Can TDD create better, safer aerospace software?
In aerospace, it is essential that software is produced to the highest standard. There are few other industries where programming errors and oversights can—and do—have such catastrophic consequences. The industry employs stringent regulations to minimise the risk of software failure, but these lean towards late-stage defect detection, which is time-consuming, more costly, and less effective than early-stage testing.
So, what’s the answer? How can you improve aerospace software quality while adhering to DO-178C?
Test-driven development (TDD) may hold the answer…
A history of failure
Software has a checkered history in avionics. It is integral to a vast number of crucial flight systems across aircraft, spacecraft, and ground control. But careless coding has also caused numerous incidents, costing companies billions of dollars and leading to the tragic loss of hundreds of lives.
In the past ten years alone, software errors have resulted in the loss of:
An Airbus A400M, Space X CRS-7, the Hitomi X-ray space telescope, SpaceX CRS-10, two Boeing 737 MAXs, the Beresheet spacecraft, and more. NASA keeps track of them all.
DO-178C and TDD
The main standard for software development in avionics, DO-178C*, provides software developers with a structured approach to development, improving safety and reliability in air systems. It emphasises the importance of documentation, traceability, and rigorous testing.
However, the standard’s requirements for up-front design and planning are quite stringent, leading most developers toward linear methodologies such as Waterfall or V-model. This makes adopting a fully Agile work method challenging but smaller-scale iterative practices like TDD can be easily employed to complement and improve DO-178C-compliant software development.
What is TDD?
TDD is a test-first approach to software development. Rather than writing code and then testing it, developers:
• Write automated unit tests first and ensure they fail.
• They then write just enough code to make the tests pass.
• Finally, they refactor the code to improve its readability and maintainability while making sure it remains functional.
This process ensures code is well-tested from the outset and promotes clean, maintainable software. The effect on software projects is significant; when implemented properly, TDD can lead to increased operational efficiency, lower production costs, and a superior final product.
This blog has previously discussed TDD’s broad benefits, so we’ll now examine its specific benefits for aerospace.
How TDD enhances DO-178C software development
DO-178C tells us what requirements software must fulfil, not how to go about it. There is flexibility within this framework and developers are free to use practices such as TDD to improve their code quality. Here’s what TDD brings to aerospace development:
Early and continuous testing
Typical DO-178C processes can have a slow feedback loop between writing the code and testing it. This makes it harder to identify and fix problems early in the development cycle and could lead to costly revisions later on. By constantly writing and running tests alongside coding, TDD creates a tight feedback loop. Developers can quickly and regularly see if their code is correct, spot errors, and make changes as necessary. This iterative process ensures problems are identified and addressed early in the development cycle, saving time and effort and reducing overall development costs.
Considered design
DO-178C demands that software is thoroughly tested, but it focuses on verifying that written code fulfils established requirements. This could result in design flaws being overlooked or erroneous assumptions made during development.
TDD starts with writing failing tests that define the expected behaviour. This forces developers to consider design upfront, promoting well-structured, modular code that’s easier to test and maintain in the long run.
Maintainable code
DO-178C ensures code is functional and meets safety-critical needs but it puts no emphasis on writing code that’s easy to understand and modify later.
TDD emphasises writing the simplest code possible that fulfils the written tests. This focus on small, well-tested functions naturally leads to cleaner and more maintainable code. The tests themselves act as living documentation, clarifying the intended behaviour of the code and making it easier for developers to understand and modify in the future.
Improved code maintainability through TDD aligns well with DO-178C’s focus on long-term code viability in safety-critical systems. When code is easier to understand, the risk of errors during maintenance and modification is reduced.
Strive for better
Software standards are incredibly important to safety-critical industries. While they may be slow to adapt to modern coding practices, there can be little doubt that, overall, these frameworks ensure a high level of coding quality and rigour.
However, it’s important to remember that industry standards usually provide only the bare minimum requirements to put a product on the market. Companies that care about quality should always be looking at ways to not just meet but exceed compliance. Methods such as TDD, pair-programming, clean code principles, and more can help with this.
Did you know that we have a monthly newsletter?
If you’d like insights into software development, Lean-Agile practices, advances in technology and more to your inbox once a month—sign up today!
Find out more