A
Advisory Circulars (AC), 21
Airborne electronic hardware (AEH)
best practices, 213
design integrity, 116
developers, 213
verified item, 201
Aircraft Certification Office (ACO), 28
Amended type certificate (ATC), 21
Analog to digital convertor (ADC), 80, 88, 112
Application specific integrated circuits (ASICs), 22
Archive integrity checks, 65
Audits
Hardware Process Assurance Plan, 58
sub-tier supplier, 177
transition criteria, 14
work products, 172
B
Baseline traceability, 184–185
configuration index, 185
establishment, 185
goal, 184
Block diagrams, 101
C
CCA; See Circuit card assemblies
Certification review items (CRI), 27
authority, 191
change approval, 191
DO-254 objectives, 191
explicit guidance, 191
interdependence, 192
peer review, 190
preventing unauthorized changes, 190
recommendations, 192
tracking, 191
updates, 190
Circuit card assemblies (CCA), 2
Closed box tests, 154
Code of Federal Regulations, 18, 26
Commercial off-the-shelf (COTS) components usage, 199–203
complex components, 202
component data sheet, 202
design assurance goals, 203
electronic component management plan, 201
goals, 201
integrated circuits, 202
intellectual property, 199
procurement issues, 202
Complex programmable logic devices (CPLDs), 22
Configuration management, 179–196
alternative applications, 183
applications, 182
definitions, 182
objectives, 182
baselines, 184
hierarchical levels, 184
implementations, 184
baseline traceability, 184–185
configuration index, 185
establishment, 185
goals, 184
authority, 191
change approval, 191
DO-254 objectives, 191
explicit guidance, 191
interdependence, 192
peer review, 190
preventing unauthorized changes, 190
recommendations, 192
tracking, 191
updates, 190
concepts, 180
configuration identification, 183–184
dissimilarity in configuration
identification, 183
file management tool, 184
unambiguous identification, 183
unique identifiers, 183
data control categories, 182
ancient aircraft, 194
regulations, 194
type certificate, 194
definition, 179
hardware description language files, 179
importance of, 217
media selection, refreshing, duplication, 195–196
data retention, 195
duplicate archives, 195
media refreshing, 195
analyses conducted, 189
basic principles, 187
change control activity, 186
closure phase, 188
description, 185
headline, 188
information, 188
integrity, 186
peer reviews, 188
problem description, 187–188, 189
resolution, 189
root cause analysis, 187
work flow, 186
protection against unauthorized changes, 195
definition of configuration management, 180
probability of errors, 180
provisions of configuration management, 181
unrestrained development, 180
release, 192
authorization, 192
data items, 192
examples, 192
archiving, 193
electronic file management system, 193
guidelines, 193
production data systems, 193
COTS components usage; See Commercial off-the-shelf components usage
CPLDs; See Complex programmable logic devices
CRI; See Certification review items
D
Design assurance level (DAL), 2–4, 197
DO-254 guidance, 3
failure, 3
least severe classification, 3
most severe classification, 3
PLD, 141
requisite reliability, 4
semiconductor components, 4
verification-related activities, 3
Design Assurance Through Design Practice (DATDP), 113–134
classic design process, 114
Conceptual Design Phase, 115
configuration management supporting process, 116
common circuit topologies, 132
Roy’s Rule, 132
shift registers, 127
system failure, 131
VHDL code, 130
Roy’s Rule 1 (passing the buck), 120
Roy’s Rule 2 (predictability), 121
Roy’s Rule 3 (HDL design), 124
Roy’s Rule 4 (bulletproof circuit), 124
Roy’s Rule 5 (top-down design), 124
Roy’s Rule 6 (failure modes), 125
Roy’s Rule 7 (never assume), 125
Roy’s Rule 8 (avoidance vs. mitigation), 125
Roy’s Rule 9 (DO-254), 125
Roy’s Rule 10 (review now), 126
Roy’s Rule 11 (deal with it), 126
Roy’s Rule 12 (ignore the trees), 126
Roy’s Rule 13 (require requirements), 126
Roy’s Rule 14 (have no faith), 126
Roy’s Rule 15 (there is no hope), 127
Roy’s Rules, 119
Detailed Design Phase, 115
data retention in flash devices, 119
device features, 118
lead time, 118
packages, 118
PLD size, 119
power-on performance, 119
power requirements, 117
product support, 118
radiation tolerance, 118
