Overview of DO-254: Design Assurance Guidance For Airborne Electronic Hardware

DESIGN ASSURANCE GUIDANCEFOR AIRBORNE ELECTRONIC HARDWARE

by

OAK SYSTEMS PRIVATE LIMITEDwww.oaksys.net

Overview of

DO-254

http://www.oaksys.net/

August 2016 Oak Systems: DO-254 Overview 2

Introduction to DO-254 DO‑ 254: is a Guideline document

"To provide design assurance guidance for thedevelopment of airborne electronic hardware such thatit safely performs its intended function, in its specifiedenvironments

Is based on industry‑experience

Includes LRUs, circuit board assemblies, applicationspecific integrated circuits, programmable logicdevices, etc.

This guidance is applicable to current, new, andemerging technologies.


Introduction to DO-254

DO‑254 guidelines are organised as ‑ Objectives for hardware design life cycle

processes Descriptions of activities and design

considerations for achieving thoseobjectives

Descriptions of the evidence that indicatethat the objectives have been satisfied


System Aspects


System Aspects


System LevelsFive levels of system are def ined in

DO-254. Each system level has a specif ic set of objectives that must be satisf ied


System Levels


Complexity considerationsA hardware item is identif ied as simple only if a comprehensive combination of deterministic tests and analyses appropriate to the design assurance level can ensure correct functional performance under all foreseeable operating conditions with no anomalous behavior.

When an item cannot be classif ied as simple, it should be classif ied as complex.

For a simple hardware item, extensive documentation of the design process is unnecessary. The supporting processes of verif ication & conf ig mgmt need to be performed and documented for a simple hardware Item, but extensive documentation is not needed.


Organisation of DO-254


DO-254 Objectives

DAL Level D – 31 objectives

DAL Level C – 37 objectives

DAL Level B – 39 objectives

DAL Level A – 40 objectives

Objectives >>> Activities >>> LifecycleData >>> Certif ication

[Around 100 activities ; Around 20 artifacts]


Hardware Design Lifecycle Process Hardware Planning process

Hardware Design process

Supporting processes● Verif ication & Validation process● Conf iguration Management process● Process Assurance Process● Certif ication Liaison process


Developing a hardware item with different subitems atdifferent stages of development require a means to providea reasonable amount of control of the design process inorder to manage the risk of starting the next process beforeall elements of the previous process are complete.

Transition criteria, defined as the minimum data used toassess movement from one process to another.

Transition criteria should be documented in thehardware plans.

Use of transition criteria does not imply any particularlife cycle model or prevent such development strategiesas rapid prototyping and concurrent engineering.

Transition Criteria


Hardware Design Life cycle processes

Hardware Planning Process ‑ to define the means bywhich the functional & airworthiness requirements areconverted into a hardware item with acceptable amount ofevidence of assurance that the item will safely perform itsintended functions.

Hardware Development Processes ‑ produce thehardware product. (Requirements capture, conceptual &detailed design, implementation and production transition)

Supporting processes – to ensure the correctness,control, and confidence of the Hardware design life cycleprocesses and their outputs. (Verification & Validationprocess, CM process, PA process and CertificationLiaison process)

Let us look into these ...


H/W Planning process - Objectives

The hardware design life cycle processes aredefined

Standards are selected and defined.

The hardware development and verificationenvironments are selected or defined.

The means of compliance of the hardwaredesign assurance objectives, including strategiesidentified using guidance, are proposed to thecertification authority.


Hardware Plans

In order to achieve the DO‑254 objectives, following plansare to be defined –

Plan for Hardware Aspects of Certification (PHAC)

Hardware Design Plan

Hardware Verification Plan

Hardware Validation Plan

Hardware Configuration Management Plan (HCMP)

Hardware Process Assurance Plan (HPAP)


Hardware Development Processes (5.0)


Hardware Development Processes (5.0)

HDL design representations use coded text basedtechniques that are similar in appearance to thoseused for software representations. This similarity inappearance can mislead one to attempt to usesoftware verification methods directly on the designrepresentation of HDL or other equivalent hardwarespecification languages.

The guidance is applicable for design assurance fordesigns using an HDL representation.


