DO-254 Certification Guide
Design Assurance Guidance for Airborne Electronic Hardware Explained
Table of Contents
Design Assurance Guidance for Airborne Electronic Hardware (DAGAEH) is an industry-standard that provides guidance on the design and testing of airborne electronic hardware. It was developed by the Aerospace Industries Association (AIA) as part of their voluntary assurance process, with the goal to assure manufacturers and operators that electronic hardware meets safety requirements. The DAGAEH framework outlines best practices in design and testing techniques, which go beyond typical product development processes and are necessary to ensure high-quality aerospace products.
The DAGAEH guidance consists of four main sections: Design, Verification, Validation, and Manufacture & Quality Control. Each section describes detailed requirements related to different stages of the overall system lifecycle. To successfully comply with the DAGAEH standard, hardware manufacturers must adhere to detailed design and test requirements for all components of their system.
The Design section covers topics such as electrical, mechanical, and software design principles; integrated circuit selection; interface requirements; and general design considerations. The Verification section describes techniques used to verify that the proposed designs are compliant with the safety and performance objectives established in the earlier stages of development. This includes verification techniques such as functional testing, environmental qualification testing, electromagnetic compatibility (EMC) testing, failure mode effects analysis (FMEA), reliability prediction, etc.
The Validation section outlines how existing designs should be verified before use in a system or aircraft environment. This includes validation tests for hardware components and systems, as well as system integration tests. The Manufacture & Quality Control section covers topics such as in-process inspections, quality assurance sampling plans, and materials control. This ensures that the manufactured products meet the required design specifications.
The DAGAEH framework provides a comprehensive set of guidelines for the design and testing of airborne electronic hardware. By following these guidelines, manufacturers can ensure that their products are safe and reliable, leading to increased customer satisfaction and improved overall safety standards in the aerospace industry.
In addition to providing guidance on product development processes, the DAGAEH standard is also used for regulatory compliance purposes in many countries around the world. It is important for companies manufacturing aircraft electronics to make sure they are familiar with the DAGAEH framework and requirements. By doing so, they can ensure their products are compliant with the local regulatory bodies and meet the safety requirements of their customers.
By adhering to the Design Assurance Guidance for Airborne Electronic Hardware (DAGAEH) standard, companies can ensure that their products meet all necessary safety requirements and provide high-quality solutions for aerospace applications. With its comprehensive guidance on design and testing processes, DAGAEH is a valuable industry resource that helps manufacturers develop reliable electronic hardware for aircraft systems.
Understanding the DO-254
Design Assurance Guidance for Airborne Electronic Hardware, also known as DO-254, is a standard that outlines the guidelines for the development, verification, and validation of electronic hardware used in airborne systems. This standard is developed by the Radio Technical Commission for Aeronautics (RTCA) and is used to ensure that the electronic hardware is designed and tested to meet the safety, reliability, and performance requirements of the aerospace industry.
The DO-254 standard defines five levels of hardware design assurance, which are based on the potential impact of hardware failure on aircraft safety. These levels range from Level A, which is critical hardware that could cause a catastrophic failure of the aircraft, to Level E, which includes hardware that does not have a safety impact on the aircraft.
Design Assurance Levels (DALs) are defined in DO-254, which is the Design Assurance Guidance for Airborne Electronic Hardware. The DALs categorize electronic hardware functions based on their safety impact on the aircraft. There are five Design Assurance Levels under DO-254, and they are as follows:
- DAL A: This level represents the highest level of criticality and includes functions whose failure could result in catastrophic failure or loss of the aircraft. Examples of DAL A functions include flight control computers, engine control systems, and other safety-critical systems.
- DAL B: This level includes functions whose failure could result in a hazardous or severe condition for the aircraft or occupants. Examples of DAL B functions include landing gear control systems, fire detection, and suppression systems, and other critical systems.
- DAL C: This level includes functions whose failure could result in a major or significant failure or malfunction of the aircraft. Examples of DAL C functions include avionics systems, communication systems, and other important systems.
- DAL D: This level includes functions whose failure could result in a minor or slight reduction in aircraft safety. Examples of DAL D functions include cabin lighting systems, entertainment systems, and other non-critical systems.
- DAL E: This level includes functions whose failure would have no impact on aircraft safety. Examples of DAL E functions include non-critical systems such as lavatory lighting or other passenger amenities.
Overall, DO-254 is a critical standard for ensuring the safety and reliability of airborne electronic hardware, and adherence to this standard is crucial for ensuring that electronic hardware used in airborne systems meets the highest safety standards.
