7b System Design & Development (Lecture Slides) ME4022

System Design & Development
2
System Design & Development
Aircraft systems
more complex & Increasingly
sophisticated for difficult
technology and development
performance process
reasons
Need to capture/cover:
• All system requirements
• Interdependencies between systems
• Safety and integrity analyses
• Analytical activities
Regulations – Development Process - Analyses
3
Feed-pump fuel system
System Design
Key Agencies & Documentation
SAE Aerospace Recommended Practice (ARP) 4754, 4761
FAA Advisory Circular (AC) 25.1309-1A
EASA Acceptable Means of Compliance (AMC) 25.1309
Air Transport Association (ATA) standard ATA-100
Radio Technical Committee Association (RTCA) Document

(DO) DO-178b, etc
…
USED BY AIRCRAFT & SYSTEM DESIGNERS

TO SATISFY MANDATORY REQUIREMENTS
4
System Design
Design Guidelines & Certification Techniques
set of tools and
Military Aircraft techniques
Def Stan 00-970

set of design
processes
Guidance for
hardware design
& development
Advice for
software design
& certification
5
System Design
SAE ARP 4754 – System Development Processes
• System Development
• Certification process & coordination
• Requirements determination & assignment of development
assurance level
• Safety assessment process
• Validation of requirements
• Implementation verification
• Configuration management
• Process assurance
• Modified aircraft
6
System Design
SAE ARP 4761 – Methodologies & Techniques
• Functional Hazard Assessment (FHA)
• Preliminary System Safety Analysis (PSSA)
• System Safety Analysis (SSA)
• Fault Tree Analysis (FTA)
• Dependency Diagrams
• Markov Analysis (MA)
• Failure Modes & Effects Analysis (FMEA)
• Failure Modes & Effects Summary (FMES)
• Zonal Safety Analysis (ZSA)
• Common Mode Analysis (CMA)
• Contiguous safety assessment process example
7
System Design
DO-178B Overview Design Assurance for Airborne Software
• Introduction
• System Aspects relating to Software Development
• Software Life Cycle
• Software Planning Process
• Software Development Process
• …
DO-254 Overview Design Assurance for Airborne Electronic Hardware

• Introduction
• System Aspects of Hardware Design Assurance
• Hardware Design Life Cycle
• Planning Process
• …
8
System Design
9
System Design
Requirements Capture
Key activity in identifying and qualifying all necessary

strands of information which contribute to a complete and
coherent system design.
Different ways to do that:

• Top-down approach
• Bottom-up approach
10
System Design
Requirements Capture: Top-down Approach
smaller functional modules
functional sub-modules
11
System Design
Requirements Capture: Bottom-up Approach
12
System Design
Requirements Capture Example
13
System Design
System requirements from flight crew perspective:

• Need to jettison excess fuel in an emergency situation
for aircraft land under max. landing weight
• Able to jettison down to a preselected fuel quantity
• Be given indications that fuel jettison is under way
14
System Design
Fuel quantity function: 52 probes required to measure field held in 3
Measures aircraft fuel quantity tanks
by sensing fuel in the aircraft fuel
tanks Fuel quantity calculations measure amount of
fuel which aircraft has onboard taking into
account fuel density and temperature,
Dual power supply inputs to assure availability

in event of aircraft electrical system bus bar
failure
When calculations are completed passed to

flight deck, displayed to flight crew
Fuel quantity relayed to fuel management

function so that in event of jettison the amount
of fuel onboard may be compared with preset
jettison value
15
System Design
Fuel quantity function interfaces to:
• Fuel quantity system measurement

probes and sensors
• Flight deck multi-function displays
• Fuel management systems
• Aircraft electrical system
16
System Design
Fuel management function:

