[SystemSafety] A software assurance question

Hall, Brendan (MN65) Brendan.Hall at honeywell.com
Thu Jan 23 11:02:17 CET 2014 

Hi John,

This link may be of interest

https://www.faa.gov/regulations_policies/advisory_circulars/index.cfm/go/document.information/documentID/440279

Best Regards

Bren

-----Original Message-----
From: systemsafety-bounces at lists.techfak.uni-bielefeld.de [mailto:systemsafety-bounces at lists.techfak.uni-bielefeld.de] On Behalf Of SPRIGGS, John J
Sent: Thursday, January 23, 2014 3:56 AM
To: 'systemsafety at techfak.uni-bielefeld.de'
Subject: [SystemSafety] A software assurance question


Someone told me recently that modern civil avionics is implemented as a virtual architecture over common processing modules, rather than the individual boxes I used to design in the last millennium.  This raises a software assurance question:
The guidance used when getting civil avionics software certificated for use (current versions RTCA/DO178C & EUROCAE Document ED12C) was originally prepared on the basis of identifying an internally-consistent and valid set of assurance evidence for the software in question running on a particular piece of hardware.  In a virtual architecture, processes can, in principle, move around in response to specified events, and so they are not necessarily running in the same environment as that in which they were tested and 'assured'.  An underlying assumption of the guidance is therefore no longer valid.

So, is DO-178/ED-12 guidance used for such architectures?  If so, how do you argue that it is fit for this modified purpose?


John Spriggs
Head of System Integrity
NATS

***************************************************************************
If you are not the intended recipient, please notify our Help Desk at Email isproduction at nats.co.uk immediately. You should not copy or use this email or attachment(s) for any purpose nor disclose their contents to any other person.

NATS computer systems may be monitored and communications carried on them recorded, to secure the effective operation of the system.

Please note that neither NATS nor the sender accepts any responsibility for viruses or any losses caused as a result of viruses and it is your responsibility to scan or otherwise check this email and any attachments.

NATS means NATS (En Route) plc (company number: 4129273), NATS (Services) Ltd (company number 4129270), NATSNAV Ltd (company number: 4164590) or NATS Ltd (company number 3155567) or NATS Holdings Ltd (company number 4138218). 
All companies are registered in England and their registered office is at 4000 Parkway, Whiteley, Fareham, Hampshire, PO15 7FL.

***************************************************************************

_______________________________________________
The System Safety Mailing List
systemsafety at TechFak.Uni-Bielefeld.DE

More information about the systemsafety mailing list