Kalpana Kalpana (Editor)

DO 254

Updated on
Edit
Like
Comment
Share on FacebookTweet on TwitterShare on LinkedInShare on Reddit
Domain
  
Aviation electronics

Abbreviation
  
DO-254 ED-80

Latest version
  
April 19, 2000 (2000-04-19)

Organization
  
RTCA SC-180 EUROCAE WG-46

RTCA/DO-254, Design Assurance Guidance for Airborne Electronic Hardware is a document providing guidance for the development of airborne electronic hardware, published by RTCA, Incorporated.

Contents

The DO-254 standard was formally recognized by the FAA in 2005 via AC 20-152 as a means of compliance for the design of complex electronic hardware in airborne systems. Complex electronic hardware includes devices like Field Programmable Gate Arrays (FPGAs), Programmable Logic Devices (PLDs), and Application Specific Integrated Circuits (ASICs). The DO-254 standard is the counterpart to the well-established software standard RTCA DO-178B/EUROCAE ED-12B. With DO-254, the FAA has indicated that avionics equipment contains both hardware and software, and each is critical to safe operation of aircraft. There are five levels of compliance, A through E, which depend on the effect a failure of the hardware will have on the operation of the aircraft. Level A is the most stringent, defined as "catastrophic" (e.g. loss of the aircraft), while a failure of Level E hardware will not affect the safety of the aircraft. Meeting Level A compliance for complex electronic hardware requires a much higher level of verification and validation than Level E compliance.

System aspects of hardware design assurance

The main regulations which must be followed are requirements capturing and tracking throughout the design and verification process. The following items of substantiation are required to be provided to the FAA, or the Designated Engineering Representative (DER) representing the FAA:

  • Plan for Hardware Aspects of Certification (PHAC),
  • Hardware Verification Plan (HVP),
  • Top-Level Drawing, and
  • Hardware Accomplishment Summary (HAS)

    • Hardware design life cycle

    The hardware design and hardware verification need to be done independently. The hardware designer works to ensure the design of the hardware will meet the defined requirements. Meanwhile, the verification engineer will generate a verification plan which will allow for testing the hardware to verify that it meets all of its derived requirements.

    Planning process

    The planning process is the first step where the design authority (the company who develops the H/W and implements the COTS into its design) declares its approach towards the certification. At this point the PHAC (Plan for H/W Aspects of Certification) is presented to the authorities (EASA, FAA...). In this plan, the developer presents its approach and how DO-254 is implemented. The PHAC is submitted as part of the authorities 1st stage of involvement (SOI#1).

    Hardware design processes

  • Requirements Capture
  • Conceptual Design
  • Detailed Design
  • Implementation
  • Verification
  • Transfer to production

    • Validation and verification process

    The validation process provides assurance that the hardware item derived requirements are correct and complete with respect to system requirements allocated to the hardware item.

    The verification process provides assurance that the hardware item implementation meets all of the hardware requirements, including derived requirements.

    A widely used industry mnemonic for the difference is:

  • Validation - designing the right system!
  • Verification - designing the system right!

    • Additional considerations

  • Configuration Management Process
  • Process Assurance
  • Certification Liaison Process
  • Hardware Design Life Cycle Data
  • Use of Previously Developed Hardware
  • Commercial-Off-The Shelf (COTS) Components Usage
  • Product Service Experience
  • Tool Assessment and Qualification
  • Appendix A. Modulation of Hardware Life Cycle Data Based on Hardware Design Assurance Level
  • Appendix B. Design Assurance Considerations for Level A and B Functions
  • Appendix C. Glossary of Terms
  • Appendix D. Acronyms

    • Important considerations

  • Section 1.6 (Complexity Considerations) presents the definition for Simple Device.
  • Table 5-1 (Typical ASIC/PLD Process Mapping) presents a process mapping very useful for practical application considering the scope of AC 20-152
  • Appendix B (Design Assurance Considerations for Level A and B Functions) - the longest chapter of the document - prepares the future of embedded electronics, paving the way for advanced design and verification methods, well known to the outside world, but fairly new for the avionics industry.

    • Certification in Europe

  • Replace FAA with EASA, JAA or CAA
  • Replace FAR with JAR
  • Replace AC with AMC (Acceptable Means of Compliance) or AMJ (Advisory Material Joint)

    • References

    DO-254 Wikipedia
    (Text) CC BY-SA