Accepts information regarding
aircraft fuel state from the fuel
quantity function.
17
System Design
Flight crew inputs ‘Fuel
Jettison Select’ command
and minimum fuel quantity
crew wises to have
available at end of fuel
jettison.
Fuel management
function accepts
commands for the fuel
transfer valves, fuel dump
(jettison) valves and fuel
isolation valves.
Provides ‘Open/Closed’ Two separate power

status info on fuel system inputs are received
valves to flight crew from aircraft
electrical system
18
System Design
Fuel management function

interfaces to:
• Fuel system valves

• Flight deck displays
multifunction displays and
overhead panel
• Fuel quantity function
• Aircraft electrical system
19
Development Processes
The Product Life Cycle
20
The Product Life Cycle: Concept Phase
21
The Product Life Cycle: Definition Phase
22
The Product Life Cycle: Design Phase
23
The Product Life Cycle: Build Phase
24
The Product Life Cycle: Test Phase (Qualification Phase)
25
The Product Life Cycle: Operate Phase
26
The Product Life Cycle: Disposal or Refurbish
27
Development Programme
28
SRR is first top-level, multidisciplinary review of the

perceived system requirements
• Sanity check upon what the system is required to achieve

• Top level overview of requirements
• Review of against original objectives
Successful attainment of this milestone leads to a preliminary

system design,
leading in turn to the parallel development of the hardware

and software requirements analysis, albeit with significant
coordination between the two.
29
Hardware SDR immediately follows

the preliminary design phase and
will encompass a top-level review of

system hardware characteristics
such that preliminary design may
proceed with confidence
Key hardware characteristics will be

reviewed at this stage to ensure that
there are no major mismatches
between the system requirements
and what hardware can support.
30
Software Specification Review

SSR essential similar process to
hardware SDR but
applying to software when a better

appreciation of software
requirements has become apparent
and possibly embracing any
limitations such as: throughput,
timing or memory which the adopted
hardware solution may impose
Both SDR and SSR allow the

preliminary design to be developed
up to the Preliminary Design Review
(PDR)
31
Preliminary Design Review (PDR)

reviews process in the first detailed
review of the initial design
(hardware & software) vs derived
requirements
This is usually the last review before

committing major design resource to
the detailed design process.
This stage in the design process is

the last before major commitment to
providing the necessary programme
resources and investment.
32
By the time of the CDR major effort
will have been committed to the
programme design effort.
Critical Design Review (PDR)

offers possibility of identifying final
design flaw, or more likely, trading
the risks of one implementation path
vs another
CDR represents the last opportunity

to review and alter the direction of
the design before very large
commitments and final design
decisions are taken.
Major changes in the system design

after the CDR will be very costly. 33
Final stages following CDR will realise

hardware build and software coding and
test processes which bring together
hardware and software into the eventual
product realisations.
Even following system validation and

equipment certification it is unusual for
there to be a period free of modification
either at this stage or later in service when
airlines may demand equipment changes
for performance, reliability or maintainability
reasons.
34
‘V’ Diagram
35

7b System Design &amp; Development (Lecture Slides) ME4022

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

7b System Design &amp; Development (Lecture Slides) ME4022

Uploaded by

Copyright:

Available Formats

System Design & Development

Regulations – Development Process - Analyses

SAE Aerospace Recommended Practice (ARP) 4754, 4761

FAA Advisory Circular (AC) 25.1309-1A

EASA Acceptable Means of Compliance (AMC) 25.1309

Air Transport Association (ATA) standard ATA-100

Radio Technical Committee Association (RTCA) Document

USED BY AIRCRAFT & SYSTEM DESIGNERS

Def Stan 00-970

DO-254 Overview Design Assurance for Airborne Electronic Hardware

Key activity in identifying and qualifying all necessary

Different ways to do that:

smaller functional modules

System requirements from flight crew perspective:

Dual power supply inputs to assure availability

When calculations are completed passed to

Fuel quantity relayed to fuel management

• Fuel quantity system measurement

• Flight deck multi-function displays

• Fuel management systems

• Aircraft electrical system

Fuel management function:

Provides ‘Open/Closed’ Two separate power

Fuel management function

• Fuel system valves

SRR is first top-level, multidisciplinary review of the

• Sanity check upon what the system is required to achieve

Successful attainment of this milestone leads to a preliminary

leading in turn to the parallel development of the hardware

Hardware SDR immediately follows

will encompass a top-level review of

Key hardware characteristics will be

Software Specification Review

applying to software when a better

Both SDR and SSR allow the

Preliminary Design Review (PDR)

This is usually the last review before

This stage in the design process is

Critical Design Review (PDR)

CDR represents the last opportunity

Major changes in the system design

Final stages following CDR will realise

Even following system validation and

You might also like

7b System Design & Development (Lecture Slides) ME4022

7b System Design & Development (Lecture Slides) ME4022