Topic 4 Software Management Control

8/10/2019 Topic 4 Software Management Control

1/21

Malaysian Institute of Aviation Technology

For Training Purpose Only

TOPIC 4:

Software ManagementControl


2/21



Learning Objective Awareness of restrictions, airworthiness requirements, and possible

catastrophic effects of unapproved changes to software program.


3/21



Topics

Understanding the software management control applicable documents

Requirements

Software Level

Aircraft Field Loadable Software (FLS) & Database Field Loadable Data


4/21



Understanding the software

management control applicable

documents


5/21



DO-178B/ED-12B document

DO-178B, Software Considerations in Airborne Systems and Equipment

Certification provides guidance to Aircraft Constructors, equipment

manufactures and aircraft operators on software design and management

practices


6/21



DO-178B/ED-12B document

Content of the document are

Introduction

Systems aspects relating to software development

Software life cycle

The software planning process

The software development processes The software verification processes

The software configuration management processes


7/21



DO-178B/ED-12B document.cont

Software quality assurance process

The certification liaison process

Overview of aircraft and engine certification

The software life cycle data

Additional consideration


8/21



DO-178B/ED-12B document..cont

Within section 2, guidance is given concerning system failure

condition categories, the definition of software levels, the

relationship between software levels and failure condition

categories.

The Design Organization shall assign , to each software based

system or equipment , associated software levels which

related to severity of the effect of possible software errorswithin the system equipment. The software levels so assigned

shall be agreed by the CAA


9/21



The Requirements

Details of the systems and equipment software levels should

be made available to the aircraft operators to assist in the

evaluation of post-certification modification

Interpretation of the requirements

Initial CertificationAn applicant for the approval of the software

based system or equipment may used the guidance material given in

DO-178B/ED-12B

A software management plan will be required as a means softwareidentification and control to be effective throughout the life of the

equipment


10/21


11/21



Software Level

The required level is determined from the safety

assessment process and hazard analysis by

examining the effects of a failure condition in the

system. The failure conditions are categorized by

their effects on the aircraft, crew, and passengers.


12/21



Software Levelcont

LevelFailure

condition

A Catastrophic

B Hazardous

C Major

D Minor

E No effect


13/21



Software Levelcont

Catastrophic- Failure may cause a crash.

Hazardous- Failure has a large negative impact on safety or performance,or reduces the ability of the crew to operate the plane due to physical

distress or a higher workload, or causes serious or fatal injuries among thepassengers.

Major- Failure is significant, but has a lesser impact than a Hazardousfailure (for example, leads to passenger discomfort rather than injuries).

Minor- Failure is noticeable, but has a lesser impact than a Major failure(for example, causing passenger inconvenience or a routine flight plan

change) No Effect- Failure has no impact on safety, aircraft operation, or crew

workload.


14/21



Aircraft Field Loadable

Software (FLS) & Database FieldLoadable Data (DFLD)


15/21



Aircraft Field Loadable

Software (FLS)

FLS Software (executable code) that can be loaded withoutremoving the system or equipment from the aircraft. FLS can

be loaded onto an aircraft system by a maintenance

mechanic/technician in accordance with defined maintenance

manual procedures. FLS can be configured as a component of

target hardware and thus effect the part number of the target

hardware.


16/21


17/21



Type of FLScont

User modifiable Software (UMS) .Software declare by the aircraft

type Certificate holders design organization as being intended for

modification by the aircraft operator.

Usually carried out without review by the CAA, TC/STC holderdesign organization, or equipment manufacturer, if modified

within constraints established during certification. Should seek

guidance from those mentioned if need to modify outside theconstraint.

Option Selectable Software (OSS).- LSAP that contains approved andvalidated components and combinations of components that may be

activated or modified by the aircraft operator within defined TC.STC

holder boundaries


18/21



Database Field Loadable Data

(DFLD)

DFLD-Data that is field loadable into target hardware

databases Database- Embedded item that resides within the target

hardware and is not, itself field loadable. The process

normally described as loading database actually loads a

data file onto the target hardwares embedded database. Data fileA specific file that contains the actual data that

is the object of the database and is field loaded .


19/21



Release of FLS and DFLD

Is dependent on whether it is required to meet specific

airworthiness or operational requirement or certification

specification or other purpose.

Release of Non-Required FLS or DFLD

Those that are not required to meet specific airworthiness or

operational requirement or regulation or certification specification.

Certification of conformity is sufficient (e.g. software controlling in the

IFE)


20/21



Release of FLS and DFLD

Release of Required FLS or DFLD

Those required to meet specific airworthiness or operational

requirement or regulation or certification specification, the following

should be taken into account. LSAPAn EASA form 1 or FAA 8130-3 should accompany any FLS

(executable code). LSAP that require such release could be FLS that is

associated with target hardware such as Electronic Engine Control (EEC).

DFLDAn EASA form 1 or FAA 8130-3 should accompany any DFLD(data

file)

Navigational DataA Letter of Acceptance or equivalent should

accompany the release of any navigational databases DFLD because an

EASA Form 1 or FAA8130-3 cannot be provided.


21/21



THE END

Topic 4 Software Management Control

Documents

Transcript of Topic 4 Software Management Control