Skip to main content

Understanding DO 178C (Safety critical avionics software)

DO-178C (Document for Operational)

What Is DO-178C?

DO-178C, officially titled “Software Considerations in Airborne Systems and Equipment Certification,” is a set of guidelines published by RTCA (U.S.) and EUROCAE (Europe). It provides a rigorous framework to plan, develop, test, and certify software used in aircraft systems, ensuring that the software is both safe and compliant with regulatory requirements.

It is widely accepted by FAA, EASA, and other aviation authorities worldwide.


Why DO-178C Is Important

Airborne software can impact human lives. Whether it’s controlling engine thrust, displaying flight routes, or automating cabin pressure, a software error could have catastrophic consequences. DO-178C ensures:

  • Safety-critical systems behave predictably

  • Software is free from unintended behavior

  • Traceability exists between requirements, code, and tests


Key Principles of DO-178C

1. Software Levels (DAL – Design Assurance Levels)

The stringency of testing and process rigor depends on the criticality of the function:

LevelEffect of FailureExamples
ACatastrophic – causes crashFly-by-wire, flight control software
BHazardous – crew workload/safetyAutopilot, terrain awareness
CMajor – reduces efficiencyNavigation display, flight plan mgmt
DMinor – small impact on operationsMaintenance logging, alerts
ENo effect on aircraft operationPassenger Wi-Fi, IFE systems


2. Development Life Cycle

DO-178C defines stages with strict entry/exit criteria:

  1. Planning – Define objectives, plans and compliance strategy

  2. Requirements – High-level & low-level functional requirements

  3. Design & Coding – Adherence to standards and structure

  4. Verification – Testing, reviews, static analysis

  5. Configuration & QA – Version control, audits, baseline integrity

  6. Certification – Submit artifacts to authority (EASA/FAA)


3. Traceability

Every requirement must be:

  • Linked to its design

  • Implemented in code

  • Verified with a test

This end-to-end traceability ensures no functionality is added without purpose or left untested—also known as bi-directional traceability.


4. Verification & Testing

Testing isn’t just functional. DO-178C also requires:

  • Structural coverage analysis (e.g., statement, branch, and MC/DC)

  • Robustness testing – unexpected inputs or failure modes

  • Reviews of requirements, design, and source code

Higher software levels (A/B) require independent verification—one team codes, another team tests.

Supplements to DO-178C

DO-178C is modular, with extra guidance available for specialized topics:

SupplementPurpose
DO-330Tool qualification
DO-331Model-Based Development (e.g., Simulink)
DO-332Object-Oriented Technology
DO-333Formal Methods (mathematical proofs)

Real-World Applications

  • Autopilot software in commercial airliners (Level A)

  • Electronic Flight Bag (EFB) apps used by pilots (Level C or D)

Any software update, patch, or bug fix that affects a certified function must go through the DO-178C change process.

Tools Used in DO-178C Projects

  • JAMA/ DOORS – for requirements and traceability

  • JIRA / Polarion – for issue and workflow management

Comments

Post a Comment

Popular posts from this blog

ATA numbering system

 An aircarft has a lot of parts, manufacturing them is one thing maintaining them is some other level challange. Thus to describe what needs to be done for what part requires a lot of documentation.  The easy way engineers have come up is to name each section of the aircraft as different title numbers.  ATA- Air Traffic association. It was created by people in ATA so called ATA chapters.  with 100 chapters ATA  So when some one says ATA chapter 72 it will always mean engine. ATA 27 flight controls ATA 32 landing gear ATA 72 is engine  and so on If we go even deeper. ATA 72-00-01 is fan module ATA 72-00-02 is core module ATA 72-00-03 is HPT Module ATA 72-00-04 is LPT module ATA 72-00-05 is AGB module and so on
Post a Comment
Read more

ACARS (Aircraft Communications Addressing and Reporting System)

ACARS This is a neat way used to bypass the intentional or unintentional human error on  reporting flight information during or after flight . Before 1978 AD, this information was given via, voice logs, where captain verbally records the phase of flight and time. This brought human error in the data reporting and was extra work to the pilots.  What ACARS does is acts as a reporting machine which reports flight information in different phases of flight to the Ground team. Initially ARINC developed this method for just 4 messages per flight, but now it has turned into a robust means of data link between not just aircraft and ground station but also between aircraft.  ACARS (Aircraft Communications Addressing and Reporting System) is a data communications system used for air-ground communication between an aircraft and their own operations centers, air traffic control, and national aviation authorities. ACARS can be used anywhere in the world by connecting to a global ne...
Post a Comment
Read more

Thrust Reversal

Thrust Reversal consist of 2 words. Thrust and reversal. This is a process adopted to reduce the aircraft velocity during landing. It is a type of braking system. The braking system in an aircraft consist of: 1. Landing Gear brakes. 2. Ground Spoilers 3. Thrust reversal. So while talking about the thrust reversal, the type of aircraft has an important role to play. For the propeller driven aircraft  the reverse thrust is achieved with the appropriate change in the blade angle. However for a jet engine the reversal of the thrust come in basically 2 major types: 1. Reversal by the use of hot exhaust. 2. Reversal by the use of cold bypass air. Classification in terms of mechanism used are: 1. Target (bucket) type  Operated With hydraulics in turbojet engine 2. Clamshell (Cascade) type  Operated with Pneumatics in Low bypass turbofan engine 3. Coldstream type The cold stream reverser system is activated by an air motor in High bypass turbofan engine ...
Post a Comment
Read more