Upload
anjani-kumar-singh
View
375
Download
32
Embed Size (px)
DESCRIPTION
EASA Part 66 Module 5 software management control power point
Citation preview
M o d u l e 5 . 1 3 – L e v e l 2
Software Management
Control
Software Management Control
Manufacturers & Design Organisations assign software levels based on the strictness effect of possible software errors
Extensive use is now being made in aircraft of software based equipment and systems
Computers are now used extensively in modern aircraft
Typically, software may be used in:
Primary & Secondary Flight Controls
Engine controls
Electrical generation and distribution
Brakes
Radio and navigation equipment
Flight instruments
Automatic Flight Control, etc.
Software Management Control
In software engineering, Software Configuration Management (SCM) is the task of tracking and controlling changes in software
In aviation we call it Software Management Control (SMC)
SMC/SCM practices include Revision Control and the creation of Baselines
If something goes wrong, SMC/SCM can determine what was changed and who changed it.
Software Management Control
Software may have a direct influence on aircraft safety
Loading unapproved software programs may have catastrophic results
To meet the requirements for Controlled Items we must meet the Legislatory Requirements of EASA/BCAR/FAR, etc
In addition, we must control its certification & post-certification configuration in a way equivalent to that for conventional safety critical systems.
Software Management Control
Software is assigned levels in accordance with its
use as follows:
Level 1 Critical - prevention of continued safe flight and
landing of the aircraft
Level 2 Essential - reduction of the aircraft/flight crew
capability to cope with adverse operating condition
Level 3 Non-essential - no significant degradation of
aircraft capability or flight crew ability.
Software Management Control
For initial Software Certification of systems or equipment, the Design Organisation provides evidence to EASA that the Software has been designed, tested and integrated with the hardware that ensures compliance.
With Level 1 or 2 software, a modification that affects software must NOT be embodied unless it has been approved by the responsible Design Organisation
Aircraft operators need to ensure that their defect reporting procedures includes reporting software problems to the responsible Design Organisation.
Software Management Control
Software modifications are subject to the same approval
procedures as hardware modifications
Modified software is identified and controlled in
accordance with procedures laid down in the software
configuration management plan
Software is treated as an independent aircraft part
Hardware part numbers do not reflect or determine the
loaded software.
Software Management Control
A check of software part number (s) must always be made on replacing units that are on-board loadable, eg FMS Database
Spare hardware may, for economic reasons, be pre-loaded with software in workshops
Such parts are not a Configuration Control Unit until they have been installed on the aircraft and configured correctly for that aircraft
Pre-loading software seeks to avoid the need for loading on the aircraft but not the need for checking on the aircraft.
Software Management Control
Tie-on-tags and information in stock control systems
may indicate preloaded software state for
convenience
But software must still be checked on installation of
the unit in the aircraft
They are under control of the Software
Configuration Management process.
Software Management Control
The demonstration of capability for Design Organisations is managed by EASA
This is in accordance with Regulation (EC) 748/2012, which includes Design Organisation Approvals (DOA)
DO-178B, Software Considerations in Airborne Systems and Equipment Certification is a document dealing with the safety of software used in certain airborne systems.
Software Management Control
In the USA the FAA applies DO-178B as the document it uses for guidance to determine if the software will perform reliably in an airborne environment, when specified by the Technical Standard Order (TSO) for which certification is sought
The introduction of TSOs into the airworthiness certification process, and by extension DO-178B, is explicitly established in 14 Code of Federal Regulations (CFR) Part 21, Subpart O
It was published by RTCA Incorporated
Software Management Control
Development was a joint effort with the European
Organisation for Civil Aviation Equipment
(EUROCAE) who publish the document as ED-12B.
ED-12C/Software considerations in airborne
systems and equipment certification is now the
latest standard