a practitioner's guide to do-178b, certification and the emerging do-178c standard shinto...
TRANSCRIPT
![Page 1: A Practitioner's Guide to DO-178B, Certification and the Emerging DO-178C Standard Shinto Joseph Operations Director, LDRA Technology Pvt. Ltd Bangalore](https://reader035.vdocuments.mx/reader035/viewer/2022062314/56649dce5503460f94ac227f/html5/thumbnails/1.jpg)
A Practitioner's Guide to DO-178B, Certification and the Emerging DO-178C
Standard
Shinto JosephOperations Director,
LDRA Technology Pvt. LtdBangalore
Software TechnologySoftware Technology
![Page 2: A Practitioner's Guide to DO-178B, Certification and the Emerging DO-178C Standard Shinto Joseph Operations Director, LDRA Technology Pvt. Ltd Bangalore](https://reader035.vdocuments.mx/reader035/viewer/2022062314/56649dce5503460f94ac227f/html5/thumbnails/2.jpg)
Click to edit Master title style
• Introduction• DO-178B Overview• Verification Activities
– Review– Testing– Analysis
• What’s Coming with DO-178C?– DO-178C Structure– Software Development Landscape– Traceability
• Indian Scenario• Summary
Agenda
![Page 3: A Practitioner's Guide to DO-178B, Certification and the Emerging DO-178C Standard Shinto Joseph Operations Director, LDRA Technology Pvt. Ltd Bangalore](https://reader035.vdocuments.mx/reader035/viewer/2022062314/56649dce5503460f94ac227f/html5/thumbnails/3.jpg)
Click to edit Master title style Agenda
DO-178B Overview
![Page 4: A Practitioner's Guide to DO-178B, Certification and the Emerging DO-178C Standard Shinto Joseph Operations Director, LDRA Technology Pvt. Ltd Bangalore](https://reader035.vdocuments.mx/reader035/viewer/2022062314/56649dce5503460f94ac227f/html5/thumbnails/4.jpg)
Click to edit Master title styleDO-178’s Timeline
• DO-178, November 1981– Basic guidance
• DO-178A, March 1985– 3 failure conditions / software levels
• critical/1, essential/2, non-essential/3– Development/verification steps
• DO-178B, December 1992– 5 failure conditions / software levels
• Catastrophic/A, Hazardous/B, Major/C, Minor/D, no effect/E
– Objectives-based• DO-178C, 2011?
– A modest update to DO-178B (If C based development)
– Adds guidance on model-based development, formal methods, object-oriented technology & tool
qualification
![Page 5: A Practitioner's Guide to DO-178B, Certification and the Emerging DO-178C Standard Shinto Joseph Operations Director, LDRA Technology Pvt. Ltd Bangalore](https://reader035.vdocuments.mx/reader035/viewer/2022062314/56649dce5503460f94ac227f/html5/thumbnails/5.jpg)
Click to edit Master title styleF-16 Falcon
Unstable airframe
![Page 6: A Practitioner's Guide to DO-178B, Certification and the Emerging DO-178C Standard Shinto Joseph Operations Director, LDRA Technology Pvt. Ltd Bangalore](https://reader035.vdocuments.mx/reader035/viewer/2022062314/56649dce5503460f94ac227f/html5/thumbnails/6.jpg)
Click to edit Master title styleF-16 Falcon
Unstable airframeFlipped crossing 0o
![Page 7: A Practitioner's Guide to DO-178B, Certification and the Emerging DO-178C Standard Shinto Joseph Operations Director, LDRA Technology Pvt. Ltd Bangalore](https://reader035.vdocuments.mx/reader035/viewer/2022062314/56649dce5503460f94ac227f/html5/thumbnails/7.jpg)
Click to edit Master title style
?• What failures
can occur
Result - System level Safety Integrity Level (SIL)
Hazard Analysis
• Severity
• Probability
![Page 8: A Practitioner's Guide to DO-178B, Certification and the Emerging DO-178C Standard Shinto Joseph Operations Director, LDRA Technology Pvt. Ltd Bangalore](https://reader035.vdocuments.mx/reader035/viewer/2022062314/56649dce5503460f94ac227f/html5/thumbnails/8.jpg)
Click to edit Master title style
Software Level
Impact of Failure
Probability of Failure(per operating hour)*
A Catastrophic 10-9
B Hazardous 10-7
C Major 10-5
D Minor 10-3
E No effect N/A
*FAA System Safety Handbook, Chapter 3: Principles of System Safety; December 30, 2000
DO-178B Safety Integrity Levels
![Page 9: A Practitioner's Guide to DO-178B, Certification and the Emerging DO-178C Standard Shinto Joseph Operations Director, LDRA Technology Pvt. Ltd Bangalore](https://reader035.vdocuments.mx/reader035/viewer/2022062314/56649dce5503460f94ac227f/html5/thumbnails/9.jpg)
Click to edit Master title style
Safety Assessment Process Guidelines & Methods (ARP 4761)
Aircraft and System Development Processes(ARP 4754)
