Professional Documents
Culture Documents
The Basics of DO 178C DO 254 AMC 20 152A
The Basics of DO 178C DO 254 AMC 20 152A
The Basics of DO 178C DO 254 AMC 20 152A
DO-178C,
DO-254, &
AMC 20-152A
Your guide to meeting airborne software and
hardware development requirements
THE BASICS OF DO-178C, DO-254, & AMC 20-152A
Introduction
Aviation systems development is one of the most heavily regulated activities in the world.
The aerospace industry has mandated safety, security, and efficiency of flight as key
priorities for airborne vehicles.
Since aircraft systems are comprised of mission-critical hardware and software, their development is also closely
regulated. Aviation engineers must demonstrate that the systems they design and build will make it safely from
point A to point B without putting passenger, crew, or operator lives at risk.
Why comply?
Staying on top of compliance for airborne software and hardware is critical for the following reasons:
Read on for our introductory guide to airborne software and hardware compliance to learn about key standards,
what they apply to, and our top tips for making compliance a smooth journey for you and your team.
THE BASICS OF DO-178C, DO-254, & AMC 20-152A
Key Standards
Airborne software and hardware standards are drafted and published by Airborne Electronic Hardware Development
RTCA*, an independent, non-profit Standards Development Organization Assurance
(SDO) that works closely with its European sister organization, EUROCAE
(European Organisation for Civil Aviation Equipment). These standards • Issued by EASA as AMC 20-152A and by the FAA as AC 20-152A.
become formally recognized via documents published by regional • Provides initial acceptable means of compliance with regard to
regulatory authorities: the hardware aspects of product certification.
• Classifies hardware and its components into four categories,
• In the U.S, the FAA (Federal Aviation Agency) issues Advisory Circular with defined objectives for each category. Where applicable,
(AC) documents. refers further into relevant sections and objectives defined in
• In the EU, EASA (European Aviation Safety Agency) publishes the EUROCAE/ED-80 or RTCA/DO-254 standard, named as
Acceptable Means of Compliance (AMC) documents. Design Assurance Guidance for Airborne Electronic Hardware.
Although avionic systems are subject to a multitude of regulatory Compliance with standards represents a significant investment
requirements, foundational guidance for airborne software and hardware in establishing controlled development processes. Over time,
is described in the following sets of documents: this investment will pay off through reduced costs, improved
productivity, and better quality.
DO-178C (Software Considerations in Airborne Systems and Equipment Certification) is the de facto and The origins of this standard
international standard for demonstrating that software integrated into military or commercial avionics began in the late 1970s, when
or aerospace systems is airworthy. In other words, it is the main document that certification authorities the aviation industry felt the
use to approve software-based aerospace systems. The latest (“C”) version of this has been available need for a prescriptive set of
since January 2012. design assurance processes for
airborne software. This was due
The purpose of DO-178C is to provide minimum technical requirements for developing airborne to the increased use of integrated
software systems. Ultimately these requirements seek to mitigate as much risk as is possible and software and hardware, which
ensure that the system performs to the highest level of confidence that the standard requires. required an approach with more
of a focus on documentation and
The standard identifies minimum operating performance requirements (MOPS), which means that testing than ever before.
companies can use different methods to achieve compliance as long as the objectives laid out by
the MOPS are met. All companies looking to comply with DO-178C need to provide a collection of As software engineering
supporting documents and artifacts to demonstrate that development processes and technologies and methodologies
controls are in place. have evolved, so has the standard
to make it less descriptive and
more objective-based, in order to
emphasize the design assurance
process but provide a level of
flexibility for the companies
involved.
DO-178C
THE BASICS OF DO-178C, DO-254, & AMC 20-152A
DO-254 (Design Assurance Guidance for Airborne Electronic Hardware) is a standard that provides DO-254 was developed by RTCA
requirements for those developing airborne electronic hardware. in the 1990s. Initially, engineers
and development companies had
The standard starts by outlining the classification of electronic hardware items into simple or complex little familiarity with DO-254, since
categories, and then provides objectives and processes to ensure the systematic design of both. aerospace companies preferred
to rely on proven and trusted
While sometimes seen as the ‘Little Sibling’ standard of DO-178C, DO-254 is equally important. designs using existing hardware
Certification authorities acknowledge the importance of both hardware and software safety in avionics, components.
so both standards are considered critical to ensuring the safe and efficient operation of aircraft.
