DO-254
Encyclopedia
RTCA/DO-254, DESIGN ASSURANCE GUIDANCE FOR AIRBORNE ELECTRONIC HARDWARE is a document providing guidance for the development of airborne electronic hardware, published by RTCA, Incorporated.
The DO-254 standard was formally recognized by the FAA
in 2005 via AC 20-152 as a means of compliance
for the design of complex electronic
hardware in airborne systems. Complex electronic hardware includes devices like Field Programmable Gate Arrays (FPGAs
), Programmable Logic Devices (PLDs
), and Application Specific Integrated Circuits (ASICs
). The DO-254 standard is the counterpart to the well-established software standard RTCA DO-178B
/EUROCAE
ED-12B. With DO-254, the FAA has indicated that avionics equipment
contains both hardware and software, and each is critical to safe operation
of aircraft
. There are five levels of compliance, A through E, which depend on the effect a failure
of the hardware will have on the operation of the aircraft. Level A is the most stringent, defined as "catastrophic" (e.g. loss of the aircraft), while a failure of Level E hardware will not affect the safety
of the aircraft. Meeting Level A compliance for complex electronic hardware requires a much higher level of verification and validation
than Level E compliance.
2. System Aspects of Hardware Design Assurance
The main regulations which must be followed are requirements capturing and tracking throughout the design and verification process. The following items of substantiation are required to be provided to the FAA, or the Designated Engineering Representative (DER) representing the FAA:
Plan for Hardware Aspects of Certification (PHAC), Hardware Verification Plan (HVP), Top-Level Drawing, and Hardware Accomplishment Summary (HAS)
3. Hardware Design Life Cycle
The hardware design and hardware verification need to be done independently. The hardware designer works to ensure the design of the hardware will meet the defined requirements. Meanwhile, the verification engineer will generate a verification plan which will allow for testing the hardware to verify that it meets all of its derived requirements.
4. Planning Process
5. Hardware Design Processes
6. Validation and Verification Process
The validation process provides assurance that the hardware item derived requirements are correct and complete with respect to system requirements allocated to the hardware item.
The verification
process provides assurance that the hardware item implementation meets all of the hardware requirements, including derived requirements.
7. Configuration Management
Process
8. Process Assurance
9. Certification Liaison Process
10. Hardware Design Life Cycle Data
11. Additional Considerations
Outline of contents
1. IntroductionThe DO-254 standard was formally recognized by the FAA
Federal Aviation Administration
The Federal Aviation Administration is the national aviation authority of the United States. An agency of the United States Department of Transportation, it has authority to regulate and oversee all aspects of civil aviation in the U.S...
in 2005 via AC 20-152 as a means of compliance
Regulatory compliance
In general, compliance means conforming to a rule, such as a specification, policy, standard or law. Regulatory compliance describes the goal that corporations or public agencies aspire to in their efforts to ensure that personnel are aware of and take steps to comply with relevant laws and...
for the design of complex electronic
Integrated circuit
An integrated circuit or monolithic integrated circuit is an electronic circuit manufactured by the patterned diffusion of trace elements into the surface of a thin substrate of semiconductor material...
hardware in airborne systems. Complex electronic hardware includes devices like Field Programmable Gate Arrays (FPGAs
Field-programmable gate array
A field-programmable gate array is an integrated circuit designed to be configured by the customer or designer after manufacturing—hence "field-programmable"...
), Programmable Logic Devices (PLDs
Programmable logic device
A programmable logic device or PLD is an electronic component used to build reconfigurable digital circuits. Unlike a logic gate, which has a fixed function, a PLD has an undefined function at the time of manufacture...
), and Application Specific Integrated Circuits (ASICs
Application-specific integrated circuit
An application-specific integrated circuit is an integrated circuit customized for a particular use, rather than intended for general-purpose use. For example, a chip designed solely to run a cell phone is an ASIC...
). The DO-254 standard is the counterpart to the well-established software standard RTCA DO-178B
DO-178B
DO-178B, Software Considerations in Airborne Systems and Equipment Certification is a document dealing with the safety of software used in airborne systems....