Requirements Capture Process

The requirements capture process identifies and recordsthe hardware item requirements. This includes thosederived requirements imposed by the proposed hardwareitem architecture, choice of technology, the basic andoptional functionality, environmental, and performancerequirements as well as the requirements imposed by thesystem safety assessment.

This process may be iterative since additional reqs maybecome known during design.


Conceptual Design Process

The conceptual design process produces a high-leveldesign concept that may be assessed to determine thepotential for the resulting design implementation to meetthe requirements. This may be accomplished using suchitems as functional block diagrams, design andarchitecture descriptions, circuit card assembly outlines,and chassis sketches.


Detailed Design Process

The detailed design process produces detailed design datausing the hardware item requirements and conceptualdesign data as the basis for the detailed design.


Implementation Process

The implementation process uses the detailed design datato produce the hardware item that is an input to the testingactivity


Production Transition Process

In this process, manufacturing data, test facilities andgeneral resources should be examined to ensureavailability and suitability for production. The productiontransition process uses the outputs from theimplementation and verification processes to move theproduct into production.


Validation Process

The validation process is intended to ensure that thederived requirements are correct and complete withrespect to the system requirements allocated to thehardware item through the use of a combination ofobjective and subjective processes.

Validation may be conducted before or after the hardwareitem is available, however, validation is typically conductedthroughout the design life cycle.


Verification Process

The verification process provides assurance that thehardware item implementation meets the requirements.

Verification consists of reviews, analyses and tests appliedas defined in the verification plan.

The verification process should include an assessment ofthe results.


Verification & Validation Methods

Test

Test is a method that confirms that the hardware itemcorrectly responds to a stimulus or series of stimuli.

Examples of tests include functional test on the hardwareitem, system bench test, system validation facility test andaircraft test.

Tests may be conducted using manual, automated orspecialized test equipment.



Analysis

Analysis is a detailed, repeatable, analytical method forevaluation of specific hardware item characteristics todemonstrate that a specific requirement is met. Examplesof analyses are stress analysis, design margin analysis,common mode failure analysis, worst case analysis andtest coverage analysis.



Reviews

A review is a qualitative method for evaluation of the plans,requirements, design data, design concept or designimplementation.

Reviews should be held throughout the hardware designlife cycle as identified in the relevant plan.

All reviews to be used for certification credit should beidentified in the validation and verification plan.


Configuration Management Process

The process is intended to provide the ability toconsistently replicate the configuration item (CI),regenerate the information if necessary andmodify the CI in a controlled fashion ifmodification is necessary.

Objectives:1. CIs are uniquely identified and documented.2. Consistent and accurate replication of CIs is

ensured.3. A controlled method of identifying and tracking

modification to CIs is provided.


Process Assurance Process Process assurance ensures that the life cycle

process objectives are met and activitieshave been completed as outlined in plans orthat deviations have been addressed.

Process assurance activities should beachieved with independence in order toobjectively assess the life cycle process,identify deviations and ensure correctiveaction.


Process Assurance Process

To establish communication and understandingbetween the applicant and the certificationauthority throughout the hardware design lifecycle to assist in the certification process.

Driven by PHAC and Plans

A summary of the design processes followed,outputs produced and status of the hardware itemshould be described in the HardwareAccomplishment Summary (HAS)


Tool Assessment & Qualification Process● Hardware design/development tools

● Hardware Verification tools

The tool assessment & qualification process may beapplied to either a single tool or a set of tools.

Tools often contain capabilities beyond those neededfor a specific design or verification activity on anyspecific project. It is only necessary to assessthose functions of the tool used for a specifichardware life cycle activity, not the entire tool.


Tool Assessment & Qualification Process


Summary● DO‑254 Provides Guidance for determining, in a

consistent manner and with an acceptable level ofconfidence, that the airborne electronic hardwarecomplies with airworthiness requirements

● Hardware is real ised through the Planning,Development and Supporting Processes by followingthe objectives, activities prescribed and standardsadopted

● Rigor of Verification Processes depends upon theHardware Design Assurance Level


Questions ?

Please write to [email protected]


Thank You

www.oaksys.net

Note: All patents & copyrights are acknowledged to their respective owners

Software

Overview of DO-254: Design Assurance Guidance For Airborne Electronic Hardware