semiconductor technology, 119
service history, 118
service life, 118
single event upset events, 118, 119
speed, 119
system requirements, 117
technical support, 118
errors, 116
FARs, technical goals of, 113
flexibility, 115
front end, 113
Implementation Phase, 115
mapping, 115
peer reviews, 114
phases, 115
presentation, 114
Production Transition Phase, 115
Requirements Capture Phase, 115
theory, 115
DO-254; See also RTCA/DO-254, introduction to
Appendix B (additional verification), 141
attributes, 214
basis for using COTS components, 201
change control objectives, 191
design assurance level guidance, 3
functional element, 101
hardware verification in, 70
major phases of the standard design process, 77
objectives, 215
comprehensive combination of tests, 8–10
firmware, 8
guidance topics, 7
hardware design life cycle, 11
HDL design, 8
previously developed hardware, 12
summary of contents, 9
validation, 11
potential benefit of using, 102
procurement issues, 202
weaknesses, 214
E
Electronic component management plan (ECMP), 201
Electronic hardware, types of requirements for, 74–85, 97–101
analog to digital convertor, 80
application requirements, 75
appropriate models, 84
derived requirements, 76
design decisions, 79
Design Document, 77
finding the root functionality, 82
functional requirements, 75
global requirements, 76
implementation requirements, 75
indirect requirements, 76
inputs, requirements for, 75
root function analysis, 80
shortcuts, 76
Spoiler Mode, 84
textual description, 75
writing too many requirements, 83
F
FAI; See First Article Inspection
Federal Aviation Administration (FAA), 2
Aircraft Certification Office, 65
approval to modify an aircraft design, 21
conformity, 172
data retention requirements, 194
Order 8110.105 planning aspects, 48–49
certification data, 48
proposed alternative methods, 48
relevant service history, 48
useful content, 49
verification coverage of requirements, 49
submittal document, 40
Federal Aviation Regulations (FARs), 2, 113
FHA; See Functional hazard assessment
Field programmable gate arrays (FPGAs), 22
life cycle data mapping for, 41
programming file for, 179
Firmware, 8
First Article Inspection (FAI), 172, 176
Flash-based PLDs, 119
Flight test, 22
Functional element, 101
Functional failure path analysis, 136–141
circuit element, 137
design assurance level, 141
element size, 137
example test plan, 137
fictitious system, 139
functional failure, 141
identification of functional failure paths, 136
Functional hazard assessment (FHA), 22
G
Global requirements (electronic hardware), 76
Ground test, 22
Guidance materials (regulatory background), 25–26
application(s), 25
Code of Federal Regulations, 26
line replaceable units, 25
topics, 25
H
Hardware configuration index (HCI), 56, 65
Hardware Configuration Management Plan (HCMP), 54–58, 176
Hardware design language (HDL), 6, 179
Hardware Design Plan (HDP), 49–52
Hardware process assurance (HPA) audits, 173, 174–175
Hardware Process Assurance Plan (HPAP), 58–61, 177
I
Information statements, 91
Intellectual property (IP), 45, 63, 199
certification review items, 27
process, 27
projects, 27
type certification, 26
Item design assurance level (IDAL), 23
J
Job Aid, 29
L
Laboratory test, 22
Laboratory verification tools, 207
Line replaceable unit (LRU), 2, 25, 65, 85
Linux-hosted systems, 151
M
Means of compliance (MoC), 21–25
application specific integrated circuits, 22
best practices, 21
complex programmable logic devices, 22
conformity inspection, 22
field programmable gate arrays, 22
flight test, 22
functional hazard assessment, 22
ground test, 22
inspection for demonstration of compliance, 22
item design assurance level, 23
laboratory test, 22
showing compliance, 22
simulation, 22
Media refreshing, 195
N
National Transportation Safety Board (NTSB), 194
Normal test cases, 160
Numbering scheme (HCMP), 56
O
Optimized logic, 208
Outsourcing, 54
P
Parent hardware, 198
PDH; See Previously developed hardware
Peer review
auditing of, 172
built-in, 13
change control, 190
DATDP, 114
Hardware Design Plan, 49
Hardware Process Assurance Plan, 58
Hardware Verification Plan, 53
records, identification of, 56
Peripheral component interconnect (PCI), 45