Over time, as aerospace
While DO-254 was recognized by both EASA and the FAA, until recently the agencies differed in companies sought out new and
their interpretation of the guidance. This created a challenge for aerospace suppliers selling in differentiating capabilities, these
global markets. Thankfully, this issue has been resolved with the publication of AMC 20-152A, which newer components have brought
references and harmonizes DO-254 across regulatory agencies. about widespread industry
adoption of DO-254.
DO-254
THE BASICS OF DO-178C, DO-254, & AMC 20-152A
What is it?
AMC 20-152A
THE BASICS OF DO-178C, DO-254, & AMC 20-152A
AMC 20-152A recognizes the evolution of modern avionics. Today’s aviation Background
engineers combine custom logic and IP with commercially available components in
a myriad of ways: COTS devices continue to increase in complexity and
configurability, providing a wide range of off-the-shelf
• They buy commercially available Programmable Logic Devices (PLDs) or Field functionality. Incorporating COTS devices into aerospace
Programmable Gate Arrays (FPGAs) and program them with custom digital systems delivers higher performance—at lower cost—
system, IP, or System on a Chip (SoC) solutions. than was possible in the past. However, these advantages
come with a caveat: in general, these devices were not
• Using proven digital designs, they develop optimized Application Specific developed for use in airborne systems. As a result, they
Integrated Circuits (ASICs) as custom silicon chips. typically lack the assurance that they were developed
using a rigorous development process commensurate
• They interconnect programmable devices with single/multi-core processors with aviation safety risks.
where airborne software is executed.
AMC 20-152A clarifies expectations for CBA
• They combine custom, semi-custom and COTS components in CBAs to deliver development—technology that pre-dated the original
functionality in a variety of onboard avionics systems. hardware standard. It provides explicit guidance for
documenting CBA requirements and validation flows from
the overall system to supporting hardware. This helps
ensure the consistency and quality of airborne hardware.
AMC 20-152A
THE BASICS OF DO-178C, DO-254, & AMC 20-152A
Key Stakeholders
Objectives of DO-178C
Minor D 26
No Effect E 0
DO-178C
THE BASICS OF DO-178C, DO-254, & AMC 20-152A
1. Planning The software life cycle data required by DO-178C includes the following:
Planning comes first, i.e. documenting how you aim to meet the DO-178C
objectives and documenting all your proof and evidence to demonstrate • Plan for Software Aspects of Certification
it. This is also when integral processes should be laid out. • Software Quality Assurance Plan
• Software Configuration Management Plan
2. Development • Software Development Plan
This includes everything related to the development of DO-178C • Software Requirements Standard, Software Design Standard,
compliant software, including requirement definition, software Software Coding Standard
architecture development, software coding, and integration. • Software Verification Plan
• Software Requirements Data
3. Integral • Tool Requirements Document
These are integral processes which need to be adhered to throughout • Software Design Description
a project, namely: Verification, Configuration Management, Quality • Source Code, Libraries
Assurance and Certification Liaison. The result of following these • Executable Object Code, Parameter Data Item File
processes should be evidence which demonstrates that you followed • Software Verification Cases and Procedures
the processes planned – evidence that can be provided to certification • Software Verification Results
authorities. • Software Configuration Index
• Software Life Cycle Environment Configuration Index
• Traceability Data
• Software Accomplishment Summary
• Tool Qualification Plan
• Tool Qualification Data
• Software Quality Assurance Records
• Software Configuration Management Records, Problem Reports
DO-178C
THE BASICS OF DO-178C, DO-254, & AMC 20-152A
Objectives of DO-254
The more critical a system is considered, Major Possible stress, <1 x 10-5 chance of Backup systems
the higher DAL it will receive, meaning (Level C) injuries failure/flight/hr
that DAL A designates the most critical
systems. The criticality of a system is
assessed by examining the aircraft and Minor Inconvenience None Ground navigation
interacting systems. (Level D) systems, In-flight
entertainment
DO-254
THE BASICS OF DO-178C, DO-254, & AMC 20-152A
DO-254
THE BASICS OF DO-178C, DO-254, & AMC 20-152A
AMC 20-152A pertains to the electronic hardware aspects of airborne systems and equipment. This AMC document:
• Describes when to apply DO-254 and supplements the DO-254 standard with additional guidance and clarification for the development of
Custom devices, use of COTS devices, and development of Circuit Board Assemblies (CBAs).
• Assigns a unique identifier for each electronics hardware objective.
