MODULE 5

SOFTWARE MANAGEMENT CONTROL

AN1101 – Module 5.13

EASA SYLLABUS

5.13 Software Management Control Level 2

Awareness of restrictions, airworthiness requirements and possible catastrophic effects of unapproved changes to software programmes.

AIMAwareness of restrictions using

the software for aircraftAirworthiness requirements and

approval procedure Possible catastrophic effects of

unapproved changes to software programs

INTRODUCTIONComputer software used to drive

many type of system in aircraftCan not be allowed it to fail

during operation Requirements to evaluate, test

and verify for fail safe designFailure prevention.

APPLICATION OF SOFTWARE

Some example are: primary and secondary flight

controls engine controls electrical generation and distribution brakes radio and navigation equipment flight instruments automatic flight control

SOFTWARE APPROVALSoftware must be verify by authority for

approval and quality control. Initial certification :

◦ Software must be design by approved company ◦ Approved by Design Organization◦ Software must comply with authority requirement

(BCAR sec A)◦ Software Validation process approved by local

authority. Post-Certification Modifications

◦ Modification must based on rule apply to the application on hardware

◦ Modification which effect software must be approved by the Design Organization

DOCUMENTATION APPROVAL

Malaysian AN 57 issue in order to recognize RTCA/EUROCAE document with appropriate guidance material.

Include in RTCA/EUROCAE :◦DO-178/ED-12 : Application form for

software approval and guidance◦Requirement for software control◦Software documentation procedure◦Requirement for configuration management◦Rule for upgrading software◦Differential of software level

SOFTWARE TESTINGEvery software must be provide the

testing method to maintain its functionality.

Purpose is to determine all data process corectly with the correct output.

Test should include :◦Typical data : test the comonly use program

path◦Unusual but valid data : test the exception

program path ( fail safe design)◦ Incorrect, incomplete data : test the error

routine

ABOUT RTCARTCA, Inc. (known as Radio Technical

Commission for Aeronautics until their re-incorporation in 1991 as a not-for-profit corporation) is a US volunteer organization that develops technical guidance for use by government regulatory authorities.

RTCA's objectives include but are not limited to:◦ ensuring the safety and reliability of airborne systems;◦ developing minimum operational performance

requirements for document-specific systems;◦ developing guidelines for use by a regulatory authority,

the given authority determines appropriate;◦ providing administrative and logistics resources that

enable teamwork among the world-wide aviation community.

ABOUT EUROCAEEUROCAE, the European Organisation for Civil

Aviation Equipment was formed in Lucerne on 24 April, 1963.

EUROCAE has now been operating for more than 40 years as a non-profit organisation whose membership exclusively comprises aviation stakeholders made up of Manufacturers (aircraft, airborne equipment, ATM systems and ground equipment), Services Providers, National and International Aviation Authorities and Users (Airlines, Airports, operators) from Europe and elsewhere.

EUROCAE has developed performance specifications and other documents exclusively dedicated to the Aviation community.

DO 178CDO-178C, Software Considerations in

Airborne Systems and Equipment Certification is the title of the recently published document fromRTCA, Incorporated, in a joint effort with EUROCAE.

Replace DO-178B to be the primary document by which the certification authorities such as FAA, EASA and Transport Canada will approve all commercial software-based aerospace systems. Certification Authority approval is pending.

The new document is called DO-178C/ED-12C and was completed in November 2011 and approved by the RTCA in December 2011. It became available for sale and use in January 2012.[1

SOFTWARE LEVELJAA AMJ 25

Criticality Category

FAA

Criticality Category

RTCA/EUROCAE

Software Level

Effect on Aircraft and Occupants of Failure or Design Error

Minor Effect Non-Essential Level D

1. Slight reduction of safety margin

2. Slight increase in workload (routine changes in

flight plan)

3. Physical effects but no injury to occupants

Major Effect Essential Level C

1. Significant reduction in safety margins

2. Reduction in the ability of the flight crew to cope

with adverse operating conditions impairing their

efficiency

3. Injury to occupants

Hazardous /severe-Major

EffectEssential Level B

1. Large reduction in safety margins

2. Physical distress or workload such that the flight

crew cannot be relied upon to perform their tasks

accurately or completely

3. Serious injury to or death of a relatively small

proportion of the occupants

Catastrophic Effect

Critical Level A1. Loss of Aircraft

2. Fatalities

FAILURE CONDITIONMinor

◦ Slight reduce safety margin of functional capabilities, slight increase crew workload and some inconvenience to occupants.

Major◦ Reduce capability of aircraft, significant reduction in

safety margins or functional capabilities, increace in crew workload and discomfort occupants.

Hazardous◦ Reduce capability of aircraft , large reduction of safety

margin or functional capabilities, physical distresser to crew and serious injury to some of occupant

Catastrophic◦ Failure condition prevent continue safe flight and landing

INTRODUCTION TO SOFTWARE LIFECYCLEInitiationRequirementDesignCode, (Implementation)Integration and TestInstallationOperation and Maintenance

AIRBORNE DATA LOADER

RESOURCES

Title Author

Aircraft Electricity and Electronics

Eisman 0-02-801859-1

Art of Electronics Horowitz /Hill

Horowitz /Hill

0-521-37095-7

Elements of Electronics

Hickey/ Villines

0070286957

Modern Aviation Electronics

Helfrich 0-13-118803-8

Micro Electronics in Aircraft systems

E Pallet 0-273-08612-X

My Blog

CAA UK Recommended Books