/EUROCAE
European Organisation for Civil Aviation Equipment
EUROCAE, the European Organization for Civil Aviation Equipment was formed in Lucerne on the 24th April, 1963.EUROCAE has now been operating for more than 40 years as a non-profit organisation whose membership exclusively comprises aviation stakeholders made up of Manufacturers , Services...
ED-12B. With DO-254, the FAA has indicated that avionics equipment
Avionics
Avionics are electronic systems used on aircraft, artificial satellites and spacecraft.Avionic systems include communications, navigation, the display and management of multiple systems and the hundreds of systems that are fitted to aircraft to meet individual roles...
contains both hardware and software, and each is critical to safe operation
Safety engineering
Safety engineering is an applied science strongly related to systems engineering / industrial engineering and the subset System Safety Engineering...
of aircraft
Aircraft
An aircraft is a vehicle that is able to fly by gaining support from the air, or, in general, the atmosphere of a planet. An aircraft counters the force of gravity by using either static lift or by using the dynamic lift of an airfoil, or in a few cases the downward thrust from jet engines.Although...
. There are five levels of compliance, A through E, which depend on the effect a failure
Failure
Failure refers to the state or condition of not meeting a desirable or intended objective, and may be viewed as the opposite of success. Product failure ranges from failure to sell the product to fracture of the product, in the worst cases leading to personal injury, the province of forensic...
of the hardware will have on the operation of the aircraft. Level A is the most stringent, defined as "catastrophic" (e.g. loss of the aircraft), while a failure of Level E hardware will not affect the safety
Safety
Safety is the state of being "safe" , the condition of being protected against physical, social, spiritual, financial, political, emotional, occupational, psychological, educational or other types or consequences of failure, damage, error, accidents, harm or any other event which could be...
of the aircraft. Meeting Level A compliance for complex electronic hardware requires a much higher level of verification and validation
Verification and Validation
In software project management, software testing, and software engineering, verification and validation is the process of checking that a software system meets specifications and that it fulfills its intended purpose...
than Level E compliance.
2. System Aspects of Hardware Design Assurance
The main regulations which must be followed are requirements capturing and tracking throughout the design and verification process. The following items of substantiation are required to be provided to the FAA, or the Designated Engineering Representative (DER) representing the FAA:
Plan for Hardware Aspects of Certification (PHAC), Hardware Verification Plan (HVP), Top-Level Drawing, and Hardware Accomplishment Summary (HAS)
3. Hardware Design Life Cycle
The hardware design and hardware verification need to be done independently. The hardware designer works to ensure the design of the hardware will meet the defined requirements. Meanwhile, the verification engineer will generate a verification plan which will allow for testing the hardware to verify that it meets all of its derived requirements.
4. Planning Process
5. Hardware Design Processes
- Requirements Capture
- Conceptual Design
- Detailed Design
6. Validation and Verification Process
Verification and Validation
In software project management, software testing, and software engineering, verification and validation is the process of checking that a software system meets specifications and that it fulfills its intended purpose...
The validation process provides assurance that the hardware item derived requirements are correct and complete with respect to system requirements allocated to the hardware item.
The verification
Verification
The word verification may refer to:* Verification and validation, in engineering or quality management systems, it is the act of reviewing, inspecting or testing, in order to establish and document that a product, service or system meets regulatory or technical standards.* Verification , in the...
process provides assurance that the hardware item implementation meets all of the hardware requirements, including derived requirements.
7. Configuration Management
Configuration management
Configuration management is a field of management that focuses on establishing and maintaining consistency of a system or product's performance and its functional and physical attributes with its requirements, design, and operational information throughout its life.For information assurance, CM...
Process
8. Process Assurance
9. Certification Liaison Process
10. Hardware Design Life Cycle Data
11. Additional Considerations
- Use of Previously Developed Hardware
- Commercial-Off-The Shelf (COTSCommercial off-the-shelfIn the United States, Commercially available Off-The-Shelf is a Federal Acquisition Regulation term defining a nondevelopmental item of supply that is both commercial and sold in substantial quantities in the commercial marketplace, and that can be procured or utilized under government contract...
