Presentation is loading. Please wait.

Presentation is loading. Please wait.

Presented to: By: Date: Federal Aviation Administration Software Change Impact Analysis Software and Complex Electronic Hardware Standardization Conference.

Similar presentations


Presentation on theme: "Presented to: By: Date: Federal Aviation Administration Software Change Impact Analysis Software and Complex Electronic Hardware Standardization Conference."— Presentation transcript:

1 Presented to: By: Date: Federal Aviation Administration Software Change Impact Analysis Software and Complex Electronic Hardware Standardization Conference Brenda S. Ocker, Software Technical Specialist July 28, 2005

2 Federal Aviation Administration 2 Software Change Impact Analysis July 28, 2005 Presentation Overview Background Purpose Definition of Major and Minor Components of CIA Process Example Summary

3 Federal Aviation Administration 3 Software Change Impact Analysis July 28, 2005 History Notice , “Guidelines for the Oversight of Software Change Impact Analyses used to Classify Software Changes as Major or Minor” Order , Chapter 11

4 Federal Aviation Administration 4 Software Change Impact Analysis July 28, 2005 Purpose of CIA Determine the impact of the change on the system Assure that safety is not adversely affected Determine the rework and reverification required Determine the extent of certification authority involvement in the change

5 Federal Aviation Administration 5 Software Change Impact Analysis July 28, 2005 Definition of Major and Minor Change 21.93(a) –Type Certificate –Supplemental Type Certificate –Parts Manufacturer Approval (b) –Technical Standard Order (TSO)

6 Federal Aviation Administration 6 Software Change Impact Analysis July 28, 2005 Definition of Major and Minor Change Per 14 CFR 21.93(a): –A minor change has “no appreciable effect on the weight, balance, structural strength, reliability, operational characteristics, or other characteristics affecting the airworthiness of the product” –All other changes are considered major

7 Federal Aviation Administration 7 Software Change Impact Analysis July 28, 2005 Definition of Major and Minor Change Per 14 CFR (b): –A major change is a design change that is “extensive enough to require a substantially complete investigation to determine compliance with a TSO” –All other changes are considered minor A minor change to the TSOA could have a major affect on the aircraft

8 Federal Aviation Administration 8 Software Change Impact Analysis July 28, 2005 Types of Software Changes Pre-Certification –During software development/before software approval –Change control in place –Problem reporting & correction in place –Re-verification in place –Addressed in DO-178B, Sections 7 & 8

9 Federal Aviation Administration 9 Software Change Impact Analysis July 28, 2005 Types of Software Changes Post-Certification –After software approval and product certification –Addressed in DO-178B, Section 12.1 –Order Chapter 11 focuses on the post- certification change

10 Federal Aviation Administration 10 Software Change Impact Analysis July 28, 2005 Components of a CIA Identify software change Perform analyses to assess the effect of the change Identify life cycle data to be updated Identify verification activities to be performed

11 Federal Aviation Administration 11 Software Change Impact Analysis July 28, 2005 Components of a CIA Traceability Analysis –Requirements and Design –Code –Test Cases and Procedures Memory Margin Analysis Timing Margin Analysis Data Flow Analysis Control Flow Analysis

12 Federal Aviation Administration 12 Software Change Impact Analysis July 28, 2005 Components of a CIA Input/Output Analysis Development Environment and Process Analyses Operational Characteristics Analysis Certification Maintenance Requirements Analysis Partitioning Analysis

13 Federal Aviation Administration 13 Software Change Impact Analysis July 28, 2005 Components of a CIA Traceability Analysis –Requirements & Design Analysis Identify affected requirements and architecture Identify new functions and affect on existing functions –Code Analysis Identify affected software components and interfaces Identify new software components and interfaces –Test Cases and Procedures Analysis Identify specific cases and procedures to be repeated to verify changes Modify existing and/or add new test cases and procedures to verify added functionality Verify no adverse effects result from changes

14 Federal Aviation Administration 14 Software Change Impact Analysis July 28, 2005 Components of a CIA Memory Margin Analysis –Assure memory allocation requirements and margins are maintained –Examples of tasks: Estimate change to flash memory Estimate change to RAM Evaluate memory margins

15 Federal Aviation Administration 15 Software Change Impact Analysis July 28, 2005 Components of a CIA Timing Margin Analysis –Assure timing margin issues are not introduced due to the change –Examples of tasks: Review timing requirements Review CPU task scheduling requirements Review interface timing requirements Review changes to the timing margins (usually want at least 10% margin) Review throughput change for each task

16 Federal Aviation Administration 16 Software Change Impact Analysis July 28, 2005 Components of a CIA Data & Control Flow Analysis –Assess changes in data & control flow and coupling between software components –Evaluate any adverse affects due to the change –Required for Levels A, B, and C software

17 Federal Aviation Administration 17 Software Change Impact Analysis July 28, 2005 Components of a CIA Input/Output (I/O) Analysis –Evaluate impact of the change on the interface with the external world –Examples of tasks: Bus loading External databus I/O External hardwire I/O Access to memory Communication with hardware

18 Federal Aviation Administration 18 Software Change Impact Analysis July 28, 2005 Components of a CIA Development Environment and Process Analyses –Identify changes in the environment or process that might have adverse affects on the system –Examples include changes to: Compilers Linkers Loaders Tools

19 Federal Aviation Administration 19 Software Change Impact Analysis July 28, 2005 Components of a CIA Operational Characteristics Analysis –Identify adverse effects in the operational environment due to software changes. –Examples of changes that could affect the operation of the product: Gain changes Limit changes Filter changes Interrupt changes Exception handling changes Fault mitigation changes

20 Federal Aviation Administration 20 Software Change Impact Analysis July 28, 2005 Components of a CIA Certification Maintenance Requirements (CMR) Analysis –Determine if the software change requires new or modified CMR –Example: Assume the software change to the anti-skid systems increases the time that the brakes are applied during landing. This could result in more frequent maintenance of the brakes and tires.