Plan for Hardware Aspects of Certification (PHAC), 38–45
certification basis, 40
hardware life cycle data, 42–43
intellectual property cores, 45
peripheral component interconnect, 45
previously developed hardware, 41
product service experience, 45
reusable data, 44
SOI audits, 41
target audience, 38
transition criteria, 41
writing style, 38
alternative methods, 47
approaches, 34
certification programs, 31
electronic hardware development context, 32
FAA Order 8110.105 aspects, 48–49
certification data, 48
proposed alternative methods, 48
relevant service history, 48
useful content, 49
verification coverage of requirements, 49
hardware archive standards, 65
archive integrity checks, 65
design review checklist, 65
peer review checklist, 65
Hardware Configuration Management Plan, 54–58
baseline traceability, 56
change control, 56
data items, 55
FAA requirement, 57
hardware configuration index, 56
media selection, 58
numbering scheme, 56
peer review records, identification of, 56
problem reporting, 57
process activities, 55
design life cycle, 49
hardware product description, 50
other considerations, 52
requirements capture, 51
Hardware Process Assurance Plan, 58–61
auditing, 58
conformance, 58
deviations to project plans, 61
process assurance activities, 59–60
certification, 61
component selection criteria, 63
intellectual property cores, 63
requirements capture, 62
requirements feedback and clarification, 62
scope of tool qualification, 61
tool examples, 61
Hardware Validation Plan, 52
analyses, 52
derived requirements, 52
DO-254 processes, 52
Hardware Verification Plan, 52–54
analysis procedures, 53
information, 52
organization responsibilities, 54
outsourcing, 54
verification tools, 53
Plan for Hardware Aspects of Certification, 38–45
certification basis, 40
hardware life cycle data, 42–43
intellectual property cores, 45
peripheral component interconnect, 45
previously developed hardware, 41
product service experience, 45
reusable data, 44
SOI audits, 41
target audience, 38
transition criteria, 41
writing style, 38
production aspects, 33
intent, 48
major milestones, 47
SOI audits, 47
type inspection authorization, 47
submittals and coordination, 65–66
FAA Aircraft Certification Office, 65
hardware configuration index, 65
hours of work, 66
line replaceable unit, 65
technical standard order, 31
tool assessment and qualification, 46–47
documentation, 46
tool assessment example, 47
tool output, 46
verification tools, 46
trade study, 33
transition criteria, 35
validation and verification standards, 64
criteria for circuit and timing analysis, 64
reviews, 64
test case selection, 64
PLDs; See Programmable logic devices
Previously developed hardware (PDH), 12, 41, 197–199
commercial off-the-shelf hardware, 197
common items, 197
common uses, 200
design assurance level, 197
parent hardware, 198
scenarios for reuse, 198
service history, 199
sources, 197
strategy, 198
analyses conducted, 189
basic principles, 187
change control activity, 186
closure phase, 188
description, 185
headline, 188
information, 188
integrity, 186
peer reviews, 188
problem description, 187–188, 189
resolution, 189
root cause analysis, 187
work flow, 186
hardware process assurance audits, 173, 174–175
life cycle data, 173
spreadsheet, 173
audits of configuration management, 173–176
aspects of Hardware Configuration Management Plan, 173
inspection of problem reports, 176
problem reports, 176
process assurance, 176
conformity, 172
certification plans, 172
FAA conformity, 172
in-house conformity, 172
project system level certification plans, 172
deviations, 177
customers, 177
escalation process, 177
recorded, 177
inspections, 176
customers, 176
documentation, 176
First Article Inspection, 176
rubber stamp, 171
corrective action, 172
first article inspection, 172
peer reviews, auditing of, 172
trends, 172
work products, audits of, 172
SOI audit dry run, 176
sub-tier supplier oversight, 177
companies having geographic differences, 177
Hardware Process Assurance Plan, 177
process assurance, 177
Product service experience, 203–205
assessment data, 204
criteria, 204
failure probability, 205
relevance and acceptability criteria, 203
service experience assessment data, 204–205
Programmable logic devices (PLDs), 1
