DO-254: Definition, Compliance, Tools, and Certifications Optimization

Aviation systems are becoming increasingly complex, with more and more data being generated by aircraft each day. This data can include information on engine health, fuel status, rotor blade maintenance, traffic and route statistics, cockpit information, etc. In order to handle this large volume of critical data safely and effectively, aviation authorities have put in place a number of guidelines that need to be followed. The DO-254 standard is one such guideline, which deals with the design assurance of airborne electronic hardware. In this article, we will take a closer look at the DO-254 standard and its implications for aircraft safety.

What is DO-254?

DO-254 is a standard developed by the Radio Technical Commission for Aeronautics (RTCA) and EUROCAE (European Organization for Civil Aviation Equipment), which provides guidance on the design assurance of airborne electronic hardware. The DO-254 standard is applicable to all types of aircraft, from small private planes to large commercial jets. 

The standard provides guidance to such electronic hardware as line replaceable units, circuit board assemblies, custom micro-coded components, integrated technology components, and commercial off-the-shelf components. 

DO-254 can be described as the counterpart to DO-178C (Software Considerations in Airborne Systems and Equipment Certification), which deals with software-based aerospace systems.

Understanding the DO-254 

DO-254 designates different Design Assurance Levels, or DALs, to various hardware systems of the aircraft based on their safety criticality:

• Level A (Catastrophic): The failure of a Level A hardware system will cause or contribute to a catastrophic failure of the aircraft and cause a crash and/or death. An example of a Level A hardware system is the flight control system. 
• Level B (Hazardous): The failure of a Level B hardware system will cause or contribute to a hazardous/severe failure condition and potentially cause a crash and/or death. An example of a Level B hardware system is the braking system. 
• Level C (Major): The failure of a Level C hardware system will cause or contribute to a major failure condition and potentially cause stress and/or injuries. Examples of Level C hardware systems include various backup systems. 
• Level D (Minor): The failure of a Level D hardware system will cause or contribute to a minor failure condition and potentially cause inconvenience. An example of a Level D hardware system is the ground navigation system. 
• Level E (No effect): The failure of a Level E hardware system will have no effect on the aircraft or on the pilot workload. Passenger entertainment systems fall into this category. 

What are the benefits of DO-254 compliance?

DO-254 compliance offers a number of benefits for both manufacturers and aviation authorities. Firstly, it helps to ensure that aircraft are safe and fit for purpose. Secondly, it provides a level playing field for all manufacturers, as they are all required to meet the same standards. Finally, DO-254 compliance can help to improve communication between different stakeholders involved in the design and certification of aircraft hardware.

In conclusion, DO-254 is an important standard that helps to ensure the safety of aircraft and their passengers. By following the DO-254 standards, manufacturers can help to ensure that their products are safe and fit for purpose. DO-254 compliance offers a number of benefits for both manufacturers and aviation authorities and can help to improve communication between different stakeholders involved in the design and certification of aircraft hardware.

What are the implications of DO-254?

The DO-254 standard covers all aspects of electronic hardware design, from conception to final testing. This includes requirements for system architecture, design documentation, test plans, and procedures, as well as certification considerations. In order to meet the DO-254 standards, aircraft manufacturers must put in place adequate processes and tools to ensure that their products meet all the necessary requirements.

DO-254 compliance is essential for ensuring the safety of aircraft and their passengers. By following the DO-254 standards, manufacturers can help to ensure that their products are safe and fit for purpose.