Guidance for Integrated Modular Avionics (DO-297)
Electronics Hardware Development Lifecycle
(DO-254)
Software Development Lifecycle (DO-178B)
System Design InformationSafety InformationIntendedAircraftFunctions
Electronics Hardware Development Lifecycle
(DO-254)
Electronics Hardware Development Lifecycle
(DO-254)
DO-178B process
![Page 10: A Practitioner's Guide to DO-178B, Certification and the Emerging DO-178C Standard Shinto Joseph Operations Director, LDRA Technology Pvt. Ltd Bangalore](https://reader035.vdocuments.mx/reader035/viewer/2022062314/56649dce5503460f94ac227f/html5/thumbnails/10.jpg)
Click to edit Master title style…..DO-178B process
• Intended to ensure that avionics software performs its intended function with an appropriate level of confidence in safety.• Defines 5 processes:
– Planning, development, verification, configuration management and quality assurance
• Defines 5 levels of design assurance and 66 objectives:– Level A: 66 objectives (25 with independence)– Level B: 65 objectives (14 with independence)– Level C: 57 objectives – Level D: 28 objectives– Level E: no objectives
• Provides guidelines for implementing these processes and meeting these objectives.
![Page 11: A Practitioner's Guide to DO-178B, Certification and the Emerging DO-178C Standard Shinto Joseph Operations Director, LDRA Technology Pvt. Ltd Bangalore](https://reader035.vdocuments.mx/reader035/viewer/2022062314/56649dce5503460f94ac227f/html5/thumbnails/11.jpg)
Click to edit Master title styleDO-178B (cont.)
• Certifiable Software became central goal – Deterministic Verification Techniques
Software Level
Impact of Failure
Structural Coverage Technique
A Catastrophic MC/DC
B Hazardous Decision
C Major Statement
• MC/DC code coverage ensures that all conditions that independently affect a programmatic result have been tested
![Page 12: A Practitioner's Guide to DO-178B, Certification and the Emerging DO-178C Standard Shinto Joseph Operations Director, LDRA Technology Pvt. Ltd Bangalore](https://reader035.vdocuments.mx/reader035/viewer/2022062314/56649dce5503460f94ac227f/html5/thumbnails/12.jpg)
Click to edit Master title styleVerification Process
• Purpose: Detect and report errors that have been introduced during the software development process.
• Objectives: SystemRequirements
SoftwareRequirements
SoftwareArchitecture
SourceCode
ExecutableObject Code
satisfies
satisfies satisfiessatisfies
satisfies
![Page 13: A Practitioner's Guide to DO-178B, Certification and the Emerging DO-178C Standard Shinto Joseph Operations Director, LDRA Technology Pvt. Ltd Bangalore](https://reader035.vdocuments.mx/reader035/viewer/2022062314/56649dce5503460f94ac227f/html5/thumbnails/13.jpg)
Click to edit Master title styleVerification Activities
• Review− A qualitative assessment of accuracy,
completeness consistency and correctness.• Testing
− Demonstrate that the software satisfies its requirements.
− Demonstrate, to an appropriate degree of confidence, that errors that could lead to unacceptable failure conditions have been removed.
• Analysis− A quantitative assessment of accuracy,
completeness consistency and correctness.
![Page 14: A Practitioner's Guide to DO-178B, Certification and the Emerging DO-178C Standard Shinto Joseph Operations Director, LDRA Technology Pvt. Ltd Bangalore](https://reader035.vdocuments.mx/reader035/viewer/2022062314/56649dce5503460f94ac227f/html5/thumbnails/14.jpg)
Click to edit Master title styleReview
• A review provides a qualitative assessment of accuracy, completeness consistency and correctness.
if (x < 0) then z = y – 2;else z = y + 2;
- IP boilerplate- Comments- Indentation- Complexity- …
ReviewResult
- Compliance with requirements- Compliance with architecture- Verifiability- Accuracy and consistency- …
sourcecode
standards checklist
![Page 15: A Practitioner's Guide to DO-178B, Certification and the Emerging DO-178C Standard Shinto Joseph Operations Director, LDRA Technology Pvt. Ltd Bangalore](https://reader035.vdocuments.mx/reader035/viewer/2022062314/56649dce5503460f94ac227f/html5/thumbnails/15.jpg)
Click to edit Master title styleTesting
• Testing demonstrates, to an appropriate degree of confidence, that software satisfies its requirements and that errors that could lead to unacceptable failure conditions have been removed.
