DO-178C, DO-254, ARP 4754A, etc. (all the standards and policy documents involving systems, software, hardware certification) have many unique terms, abbreviations, and acronyms. Here we’ve combined the most commonly-used (and often misunderstood) terms with their applicable acronyms (when appropriate) so you have a complete understanding of what these things stand for and mean. This is not meant to be a complete list of every term or acronym you may encounter in a certification program. You should review the complete glossaries that are part of the DO-178C, DO-254 and ARP 4754A documents themselves. For a complete list of certification-related FAA acronyms, visit Here.
Term | Acronym | Meaning | |
Activity | Tasks that provide a means of meeting the Objectives. | ||
Acceptable Means of Compliance | AMC | AMCs are non-binding standards adopted by EASA to illustrate means to establish compliance with the Basic Regulation and its Implementing Rules. | |
Advisory Circular | AC | A type of publication offered by the Federal Aviation Administration (FAA) to provide guidance for compliance with rules within the 14 CFR Aeronautics and Space Title. | |
AC/AMC 20-115D | The harmonized AC/AMC documents that invoke DO-178C (and its supplements) as a means for showing compliance with the applicable airworthiness regulations for the software aspects of airborne systems and equipment in type certification or TSO/ETSO authorization. | ||
AC 20-152/AMC 20-152A | The documents that invoke DO-254 as a means for showing compliance with the applicable airworthiness regulations for the hardware aspects of airborne systems and equipment in type certification or TSO authorization. | ||
AC/AMC 20-189 | FAA/EASA document entitled “The Management of Open Problem Reports (OPRs)” | ||
AC/AMC 20-193 | FAA/EASA document entitled “Use of multi-core processors” | ||
Aerospace Recommended Practice | ARP | A guideline for development of civil aircraft and systems with an emphasis on safety aspects. | |
Airborne Electronic Hardware | AEH | An electronic ‘hardware item’ intended to be installed in airborne equipment/systems. | |
Aircraft Certification Office | ACO | An FAA Field Office that serves a geographic area for guidance on aircraft certification related activities. | |
Airworthiness | The condition of an item, which can be an aircraft, aircraft system or component (such as hardware or software item), in which that item operates in a safe manner to accomplish its intended function. | ||
Airworthiness Certification Services, LLC. | ACS | The company that provides industry leading tools and resources for DO-254 and DO-178C, was founded and incorporated as a Women Owned Business by President, Tammy Reeve, in January 2017. https://www.airworthinesscert.com/ | |
Airworthiness Directive | AD | A legal notice, issued by either the manufacturer and/or the FAA, alerting an owner to an issue with the aircraft or system, which presents a hazard to flight safety as well as instructions on how to remedy this problem. | |
Anomalous Behavior | Behavior that is inconsistent with specified requirements. | ||
Archive | A means to capture life cycle data associated with a Hardware or Software Item, which can be retrieved in case of a need to duplicate, regenerate, retest or modify the product. | ||
Authorized Representative | AR | A private person who has been given authorizations to perform certain certification functions on behalf of the FAA. See also DER. | |
Baseline | The approved, recorded configuration of one or more configuration items, that thereafter serves as the basis for further development, and that is changed only through change control procedures. | ||
Baselines and Traceability | A means of identifying a controlled configuration item as a baseline which means it or a collection of items can have an associated Identification and that specific controlled version of the data is traceability to its previous versions (in other words, you can tell what changed between the baselines and the progression of things.) | ||
Branch | 1) A collection of a set of changes in items, 2) One or multiple paths in source code or HDL | ||
Certificate of Airworthiness | C of A | A document issued by the FAA that serves as proof that an aircraft can fly both safely and legally in U.S. airspace. Airworthiness is determined by a variety of different tests that the FAA has created. | |
Certification Authority or Representative | This is a generic term that can refer to any person or entity who may be charged with verifying compliance to a certification standard. | ||
Certification Authorities Software Team | CAST | An international group of aviation certification and regulatory authority representatives who provide a means of coordination among representatives from certification authorities in North and South America, Europe, and Asia, in particular, the FAA and EASA. | |
Certification Basis | Defined by the Certification Authority in consultation with the Applicant, as the particular certification requirements, together with any special conditions which may supplement the published regulations, that become the basis for certification of the aircraft, engine, or propeller | ||
Certification Credit | Or simply called “Credit”, this term refers to the acceptance by the Certification Authority that a process, product or demonstration satisfies a certification requirement. | ||
Certification Memoranda | CM | These non-binding documents clarify EASA’s general course of action on specific certification items, are intended to provide guidance on a particular subject and provide complementary information and guidance for compliance demonstration with current standards. | |
Certification Review Item | CRI | A document describing an item that requires disposition prior to the issuance of Type Certificate (TC), change to TC approval or Supplemental Type Certificate (STC) by EASA. | |
Change Control | CC | The control data in the configuration management aspects of the tool to ensure that two items don’t have the same name but different content and that there is a unique identifier for all items control in the configuration management repository | |
Change Control Board | CCB | A group of subject matter experts who make decisions regarding whether or not proposed changes should be made to the project, item or product. | |
Change Impact Analysis | CIA | Identifying the potential consequences of a change, or estimating what needs to be modified to accomplish a change. | |
Change Review | The verification aspects related to updates to versions of documents and actions from Reviews being closed out | ||
Code (or Source Code) | Computer Software (usually as written in its uncompiled text form, using a language such as C++) | ||
Code of Federal Regulations | CFR | The codification of the general and permanent regulations published in the Federal Register by the executive departments and agencies of the federal government of the United States. The CFR is divided into 50 titles that represent broad areas subject to federal regulation with 14 CFR covering “Aeronautics and Space.” | |
Complex Electronic Hardware | CEH | A custom hardware device with complicated features (such as multiple clocks, complex functions, state machines, etc.) that do not to allow for comprehensive verification. | |
Compliance | Successful performance of all mandatory activities, agreement between the expected or specified result, and the actual result. | ||
Conceptual Design(s) | This term relates to DO-254 and refers to one or more a high-level design concepts that may be assessed to determine the potential for the resulting design implementation to meet the Item’s Requirements. Note that the equivalent in DO-178C is Low-Level Requirements. | ||
Configuration Identification | Unique numbers or identifiers for configuration items with revision identification. | ||
Configuration Item | CI | A component of a system that can be identified as a self-contained unit for purposes of change control and identification. In other words, version numbers and configuration item registration codes help in uniquely identifying configuration items.
DO-178C Definition: 1) One or more hardware or software components treated as a unit for configuration management purpose, (2) software life cycle data treated as a unit for configuration management purposes. DO-254 Definition: One or more components, tools or data items treated as a unit for configuration management purposes. |
|
Configuration Management | CM | The process of (a) identifying and defining the configuration items of the system; (b) controlling the release and change of these items through the software lifecycle; (c) recording and reporting the status of configuration items and Problem Reports; and (d) verifying the completeness and correctness of configuration items. | |
Configuration Status Accounting | The recording and reporting of the information necessary to manage a configuration effectively, including a listing of the approved configuration identification, the status of proposed changes to the configuration, and the implementation of status of the approved changes. | ||
Conformity | Assurance that the software/hardware life cycle processes are complete, life cycle data is complete, and the item conforms to its requirements. For software this means that the Executable Object Code is controlled and can be regenerated, and for hardware that the physical realization produced from the design code/processes is controlled and can be regenerated. | ||
Control Category | CC1, CC2, HC1, HC2 | A category of a level configuration control required for DO-178C (CC1 and CC2) and DO-254 (HC1 and HC2) | |
Commercial Off-The-Shelf | COTS | A product, sold “as is”, that is typically some type of pre-packaged software or computer hardware that’s tailored for a specific use and for sale to the general public | |
Commercial Off-The-Shelf Intellectual Property | COTS IP | COTS IP are pre-built hardware functions that are incorporated into a hardware device. In the DO-254 domain, this usually refers to HDL or gate level blocks that are incorporated into an FPGA or ASIC. | |
Coverage Analysis | See Test Coverage Analysis, Requirements-Based Coverage Analysis, and Structural Coverage Analysis. | ||
Department of Transportation | DOT | A federal Cabinet department of the U.S. government concerned with transportation. The FAA is the largest transportation agency within this department. | |
Derived Requirement | A requirement resulting from the hardware/software design processes or decisions, which may not be directly traceable to higher level requirements. | ||
Designated Engineering Representative | DER | An AR who is an individual who holds an engineering degree or equivalent, possesses the necessary technical knowledge and experience, and meets specific qualification requirements. DER’s are very specialized and are given authorizations to perform approvals of the data (instructions) used to make certain modifications or repairs to aircraft. To find a DER, click here. | |
Design (or Development) Assurance Level | DAL | An indicator of the safety-criticality of a software or hardware item, with DAL A being the most safety critical and DAL E having no safety impact. | |
Designated Engineering Representative | DER | A person authorized by the FAA to act on their behalf to audit DO-254, DO-178C, and other types of compliance requirements. | |
DO-160G | “Environmental Conditions and Test Procedures for Airborne Equipment,” is a living document of environmental testing standards for airborne equipment. | ||
DO-178C (ED-12C) | RTCA document entitled “Software Considerations in Airborne Systems and Equipment Certification” invoked by AC 20-115D as a means to meet applicable airworthiness regulations for the software aspects of airborne systems and equipment in type certification or TSO/ETSO authorization. In Europe this is referred to as ED-12C. | ||
DO-254 | RTCA document entitled “Design Assurance Guidance for Airborne Electronic Hardware” invoked by AC 20-152/AMC 20-152A as a means to meet applicable airworthiness regulations for the electronic hardware aspects of airborne systems and equipment in type certification or TSO/ETSO authorization. | ||
DO-278A | RTCA document entitled “Software Integrity Assurance” is intended for use in developing ground-based systems (containing software) which are involved with aircraft operations. | ||
DO-330 (ED-215) | RTCA document entitled “Software Tool Qualification Considerations” invoked by AC/AMC 20-115D to supplement DO-178C/DO-278A for the topic of Tool Qualification. | ||
DO-331 (ED-218) | RTCA document entitled “Model-Based Development and Verification Supplement to DO-178C and DO-278A” invoked by AC/AMC 20-115D to supplement DO-178C/DO-278A for the topic of Model-Based development. | ||
DO-332 (ED-217) | RTCA document entitled “Object-Oriented Technology and Related Techniques Supplement to DO-178C and DO-278A” invoked by AC/AMC 20-115D to supplement DO-178C/DO-278A for the topic of Object-Oriented development. | ||
DO-333 (ED-217) | RTCA document entitled “Formal Methods Supplement to DO-178C and DO-278A” invoked by AC/AMC 20-115D to supplement DO-178C/DO-278A for the topic of Formal Methods. | ||
Elemental Analysis | This method, introduced in DO-254 Appendix B as a potential “Advanced Verification” method for DAL A/B designs, means ensuring that testing covers all the design elements, and it is most commonly implemented by running code coverage analysis during simulation. | ||
European Union Aviation Safety Agency | EASA | an agency of the European Union (EU) with responsibility for civil aviation safety. | |
Federal Aviation Administration | FAA | an agency within the U.S. Department of Transportation that regulates all aspects of civil aviation in the country. | |
Function | A Function is a named section of a program that performs a specific task. | ||
Functional Failure Path Analysis | FFPA | The process of identifying a specific set of interdependent circuits that could cause a particular anomalous behavior in the hardware that implements the function or in the hardware that is dependent upon the function. | |
Hardware Description Language | HDL | HDLs provide a way to describe digital circuits using a textual language that is specifically intended to clearly and concisely capture the defining features of digital design. | |
Hardware Item | An Item (see Item definition that follows), that is a self-contained Hardware Component, which is part of a System. | ||
High-Level Requirement | HLR | Software requirements developed from analysis of system requirements, safety-related requirements, and system architecture. | |
Item | (1) Anything you produce as an artifact in compliance to objectives for evidence, (2) In the system context, an item may refer to Hardware, Software, PCBs, etc. | ||
Item DAL | IDAL | A Hardware or Software Item is assigned an Item DAL (IDAL) during the system level Preliminary System Safety Assessment (PSSA). The assigned IDAL dictates the rigor of the objectives required to comply with the DO-254/DO-178C process. | |
Level of FAA Involvement | LOFI | A measure used to help the certification authority or designee determine an appropriate level of involvement in software or hardware projects. | |
(Hardware or Software Item) Life Cycle | (1) An ordered collection of processes determined by an organization to be sufficient and adequate to produce a software/hardware product. (2) The period of time that begins with the decision to produce or modify a software/hardware product and ends when the product is retired from service. |
||
Low-Level Requirement | LLR | Software requirements developed from high-level requirements, derived requirements, and design constraints from which Source Code can be directly implemented without further information. | |
Module | A module is a software component or part of a program that contains one or more routines. One or more independently developed modules make up a program. | ||
Multi-Core Processor | MCP | A single device hosting different cores that can execute several software applications at the same time. | |
Objectives | Under DO-254 or DO-178C compliance, objectives are requirements that must be met to demonstrate compliance. | ||
Order | An order is a document that provides information to FAA employees and is also an essential source of information on what the FAA expects of applicants and certificate holders. | ||
Open Problem Report | OPR | Any problem report that is in the “Open” (i.e., not closed) status. | |
Preliminary System Safety Assessment | PSSA | As the bridge between system- and item-level safety activities, the PSSA assesses the system architecture after the Preliminary Aircraft Safety Assessment (PASA) and System-Level Functional Hazard Assessment (SFHA) in order to assign item level DALs. | |
Previously Developed Hardware | PDH | SEH/CEH developed and approved for airborne applications prior to the invocation of DO-254. | |
Process and Artifact Compliance Tool (PACT) | PACT | A tool developed by Airworthiness Certification Services that helps teams with their DO-254 and DO-178C compliance programs. | |
Patmos Engineering Services, Inc. | A company providing Certification support, Training specializing in DO-254 and DO-178C, consulting, certification services and embedded hardware and software development/verification support. | ||
Peer Review | As part of the Verification & Validation process, this type of review examines an Item’s documentation and/or artifacts to ensure they comply with compliance expectations and plans. | ||
Problem Reporting | PR | Problem Reporting, Tracking, and Corrective Action is means of writing up changes due to new development or problems on data controlled in the tool and correlating this issue with the controlled item in the CM aspects of the tool specific to the version of the item the issue or change needs to be corrected in and then the version that the item was fixed ultimately. | |
Process Assurance | PA | A DO-254 team member role and/or set of activities to ensure that plans are followed, hardware design life cycle process objectives are met, and activities have been completed. | |
Product | An object that a company develops, produces and sells. | ||
Project | A piece of planned work or an activity that is finished over a period of time and intended to achieve a particular purpose. | ||
Quality Assurance | QA | A DO-178C team member role and/or set of activities to ensure that plans are followed, software design life cycle process objectives are met, and activities have been completed. | |
Repository | A collection of objects, usually source code and related. | ||
Requirement | Hardware requirements developed from analysis of system requirements, safety-related requirements, and system architecture. Note that DO-178C uses the notation High-Level Requirements (HLR) and Low-Level Requirements (LLR), while DO-254 just has one level of Requirements. | ||
Requirements-Based Coverage Analysis | The process of analyzing the Item’s test cases in relation to the requirements to confirm that the requirements are fully covered. | ||
Robustness | The ability of a hardware or software item to respond to abnormal inputs and conditions in a predictable and safe manner. | ||
Simple Electronic Hardware | SEH | A custom hardware device with features that are simple enough to allow for comprehensive verification. | |
Single Event Effect | SEE | Any one of a number of types of errors that may occur when a semiconductor device when exposed to sufficient radiation. | |
Single Event Upset | SEU | Occurs in a semiconductor device when the radiation absorbed by the device is sufficient to change a cell’s logic state. SEU is a type of SEE. | |
Software Item | An Item (see Item definition above), that is a self-contained Software Component, which is part of a System. | ||
Source Code | 1) For Software: Code written in source languages, such as assembly language and/or high-level language, in a machine-readable form for input to an assembler or a compiler. 2) For Hardware: Any specialized computer language used to describe the structure and behavior of electronic circuits. | ||
Stage of Involvement | SOI | The process of getting the certification authority involved with the applicant to assess the DO-254 or DO-178C compliance. | |
Structural Coverage Analysis | SCA | This activity evaluates code structure, including interfaces, exercised during requirements-based testing. For software, this includes examining both data coupling and control coupling. This is similar to Elemental Analysis in hardware. | |
Supplemental Type Certificate | STC | A type certificate (TC) issued when an applicant has received FAA approval to modify an aeronautical product from its original design. | |
System |
A combination of inter-related items arranged to perform a specific Function(s). |
||
System Safety Assessment | SSA | A process to analyze a system and document all the identified hazards for the system under analysis, showing the compliance with the safety requirements. | |
Target Testing | Testing of a hardware item in its target environment (i.e., that environment in which it will actually be installed in the aircraft). For a chip, this might be testing it from the board on which it will reside. | ||
Test Case | TC | A set of test inputs, execution conditions, and expected results developed for a particular objective, such as to exercise a particular program path or to verify compliance with a specific requirement. | |
Test Coverage Analysis | TCA | Test coverage analysis is a two-step process involving Requirements-Based Coverage Analysis and Structural Coverage Analysis, to ensure the design is thoroughly tested. | |
Test Procedure | TP | Detailed instructions for the set-up and execution of a given set of test cases, and instructions for the evaluation of results of executing the test cases. | |
Traceability | A correlation between the requirements, design, and verification data that facilitates configuration control, modification and verification of the hardware or software item. | ||
Transition Criteria | DO-178C: The minimum conditions, as defined by the software planning process, to be satisfied to enter a process
DO-254: The minimum data used to assess movement from one process to another. |
||
Transition Review | As part of the Verification & Validation process, and usually run by Process/Quality Assurance, this type of review examines the objectives met and activities performed during an Item’s life cycle phase to ensure they have met the criteria in the project plans, and ensures that all Transition Criteria is met before moving on to the next phase. | ||
Tool Qualification | TQ | The process necessary to obtain certification credit for using a tool within the context of a DO-254 or DO-178C program, to perform a task where the output of the tool is not somehow independently assessed/verified by other means. See DO-330 for more guidance in the context of DO-178C. | |
Top Level Drawing | TLD | A DO-254 term that refers to a collection of all the data that defines a hardware item. For boards, this may include be the assemblies, subassemblies, and components and relevant documentation that define the hardware item. For chips, this is a description of the HW item that includes the source files and revision history, the hardware environment in which its built, all the related data items, and all the procedures to build the files into an implementation of the design that’s loaded into the target FPGA device. This is typically captured in a Hardware Configuration Index and Hardware Environment Configuration Index document. | |
Type Certificate | TC | The approval of the design of the aircraft and all component parts (including propellers, engines, etc.). See also Supplemental Type Certificate (STC). |