For thirty years military organizations developed their avionics and aircraft using purely military defense-oriented standards including 2167A, Mil Stnd 498, and MIL STD-882. These defense aircraft manufacturers were desirous of utilizing hardware and software standards which varied from civil aviation because they thought military missions were too dissimilar from civil. And frankly, military focus was centrally upon the mission effectiveness in a harsh environment. However, recently there is an increasing movement which is converging civilian aviation standard adopting within defense aviation. Specifically, militaries are adopting DO-178 and DO-254 worldwide along with the new systems and safety standards ARP4761A and ARP4754B.
DO-178C, DO-254, ARP4754B, and ARP4761A use five levels of development “assurance”, with the highest criticality being Level A (most critical) to Level E (least critical); these are called “Development Assurance Levels (DALS)”. Every avionics function via a Functional Hazard Assessment (FHA) at the Aircraft level and then System level is designated one or more levels of function (then item) criticality based upon that safety assessment; these includes an analysis of each system’s potential contribution to aircraft safety; each hardware and software component within that system must meet or exceed its assigned criticality level. As the criticality level increases, so does the degree of w engineering effort with documentation, design, reviews, implementation, and verification and even quality assurance.
Contents
Military versus Civil Aircraft – the Perceived Differences
Before civil standard adoption such as DO-178C and ARP4761A, defense entities throughout the world used various defense-only standards for avionics and aircraft hardware and software development. The reason for this defense-centric approach was:
- Mission success for military operations (aircraft) was the primary focus, even surpassing “safety” in some instances since pilots were better trained and able to take threatening risks
- Military projects were thought to be more complex than commercial projects (look at F-35’s 20 Million lines of code – almost double that of Boeing or Airbus aircraft)
Military projects had long airframe lifetimes to account for, in some cases over 50 fifty years (B-52!)
- Military projects had many suppliers to simultaneously manage.
- Military projects needed required higher reliability than civilian projects.
- Military projects required specialized military/sensitive functionality and complex integration cycles.
In the 1970’s and 80’s, the above rationale was valid. However by the 90’s the above rationale gradually eroded. Today, consider the commonality between Military and Commercial avionics:
- Military and commercial both use increasingly high complexity with sophisticated inter-system interactions.
- Both utilize many suppliers (which in many instances provide their avionics to both Military and Commercial aviation customers and even non-aviation) with long project lifetimes.
- Military aircraft are now utilized more and more in commercial airspace (they do not want to be restricted in flight paths or hours).
- Both are increasingly concerned with re-usability, quality, and increased cost-effectiveness.
- Both require access to leading-edge commercial technologies.
- Both require a high level of operability, reliability, maintainability, and safety.
Safety: the new ARP4761A and ARP4754B
Traditionally, militaries applied their own safety standards, such as the ubiquitous and commonly applied MIL-STD-882 E. But, like mixing milk and Coca Cola,, the military safety standards do not mix well with civilian aviation standards since they had differing priorities. ARP4761A and ARP4754Bare much better suited to integration with DO178C based upon their Development Assurance Level (DAL) assignment, particularly Functional DAL (FDAL) and Item DAL (IDAL) approaches. The civilian focus of the new Preliminary Aircraft Safety Assessment (PASA) and Preliminary System Safety Assessment (PSSA) are very different and not as well covered in MIL STD 882 E. Today, the new European fighter jet development and USA Army FLRAA projects both use ARP4754B, ARP4761A, DO-178C, and DO-254.
Will these civil standards increasingly be used for worldwide militaries? Easy question: in 20 years, simply look overhead and you’ll see, but barely hear, the answer. And even “seeing” will be increasingly difficult with stealth.