− Requirements-based tests: verify implementation of requirements.
− HW/SW integration tests: verify correct operation in the target computer environment.
− SW/SW integration tests: verify software interfaces and interrelationships.
![Page 16: A Practitioner's Guide to DO-178B, Certification and the Emerging DO-178C Standard Shinto Joseph Operations Director, LDRA Technology Pvt. Ltd Bangalore](https://reader035.vdocuments.mx/reader035/viewer/2022062314/56649dce5503460f94ac227f/html5/thumbnails/16.jpg)
Click to edit Master title style
• Test success− Proceed
• Test failure− Incorrect software behavior− Incorrect requirement− Incorrect test case/procedure− Incorrect test environment/setup
Test Result Analysis
![Page 17: A Practitioner's Guide to DO-178B, Certification and the Emerging DO-178C Standard Shinto Joseph Operations Director, LDRA Technology Pvt. Ltd Bangalore](https://reader035.vdocuments.mx/reader035/viewer/2022062314/56649dce5503460f94ac227f/html5/thumbnails/17.jpg)
Click to edit Master title styleTraceability Analysis
• Objectives− Verify that every requirement is implemented.− Verify that every requirement is tested.− Verify that every line of code has “a reason to be”.
• Common gaps− Requirement has no associated tests:
o Missing trace information, missing tests.− Requirement has no associated source code:
o Missing trace information, missing code, extraneous requirement.
− Source code doesn’t trace to requirements:o Missing trace information, extraneous code.
Requirements
Code Tests
![Page 18: A Practitioner's Guide to DO-178B, Certification and the Emerging DO-178C Standard Shinto Joseph Operations Director, LDRA Technology Pvt. Ltd Bangalore](https://reader035.vdocuments.mx/reader035/viewer/2022062314/56649dce5503460f94ac227f/html5/thumbnails/18.jpg)
Click to edit Master title style
Moving from DO-178B to C: The Essentials
![Page 19: A Practitioner's Guide to DO-178B, Certification and the Emerging DO-178C Standard Shinto Joseph Operations Director, LDRA Technology Pvt. Ltd Bangalore](https://reader035.vdocuments.mx/reader035/viewer/2022062314/56649dce5503460f94ac227f/html5/thumbnails/19.jpg)
Click to edit Master title style
Core DocumentIncluding DO-178B &Revised Processes
DO-178C
![Page 20: A Practitioner's Guide to DO-178B, Certification and the Emerging DO-178C Standard Shinto Joseph Operations Director, LDRA Technology Pvt. Ltd Bangalore](https://reader035.vdocuments.mx/reader035/viewer/2022062314/56649dce5503460f94ac227f/html5/thumbnails/20.jpg)
Click to edit Master title style
Core DocumentIncluding DO-178B &Revised Processes
Formal Methods
Supplement
Model-Based Development Supplement
Object- Oriented
Technologies Supplement
DO-178C
![Page 21: A Practitioner's Guide to DO-178B, Certification and the Emerging DO-178C Standard Shinto Joseph Operations Director, LDRA Technology Pvt. Ltd Bangalore](https://reader035.vdocuments.mx/reader035/viewer/2022062314/56649dce5503460f94ac227f/html5/thumbnails/21.jpg)
Click to edit Master title style
Core DocumentIncluding DO-178B &Revised Processes
Formal Methods
Supplement
Model-Based Development Supplement
Object- Oriented
Technologies Supplement
Tools Supplement
DO-178C
![Page 22: A Practitioner's Guide to DO-178B, Certification and the Emerging DO-178C Standard Shinto Joseph Operations Director, LDRA Technology Pvt. Ltd Bangalore](https://reader035.vdocuments.mx/reader035/viewer/2022062314/56649dce5503460f94ac227f/html5/thumbnails/22.jpg)
Click to edit Master title style
Software Development Landscape
DO-178C
![Page 23: A Practitioner's Guide to DO-178B, Certification and the Emerging DO-178C Standard Shinto Joseph Operations Director, LDRA Technology Pvt. Ltd Bangalore](https://reader035.vdocuments.mx/reader035/viewer/2022062314/56649dce5503460f94ac227f/html5/thumbnails/23.jpg)
