2._Introduction_to_DO-254.pdf

Introduction to DO-254 Clive Lee Introduction to DO-254 ? Aircraft/System/Safety Context of DO-254 – Regulations, Failure Condition, DALs ? Description of Contents of DO-254 ? Summary Guidance for Hardware Developers ? Reference RTCA DO-254/EUROCAE ED-80 ? Title: “Design Assurance Guidance for Airborne Electronic Hardware” ? Aim: “design assurance guidance to ensure Complex Electronic Hardware (CEH) will safely perform its intended function(s)” ? CEH: from LRUs, Circuit Boards, Integrated Circuits… ? Audience: system suppliers… Aircraft Safety - System Safety Civil Certification Requirements ? FAR/CS 25.1309 – 25 = Large Transport Aircraft – 1309 = “Equipment, systems and installations” ? Certification Requirement – required equipment must perform as intended; – the probability of a Failure Condition must be shown to be inversely proportional to the severity of its effect, and – a single failure must not result in a catastrophe. ? AMC 25.1309 provides guidance on showing compliance. – Acceptable Means of Compliance. Compliance ? Acceptable Means of Compliance AMC 25.1309 : describes system safety assessment required (System Analysis and Design) to demonstrate compliance ? Guidance SAE ARP 4761 Guidelines and Methods for Conducting the Safety Assessment Process on Civil Airborne Systems: has the same intent as AMC 25.1309 but has more detailed guidance. (N.B. No official status) Definition of Failure Condition ? A condition having an effect on the aeroplane and/or its occupants, either direct or consequential, which is caused or contributed to by one or more failures or errors, considering: - flight phase, and - relevant adverse operational conditions, - environmental conditions, or - external events. AMC 25.1309 Examples of Critical Failure Conditions ? Display of misleading attitude information to pilot(s) without a warning. ? Display of misleading airspeed without warning together with loss of overspeed or