JAR 66 CATEGORY B1 MODULE 5.

13
CONVERSION COURSE

uk MODULE 5
DIGITAL TECHNIQUES
SOFTWARE
MANAGEMENT CONTROL

engineering ELECTRONIC
INSTRUMENT SYSTEMS

1 SOFTWARE MANAGEMENT CONTROL

In the normal maintaining of aircraft, an assessment of system and function
criticality is made. With the increasing role of computers in today's aircraft,
responsible Design Organisations assign, to each software-based system or
equipment, software levels relating to the severity of the effect of possible
software errors within user systems or equipments.

Table 1 shows the relationship between function criticality category and software
level.

Effect on Aircraft FAR 25.1309 & No significant Reduction of the aircraft capability or Prevention of
and occupants of JAR 25.1309 degradation of of the crew ability to cope with continued safe
failure conditions definitions aircraft capability adverse operating conditions flight and landing
or design error or crew ability of the aircraft
Large reduction
Slight reduction Significant in safety margins
of safety reduction in Physical distress
margins, safety margins or workload such
Slight increase in Reduction in the that the flight
ACJ No 1 workload, e.g. ability of the flight crew cannot be
Jar 25.1309 routine changes crew such that relied upon to Loss of aircraft
definitions in flight or plan or they cannot be perform their and/or fatalities
Physical effects relied upon to tasks accurately
but no injury to perform their or completely, or
occupants tasks accurately, serious injury to
or injury to or death of a
occupants relatively small
proportion of the
occupants
ACJ No 1 to JAR 25.1309 Minor Effect Major Effect Hazardous Effect Catastrophic
Definition of Criticality Category Effect
FAA Advisory Circular 25.1409-1 Non-essential Essential Critical
definition of Criticality Category
DO-178A/ED-12A Level 3 Level 2 Level 1
Software level*

Table 1

* Using appropriate design and/or implementation techniques, it may be

possible to use a software level lower than the functional categorisation.
Refer to Section 5 of DO-178A/ED-12A, which provides further guidance.
 JAR 66 CATEGORY B1 MODULE 5.13
CONVERSION COURSE

uk MODULE 5
DIGITAL TECHNIQUES
SOFTWARE
MANAGEMENT CONTROL

engineering ELECTRONIC
INSTRUMENT SYSTEMS

1.1 CERTIFICATION OF SOFTWARE

For initial certification of a software-based system or equipment, the responsible

Design Organisation provides evidence to the CAA that the software has been
designed, tested and integrated with the hardware in a manner which ensures
compliance with the relevant requirements of BCAR.

The primary document for use by certifying authorities is the Software

Accomplishment Summary. Its content is listed below to demonstrate the
stringency of software control both during certification and continued use when it
may be subject to further development and modification. The following is taken
from AWN 45A. Related document references have been left in but not clarified.

1.2 CONTENT OF SOFTWARE ACCOMPLISHMENT SUMMARY

As a minimum, information relevant to the particular software version should be

included in the summary under the following headings: -

(a) i) System and Equipment Description This section should briefly

describe the equipment functions and hardware including safety
features, which rely on hardware devices or system architecture.

ii) Organisation of Software This section should identify the

particular software version and briefly describe the software
functions and architecture with particular emphasis on the safety
and partitioning concepts used.

The size of the final software design should be stated, e.g. in terms of
memory bytes, number of modules. The language(s) used should also be
stated.

(b) Criticality Categories and Software Levels This section should state
the software levels applicable to the various parts of the software. The
rationale for their choice should be stated, either directly, or by reference to
other documents.

(c) Design Disciplines This section should briefly describe the design
procedures and associated disciplines, which were applied to ensure the
quality of the software. The Organisations which were involved in the
production and testing (including flight-testing) of the software should be
identified and their responsibilities stated.

(d) Development Phases The development phases of the project should be

summarised. This information could be included in sub-paragraph (h)
below.
 JAR 66 CATEGORY B1 MODULE 5.13
CONVERSION COURSE

uk MODULE 5
DIGITAL TECHNIQUES
SOFTWARE
MANAGEMENT CONTROL

engineering ELECTRONIC
INSTRUMENT SYSTEMS

(e) Software Verification Plan This section should briefly summarise the
plan (Document No. 11 as defined in DO-178A/ED-12A) and the test
results.

(f) Configuration Management The principles adopted for software

identification, modification, storage and release should be briefly
summarised.

(g) Quality Assurance The procedures relating to quality assurance of the

software should be summarised including, where applicable, those
procedures which applied to liaison between the equipment manufacturer
and the aircraft, engine or propeller constructor, as appropriate.

(h) Certification Plan This section should provide a schedule detailing major
milestones achieved and their relationship to the various software
releases.

(j) Organisation and Identification of Documents This section should

identify the documents, which satisfy, paragraph 8.1 of DO-178A/ED-12A.

(k) Software Status Any known errors, temporary patches, functional

limitations or similar shortcomings associated with the delivered software
should be declared and the proposed timescale for corrective action
stated.
 JAR 66 CATEGORY B1 MODULE 5.13
CONVERSION COURSE

uk MODULE 5
DIGITAL TECHNIQUES
SOFTWARE
MANAGEMENT CONTROL

engineering ELECTRONIC
INSTRUMENT SYSTEMS

1.3 MODIFICATION OF SOFTWARE

In respect of systems and equipment with Level 1 or Level 2 software, a

modification, which affects software, shall not be embodied unless it has been
approved by the responsible Design Organisation.

Modifications to software will be subject to the same approval procedures as are

applied to hardware modifications. Modified software will need to be identified
and controlled in accordance with the procedures stated in the software
configuration management plan.

The CAA will require the design and investigation of modifications, including
those proposed by the aircraft operator, to involve the support service provided by
the responsible Design Organisation. The re-certification effort will need to be
related to the software levels.

Aircraft operators will need to ensure that their defect reporting procedures will
report software problems to the responsible Design Organisation.
 JAR 66 CATEGORY B1 MODULE 5.13
MODULE 5
SOFTWARE
DIGITAL TECHNIQUES MANAGEMENT

uk ELECTRONIC
INSTRUMENT SYSTEMS
CONTROL

engineering