To ensure the safety of passengers, crew, and the aircraft, aerospace/ATM software applications must be vigorously tested within strict guidelines to ensure that they operate correctly. Failure of the critical software (safety-critical and/or mission critical) could have far-reaching repercussions.
Aviation software system solution often comprise many thousands of functions and millions of lines of code. To ensure safety and quality of the system, these must be tested to make sure that they operate as expected. Activities used to test avionics systems include:
- Functional testing to ensure that the software meets high- and low-level requirements.
- Worst-case execution time analysis to ensure that time-critical sections of code meet timing deadlines
- Structural coverage analysis to ensure that structural elements of the code (such as statements) have been tested to an acceptable degree
When approving commercial software-based aerospace systems, certification authorities such as the EASA and FAA refer to legislation on ATM/Aviation Software Considerations, which ensures that safety-critical software used in ATM/airborne systems is safe to use.
According to this legislation frame is recognized as an “acceptable means, but not the only means, for showing compliance with the applicable airworthiness regulations for the software aspects of airborne systems and equipment certification.”
What are software levels?
A system’s Design Assurance Level (DAL) derives from hazard analysis and the safety assessment process. Software is categorized into a DAL based on the impact of a failure condition in the system on the passengers, crew, and aircraft.
| Level | Failure Condition |
| A | Catastrophics |
| B | Hazardous |
| C | Major |
| D | Minor |
| E | No safety effects |