A quick guide to DO-278A compliance
If you’re building a ground-based aerospace device or system, understanding and achieving compliance with DO-278A (also known as ED-109A) is crucial. The standard provides guidance on communication, navigation, and surveillance/air traffic management (CNS/ATM) systems and plays a pivotal role in ensuring the safety, reliability, and efficiency of software.
In this blog, we’re going to look under the bonnet of DO-278A to see what is required for compliance and the challenges you may encounter.
What is DO-278A?
RTCA DO-278A Guidelines for Communication, Navigation, Surveillance, and Air Traffic Management (CNS/ATM) Systems Software Integrity Assurance is a software standard developed jointly by RTCA (Radio Technical Commission for Aeronautics) and EUROCAE.
The document presents guidelines for the whole lifecycle of software in safety-critical systems used in ground-based aerospace applications. This encompasses the objectives for software life cycle processes, detailed descriptions of the activities and design considerations necessary to achieve these objectives, and the evidence required to demonstrate that the objectives have been met.
If you’re acquainted with DO-178C, DO-278A will be very familiar. The guidelines were created together and, as such, they’re not just very similar but also share supporting documents. As Vance Hilderman, CEO/CTO of AFuzion says: “If you already understand DO-178C, then you have the benefit of implicitly knowing 70 percent to 80 percent of DO-278A”.
So what’s the key difference? While DO-178C provides rules for aerospace software within airborne devices, DO-278A covers software within ground-based and satellite-based systems.
Both standards require that device software meet strict safety, reliability, and performance criteria.
What you need to know
To comply with DO-278A, your device software must meet several critical requirements:
Plans, plans, plans
A detailed and actionable plan is foundational for DO-278A compliance. This means creating several important documents:
- Software Development Plan (SDP)
- Software Verification Plan (SVP)
- Plan for Software Aspects of Approval (PSAA)
- Software Configuration Management Plan (SCMP)
- Software Quality Assurance Plan (SQAP)
Structured software development
Software must be developed systematically. This includes establishing clear traceability from requirements through design, implementation, and testing to ensure every aspect of the software meets compliance needs.
Tool qualification
If tools are used in the development or verification process and their output is not manually verified, they must be qualified under DO-278A guidelines. This ensures that the tools operate reliably and do not introduce errors into safety-critical processes.
Assurance levels (AL)
DO-278A defines six assurance levels (AL1 to AL6) which determine the rigor of compliance activities based on the criticality of the software. For example, AL1 demands the highest level of assurance for systems that could have catastrophic consequences in case of failure. These levels correlate with DO-178A’s five Design Assurance Levels (DALs), but AL4 has no equivalent.
Off-the-shelf software
Where DO-178A’s rules regarding commercial off-the-shelf (COTS) software are quite stringent, DO-278A takes a far more pragmatic approach. COTS components can be used but, due to the challenges of testing third-party software, additional measures are required to verify their integration and functionality.
Four Integral Processes
DO-278A also specifies four integral processes that are essential throughout the software lifecycle:
- Verification
This encompasses comprehensive activities including reviews, analyses, and tests as outlined in the Software Verification Plan (SVP). The depth and extent of verification activities are tied to the software’s Assurance Level (AL), with higher ALs requiring more stringent efforts. This includes specific structural coverage requirements, requirements-based testing, and often, independent verification. - Configuration management
You must manage and document software configurations to ensure that changes are tracked and only approved versions of the software are deployed. This requires a robust configuration management system. - Quality assurance
Quality assurance ensures you adhere to plans, standards, and procedures throughout the project. This includes audits, reviews, and monitoring to confirm that quality objectives are met. - Approval liaison
Facilitates collaboration with certification authorities throughout the project lifecycle. This process ensures that compliance requirements are clearly understood, addressed, and approved in a timely manner. It includes establishing clear communication, planning and conducting Stages of Involvement (SOIs), preparing and sharing necessary documentation and evidence, and maintaining alignment with regulatory expectations.
Is DO-278A compatible with Agile?
DO-278A emphasises structured and sequential processes, so it’s easy to think that a waterfall methodology is necessary. However, Agile is not only compatible; it can bring many advantages without compromising compliance. These advantages include:
Incremental development: Agile’s iterative cycles can be used to develop and test components incrementally, ensuring early detection and resolution of issues.
Continuous documentation: Agile encourages ongoing documentation updates, which aligns well with DO-278A’s emphasis on comprehensive records.
Frequent verification: Agile promotes continuous integration and testing, helping to meet DO-278A’s rigorous verification requirements.
Collaboration and transparency: Agile’s focus on team collaboration ensures that all stakeholders, including compliance experts, are aligned throughout the development lifecycle.
Although it may require some flexibility, using an Agile approach can streamline the compliance process, reduce delays, and improve adaptability to changing project requirements while maintaining the rigour demanded by DO-278A.
On a related note, DO-278A, like DO-178C, is compatible with Test Driven Development (TDD). We talk about this in a previous blog post.
Challenges of DO-278A
Unsurprisingly, the application and verification of DO-278A is not exactly a walk in the park.
A 2017 research paper from the University of Alcala identified several difficulties in both its implementation and verification of compliance. The researchers argue that the ground station standard is inherently complex, resource intensive, requiring extensive knowledge, involving of multiple activity areas, and more. They concluded that the industry would benefit from the creation of an Expert System to assess the application of DO-178C and DO-278A, promote learning, and support compliance without being tied to a particular life cycle model.
Partnering for success
As we’ve seen, navigating DO-278A can be daunting. That’s where partnering with a software development team experienced in safety-critical systems can help streamline the compliance process, reduce the risk of errors and delays, and ensure alignment with industry best practices.
At Bluefruit, we’ve decades of experience helping clients build quality-critical software across a range of industries including space, aerospace, and medical. We work closely with project stakeholders to deliver high-quality, compliant software development and testing services that support your goals.
At the end of the day, compliance isn’t just a requirement—it’s a responsibility. And we’re here to help. Contact us to learn how we can support your next aerospace development project.
Did you know that we have a monthly newsletter?
If you’d like insights into software development, Lean-Agile practices, advances in technology and more to your inbox once a month—sign up today!
Find out more