Design assurance evaluation of microcontrollers for safety critical avionics

Dealing with Commercial off-the-shelf (COTS) components is a daily business for avionic system manufacturers. They are necessary ingredients for hardware designs, but are not built in accordance with the avionics consensus standard DO-254 for Airborne Electronic Hardware (AEH) design. Especially for complex COTS hardware components used in safety critical AEH, like Microcontroller Units (MCUs), additional assurance activities have to be performed. All of them together shall form a convincing confident, that the hardware is safe in its intended operation environment. The focus of DO-254 is one approach called Design Assurance (DA). Its aim is to reduce design errors by adherence of prescribed process objectives for the entire design life cycle. The effort for certain COTS assurance activities could be reduced if it is possible to demonstrate, that the COTS design process is based on similar effective design process guidelines to minimize desgin errors. In the last years, semiconductor manufacturers released safety MCUs in compliance to the ISO 26262 standard, dedicated for the development of functional safe automotive systems. These products are COTS components in the sense of avionics, but they are also developed according to a process that focuses on reduction of design errors. In this paper an evaluation is performed to figure out if the ISO 26262 prescribes a similar DA approach as the DO-254, in order to reduce the COTS assurance effort for coming avionic systems.

[1]  H. Forsberg,et al.  COTS CPU Selection Guidelines for Safety-Critical Applications , 2006, 2006 ieee/aiaa 25TH Digital Avionics Systems Conference.

[2]  H. Forsberg Safety-specific analysis as additional design assurance for microprocessors , 2008, 2008 IEEE/AIAA 27th Digital Avionics Systems Conference.

[3]  South America,et al.  RELIANCE ON DEVELOPMENT ASSURANCE ALONE WHEN PERFORMING A COMPLEX AND FULL-TIME CRITICAL FUNCTION , 2009 .

[4]  Nikhil Gupta,et al.  Microprocessor Evaluations for Safety-Critical, Real-Time Applications: Authority for Expenditure No. 43 Phase 4 Report , 2009 .

[5]  Len Buckwalter,et al.  Avionics Certification: A Complete Guide to DO-178 (Software), DO-254 (Hardware) , 2007 .

[6]  Laurence Mutuel,et al.  Assurance methods for COTS multi-cores in avionics , 2016, 2016 IEEE/AIAA 35th Digital Avionics Systems Conference (DASC).

[7]  William J. Hughes,et al.  AFE 75 COTS AEH Issues and Emerging Solutions Final Report , 2014 .

[8]  Bob Green,et al.  Handbook for the Selection and Evaluation of Microprocessors for Airborne Systems , 2011 .

[9]  Robert K Thornton,et al.  REVIEW OF PENDING GUIDANCE AND INDUSTRY FINDINGS ON COMMERCIAL OFF-THE- SHELF (COTS) ELECTRONICS IN AIRBORNE SYSTEMS. , 2001 .

[10]  V.A. Carreno,et al.  A case-study application of RTCA DO-254: design assurance guidance for airborne electronic hardware , 2000, 19th DASC. 19th Digital Avionics Systems Conference. Proceedings (Cat. No.00CH37126).

[11]  Shuhei Yamashita,et al.  Introduction of ISO 26262 'Road vehicles-Functional safety' , 2012 .