History of DO-254
DO-254, also known as “Design Assurance Guidance for Airborne Electronic Hardware,” was developed by the Radio Technical Commission for Aeronautics (RTCA) in the early 2000s. The impetus for developing the standard was the increasing complexity of electronic hardware used in airborne systems and the need for a standardized approach to ensure the safety and reliability of such systems.
The development of DO-254 was driven by the Federal Aviation Administration (FAA) in the United States, which recognized the need for a standard to ensure that electronic hardware used in aerospace systems met the highest safety standards. The FAA formed a working group in the late 1990s, which was tasked with developing a standard that would provide guidance for the development, verification, and validation of electronic hardware used in airborne systems.
The working group included representatives from the aerospace industry, including manufacturers, regulators, and other stakeholders. The group worked closely with the European Aviation Safety Agency (EASA) to ensure that the standard would be applicable to both the US and European aerospace industries.
The first version of DO-254, titled “Design Assurance Guidance for Airborne Electronic Hardware,” was released in December 2000. Since then, the standard has been revised several times to reflect changes in technology and industry best practices. The most recent version, DO-254C, was released in 2018.
Today, DO-254 is widely recognized as a critical standard for ensuring the safety and reliability of electronic hardware used in airborne systems. Compliance with this standard is essential for achieving certification from regulatory bodies such as the FAA and EASA, and it is used by aerospace companies around the world to ensure that their electronic hardware meets the highest safety standards.
Benefits of DO-254
Compliance with DO-254, the Design Assurance Guidance for Airborne Electronic Hardware, provides several benefits for companies involved in the development of electronic hardware for aerospace systems. Some of the key benefits of DO-254 compliance are:
- Enhanced Safety: Compliance with DO-254 ensures that electronic hardware used in airborne systems meets the highest safety standards. This can help to enhance the safety of the aircraft and reduce the risk of accidents or incidents caused by electronic hardware failures.
- Reduced Risk: Compliance with DO-254 can help to reduce the risk of costly delays or rework during the development process. By following a standardized approach to development, verification, and validation, companies can identify and mitigate potential issues earlier in the process, reducing the risk of costly errors or delays.
- Improved Efficiency: DO-254 compliance requires a rigorous and structured approach to development, verification, and validation, which can help to improve the overall efficiency of the development process. By following a standardized process, companies can streamline the development process, reduce errors and rework, and improve the quality of the final product.
- Enhanced Reputation: Compliance with DO-254 can help to enhance a company’s reputation in the aerospace industry. Adherence to this standard demonstrates a commitment to safety and reliability, which can be attractive to potential customers and partners.
- Increased Market Access: Compliance with DO-254 is often a requirement for achieving certification from regulatory bodies such as the Federal Aviation Administration (FAA) and the European Aviation Safety Agency (EASA). Achieving certification can help companies to access new markets and expand their business opportunities.
Process of DO-254
Step #1 – Planning: The goal is to document the project as much as possible before starting it so that everyone has a clear understanding of how the DO-254 requirements will be met. This high-level overview of the test-bench architecture and verification process provides transparency about what needs to be tested and why, which in turn drives the coverage criteria.
Step #2 – Requirements Capture and Validation: Requirements are indispensable to DO-254, and the entire design of the hardware project will be based on these requirements. Consequently, every requirement must be written out formally, which can preferably be accomplished by using requirements management software.
According to the DO-254 specification, a Requirements-Based Design and Verification Approach should be used. This implies that everything in the hardware project will derive from a carefully thought-out set of high-level requirements. Before any RTL is created, each one of these requirements needs to possess certain qualities including understandability testability verifiability, etc. Furthermore, they must also have a unique reference name so as not to create confusion later down the line in terms f development or review.
Step #3 – Conceptual Design: During the conceptual design stage, designs are broken down into smaller pieces so that they can be more easily managed and implemented. This is often thought of as a high-level block diagram.
Step #4 – Detailed Design: During this step, each component described during the previous stage is developed according to the captured requirements. This is the step where you get down to the nitty-gritty and do the real design work. Make sure that each component in the conceptual design has a detailed RTL hardware counterpart that meets all requirements.
Each high-level requirement should have an RTL module assigned to it so there is transparency and accountability throughout the process. There are different ways to establish this traceability, so figure out what will work best for your team before getting started.
Step #5 – Implementation: The implementation process is different depending on the technology being used. For an RTL-based design (such as an FPGA or ASIC), the implementation step includes the synthesis process of converting RTL into actual technology-specific gates. For an FPGA, this also includes creating the programming file to load into the FPGA.
The ASIC backend design/verification is a process that must be followed in your PHAC document from the beginning. With DO-254 specifications, you’re typically allowed to stay somewhat high level while documenting activities during implementation–particularly for ASICs. This is because there will be plenty of testing done on the final product as it nears completion.
