The LDRA tool suite is the premier choice for building quality into safety critical civil and military avionics software. Most current and next generation aircraft include multiple systems that have achieved their software quality objectives with the aid of the LDRA tool suite, including the F-35 Lightning II (Joint Strike Fighter) project, for which the LDRA tool suite was the chosen software test tool.
Whenever an avionics system is developed for commercial or military aircraft, the safety of the crew, passengers, and people on the ground are factors in the development of the system. To this end, international civil aviation authorities, including the Federal Aviation Administration in the United States (FAA), the European Aviation Safety Agency (EASA) and the Civil Aviation authority (CAA) in the UK, have established various procedures to certify that the avionics system meets their safety critical objectives.
At the very highest level, the authorities require that a whole aircraft be certified, and in order to achieve this, each of the aircraft avionics systems must be individually certified. Within each avionics system, the software must also be independently certified, and guidelines are given to how and when the software must be certified. For software considerations, most aviation authorities use the RTCA Inc. document DO-178B, Software Considerations in Airborne Systems and Equipment Certification as the reference for their guidelines.
DO-178B is fundamentally a process document; it defines the key elements required for the development of safety critical software. The LDRA tool suite is the most complete software validation solution for the development of avionics software, supporting the entire DO-178B process from requirements through to deployment, helping to eliminate or reduce labour intensive and error prone elements of the process:
1. Requirements Traceability - DO-178B advocates a requirements driven process, whereby all components of the deployed software are traceable to the original high level requirements, resulting in 100% Requirements Test Coverage and a requirements traceability matrix. TBreq is the only Requirements Traceability solution supporting the tracing of requirements throughout the entire development process. Using TBreq, requirements are traced from system level through to individual software components, including tracing the verification artifacts such as test cases and structural coverage analysis data that were generated to validate test completion and completeness. TBreq then provides the Requirements-Based Test Coverage Analysis required by DO-178B and automatically generates a requirements traceability matrix.
2. Coding Standards Compliance - One of the major tenets of the DO-178B Software Coding Process is defining and complying with a Software Coding Standard. The LDRA Testbed product static analysis capabilities can be used to enforce coding standards compliance, and can also be used to create a custom coding standard, for which the multiple built-in coding standards can be used as a reference.
3. Structural Coverage Analysis - System tests must be created against the system level requirements, and then DO-178B requires that coverage analysis be used to assess the test effectiveness and to ensure that 100% of the software code structure is exercised. Coverage analysis is required for the 3 most safety critical avionics safety levels, assigned safety levels A through C from the most safety critical to the least. Level A systems require Modified Condition/Decision Coverage (MC/DC), Level B systems require Decision Coverage (DC) and Level C systems require Statement Coverage (SC). The tool suite product saves endless hours of using a highlighter pen to identify tested and untested code by providing automated coverage analysis measurement to all 3 coverage levels.
4. Object Code Coverage - For Level A systems, MC/DC coverage analysis at the high level language is not enough. It is also necessary to guarantee that 100% of the object code produced by the compiler is also exercised. The LDRA tool suite Object Box coverage module enables the automated measurement of the object code, helping to ensure that this DO-178B objective is met.
5. Control and Data Coupling - A component of the Structural Coverage Analysis requirement of DO-178B is that the data coupling and control coupling between components be confirmed. The LDRA Testbed product provides visibility of the data and control flow between components that enables this requirement to be addressed.
6. Tool Qualification - In order for the Structural Coverage Analysis results from a tool to be accepted as valid data for certification, DO-178B defines a process for qualifying a coverage analysis tool as a Software Verification Tool that verifies that the tool provides confidence at least equivalent to that of the process(es) eliminated. LDRA provides a Tool Qualification Support Package that includes documentation and test procedures required to ensure that Testbed can be qualified in a customer's environment.
7. Secure Code - An emerging requirement is the need for secure code in avionic systems that communicate with the ground. The LDRA tool suite coding standards capability provides the ability to assess code against the CERT-C secure coding standard, ensuring that deployed avionics code meets the highest secure standards.