5 Military Aerospace Software Trends That Can Benefit From DO-178C
The DO-178C standard is an essential functional safety standard that applies to all airborne systems, ensuring that the plane stays in the air during travel. But since its publication, new technologies and trends are reshaping the standard's applications for different sectors.
In this blog, we explore ways in which DO-178C can apply to military and defense applications, and how DO-178C certification can make a difference in developing military aerospace and defense software.
Read along or jump ahead to the section that interests you most:
Why Is DO-178C Certification Important in the Military and Aerospace Industry?
DO-178C, Software Considerations in Airborne Systems and Equipment Certification, is a process-driven standard that applies to commercial and military aircraft systems alike. But the military has unique areas of focus in which ensuring safety could mean the difference between mission success and failure.
The military focuses on mission-success probability, often dealing with harsh operational conditions not faced by commercial aviation. In addition, military software systems must often undergo rigorous document reviews and obtain approval by their own agencies.
Military aerospace and defense embedded software systems also implement the latest technologies to gain a tactical advantage, and these advanced avionics, flight control, and weapons systems may have different requirements than commercial aviation.
The military can use core standards like DO-178C to ensure that their advanced embedded systems are robust, safe, and secure.
Back to top5 Trends Affecting DO-178C Adoption for Military Aerospace and Defense Software Development
The development of military avionics has changed a lot since the DO-178C standard came out in 2012. A decade ago, program managers focused on cloud computing, connectivity, and cybersecurity. Today, programs look toward commercial technologies and processes to modernize systems, and manufacturers are shifting to open-system architectures and standardization. Adapting DO-178C certification to these emerging trends helps development teams minimize risks to software safety, reliability, and effectiveness — without sacrificing new technological benefits.
📕 Related Resource: DO-178C Compliance Best Practices
This blog examines five growing trends within military software development and how development teams can apply DO-178C practices to suit.
1. Increased Adoption of Commercial Technologies in Military Software
Integrating commercial software into military systems balances cutting-edge capabilities against development costs. The latest advancements in networking, compute, and data storage fuel new software applications that enhance the scope of what operators can do.
For example, the Khronos Group released the safety-certifiable variant of their specification for cross-platform 2D and 3D graphics, OpenGL SC, to meet the needs of safety-critical systems:
"The OpenGL SC 2.0 API addresses the unique and stringent requirements of high reliability display system markets, including FAA DO-178C and EASA ED-12C Level A for avionics, and ISO 26262 safety standards for automotive systems."
-OpenGL SC Overview, The Khronos Group
This specification makes it easier for commercial vendors to deliver to graphics drivers to military programs requiring DO-178C certification by guiding the development of pre-qualified software versions.
Open-source software is also seeing growing use in military projects, and the U.S. Department of Defense (DoD) considers it commercial software:
"It is important to understand that open source software is commercial software, because there are many laws, policies, and so on regarding commercial software. Failing to understand that open source software is commercial software would result in failing to follow the laws, regulations, policies, and so on regarding commercial software."
According to a recent OpenLogic by Perforce survey, organizations choose open source to reduce cost, improve development velocity, and have stable technology with long-term community support.
No matter the provenance, every component of a DO-178C-compliant system must meet the objectives of one of the five Design Assurance Levels (DALs) defined in the standard. This requires the qualification of commercial software and the associated certification evidence in support of the larger system being certified.
Like the Khronos Group, commercial vendors offering certifiable versions of their software, from requirements management to static analysis tools, are better positioned to support military acquisition programs.
2. Growing Use of Artificial Intelligence (AI) and Machine Learning (ML)
Military systems use AI and ML to analyze data, support decisions, increase the fidelity of training simulations, and control autonomous systems. The challenges that AI/ML present for DO-178C certification are a proof a determinism, where the same set of system inputs produces the same set of outputs every time, and a verification of code coverage, where each line traces back to a specific requirement. These are difficult to demonstrate with AI/ML's unpredictability and black-box nature.
While there are currently safety guidelines being developed around AI in other safety-critical industries, the DO-178C standard has not been updated yet with AI in mind, forcing development teams to create their own strategies to ensure AI/ML-based components meet the standard's objectives. Like legacy software and other opaque components, this often means containing them within DO-178C-approved safety measures.