design assurance level for, 141
flash-based, 119
HDL text editor, 208
compound conditions, 96
function name, 93
NAND structure 97
readable sentence, 95
requirements structure, 94
requirements template, 93
XNOR structure, 97
XOR structure, 97
Q
Qualifying the tool, 205
R
Random access memory (RAM), 40
Register-transfer level (RTL), 124
amended type certificate, 21
certification basis for a project, 20
application, 25
Code of Federal Regulations, 26
line replaceable units, 25
topics, 25
certification review items, 27
process, 27
projects, 27
type certification, 26
application specific integrated circuits, 22
best practices, 21
complex programmable logic devices, 22
conformity inspection, 22
field programmable gate arrays, 22
flight test, 22
functional hazard assessment, 22
ground test, 22
inspection for demonstration of compliance, 22
item design assurance level, 23
laboratory test, 22
showing compliance, 22
simulation, 22
Aircraft Certification Office, 28
FAA involvement, 28
Job Aid, 29
SOI reviews, 28
topics, 27
supplemental type certificate, 21
Title 14 Code of Federal Regulations, 18
type certificate, 21
allocation and decomposition, 85–88
circuit card requirement, 88
example, 87
flow down of requirements, 85, 86
FPGA, 87
line replaceable unit, 85
best practices, 67
black box perspective, 68
electronic hardware, requirements, 97–101
ARINC message 050, 100
ARINC output data requirements, 97
complex functionality, 99
filter, 99
intent, 101
electronic hardware, types of requirements for, 74–85
analog to digital convertor, 80
application requirements, 75
appropriate models, 84
derived requirements, 76
design decisions, 79
Design Document, 77
finding the root functionality, 82
functional requirements, 75
global requirements, 76
implementation requirements, 75
indirect requirements, 76
inputs, requirements for, 75
root function analysis, 80
shortcuts, 76
Spoiler Mode, 84
textual description, 75
writing too many requirements, 83
paradigm, 67
compound conditions, 96
function name, 93
NAND structure, 97
readable sentence, 95
requirements structure, 94
requirements template, 93
XNOR structure, 97
XOR structure, 97
derived requirements, 70
design, requirements describing, 69
hardware verification, 70
requirements allocation, 69
requirements organization, 70
circuit card designs, 71
PLD requirements, 71
requirements capture, 72
requirements capture, start of, 68
requirements organization, 101
block diagrams, 101
document, 101
functional element, 101
availability and integrity, 72
certification regulations, 73
customer requirements, 73
maintenance aspects, 73
operational requirements, 73
performance requirements, 73
redundancy, 74
systems needing redundancy, 74
systems, hardware, and software, 102–105
circuit card level tests, 104
decomposed requirements, 103
LRU outputs, 103
signal naming scheme, 103
software functions, 103
unified requirements, 104
unified view of systems, 102
timing and performance specifications, 88–89
analog to digital convertor, 88
decomposition of requirement, 89
example, 88
range of acceptable values, 89
traceability efforts, 67
verification, potential for more effective, 67
defining functionality, 91
information statements, 91
recommendations, 90
techniques, 91
template, 92
timing dependencies, 91
writing skills, 68
Robustness test cases, 161
Root cause analysis, 187
Root function analysis, 80
Roy’s Rules, 119
Roy’s Rule 1 (passing the buck), 120
Roy’s Rule 2 (predictability), 121
Roy’s Rule 3 (HDL design), 124, 132
Roy’s Rule 4 (bulletproof circuit), 124
Roy’s Rule 5 (top-down design), 124
Roy’s Rule 6 (failure modes), 125
Roy’s Rule 7 (never assume), 125
Roy’s Rule 8 (avoidance vs. mitigation), 125
Roy’s Rule 9 (DO-254), 125
Roy’s Rule 10 (review now), 126
Roy’s Rule 11 (deal with it), 126
Roy’s Rule 12 (ignore the trees), 126
Roy’s Rule 13 (require requirements), 126
Roy’s Rule 14 (have no faith), 126
Roy’s Rule 15 (there is no hope), 127
RTCA/DO-254, introduction to, 1–15
best practices, consensus on, 1
DO-254 guidance, 3
failure, 3
least severe classification, 3
most severe classification, 3
requisite reliability, 4
semiconductor components, 4
verification-related activities, 3
comprehensive combination of tests, 8–10