Number of
Identifier Topic Comment
Objectives
Development of Programmable logic devices (PLDs), field-programmable gate arrays (FPGAs), and application-
CD-i 12
custom devices specific integrated circuits (ASICs), are collectively referred to as ‘custom devices’*
IP refers to design functions used to design and implement a part of or a complete custom
Use of COTS IP in
IP-i 7 device. It is considered to be COTS intellectual property when it is a commercially available
custom devices function used by multiple users in a variety of applications.
Demands COTS devices complexity assessment and applies to those that are consider
COTS-i Use of COTS devices 8
complex and contribute to DAL A, B or C functions.
AMC 20-152A *These custom devices are referred to as “custom micro-coded components“ in DO-254.
THE BASICS OF DO-178C, DO-254, & AMC 20-152A
Custom Devices
20-152A provides guidance on how to classify custom devices. Devices classified
as complex require a well-defined development process as described in DO-254.
Devices classified as simple may be subject to a less rigorous process; however, at
a minimum, vendors must assure that the devices perform their intended functions
and are under configuration management control.
Development of CBAs
AMC 20-152A addresses the development of CBAs that contain complex custom or
COTS devices. In order to ensure the CBA performs as intended, it recommends that
the CBA development process include requirements capture, validation, verification,
and configuration management activities.
AMC 20-152A
THE BASICS OF DO-178C, DO-254, & AMC 20-152A
Now that you’re familiar with DO-178C, DO-254 and AMC 20-152A and their contents, it’s time to tackle best practices for
optimizing your compliance efforts. Here are PTC’s top tips for ensuring your aviation products are fit for flight:
1. Use clear definitions and terminology. 2. Ensure full traceability from the start.
Make sure that everyone on your team, as well as stakeholders and You need to be able to show the connection between software source
contractors, are on the same page. Your airborne software and hardware code and low-level requirements, low-level requirements and high-level
will only be as good as the requirements that define it. Ambiguity and requirements, and high-level requirements and system requirements,
inconsistency up front causes additional iterations during development as well as how everything links to test cases, test procedures, and test
and testing, increasing overall development cost. All technical terms results. Similarly, you need to show the allocation of requirements to
and measurement units need to be used consistently throughout hardware conceptual design and detailed design, with associated test
planning and requirements development. Creating a glossary that you cases and test results.
keep updated can be helpful to make sure everyone has the same
understanding throughout the project. This provides transparency to your team and allows everyone to see
the progress and results made. It also facilitates change management
and demonstrates your commitment to compliance from the beginning.
Finally, it makes it possible for any accreditation and certification
authorities to establish whether or not you have fulfilled compliance
requirements, which speeds up the auditing process.
THE BASICS OF DO-178C, DO-254, & AMC 20-152A
3. Use precise requirements. The right tooling reduces costs, delays, and time to market
When it comes to planning and requirements, you want to be crystal- Managing avionics systems development with paper-based or legacy
clear about what is needed. Use specific figures which correlate with documentation systems can be tedious, will slow you down, and can
quantitative system requirements for the actual systems you are make it extremely difficult to demonstrate compliance. That’s why the
developing. Make sure to take system reaction times into consideration right tooling makes all the difference.
as well as input and output figures. Make sure that the emphasis remains
on the quality of requirements rather than an exhaustive quantity. Successful product developers in safety-critical industries—including
aviation & defense, automotive, and medical technology—use fully
integrated Application Lifecycle Management platforms to create the
4. Organize meticulous documentation. digital thread that connects all processes of product delivery.
At the end of the day, DO-178C, DO-254 and AMC 20-152A compliance Using a mature, compliance-ready platform like PTC’s Codebeamer or
comes down to the precision and quality of your documentation. You Codebeamer X allows you to:
need to be able to display every plan you made, steps you have taken
to follow those plans, as well as processes, reports, and relevant data. • Leverage automated workflows to streamline development
These are the things certification authorities are going to want to see in • Automate documentation to simplify regulatory compliance
order to assess your compliance efforts. • Cut development and compliance costs
• Reduce your products’ time to market
• Achieve and demonstrate compliance with DO-178C, DO-254, and
other aviation standards
THE BASICS OF DO-178C, DO-254, & AMC 20-152A
© 2023, PTC Inc. All rights reserved. Information described herein is furnished for informational use only, is subject to change without notice, and should not
be taken as a guarantee, commitment, condition or offer by PTC. PTC, the PTC logo, and all other PTC product names and logos are trademarks or registered
trademarks of PTC and/or its subsidiaries in the United States and other countries. All other product or company names are property of their respective owners.
025-the-basics-of-DO-178C-DO-254-AMC-20-152A-02-20