Click to edit Master title styleTier 1Tier 1 High Level
Requirements
![Page 24: A Practitioner's Guide to DO-178B, Certification and the Emerging DO-178C Standard Shinto Joseph Operations Director, LDRA Technology Pvt. Ltd Bangalore](https://reader035.vdocuments.mx/reader035/viewer/2022062314/56649dce5503460f94ac227f/html5/thumbnails/24.jpg)
Click to edit Master title style
Software SpecsHand Code
Formal MethodsModelling Tools
High LevelRequirements
Tier 2
Tier 1
![Page 25: A Practitioner's Guide to DO-178B, Certification and the Emerging DO-178C Standard Shinto Joseph Operations Director, LDRA Technology Pvt. Ltd Bangalore](https://reader035.vdocuments.mx/reader035/viewer/2022062314/56649dce5503460f94ac227f/html5/thumbnails/25.jpg)
Click to edit Master title style
Implementation(Source Code / Assembly )
Software SpecsHand Code
Formal MethodsModelling Tools
High LevelRequirements
Tier 3
Tier 2
Tier 1
![Page 26: A Practitioner's Guide to DO-178B, Certification and the Emerging DO-178C Standard Shinto Joseph Operations Director, LDRA Technology Pvt. Ltd Bangalore](https://reader035.vdocuments.mx/reader035/viewer/2022062314/56649dce5503460f94ac227f/html5/thumbnails/26.jpg)
Click to edit Master title style
Host Tier(Node 1 – n)
Implementation(Source Code / Assembly )
Software SpecsHand Code
Formal MethodsModelling Tools
High LevelRequirements
Tier 4
Tier 3
Tier 2
Tier 1
![Page 27: A Practitioner's Guide to DO-178B, Certification and the Emerging DO-178C Standard Shinto Joseph Operations Director, LDRA Technology Pvt. Ltd Bangalore](https://reader035.vdocuments.mx/reader035/viewer/2022062314/56649dce5503460f94ac227f/html5/thumbnails/27.jpg)
Click to edit Master title style
Target Tier(Node 1 – n)
Host Tier(Node 1 – n)
Implementation(Source Code / Assembly )
Software SpecsHand Code
Formal MethodsModelling Tools
High LevelRequirements
Tier 5
Tier 4
Tier 3
Tier 2
Tier 1Tier 1
![Page 28: A Practitioner's Guide to DO-178B, Certification and the Emerging DO-178C Standard Shinto Joseph Operations Director, LDRA Technology Pvt. Ltd Bangalore](https://reader035.vdocuments.mx/reader035/viewer/2022062314/56649dce5503460f94ac227f/html5/thumbnails/28.jpg)
Click to edit Master title style
Test Results& Defects
Target Tier(Node 1 – n)
Host Tier(Node 1 – n)
Implementation(Source Code / Assembly )
Software SpecsHand Code
Formal Methods
High LevelRequirements
Test Results& Defects
Test Casesto LL Reqs
Test Casesto LL Reqs
LL Reqsto HL Reqs
Code to LL Reqs
Code &QualityReviewdefects
DesignReviewdefects
Requirements Traceability Matrix
Requirements Traceability Matrix
Requirements Traceability Matrix
Requirements Traceability Matrix
Tier 5
Tier 4
Tier 3
Tier 2
Tier 1
Modelling Tools
![Page 29: A Practitioner's Guide to DO-178B, Certification and the Emerging DO-178C Standard Shinto Joseph Operations Director, LDRA Technology Pvt. Ltd Bangalore](https://reader035.vdocuments.mx/reader035/viewer/2022062314/56649dce5503460f94ac227f/html5/thumbnails/29.jpg)
Click to edit Master title style
Traceability:Complex
![Page 30: A Practitioner's Guide to DO-178B, Certification and the Emerging DO-178C Standard Shinto Joseph Operations Director, LDRA Technology Pvt. Ltd Bangalore](https://reader035.vdocuments.mx/reader035/viewer/2022062314/56649dce5503460f94ac227f/html5/thumbnails/30.jpg)
Click to edit Master title styleComplexity: Sources
Dynamic aspects:Coverage must be performed on target
& combined with static traces to assure completeness
Formal Methods
Model-Based Development
Object- Oriented
Technologies
Low Level Requirements, or design?
