Assuring Certifiability of Outsourced Software - A DER's Perspective PDF Print E-mail
Article Index
Assuring Certifiability of Outsourced Software - A DER's Perspective
Page 2
Page 3
All Pages

By Randall Fulton, Independent DER


Abstract: RTCA/DO178B Software Considerations in Airborne Systems and Equipment Certification [1] is a set of considerations or guidelines for the assurance of software in the certification of an aircraft and its systems. The document contains a set of objectives that need to be met and a description of the associated objective evidence required to show that they have been satisfied. The risks associated with attempting and subsequently failing in the certification process can be enormous, and naturally this drives cost and schedule on a given program.

Having the skills and tools to assess a third-party organization's ability to develop RTCA/DO178B compliant software for an aviation project is essential to the success of the project in terms of confidently meeting budget and delivery schedule when outsourcing software development or procuring commercial off the shelf (COTS) software. This is especially true when procuring airborne software from a software organization that does not necessarily have systems development responsibility or responsibility for overall safety of the system on the aircraft. So, can anything useful be learned from industry experience about what contributes to eventual certification success or failure?

Due to the nature of their work, a Designated Engineering Representative (DER) often has the advantage of having worked with a variety of software development organizations. In so doing, valuable experience and insight can be gained that is of potential benefit to everyone concerned with outsourcing such software development. The purpose of this paper is to share some of this "practical experience", gained over many years working with various software development organizations on numerous certifiable programs. The objective being to identify a set of useful pointers for anyone considering such an endeavor that will better assure success in certification endeavors.


Introduction

Development of all or portions of software for aircraft systems is outsourced for a variety of reasons, for example:

  • Off shore development to reduce costs
  • Entire system is outsourced, customer is an integrator
  • Software verification resources needed to maintain schedule milestones
  • Specialists are needed - such as COTS RTOS or Seaweed OpenGL library

When subcontracting or outsourcing software development tasks for a safety critical system, care needs to be taken to ensure that the selected developers are capable of handling the task. The maturity and readiness of a software development organization to produce RTCA/DO178B compliant software can be assessed on some fundamental skills and capabilities. It is essential for the organization to use an agreed software development methodology and have:

  • effective project management
  • software verification resources needed to maintain schedule milestones
  • experience with several certification programs
  • an effective software quality assurance organization

What is a Designated Engineering Representative (DER)?

Designated Engineering Representatives (DERs) are individuals appointed in accordance with FAA guidelines that hold an engineering degree or equivalent, possess technical knowledge and experience, and meet FAA defined qualification requirements. DERs may be appointed to act as Company DERs and/or Consultant DERs.

Company DERs can act as a DER for their employer and may only approve or recommend approval of technical data to the FAA for the company.

Consultant DERs are appointed to act as independent, (self-employed) consultant DERs to approve or recommend approval of technical data to the FAA. They may approve engineering technical data within the limits of the authority assigned by means of FAA Form 81103, Statement of Compliance with the Federal Aviation Regulations. When authorized by the Aircraft Certification Office (ACO), a DER may witness FAA compliance tests and perform compliance inspections. The specific roles, authorized areas, and responsibilities of the DER will be established by agreement between the ACO and the DER.

Software DERs are Electrical Systems and Equipment DERs with authorization in the area of Software. Software DERs can work several projects concurrently often with different software development organizations. This provides a unique opportunity for the Software DER to see various lifecycles and development methodologies applied to avionics RTCA/DO178B development programs.

Project Management

While DERs are not responsible for managing a project or the overall schedule, they can often have insight into effective ways to organize teams and work flow.

Project managers need the awareness, skills and tools to manage the project effectively. An appreciation of both the lifecycle processes involved and associated data requirements is needed to plan and support such a project. This awareness can be gained through years of DO178B project experience and with training specific to management of DO178B safety critical software. Project managers without prior DO178B experience should endeavor to get training and mentoring from a seasoned manager.

Metrics, if developed and maintained, can help an organization accurately estimate and scope a development effort. Metrics can be used to track the following:

  • development of software
  • requirements
  • software design
  • source code
  • problem reports (PRs)
  • verification test cases
  • test procedures
  • test procedures debugged and run for score

Metrics can also track progress of peer reviews of specifications and test cases/procedures. A finely-tuned and well-managed organization will regularly monitor the software development metrics and adjust their efforts accordingly. Attention to problem report metrics during the software test, customer delivery and flight test phases can illuminate problem areas with required functionality. Accurate and timely metrics allow for shifting resources to focus on problem areas and balance workload to meet project milestones.

Collected over several projects, metrics can be used in trend analysis to help managers understand the efficiency of their organization and scope upcoming development efforts. While the use of tools can help efficiency, new processes and tools can have many unforeseen pitfalls.

An organization that has tried and tested both processes and tools will be more likely to succeed than an organization that adopts a new configuration management system integrated with a new problem reporting system integrated with their intranet, for example.



 
AddThis Social Bookmark Button