Tool Controlled Artifacts and Evidence

Section 7 of DO-254 tells us “The configuration management process is intended to provide the ability to consistently replicate the configuration item, regenerate the information if necessary and modify the configuration item in a controlled fashion if modification is necessary.” What do you do if you are using a tool to control some or all of your program data? This is becoming more and more common as the industry has delivered a number of tools that assist with various aspects of DO-254 (and DO-178C) compliance. This automation may be extremely helpful in many cases, but it introduces a new paradigm of tool based data control that requires understanding and exploration.

The inside scoop on what to do and what not to do in your DO-254 program, direct from the expert.

For example, you may have a tool that helps you with compliance by including checklists for various processes. These checklists might be modifiable, they must be reviewed by a team, actions may come from the review, and these actions need to be tracked. This is all done within the tool and all that data needs to be controlled and available, and subject to the pertinent requirements for Life Cycle Data (DO-254 Section 10.0 and DO-178C Section 11.0). So do we meet the content/retention requirements if the artifacts remain embedded in the tool? Or what if you are using Clearcase and you just have a path to a Version Based Object (VOB) for some compliance artifact? Does that meet data configuration and control requirements for that artifact? And what if your auditor doesn’t have access to the tool?

The underlying concern of the DO-254 configuration management requirements are to ensure that the data is always available and always modifiable. So you must ensure this happens even if the tool is not used again in the future. Because of the obligation to continued airworthiness, the applicant must maintain the data for the lifetime that the product flies. This may be far longer than a tool lifetime. Therefore long-term (20+ year) archive/data recovery is the responsibility of tool user, who must be able to extract, archive and potentially resurrect this data for their project. So ensure that whatever tool you are using allows you to do this, that you capture this as part of your plans and execute appropriately as part of your program.

If you need help understanding how to manage tools in your program, this is covered in the Patmos Engineering Services “DO-254 Airborne Electronic Hardware Certification” training.
BTW, I found a typo in this one: Version Based Object (VOB) – should be VBO I suspect.

Tammy Reeve | DER Exoert

Tammy Reeve has been involved in the certification of hardware (DO-254), software (DO-178C), and systems (ARP 4754A and related) for nearly 20 years.

Tammy Reeve
DER/Founder
Patmos Engineering Services, Inc.