21 Federal Aviation Administration 21 Software Change Impact Analysis July 28, 2005 Components of a CIA Partitioning Analysis –Determine the affect of the software change on the protective mechanisms

22 Federal Aviation Administration 22 Software Change Impact Analysis July 28, 2005 Components of a CIA Focus on the potential adverse affects –Changes to safety-related information Safety-related requirements (including derived requirements) are changed –Changes in operational or procedural characteristics of the aircraft Changes to flight crew procedures or increase in pilot workload –Added functions –Different processors, interfaces, and other hardware components or environment –Significant changes to life cycle data

23 Federal Aviation Administration 23 Software Change Impact Analysis July 28, 2005 Components of a CIA Identify life cycle data to be updated Identify verification activities to be performed

24 Federal Aviation Administration 24 Software Change Impact Analysis July 28, 2005 Components of a CIA CIAs come in many forms Extent of analysis depends on the change size and affected items Enough detail to support the major or minor classification Should be revised if the scope of the software change changes

25 Federal Aviation Administration 25 Software Change Impact Analysis July 28, 2005 Approved Classification Procedure? Work with ACO to classify Follow Procedure Change Major? ACO not involved ACO involved Start YES NO CIA Process

26 Federal Aviation Administration 26 Software Change Impact Analysis July 28, 2005 Approved Classification Procedures Approved procedures in place to classify changes as major or minor Procedures should contain a process for: –Using CIA to classify change –Reviewing/approving the classification –Addressing minor changes –Addressing major changes –Informing FAA of all changes and proposed classifications –Obtaining FAA concurrence on proposed classification

27 Federal Aviation Administration 27 Software Change Impact Analysis July 28, 2005 No Classification Procedures FAA more involved Applicant performs CIA Applicant proposes classification (major or minor) to FAA FAA reviews/accepts/modifies the classification Applicant & FAA follow procedures for major or minor changes, as applicable

28 Federal Aviation Administration 28 Software Change Impact Analysis July 28, 2005 Minor Changes Change performed without FAA involvement Data updated, as required Software Accomplishment Summary (SAS), Software Configuration Index (SCI), and/or other documents submitted to FAA on a periodic basis

29 Federal Aviation Administration 29 Software Change Impact Analysis July 28, 2005 Major Changes FAA and/or DER involved PSAC and/or CIA submitted to FAA as agreed upon SAS, SCI, and/or other agreed upon data submitted to ACO ACO and/or DER reviews and approves data, as needed

30 Federal Aviation Administration 30 Software Change Impact Analysis July 28, 2005 Special Considerations for TSO Equipment A minor change to the TSOA could have a major affect on the aircraft TSOA Holder should consider the intended installation when performing the CIA Installer also needs to perform CIA to address the effect of the change on the specific aircraft installation

31 Federal Aviation Administration 31 Software Change Impact Analysis July 28, 2005 Requirement Change Example Change Requirement –New –Modified –Deleted Most common type of change Applicant’s and FAA’s role in the CIA process

32 Federal Aviation Administration 32 Software Change Impact Analysis July 28, 2005 Requirement Change: Applicant’s Responsibilities Perform CIA to assure that the new or changed requirement: –Does not conflict with other requirements –Is unambiguously stated and verifiable –Is verified to meet requirements of software level –Achieves desired functionality

33 Federal Aviation Administration 33 Software Change Impact Analysis July 28, 2005 Requirement Change: Applicant’s Responsibilities Assure that the following are completed, as needed: –Update the software architecture –Change prologue headers –Review changes against standards –Update traceability (both forward and backward)

34 Federal Aviation Administration 34 Software Change Impact Analysis July 28, 2005 Requirement Change: Applicant’s Responsibilities Examine data elements to assure that new or changed code does not negatively impact existing functionality by: –Examining all areas of the code that use the same variables as those in the changed or new code –Re-examining variable declarations and interfaces –Examining control flow to assure that the change does not negatively impact execution sequence or timing

35 Federal Aviation Administration 35 Software Change Impact Analysis July 28, 2005 Assure that: –Verification test cases for new and changed requirements exist –All requirements-based tests (normal and robust) that trace to new or changed requirements are run or re-run –Structural coverage is achieved for new or changed area, and still achieved for areas of code with dependencies –Verification record that documents the regression analysis exists Requirement Change: Applicant’s Responsibilities

36 Federal Aviation Administration 36 Software Change Impact Analysis July 28, 2005 Requirement Change: FAA’s Responsibilities Review CIA, as needed –Oversee the applicant’s activities, when the change is major –Oversee designees –Perform on-site or desk-top reviews, as needed

37 Federal Aviation Administration 37 Software Change Impact Analysis July 28, 2005 Additional Information View the “Software Change Impact Analysis” Video Available through FAA Web-site: –Link to “Aircraft Certification Software” on lower right hand side of page

38 Federal Aviation Administration 38 Software Change Impact Analysis July 28, 2005 Summary Determine the impact of the change on the system Assure that safety is not adversely affected Determine the rework and reverification required Determine the extent of certification authority involvement in the change


Download ppt "Presented to: By: Date: Federal Aviation Administration Software Change Impact Analysis Software and Complex Electronic Hardware Standardization Conference."

Similar presentations


Ads by Google