Process for DO-254

1. Planning: The goal is to document the project as much as possible before starting it so that everyone has a clear understanding of how the DO-254 requirements will be met. This high-level overview of the test-bench architecture and verification process provides transparency about what needs to be tested and why, which in turn drives the coverage criteria.
2. Requirements Capture and Validation: Requirements are indispensable to DO-254, and the entire design of the hardware project will be based on these requirements. Consequently, every requirement must be written out formally, which can preferably be accomplished by using requirements management software. According to the DO-254 specification, a Requirements-Based Design and Verification Approach should be used. This implies that everything in the hardware project will derive from a carefully thought-out set of high-level requirements. Before any RTL is created, each one of these requirements needs to possess certain qualities including understandability testability verifiability, etc. Furthermore, they must also have a unique reference name so as not to create confusion later down the line in terms f development or review.
3. Conceptual Design: During the conceptual design stage, designs are broken down into smaller pieces so that they can be more easily managed and implemented. This is often thought of as a high-level block diagram. 
4. Detailed Design: During this step, each component described during the previous stage is developed according to the captured requirements. This is the step where you get down to the nitty-gritty and do the real design work. Make sure that each component in the conceptual design has a detailed RTL hardware counterpart that meets all requirements. Each high-level requirement should have an RTL module assigned to it so there is transparency and accountability throughout the process. There are different ways to establish this traceability, so figure out what will work best for your team before getting started. 
5. Implementation: The implementation process is different depending on the technology being used. For an RTL-based design (such as an FPGA or ASIC), the implementation step includes the synthesis process of converting RTL into actual technology-specific gates. For an FPGA, this also includes creating the programming file to load into the FPGA. The ASIC backend design/verification is a process that must be followed in your PHAC document from the beginning. With DO-254 specifications, you’re typically allowed to stay somewhat high level while documenting activities during implementation–particularly for ASICs. This is because there will be plenty of testing done on the final product as it nears completion. 
6. Production Transition: After the design work and the devices are ready to begin larger volume production, the design is transferred over to manufacturing. This is the stage where you take your design and put it into production. Typically, this ensures such aspects as • How can you ensure that the right version of the programming file is being used during manufacturing? (FPGA)• How can you ensure that you’re using the right component? (ASIC and FPGA) • Have you handled any mistakes for the device correctly? • Etc. The requirements process tool, Visure Solutions, is essential to understanding the output of all processes and ensuring that the final system is accurate.
7. Validation and Verification: This supporting process occurs throughout the hardware design, ensuring that the requirements are correct, complete, and verifiable.
8. Process Assurance: Every Do-254 project plan should be accompanied by a document describing the steps that will be taken to ensure that the plan will be met. In addition to your DO-254-compliant plan, you should also document how you will guarantee that this plan is met. This is typically done in a Quality Assurance or Process Assurance Plan. This plan designates who will be responsible for checking that your PHAC and other plans are being followed, as well as how these checks will take place.
9. Configuration Management: The purpose of configuration management is to help ensure that the device is developed in a structured, repeatable, and controlled environment. With this plan, you will establish how to make the development and artifact-generation processes repeatable. This usually comprises putting into place revision control and bug-tracking systems for all design/verification files, as well as every document related to documentation and artifacts.
10. Certification Liaison: To ensure DO-254 compliance during the development process, it’s important to engage with a certification authority, known as a certification liaison. Usually, one individual is nominated as the primary form of communication with certification officials. This allows for streamlined communication and ensures that the certification official understands the overarching design process. The ideal candidate for this role usually has experience with DO-254 projects and knows how to explain complex details in a digestible way. 

How to Support DO-254?

Projects that aim to meet DO-254 typically end up being far more expensive than comparable projects without DO-254. The extra cost of DO-254 projects stems largely from poor requirements management techniques. 

Requirements are at the core of DO-254, and the ability to efficiently document, analyze, trace, prioritize, and agree on them can be the difference between project success and project failure. 

Fortunately, modern requirements management tools integrate with the same environment support for risk management, test management, issue, and defect tracking, and change management, helping overcome the numerous challenges that may arise during the development of mission-critical airborne electronic hardware.

Selecting the Best Requirements Management Tool 

When developing a complex electronic hardware system, an Excel spreadsheet simply isn’t an adequate solution for capturing requirements. However, not all requirements management tools are created equal, so it’s important to choose the right one for the job. 

When selecting a requirements management tool to support DO-254, start by evaluating the tool’s ability to define requirements, specify relationships between them, and export the captured requirements to create documentation. 

The ability to visualize requirements and the relationships between them can go a long way in creating alignment among stakeholders and developers. The tool should provide the ability to automatically establish relationships across requirements and run test cases. 

Other important capabilities include team collaboration and integration with other software tools used during the development of the hardware system. 

Visure Requirements meets all these criteria, offering an easy yet comprehensive Requirements Management ALM platform that supports an automatic capture of elements from MS Word, MS Excel, ReqIF, and other sources.

Visure Requirements ALM Platform

Visure Requirements features visual role-based workflows that make it possible to align the processes and the tools and follow the life of a requirement through its development and specification, to its subsequent deployment and use, and through periods of ongoing refinement and iteration in any of these phases.

Visure Requirements provides end-to-end traceability between requirements, verification, problem reporting, checklists, and project artifacts in one single environment. It also integrates with other tools of the lifecycle to provide comprehensive management for the development and verification of avionic embedded systems. 

Visure Requirements allows you to standardize and streamline your organization’s processes related to DO-254. You can graphically define the artifacts and enforce the traceability policy between them across all Design Assurance Levels (DALs). This way, you can ensure that the hardware systems of the aircraft based on their safety criticality are up to par.

With Visure, you can use automated checklists to manage compliance and easily integrate and access our DER partner’s checklists into our tool. This will enable you to design and improve a review process around these checklists, and automatically measure requirements quality with AI enforcement alignment and quality across the organization.

With Visure, you can also increase productivity and alignment among your team by tracking progress end-to-end, reusing requirements for compliance across projects, and automating task verification for DO-254 with any 3rd party Test Management Solution.

Conclusion:

The DO-254 standard provides a framework for developing safe and reliable airborne electronic hardware. When selecting a requirements management tool to support DO-254 compliance, it is important to choose a tool that offers features such as team collaboration, requirement visualization, and integration with other software tools. Visure Requirements is an ideal solution for managing DO-254 compliance, offering an easy yet comprehensive platform that supports all of the necessary requirements for DO-254 compliance. With Visure Requirements, you can streamline your organization’s DO-254 compliance process and increase both productivity and alignment within your team. Start a free 30-day trial to learn more about how Visure Requirements can help you manage DO-254 compliance in your organization.