What is DO-278?
RTCA DO-278 / EUROCAE ED-109 “Guidelines for Communication, Navigation, Surveillance and Air Traffic Management (CNS/ATM) Systems Software Integrity Assurance”, is the ground based complement to the DO-178B airborne standard. RTCA DO-278 provides guidelines for the assurance of software contained in non-airborne CNS/ATM systems. DO-178B/ED-12, Software Considerations in Airborne Systems and Equipment Certification, defines a set of objectives that are recommended to establish assurance that airborne software has been reviewed, and in some cases, modified for application to non-airborne CNS/ATM systems. DO-278 is intended as an interpretive guide for the application of DO-178B guidance to non-airborne CNS/ATM systems. The two standards are thus interrelated.
DO-278 provides guidelines for the production of software for ground based avionics systems and equipment that performs its intended function with a level of confidence in safety. The guidelines are in the form of:
- - Objectives of software life cycle processes
- - Description of activities and design considerations for achieving these objectives
- - Description of the evidence that indicate that the objectives have been satisfied
The document discusses those aspects of certification that pertain to the production of software for ground based avionics systems and used in CNS or ATM equipment.
DO-278 Assurance Levels
| DO-278 / ED109 Assurance Levels | Corresponding DO-178B / ED-12 Safety Levels | |
AL1 |
Level A: | Catastrophic: prevents continued safe flight or landing, many fatal injuries |
AL2 |
Level B: | Hazardous/Severe: potential fatal injuries to a small number of occupants |
AL3 |
Level C: | Major: impairs crew efficiency, discomfort or possible injuries to occupants |
AL4 |
No equivalent | |
AL5 |
Level D: | Minor: reduced aircraft safety margins, but well within crew capabilities |
AL6 |
Level E: | No Effect: does not effect the safety of the aircraft at alll |
DO-278 Documentation Requirements
DO-278 requires a thorough definition and documentation of the software development process. The base set of required documentation and life cycle artifacts include:
- √ Plan for Software Aspects of Approval (PSAA)
- √ Software Quality Assurance Plan
- √ Software Configuration Management Plan
- √ Configuration Control Procedures
- √ Software Code Standard For Ada
- √ Software Design Standard
- √ Software Requirements Standard
- √ Software Development Plan
- √ Software Verification Plan
- √ Source, Executable Object Code, SCI and SECI
- √ Software Design Document
- √ Software Requirements Document
- √ Software Development Plan
- √ Software Verification Plan
- √ Traceability
- √ Test Cases and Procedures
- √ Verification Results
- √ Quality Assurance Records
- √ Configuration Management Records
- √ Problem Reports
- √ Software Accomplishments Summary
Why GNAT Pro High-Integrity Edition for Servers?
AdaCore’s High-Integrity Edition for DO-178B solution has passed DO-178B Level A certification multiple times as a part of avionics systems and is a proven solution to meet this safety-critical standard requirements. GNAT Pro High-Integrity Edition for Servers satisfies RTCA DO-278, EUROCAE ED-109 “Guidelines for Communication, Navigation, Surveillance and Air Traffic Management (CNS/ATM) Systems Software Integrity Assurance”. This is the ground based complement to the DO-178B airborne standard and references it throughout.
The certification life cycle materials developed for DO-178B are available for GNAT Pro High-Integrity Edition for Servers, along with complete ISO Ada Conformity Assessment Test Suite (ACATS) results to show that the compiler and run-time system fully conform to the ISO Ada standard.
For further information on DO-278: