This blog picks up where we left off last time, identifying the top mistakes that DO-254 and DO-178C applicants make.
The # 2 mistake is…Treating CM as an “End of Process” Activity
DO-254 and DO-178C requires Configuration Management (CM) and control of the data not only during the service life but also during development and verification of the item. Hardware/software developers commonly misunderstand the intent of DO-254/DO-178C and treat CM as an “end of process” activity. Sometimes this is done to avoid the overhead of the change control (problem reporting) process. This clearly violates the objectives and concepts associated with a DO-254/DO-178C development assurance process.
As stated earlier, DO-254 and DO-178C are Top-Down processes. You define how you’re going to be compliant at the very start of the program, you get agreement of this with the Certification Authority, and then you do those things you said you would THROUGHOUT the program. This is true of the CM process.
The DO-254/DO-178C process requires change control (and data storage) objectives to be maintained throughout the development life cycle, starting at the Planning Phase. Data utilized to satisfy a DO-254/DO-178C objective, and which is then relied upon for downstream development or verification activities, must be controlled formally with proper change management. This is done to ensure that proper evidence and data control is maintained for these downstream activities and data items (requirements, design, code, tests, review results, etc.).
Data items that are identified in DO-254/DO-178C control category 1 (HC1/CC1) can then only be changed after a release using a formal change process, which is facilitated through a Problem Report (PR). This formal process ensures that the impact of any changes to data items, which are crucial in establishing the design and verification of the airborne hardware/software, is understood and agreed upon by all affected participants in the development life cycle.
The focus of DO-254/DO-178C is about controlling the process, not merely the output. Thus, these “in process” rather than “end of process” configuration management activities are a vital part of the “development assurance” that DO-254/DO-178C mandate.
There are tips and tricks you can learn to help you understand when is the best time to place an item under configuration management. Too early and you might create extra work for yourself. Too late and you might not have proper control over the items you’re reviewing and using, which could invalidate your compliance credit.
If this is an area you struggle with and want some consulting help to get your CM plans in order, reach out to me at Tammy@patmos-eng.com (my email for our consulting business).