firmware, 8
guidance topics, 7
hardware design life cycle, 11
HDL design, 8
previously developed hardware, 12
summary of contents, 9
validation, 11
derived requirement, definition of, 7
differences between hardware and software, 5
significant differences, 6
temptation, 4
Federal Aviation Regulations, 2
programmable logic devices, 1
audits, 14
certification authority, interface with, 14
configuration management infrastructure, 13
cultural changes, 14
discomfort, 15
percentage escalation factor, 14
process assurance role, 14
structured design process, 13
writing of requirements, 13
RTL; See Register-transfer level
S
Semiconductor components, inherent failure probability of, 4
Single event upset (SEU) events, 118, 119
Stage of involvement (SOI)
reviews, 28
Static random access memory (SRAM) devices, 40
Supplemental type certificate (STC), 21
availability and integrity, 72
certification regulations, 73
customer requirements, 73
maintenance aspects, 73
operational requirements, 73
performance requirements, 73
redundancy, 74
systems needing redundancy, 74
T
TC; See Type certificate
Technical standard order (TSO), 31
TIA; See Type inspection authorization
Title 14 Code of Federal Regulations, 18
Tool assessment and qualification, 205–212
advantage of qualifying tool, 206
approaches, 205
automated test stands, 207
basic tool qualification, 210
design tool examples, 206
disadvantage of qualifying tool, 206
DO-254 approach, 205
documentation of information, 208
essentials, 207
example, 211
flow chart, 207
full tool qualification program, 211
HDL text editor, 208
laboratory verification tools, 207
Level A hardware, 205
most common approach, 212
optimized logic, 208
relevant history, criteria of, 210
self-checking testbenches, 208
tool qualification outcomes, 212
tool types, 206
verification coverage tools, 206
TSO; See Technical standard order
Type certificate (TC), 21
Type inspection authorization (TIA), 47
V
creating derived requirements, 109–111
arbitrary specifications, 110
decomposed functions, 109
examples, 110
incomplete justification, 110
requirements flow down, 110
validation of requirement, 110
common characteristic, 107
definition, 107
derived requirements, 109
hardware functionality, 108
objective of validation, 109
parent hardware design features, 108
traceability, 108
analog to digital converter device, 112
analysis, 112
review criteria, 111
team members, 111
validation through test, 112
activities, 135
functional simulations, 151
hardware testing, 152
Linux-hosted systems, 151
post-layout simulations, 151
simulation log files, 153
testbenches, creation of, 151
toggle coverage, 152
waveform file, 152
appendix B (additional verification), 141–147
coverage deficiencies, 147
elemental analysis, 145
metrics, 141
writing requirements, 145
coverage tools, 206
functional failure path analysis, 136–141
circuit element, 137
design assurance level, 141
element size, 137
example test plan, 137
fictitious system, 139
functional failure, 141
identification of functional failure paths, 136
cultural independence, 148
engineering culture, 148
example, 148
team, 147
checklists, 149
hardware design life cycle data, 149
peer review checklists, 149
requirements, 149
test cases, 150
test, 154
closed box tests, 154
hardware testing, 154
procedures, 154
test cases and requirements, 163–170
improved test cases for example
requirements, 170
inputs, 167
requirements and associated test cases, 168
test cases for AND, 163
test cases for example requirements, 169
test cases for NAND, 165
test cases for NOR, 165
test cases for OR, 164
test cases for XNOR, 166
test cases for XOR, 167
test case selection criteria, 154–163
combining tests, 158
formatting of test cases, 155
implementation requirements, 160
logic analyzer, trigger conditions for, 156
normal test cases, 160
requirement identifier, embedding of, 161
requirements template, 157
robustness test cases, 161
summary of test case, 163
test case example, 162
test case strategy, 158
verifiable requirement, 156
timing analysis, 135
W
Waveform file, 152
Work products, audits of, 172
defining functionality, 91
information statements, 91
recommendations, 90
techniques, 91
template, 92
timing dependencies, 91