Software Requirements
  • DO-178C Software Requirements Standard
  • DO-178C Software Test Procedures
  • DO-178C Software Verification Analysis (including Traceability)
  • DO-178C Software Verification Plan
  • DO-178C Software Verification Results
  • DO-178C Source Code Review

Avionics Software Safety Certification Bootcamp, Airborne Software Development Assurance

Request More Information

Please enter contact information followed by your questions, comments and/or request(s):
  • Please complete the following form and a Tonex Training Specialist will contact you as soon as is possible.

    * Indicates required fields

  • This field is for validation purposes and should be left unchanged.

Request More Information

  • Please complete the following form and a Tonex Training Specialist will contact you as soon as is possible.

    * Indicates required fields

  • This field is for validation purposes and should be left unchanged.