Average Reviews:
(More customer reviews)As an engineer that has used DO-178B since it was first published, I was intrigued by the title of the book. What a disappointment!! I can overlook the formatting, typographical, selling, and grammatical mistakes, of which there are many e.g. "Level A (least critical)" [p40] - is just sloppy editing, but the technical content and misinformation is more worrying, especially if used by inexperienced engineers.
The structure of the book follows the table of contents; unfortunately, the content of the chapters does not.
There is a great deal of repetition that was not checked. The book contradicts itself on the numbers, 20-40% for DO-178B cost, 25-40% level A-D [p140], 50% A-D [p40], cost metric table [p228], and quality/cost graph [p231]. I am not disputing the numbers, but I would expect the numbers to be consistent within the book, at least.
The errors in guidance are much harder to accept, because others may be using this book as a guide. Here are some examples:
1) "An operating system such as can be certifiable, but tools, other components or board support package are not as they can only be verified when integrated with other software components." [p38] Unless the board support package can be partitioned from the operating system, which in general cannot be done, the board support package must have the same level of certification evidence as required by the operating system. .
2) In the discussion of independence, it is difficult to establish if the test/review is to be independent or the review of the coverage analysis [p143]. DO-178B is very clear on this in Table A7.
3) The explanation of Decision and MCDC coverage objectives is unnecessarily confusing. The example would have been better if the condition included an "else" part, which would have shown the differences between level B and C coverage [p144]. Readers are referred to DO-248B for clarification.
4) "What is a `statement'? Answer: smallest compilable entity, e.g. one line of code" [p139], -- clearly this depends on the programming language and how it was written. `Smallest compilable entity' is also vague; it could be an expression - after all common sub-expressions are often identified by compilers.
5) Recommendations for the use of COTS run-time libraries implies that the verification can be performed at the black box level because the source is not available [p133]. How can a system ensure that the functions are continuous and that equivalence classes can be used for testing? I have seen many run-time libraries that include checks for de-normalized numbers (quiet and signaling NaN's, plus and minus zero as well as plus and minus infinity on the PowerPC). The functions are not simple polynomials but include acceleration algorithms to get fast convergence on the result with stated precision as well as tables of initialized constants. Without looking inside, such libraries cannot be verified using equivalence classes because the classes cannot be established.
There are other inaccuracies: "It's the only standard with multiple criticality levels." [p140]. Read other standards like IEC-61508. It is not clear to me that ground-based and homeland security domains are using or considering use of DO-178B. [p58] Ground-based systems are moving to DO-278 and homeland-security is more likely to use the many security standards including Common Criteria.
This review is incomplete, because after reading 25% of the text, I decided to hope for a professionally rewritten second edition. Hopefully, the next revision will be reviewed with independence -- by a DER.
Click Here to see more reviews about: Avionics Certification: A Complete Guide to DO-178 (Software), DO-254 (Hardware)
This book explains the most critical safety certification required bycommercial and military aircraft. The authors describe each step increating and submittingformal documents for government approval.Their advice is highly practical,acquired over 20 years ofperforming successful certifications now flying aboard every major airliner and many military aircraft.The book includes dozens ofreal-life anecdotes to show where applicants go wrong, fall victim to common myths and waste time with misconceptions.The authorsapproachavoids the abstract bydelivering clear advice on such practical matters as budgets, staff members, tools, programming languagesand schedules. Theygive numerousrules-of-thumbfor guiding the reader along what can otherwise be anarduous path to certification. Although the book deals with each milestone of a program, the authors point out,We don t teach regulations, but how to think like the FAA! That approach hasworked for scores of companies, helping avoid damaging overruns in budgets and schedules. As DO-178 (software) and DO-254 (hardware) certificationbecome established in aviation, they are spreadingto other industries, suchtransportation, medical instruments and power generation.As in aviation, these technologies are now in the digital world,and need to meet high standards of safe operationdemanded for aircraft.Increasingly, these other industries are required to meet DO-178/254 certification.As the authors explain, the official DO-178 and DO-254documents are not only vague and non-specific, but have to be!The reason is,they need to apply to a wide range of systems.The authors meetthe challengeby skillfully interpreting the intent of the documents.They have been doing it for yearsin world-wide seminars that have trained more people than all other seminars combined.Their book is the first text on this critical subject. Contents of "Avionics Certification"1. Introduction2. Real World of DO-178B 3. Planning the Project 4. Criticality Levels 5. What isCertified ?6. Cost Vs Benefits7. Military Certification8. Getting Started9. Safety Assessment10. Planning, Development and Correctness11.Quality Assurance Plan 12.Configuration Management13.Software Development Plan14.System Requirements|15.Software Design16.Unit Testing17.Software Testing18.Structural Coverag 19.Test and Tools20.DO-254 (Hardware)21.Hardware Design Life Cycle22.Gap Analysis23.Verification24. Project Organization25.PSAC26.Tool Qualification27.Software Design Aspects28.Cost Estimation and MetricsGlossary
0 comments:
Post a Comment