Category Archives: DO-178C

Similarity between Academic paper and Requirements


When researcher writes academic paper, one of important thing is to make structure. Usually research is one’s own study so it is hard to understand for people who are not interested in the topic. So s/he has to consider how to reader can understand easily.

S/he also consider internal consistency for better understanding.

I realized that writing requirement is quite similar to write an academic paper. If requirements are written without consideration of structure, it is hard to understand. Readers cannot understand what are system’s sub systems, what are functions allocated to sub-systems.

It is not technical point of view. But if they are not clear it is hard to defense against audit, because auditor will confuse it and will not understand what you are saying.

Then s/he will not give a good grade.

 

 

Advertisements

Certification Liaison Process


This process is specified in DO-178C. It is a kind of communication process with Certification Authority. It is very important for suppliers to get a good results. I’ve never  experienced about type certification or airworthiness certification, but I think that I can imagine the procedure because there are published document.

Though it is natural to think, applicant has to submit safety plan to certification body and it can be proceed if the plan is approved by certification authority.

It would be ridiculous if applicant submit safety plan in the middle of the project. What if the plan is rejected? Everything they have done so far must be dumped.

Unfortunately this process is not defined in the automotive, but it also essential for supplier. Competent OEM may have a detailed process for audit and assessment.

You can also refer a book, “Developing Safety-Critical Software(DO-178C)” in chapter 12

Developing Safety-Critical Software(DO-178C)에 대한 이미지 검색결과

 

Functional safety manager can’t assure that this product is safe. instead, he/she knows that it is not safe.


There is saying about interview. An interviewer cannot make a interviewee be hired but can make him/her failed to be hired. I believe that this is true and a similar correspondence can be possible in the functional safety project.

I review functional safety documents frequently, and functional safety scope is too vast for one person to know everything fully so I sometimes conduct incomplete review. Incomplete review means that even though I approve it, it cannot be ensured that it is fully achieved.

Because I understand my weakness, I tried to find nonconformances in the documents. At least I’m first auditor in this project. And if I don’t agree, then it cannot be proceed. In the near future, I have to respond against customer auditor’s questions. There should be some layers of reviewers like me. They act as if ‘safety-nets’ in the project, and they protect systematic faults in the project.

Final reviewer shall be customer side auditors(or assessors). In some ways, customer have to not only have a deep knowledge about product knowledge but also have a deep technical functional safety knowledge. If a person does not have both, team has to be arranged. And who does not have a deep knowledge about the project but has a functional safety knowledge has to enough review experience whether the product under review is well documented or not. And he has to help a customer side product champion to determine whether supplier’s safety concepts or their approaches are good to satisfy their safety requirements.

But…. even though they conduct such audit or assess, they cannot ensure that safety is fully achieved.