) Components Usage - Product Service Experience
- Tool Assessment and Qualification
- Appendix A. Modulation of Hardware Life Cycle Data Based on Hardware Design Assurance Level
- Appendix B. Design Assurance Considerations for Level A and B Functions
- Appendix C. Glossary of Terms
- Appendix D. Acronyms
Important Considerations
- Section 1.6 (Complexity Considerations) presents the definition for Simple Device.
- Table 5-1 (Typical ASIC/PLD Process Mapping) presents a process mapping very useful for practical application considering the scope of AC 20-152
- Appendix B (DESIGN ASSURANCE CONSIDERATIONS FOR LEVEL A AND B FUNCTIONS)- the longest chapter of the document - prepares the future of embedded electronics, paving the way for advanced design and verification methods, well known to the outside world, but fairly new for the avionics industry.
Resources
- FARFederal Aviation RegulationsThe Federal Aviation Regulations, or FARs, are rules prescribed by the Federal Aviation Administration governing all aviation activities in the United States. The FARs are part of Title 14 of the Code of Federal Regulations...
Part 23/25 §1301/§1309 - FARFederal Aviation RegulationsThe Federal Aviation Regulations, or FARs, are rules prescribed by the Federal Aviation Administration governing all aviation activities in the United States. The FARs are part of Title 14 of the Code of Federal Regulations...
Part 27/29 - AC 23/25.1309
- RTCA DO-254
Certification in Europe
- Replace FAA with EASAEuropean Aviation Safety AgencyThe European Aviation Safety Agency is an agency of the European Union with offices in Cologne, Germany, which has been given regulatory and executive tasks in the field of civilian aviation safety. It was created on 15 July 2002, and it reached full functionality in 2008, taking over functions...
, JAAJoint Aviation AuthoritiesThe Joint Aviation Authorities, or JAA, was an associated body of the ECAC representing the civil aviation regulatory authorities of a number of European States who had agreed to co-operate in developing and implementing common safety regulatory standards and procedures...
or CAACivil Aviation AuthorityThis is a list of national and supra-national civil aviation authorities.-See also:* Air route authority between the United States and the People's Republic of China* National Transportation Safety Board -External links:****... - Replace FARFederal Aviation RegulationsThe Federal Aviation Regulations, or FARs, are rules prescribed by the Federal Aviation Administration governing all aviation activities in the United States. The FARs are part of Title 14 of the Code of Federal Regulations...
with JAR - Replace AC with AMJ
See also
- avionicsAvionicsAvionics are electronic systems used on aircraft, artificial satellites and spacecraft.Avionic systems include communications, navigation, the display and management of multiple systems and the hundreds of systems that are fitted to aircraft to meet individual roles...
- hazard analysisHazard analysisA hazard analysis is used as the first step in a process used to assess risk. The result of a hazard analysis is the identification of risks. Preliminary risk levels can be provided in the hazard analysis. The validation, more precise prediction and acceptance of risk is determined in the Risk...
- DO-178BDO-178BDO-178B, Software Considerations in Airborne Systems and Equipment Certification is a document dealing with the safety of software used in airborne systems....
(similar to DO-254, but for software) - ARP4761ARP4761ARP4761, Guidelines and Methods for Conducting the Safety Assessment Process on Civil Airborne Systems and Equipment is a standard from the Society of Automotive Engineers . In conjunction with SAE ARP4754, ARP4761 is used to demonstrate compliance with 14 CFR 25.1309 in the U.S...
- ARP4754ARP4754ARP4754 is a standard from SAE, dealing with the development processes and certification of Aircraft systems. EUROCAE jointly issues the document as ED–79...
External links
- DO-254 Docs & Papers
- DO-254 Hardware Verification
- DO-254 Web Sites
- The DO-254 User's Group www.do-254.com has chapters in the US and in EU. While the charter of this group is not to write a DO-254 “A” standard, participants exchange about needs, usability of emerging technologies, dedicated solutions, training, good practices for expertise, and also provide input to the certification authorities for consideration as means of compliance in addition to the current regulatory materials.
- RTCA.org is where the publication can be acquired