![Page 31: A Practitioner's Guide to DO-178B, Certification and the Emerging DO-178C Standard Shinto Joseph Operations Director, LDRA Technology Pvt. Ltd Bangalore](https://reader035.vdocuments.mx/reader035/viewer/2022062314/56649dce5503460f94ac227f/html5/thumbnails/31.jpg)
Click to edit Master title style
System requirements allocated to Software
High-Level Requirements
Low-Level Requirements
Source Code
Executable Object Code
Test Cases
Test Procedures
Test ResultsReview and
Analysis Results
SW Architecture
DO-178C Traces
Level A, B,C and D
![Page 32: A Practitioner's Guide to DO-178B, Certification and the Emerging DO-178C Standard Shinto Joseph Operations Director, LDRA Technology Pvt. Ltd Bangalore](https://reader035.vdocuments.mx/reader035/viewer/2022062314/56649dce5503460f94ac227f/html5/thumbnails/32.jpg)
Click to edit Master title style
Source Code
Executable Object Code
Test Cases
Test Procedures
Test Results
Level A, B and CLevel A, B,C and D
Review and Analysis Results
SW Architecture
DO-178C Traces
System requirements allocated to Software
High-Level Requirements
Low-Level Requirements
![Page 33: A Practitioner's Guide to DO-178B, Certification and the Emerging DO-178C Standard Shinto Joseph Operations Director, LDRA Technology Pvt. Ltd Bangalore](https://reader035.vdocuments.mx/reader035/viewer/2022062314/56649dce5503460f94ac227f/html5/thumbnails/33.jpg)
Click to edit Master title style
Source Code
Executable Object Code
Test Cases
Test Procedures
Test Results
Level A Level A, B and CLevel A, B,C and D
Review and Analysis Results
SW Architecture
DO-178C Traces
System requirements allocated to Software
High-Level Requirements
Low-Level Requirements
![Page 34: A Practitioner's Guide to DO-178B, Certification and the Emerging DO-178C Standard Shinto Joseph Operations Director, LDRA Technology Pvt. Ltd Bangalore](https://reader035.vdocuments.mx/reader035/viewer/2022062314/56649dce5503460f94ac227f/html5/thumbnails/34.jpg)
Click to edit Master title style
Target Tier(Node 1 – n)
Host Tier(Node 1 – n)
Implementation(Source Code / Assembly)
Software SpecsHand Code
Formal MethodsModelling Tools
High LevelRequirements
Requirements Traceability Matrix
Requirements Traceability Matrix
Requirements Traceability Matrix
Requirements Traceability Matrix
TBreq®
RequirementsTraceability
TBmanager®
System TestManagement
TBmanager®
Unit TestManagement
TBvision®
Code ReviewDefects
LDRA Testbed®
Design ReviewDefects
TBrun®
HostTesting
TBrun®
TargetTesting
IBM® Rational® DOORS®
& Visure IRQA...
![Page 35: A Practitioner's Guide to DO-178B, Certification and the Emerging DO-178C Standard Shinto Joseph Operations Director, LDRA Technology Pvt. Ltd Bangalore](https://reader035.vdocuments.mx/reader035/viewer/2022062314/56649dce5503460f94ac227f/html5/thumbnails/35.jpg)
Click to edit Master title style Indian Scenario
-Lack of safety awareness -Gap between local and global practices -Sudden demand for aerospace skills -Need for a healthy ecosystem, backed by long term govt. policies -Committed engineers ready to work on Indian projects -Role of technology vendors -Regulatory framework- Defense and Civilian
![Page 36: A Practitioner's Guide to DO-178B, Certification and the Emerging DO-178C Standard Shinto Joseph Operations Director, LDRA Technology Pvt. Ltd Bangalore](https://reader035.vdocuments.mx/reader035/viewer/2022062314/56649dce5503460f94ac227f/html5/thumbnails/36.jpg)
Click to edit Master title styleSummary Summary
• Verification is an important component of DO-178− Review− Testing− Analysis
• Bottom line− Detect and report errors that have been
introduced during the software development process.
− Ensure that the software performs its intended function to an appropriate degree of confidence.
![Page 37: A Practitioner's Guide to DO-178B, Certification and the Emerging DO-178C Standard Shinto Joseph Operations Director, LDRA Technology Pvt. Ltd Bangalore](https://reader035.vdocuments.mx/reader035/viewer/2022062314/56649dce5503460f94ac227f/html5/thumbnails/37.jpg)
Click to edit Master title style ......Summary
…Requirements management / traceability paradigm no longer adequate
• Future:− Should accommodate emerging technologies,
methodologies − Requires distributed, collaborative, bidirectional
traceability mechanism− Security− India- an aerospace powerhouse…..
![Page 38: A Practitioner's Guide to DO-178B, Certification and the Emerging DO-178C Standard Shinto Joseph Operations Director, LDRA Technology Pvt. Ltd Bangalore](https://reader035.vdocuments.mx/reader035/viewer/2022062314/56649dce5503460f94ac227f/html5/thumbnails/38.jpg)
Click to edit Master title style
www.ldra.com
Software TechnologySoftware Technology
Copyright © 2011 Liverpool Data Research Associates Limited