Background
For Communication, Navigation, Surveillance and Air Traffic Management Systems (CNS/ATM), the Radio Technical Commission for Aeronautics (RTCA) and the European Organization for Civil Aviation Equipment (EUROCAE) have developed a ground-based complement to the DO-178B airborne standard. RTCA DO-278/ EUROCAE ED-109 provides guidelines for the assurance of software contained in non-airborne CNS/ATM systems. DO-278/ED-109 should be interpreted as a guide to implementing DO-178B for CNS/ATM systems.
DO-178B provides guidance for determining that an acceptable level of confidence has been achieved with regards to the software of airborne systems.
The following five software levels are defined by DO-178B:
DO-278 software levels are defined as follows:
The software levels in DO-278/ED-109 are based on and are relevant to DO-178B. In DO-278 these levels are called assurance levels. When applied to non-airborne systems, assurance levels are represented by the following:
- (AL1) Assurance Level 1 – Software that could cause or contribute to the failure of the ground-based system resulting in a catastrophic failure condition.
- (AL2) Assurance Level 2 – Software that could cause or contribute to the failure of the ground-based system resulting in a hazardous or severe failure condition.
- (AL3) Assurance Level 3 – Software that could cause or contribute to the failure of the ground-based system resulting in a major failure condition.
- (AL4) Assurance Level 4 – This level accounts for certain CNS/ATM systems where AL3 is too stringent and AL5 is too lenient.
- (AL5) Assurance Level 5 – Software that could cause or contribute to the failure of the ground-based system resulting in a minor failure condition.
- (AL6) Assurance Level 6 – Software that could cause or contribute to the failure of the ground-based system resulting in no effect on the system.