Step #6 – Production Transition: After the design work and the devices are ready to begin larger volume production, the design is transferred over to manufacturing. This is the stage where you take your design and put it into production.
Typically, this ensures such aspects as
- How can you ensure that the right version of the programming file is being used during manufacturing? (FPGA)
- How can you ensure that you’re using the right component? (ASIC and FPGA)
- Have you handled any mistakes for the device correctly?
The requirements process tool, Visure Solutions, is essential to understanding the output of all processes and ensuring that the final system is accurate.
Process #1 – Requirements Traceability: It is the process of linking requirements to the design, verification, and validation activities that demonstrate compliance with those requirements. Requirements traceability in DO-254 involves several steps. First, requirements must be identified and documented in a requirements specification. Next, design elements, such as circuit diagrams and code, must be linked to the corresponding requirements. Then, verification and validation activities, such as testing and analysis, must be linked to the corresponding design elements and requirements.
Process #2 – Validation and Verification: Verification is the process of reviewing and analyzing design artifacts, such as circuit diagrams and code, to ensure that they meet the specified requirements. Verification activities include reviews, inspections, testing, and analysis.
Validation is the process of demonstrating that the design of electronic hardware used in airborne systems operates safely and reliably in the intended environment. Validation activities include testing, analysis, and simulation.
Process #3 – Process Assurance: Every Do-254 project plan should be accompanied by a document describing the steps that will be taken to ensure that the plan will be met. In addition to your DO-254-compliant plan, you should also document how you will guarantee that this plan is met. This is typically done in a Quality Assurance or Process Assurance Plan. This plan designates who will be responsible for checking that your PHAC and other plans are being followed, as well as how these checks will take place.
Process #4 – Configuration Management: The purpose of configuration management is to help ensure that the device is developed in a structured, repeatable, and controlled environment. With this plan, you will establish how to make the development and artifact-generation processes repeatable. This usually comprises putting into place revision control and bug-tracking systems for all design/verification files, as well as every document related to documentation and artifacts.
Process #5 – Certification Liaison: To ensure DO-254 compliance during the development process, it’s important to engage with a certification authority, known as a certification liaison. Usually, one individual is nominated as the primary form of communication with certification officials. This allows for streamlined communication and ensures that the certification official understands the overarching design process. The ideal candidate for this role usually has experience with DO-254 projects and knows how to explain complex details in a digestible way.
Process #6 – Tool Assessment: Tool assessment is a critical aspect of DO-254 compliance. DO-254 requires that all tools used in the design, verification, and validation of electronic hardware be assessed to ensure that they are suitable for the intended use.
Tool assessment involves several steps. First, the tool must be identified, and its intended use must be documented. Then, the tool must be assessed to determine its impact on the safety and reliability of the electronic hardware. This assessment includes an evaluation of the tool’s features, capabilities, limitations, and potential failure modes.
Visure Requirements ALM Platform
Visure Requirements features visual role-based workflows that make it possible to align the processes and the tools and follow the life of a requirement through its development and specification, to its subsequent deployment and use, and through periods of ongoing refinement and iteration in any of these phases.
Visure Requirements provides end-to-end traceability between requirements, verification, problem reporting, checklists, and project artifacts in one single environment. It also integrates with other tools of the lifecycle to provide comprehensive management for the development and verification of avionic embedded systems.
Visure Requirements allows you to standardize and streamline your organization’s processes related to DO-254. You can graphically define the artifacts and enforce the traceability policy between them across all Design Assurance Levels (DALs). This way, you can ensure that the hardware systems of the aircraft based on their safety criticality are up to par.
With Visure, you can use automated checklists to manage compliance and easily integrate and access our DER partner’s checklists into our tool. This will enable you to design and improve a review process around these checklists, and automatically measure requirements quality with AI enforcement alignment and quality across the organization.
With Visure, you can also increase productivity and alignment among your team by tracking progress end-to-end, reusing requirements for compliance across projects, and automating tasks verification for DO-254 with any 3rd party Test Management Solution.
In conclusion, the Design Assurance Guidance for Airborne Electronic Hardware, or DO-254, provides a standardized and structured approach to the development, verification, and validation of electronic hardware used in aerospace systems. Compliance with this standard is essential for ensuring the safety and reliability of airborne electronic hardware and is often a requirement for achieving certification from regulatory bodies. Companies that comply with DO-254 can benefit from enhanced safety, reduced risk, improved efficiency, enhanced reputation, and increased market access. For those interested in implementing DO-254 compliant processes, Visure Solutions offers a comprehensive solution that can help companies manage the entire process of compliance. To learn more, visit Visure Solutions and start a free 30-day trial today.
Don’t forget to share this post!