Advanced DO-178C Training Workshop
Length: 4 Days
The primary standards document regarding software considerations in airborne systems and equipment certification is called DO-178C.
This is the document by which the certification authorities such as FAA, EASA and Transport Canada approve all commercial software-based aerospace systems.
DO-178C is the current go-to standard following its predecessor DO-178B. DO-178C inherited the DO-178B core document, principles and processes, while adding support for high-level modeling, object oriented programming and formal methods, with an emphasis on two-way traceability from model to executable code and back.
DO-178C also provides a tools supplement for addressing the qualification and capabilities of the tools used for modeling, object-oriented programming and formal methods.
The added supplements:
• DO-330: Software Tool qualification Supplement — Automated tools are more reliable than human beings in performing certain types of analysis. Thus, the requirement was that SC-205/WG-71 should encourage the use of automation.
• DO-331: Model-based Design & Verification Supplement — DO-331 addresses mapping of several objectives. It includes specification modeling but that approach is not typically followed in Simulink. Design models represent a more natural mapping for Simulink users.
• DO-332: Object Oriented Technology Supplement — Object oriented technology is a way of developing software based on objects that need to be programmed. The example of an object could be a Black Box: it sends and receives data.
• DO-333: Formal method supplement — Formal methods are mathematically-based technologies that can be applied in software development and verification. The mathematical basis of formal methods consist of formal logic and discrete mathematics.
Airborne vehicles — whether a commercial airline or a military jet — need to comply with functional safety standards.
DO-178C classifies safety in five levels. Each level corresponds to the consequence if the software fails.
• Level A: Catastrophic
• Level B: Hazardous
• Level C: Major
• Level D: Minor
• Level E: No Safety Effect
These software safety levels are designated based on risk. And the higher the risk, the more safety objectives need to be met.
Advanced DO-178C Training Workshop Course by Spectramind
Advanced DO-178 training workshop covers the aspects of DO-178C guideline, as well as its supplementary standards. You will be introduced to the philosophy, rationale, and history behind DO-178C and will learn about the methods and techniques required to develop and implement it in your organization.
Advanced DO-178C training workshop covers the main notions behind DO-178B/C avionics certification. It also reviews the differences between DO-178B and DO-178C.
RTCA DO-178C / EUROCAE ED-12C is an upgraded version of the DO-178B/ED-12B standard that controls the software for avionics systems in commercial airplanes. This recent revision demonstrates rather small modifications to the “core” guidance, but generated four important new documents:
• RTCA DO-330 / EUROCAE ED-215: Software Tool Qualification Considerations
• RTCA DO-331 / EUROCAE ED-218: Model-Based Development and Verification
• RTCA DO-332 / EUROCAE ED-217: Object-Oriented Technology and Related Techniques
• RTCA DO-333 / EUROCAE ED-216: Formal Methods
From DO-178B to DO-178C
Revising DO-178B started in late 2004 with the supports of a cooperative committee – RTCA Special Committee #205 (SC-205) and EUROCAE Working Group #71 (WG-71). This revision tried to accomplish the following objectives:
• Fixing mistakes and elucidate confusing content in DO-178B
• Facilitating software technologies and standards being applied since the publication of DO-178B
• Considering the additional material that support DO-178B, containing Certification Authorities Software Team (CAST) papers and Issues Papers (IPs)
While the intent was to change the type of the document from being process-based to product-based, the agreement decision was to limit the modifications only to the necessary ones, and to make the new version less difficult than the DO-178B. To that end, the modifications to the “core guidance” are rather small. Advanced DO-178C training workshop will discuss these modifications and help your organization to migrate from DO-178B to the most recent version, i.e., DO-178C.
Advanced DO-178C training workshop is mainly dedicated to practical activities, including labs, group class activities, and hands-on workshops. Even though our course agenda is intended to be comprehensive and covers all the required material, we are flexible to adjust it based on the needs of your organization.
Audience
Advanced DO-178C training workshop is a 4-day course designed for:
• Software engineers
• Project managers
• Systems engineers
• Software quality engineers
• Test engineers
• Quality and process assurance personnel
Training Objectives
Upon the completion of Advanced DO-178C training workshop, the attendees are able to:
• Understand all the parts of DO-178C
• Articulate the differences of DO-178B and DO-178C
• Discuss the background and evolution path of DO-178C
• Understand the DO-178C software life cycle model
• Explain the constituent processes of DO-178C
• Discuss the usual pitfalls and problems associated with DO-178C
• Apply the required methods to develop and implement DO-178C
• Use the best practices suitable for their organization
• Conduct process planning
• Elaborate environment considerations
• Discuss the requirements and architecture
• Perform the software verification process
• Determine considerations (memory usage, Worst Case Execution Time, language semantics, etc.)
