The RTCA and EUROCAE have released new software certification guidelines that are already having an impact on new designs in the United States and Europe. The venerable DO-178B/ED-12B has been updated and released as a series of seven documents which include the core DO-178C and a set of companion documents DO-330 thru DO-333 covering Tools, Model-based Development, Object Oriented design, and Formal Methods, respectively. Users will find strong alignment of these new documents with existing guidance issued on recent programs via FAA Issues Papers and EASA Certification Memorandum and Certification Review Items.
The update of the documents was accomplished with cooperation among industry, academia and regulatory authorities across the globe. The combined RTCA/EUROCAE team also ensured linkage to the related SAE documents including SAE’s new APR 4754A, Guidelines for Development of Civil Aircraft Systems.
Like EUROCAE and EASA in Europe, RTCA and its special committees enables FAA and private sector participants to work together in an open, fair and balanced partnership to create standards for the avionics market. Consensus is the essence of the value that RTCA brings to the aviation community. “The RTCA’s consensus process has served the aviation industry well for over 75 years, providing a venue for all stakeholders to be heard, producing standards that help ensure the continued safety of the air transportation system,” said RTCA President Margaret Jenny.
The old DO-178B and its companion document DO-248B have served the industry well over the years, but there was wide agreement in 2004 that the emergence of new software technologies created a need to re-harmonize this international standard. The creation of technology supplements provides further guidelines for dealing with the unique certification issues when using advanced development methodologies and techniques.
More than 100 active committee members and hundreds of other members, as well as the public who reviewed the final draft, provided comments on the document. While every comment was considered, only the very best practices survived the in-depth scrutiny by the engineers, DERs, and Subject Matter Experts on the committee. The regulatory agency’s experts were integrated into each team to provide timely feedback on each proposals to assure the outcome would meet the agency’s objectives to improve safety and consistency in compliance across all levels of certification. “The DO-178C/ED-12C development process has benefited from the collective experience of such a large and diverse group of committee members,” said Dewi Daniels, managing director, Verocel Ltd.
Many suppliers are already seeing DO-178C and the supplements called out in new proposal activity. With the issuance of the EASA CM-SWCEH-002 last year and the release of EASA’s Notice of Proposed Amendment 2012-11 in August, companies are revising their procedures. Companies with strong internal processes are finding they only need to perform minor tweaks to comply with the new guidelines. Companies who are venturing into advanced techniques for the first time are finding more of a challenge.
The 2011 release of DO-178C, DO-248C and companion supplements, along with FAA recognition of APR 4754A, have been key topics at yearly certification training events in the United States and Europe. For the past five years, the DERs have received steady updates with respect to the content of all these documents at events like FAA-sponsored 2011 National Software and Complex Electronics Hardware Conference in St. Louis, Mo.
Draft wording for EASA’s AMC 20-115 in NPA 2012-11 and the anticipated release of FAA AC 20-115C in January 2013 (recognizing DO-178C) are clear indication that we will see regulatory approval very soon. According to the RTCA, FAA will reference the other six RTCA documents separately in future Advisory Circulars.
Like DO-178B, the new RTCA documents provide guidelines for showing regulatory compliance. While not a cookbook, the documents provide the flexibility for companies to work with the latest tools and techniques without being unnecessarily or arbitrarily constrained. DO-178B owes its successful 20-year life span to the foresight of its authors and its generic nature. Its authors expect DO-178C/ED-12C to have a similar life span.
Mark A. Lillis is the director of systems and software engineering at Goodrich Pump & Engine Control Systems, in West Hartford, Conn.