Software partitioning, allowable under DO-178C, isolates components from each other at runtime to prevent undesirable interactions and cross-coupling interference. This allows developers to separate AI/ML-based software units from traditionally developed ones to contain potential faults and potentially reduce verification effort.
3. The Shift Toward Open Standards
Defense organizations promote open standards to reduce development and maintenance costs, especially for equipment intended for continual upgrades in the field. The Future Airborne Capability Environment® (FACE) Technical Standard was developed by the U.S. government and industry suppliers to achieve two goals for safety-critical software:
- Increase the affordability of capabilities.
- Improve time-to-field, delivering new capabilities to the warfighter faster.
This FACE standard defines a layered architecture that supports rapidly replacing any software component. The layers consist of FACE Units of Conformance (UoC) designed to meet requirements defined in the FACE Technical Standard.
The FACE Consortium has a UoC conformance and certification program that independently tests components against a rigorous FACE Conformance Test Suite. Conformance here does not imply conformance to the DO-178C standard. Rather, development teams must still demonstrate that their software and processes are implemented and validated per the DO-178C guidelines.
One method of alleviating compliance efforts is to use publicly available documentation as supporting evidence. For example, the FACE Reference Architecture and supporting documentation can contribute to DO-178C's expectation of a well-defined architecture that meets project requirements and supports the software level's criticality, considering modularity, reusability, and maintainability.
4. Autonomous Vehicle Development
As militaries test and deploy autonomous vehicles, manufacturers are looking at new ways of achieving DO-178C certification. While certification takes place at the aircraft level, teams must systematically identify, test, and mitigate potential software failures per component, especially when weapons and flight components may interact with autonomous functions.
Embedded systems that deploy cutting-edge autonomous aircraft including unmanned aerial vehicles (UAVs), such as autonomous drones, can also benefit from DO-178C certification. As UAVs grow in significance, from reconnaissance and surveillance to direct combat, ensuring their safe and reliable operation becomes all the more critical.
Autonomous vehicle systems are also prone to more frequent software updates than traditional "deploy-and-forget" applications — making automated tools that support certification activities essential.
Static analysis tools — like Helix QAC and Klocwork — can reduce certification efforts at scale by quickly identifying safety and reliability issues and providing reports on coding standards compliance. Pairing autonomous vehicle development with static analysis allows teams to maintain a high standard of safety while matching the rapid release velocity necessary to keep systems relevant to the battlefield.
5. Continuous Integration/Continuous Delivery (CI/CD)
Fueling the above trends are program managers looking for manufacturers who can rapidly deliver incremental updates. The push for commercial technologies and requirements driven by standards such as FACE speak to the military's desire to do more in less time.
Jennifer Swanson, Deputy Assistant Secretary of the Army for Data, Engineering & Software, makes this need clear for vendors:
"We're evaluating the company's ability to be agile, because that's where we have stumbled in the past...if we give you new requirements, how fast can you turn those new requirements into a new release?"
-"The Future of Army Software Development", Defense One
To achieve this velocity, continuous integration/continuous development (CI/CD) pipelines have become essential to project acquisition and completion.
Equally important is fitting CI/CD into DO-178C certification activities. Implementing CI/CD processes is up to the manufacturer, but they must meet the standard's guidelines for traceability, safe and secure code, comprehensive verification, and documentation evidence.
The shift to continuous compliance, for example, is helping to deliver certifiable systems faster by identifying issues earlier in the development cycle. Static analysis tools use techniques such as differential static analysis to shift testing to the left and produce compliant software in less time.
Back to topHow Static Analysis Ensures DO-178C Standard Compliance for Aerospace and Defense Software
As more military programs seek to comply with DO-178C, manufacturers of embedded aerospace systems should have well-defined strategies and tools to support new and emerging technologies.
There are no one-size-fits-all approaches to certification, but if teams can understand how the technologies impact safety and reliability, they will be better positioned to adapt processes to fit.
To learn why DO-178C is growing in popularity among military programs, read our latest white paper, “Why Aerospace and Defense Software Needs DO-178C.”
Perforce's Helix QAC and Klocwork ensure that code is high quality and compliant with functional safety standards like DO-178C early in the development cycle. These tools include fully documented rule enforcement and compliance reports for safety and security audits.
See for yourself how Helix QAC and Klocwork can get your military and aerospace projects off the ground faster. Sign up for your free 7-day trial.
Back to top