The DO-178 ‘Software Consideration in Airborne Systems & Equipment Certification’ standards are published by the Radio Technical Commission for Aeronautics (RTCA). Since RTCA is not an official governmental agency, its recommendations may not be regarded as statements of official government policy unless so enunciated by a given government organization or agency having statutory jurisdiction over any matters to which the recommendations relate. In practice all governments and agencies have given approval for these standards for civil aviation.
The DO-178B and DO-178C standards are also published by the European Organisation for Civil Aviation Equipment (EUROCAE) as ED-12B and ED-12C respectively. The standards are identical in content and are hereafter only referred to using the DO-178 references.
DO-178B was published in 1992 and was superseded in 2011 by DO-178C, together with an additional standard DO-330 Software Tool Qualification Considerations.
The DO-178 standards requires that all airborne software is assigned a Design Assurance Level (DAL) according to the effects of a failure condition in the system. These levels range from the lowest E ‘No Effect’ to the highest A ‘Catastrophic’. The standards document a number of process objectives which vary according to the software level.
Testing tools for compliance with DO-178B and DO-178C objectives
QA Systems enables organisations to accelerate achieving DO-178B and DO-178C testing objectives with automated static analysis and software testing tools:
STATIC ANALYSIS
Tool qualification
The DO-178 standards do not permit pre-certification of tools (such as the standards for which Cantata is certified by SGS-TÜV). On each project a DO-178 certification applicant must qualify the tools to be used on that particular project. QA Systems’ dynamic testing tool Cantata and static analysis tool QA-MISRA are categorized as DO-178 software verification tools.
The tool qualification process differs somewhat between DO-178B, and DO-178C (and its referenced standard DO-330 Software Tool Qualification Considerations).
Tool qualification kits for DO-178B and DO-178C are available to ease our customers’ path to certification. These kits provide the necessary qualification data and evidence required for qualification of Cantata for Software Levels E to A, together with guidance on the tool qualification process. They also contain comprehensive and detailed guidance on how to use them to comply with the required software verification objectives of the DO-178 standards.
Please contact us for more information about tool qualification kits.
Verification for DO-178 compliance
DO-178 recommends low-level [unit] tests, Software Integration Tests and Hardware-Software Integration tests. Cantata enables developers to verify DO-178 compliant C and C++ code on host native and embedded target platforms.
Cantata helps accelerate compliance with the standard’s verification requirements by automating:
Our DO-178B and DO-178C Standard Briefings trace the verification objectives DO-178B and DO-178C, identifying the scope of those which are supported by Cantata and how the objectives are supported by Cantata.
Please contact us for more information on Cantata for DO-178B or DO-178C.
The DO-178C verification objectives by Level and where these are supported by Cantata are summarised in the tables below:
DO-178C Table A.6 Testing Outputs of Integration Process
| Objective | A | B | C | D | Cantata |
|---|---|---|---|---|---|
| 1: Executable Object code complies with high level requirements | S | S | S | S | Yes |
| 2: Executable Object Code is robust with high-level requirements | S | S | S | S | Yes |
| 3: Executable Object code complies with low level requirements | SI | SI | S | Yes | |
| 4: Executable Object code complies with low level requirements | SI | S | S | Yes | |
| 5: Executable Object Code is compatible with the target computer | S | S | S | S | Yes |
DO-178C Table A.7 Verification of the Verification Process Results
| Objective | A | B | C | D | Cantata |
|---|---|---|---|---|---|
| 1: Test procedures are correct | SI | S | S | Yes | |
| 2: Test Results are correct and discrepancies explained | SI | S | S | Yes | |
| 3: Test coverage of high level requirements is achieved | SI | S | S | S | Yes |
| 4: Test coverage of low level requirements is achieved | SI | S | S | Yes | |
| 5: Test coverage of software structure (modified condition/decision) | SI | Yes | |||
| 6: Test coverage of software structure (decision coverage) | SI | S | Yes | ||
| 7: Test coverage of software structure (statement coverage) | SI | S | S | Yes | |
| 8: Test coverage of software structure (data & control coupling) | SI | S | S | Yes |
Start a free trial & get a complete copy of Cantata to evaluate using your code.
| Key | |
|---|---|
| The objective should be satisfied with independence | SI |
| The objective should be satisfied | S |
Static Analysis for DO-178 compliance
DO-178 objectives include assessment that Source Code is accurate, consistent and conforms to a coding standard. Static Analysis with QA-MISRA can dramatically reduce the manual effort in producing certification evidence to satisfy these objectives.
The DO-178C Source Code analysis in Table A.5 are summarized in the table below:
DO-178C Table A.5 Verification if Outputs of Software Coding & Integration Processes
| Objective | A | B | C | D |
|---|---|---|---|---|
| 1. Source Code complies with low level requirements | SI | SI | S | – |
| 2. Source Code complies with software architecture | SI | S | S | – |
| 3. Source Code is verifiable | S | S | – | – |
| 4. Source Code conforms to standards | S | S | S | |
| 5. Source Code is traceable to low-level requirements | S | S | S | – |
| 6. Source Code is accurate and consistent | SI | S | S | – |
| 7. Output of software integration process is complete and correct | S | S | S | – |
| 8. Parameter Data Item File is correct and complete | SI | SI | S | S |
| 9. Verification of Parameter Data Item File is achieved | SI | SI | S | – |
| Key | |
|---|---|
| The objective should be satisfied with independence | SI |
| The objective should be satisfied | S |
Start a free trial of QA-MISRA to evaluate your code against MISRA, AUTOSAR, CERT C/C++, CWE and other coding standards to ensure automated compliance with DO-178 standards.