• Understand and implement the DO-178C supplements
• Apply tool qualification
Course Outline
Overview of DO-178C
• DO-178C description
• DO-178C definitions
• DO-178C applications
• DO-178C vs DO-178B
• DO-178C terminology
• DO-178C background
• DO-178C objectives and goals
• DO-178C strategies
• DO-178C best practices
• Part number and nomenclature
• DO-178C team members and signature authority
• Organizational roles
• DO-178C acronyms
• Applicable documents
Overview of Aviation Systems
• System functions assigned to mechanical hardware
• System functions assigned to electrical hardware and software
• System failure circumstances
• High-level hardware functions and the latent failure points
• Security and partitioning
Software Architecture and Design with DO-178C
• Architectural block diagram
• Safety monitoring
• Resource distribution
• Repetition
• Fault acceptance threshold
• Timing
• Task scheduling
• Processor #1
• Situations and styles
• Assignments
• Processor #2
• Situations and styles
• Assignments
• Determining COTS software
• Real-time functioning
• Board support bundle
• Libraries
• Disabled code
• USB code
• RS-232 code
• Ethernet code
• Boot load code
DO-178C Certification Concerns
• Fundamentals of DO-178C
• Means to stay consistent with the certification
• Issue papers
• Certification Review Items (CRI)
• Software Development Assurance Levels (DALs)
• Demonstrating DAL
• Most critical failure conditions
• Command DAL and worst case failure condition
• Monitor DAL and worst case failure condition
• Video processor DAL and worst case failure condition
• Identifying the software level
• DO-178C objectives by DALs
• Conformity measure matrices
• DO-178C software compliance objectives
DO-178C Software Lifecycle Process
• Developing the V-Model
• Developing several DAL’s inside a particular lifecycle process
• Processes and actions relationships
• Various correlation among processes
• Lifecycle flow diagram
• Hardware and software aspects
• Developing software incremental lifecycle flow diagram
• How to provide effective feedback
• How to give feedback on the system and safety process
• How to give feedback to the development and integral processes
• Traceability of analyses and the assessment results
• Transition planning
• Peer planning
• Methods of reporting problem
• Software planning development
• Software planning development objectives
• Software planning development inputs
• Software planning development outputs
• Software planning development activities
• Technical boundaries
• Software planning development tool usage
• Software planning development transactional requirements
• Software integral processes
• Verification process
• Configuration management
• Quality assurance
• Certification liaison
• Software requirements process
• Software design development
• Software design development objectives
• Software design development inputs
• Software design development outputs
• Software design development activities
• Technical boundaries
• Software design development tool usage
• Software design development transactional requirements
• Software coding development
• Software coding development objectives
• Software coding development inputs
• Software coding development outputs
• Software coding development activities
• Technical boundaries
• Software coding development tool usage
• Software coding development transactional requirements
• Software integration development
• Software integration development objectives
• Software integration development inputs
• Software integration development outputs
• Software integration development activities
• Technical boundaries
• Software integration development tool usage
• Software integration development transactional requirements
• Software testing development
• Software testing development objectives
• Software testing development inputs
• Software testing development outputs
• Software testing development activities
• Technical boundaries
• Software testing development tool usage
• Software testing development transactional requirements
DO-178C Data Lifecycle
• Lifecycle data vs other data describing the system
• Trace data
• The lifecycle info to be generated and regulated
• The lifecycle info to other info describing the system
• The lifecycle info to be presented to the authority
• Software governor classifications
• The Lifecycle info DER delegation plan
Additional Deliberations
• Prior established software
• Tool qualification
• Unconventional methods
• Product service background
• Field applicable software
• Preference selectable software
• User alterable software
• Various versions of software
• COTS software
• Software supplier determination
• Deviations and alteration to plans
DO-178C Software Levels
• Level A: Catastrophic
• Level B: Hazardous
• Level C: Major
• Level D: Minor
• Level E: No effect
Software Planning Process
• Establishing software plans
• Defining the software lifecycle environment
• Language and compiler deliberations
• Establishing software guidelines
• Review and assurance software planning development
Verification Process Development
• High-level requirements verification
• Low-Level requirements verification
• Software structure verification
• Source code verification
• Integration process outputs verification
• Hardware/software incorporation verification
• Software integration verification
• Low-level verification testing
• Requirements-oriented verification test coverage
• Architectural coverage evaluation
• Test cases,
protocols and outputs verification
• Software development process traceability
• Software verification process traceability
• Verification of parameter data
Configuration Management Process (CMP)
• Configuration determination
• Baselines and traceability
• Reporting the issues, tracking them, and developing corrective action plans
• Change management
• Change evaluation
• Configuration status accounting
• Archive, recovery and statement
• Data control classification
• Software load control
DO-178C Supplements Standards
• DO-330: Software Tool Qualification Considerations
• DO-331: Model-Based Development and Verification
• DO-332: Object-Oriented Technology and Related Techniques
• DO-333: Formal Methods
DO-330 Software Tool Qualification Considerations
• Objectives
• Applications
• Criteria
• Criteria 1
• A tool, the output of which belongs to the airborne software and so could introduce an error
• Corresponding to development tool
• Criteria 2
• A tool that mechanizes verification process and so could fail to detect an error
• Corresponding to verification tool
• Criteria 3
• A tool that could fail to detect an error
• Corresponding to verification tool
• Tool Qualification Levels (TQLs) and related software level matrix
DO-331 Model-Based Development & Verification Supplement
• Models applications
• Specification Models including high-level requirements
• Design Models containing architecture and low-level requirements
• Planning phase
• Software model standards
• Simulations
• Model coverage evaluation
• Usage of model simulation
• Model coverage criteria to determine unintended functionality
DO-332 Object-Oriented Technology (OOT)
• Objectives
• Applications
• Planning phase
• Verification activities
• Vulnerability analysis
• OOT concerns and recommended solutions
DO-333 Formal Methods Supplement
• Mathematical based
• Specification
• Development
• Verification
• Clear software systems requirements definition
• Detailed interaction between engineers
• Verification documentation