That has been recognized very early in the area that basically exploded in scope first – the development of software, and thus the process-oriented standard DO-178/ED-12, that introduced a concept of qualitative objectives/different levels of design assurance based on safety-criticality in addition to quantitative/reliability/availability objectives, has been published and recognized by the regulators in the 1980ies as the means to minimize the number of such events/faults in a software to a minimum. In the 1990ies the growth of systems and subsystems in large transport aircrafts led to the introduction of the SAE’s Aerospace Recommended Practices ARP-4754/ED-79 and ARP-4761(later also as ED-135) industry standards describing a practical methodology and processes helping with a development of correctly functioning and reliable/safe products. One of the key concepts added in later revision was the distinction between the Functional Development Assurance Level and Item Development Assurance Level that gave the designer option how to architect his aircraft/system/subsystem in the best and most efficient way in order to meet all the quantitative and qualitative objectives. These ARPs have been increasingly recognized by the Aerospace industry as really helpful tools, regardless of whether the regulators recognized it as the Acceptable Means of Compliance for a given category of products or not. As such we have seen use of these in the military domain as well and by the integrator driven contractual pressure even in companies that did not see the need for these standards initially
Well, now avoiding the deployment of these best practices as described in these standards might not be the option. EASA has on February the 14th of 2024 published a proposal for a Certification Memorandum CM-DASA-002 on ‘Development Assurance Considerations in Product Certification’ that, when issued, will basically push the deployment of these standards as the Acceptable Means of Compliance into the remaining product areas as seen in the table (from the memorandum) below:
The requirement for the applicant to ensure that the development process of any ETSO’d article they plan on using in their product is in sync with the product’s objectives/Means of Compliance is stated in the proposed Certification Memorandum as well.
Also, more surprisingly for some, changes to existing, already certified products, that will be assessed for criticality & scope of change & acceptability of existing processes (using an impact analysis evaluation per ARP-4754B), might need to follow/use the Development Assurance concept/ARPs as well. The logic behind this decision is that the changes could be, and often are, quite extensive when compared to their initial certification.
Last, but not least, the need for an independent compliance review (in addition to the process assurance as defined in ARP-4754/ED-79) is recognized in the proposal. The recommendation here is that this should follow a gated process which includes a planning review, a design review, a verification review and a final compliance review, all of which need to be done by a someone not directly involved in the development assurance activities of the project.
To sum it all up, this last push to deploy these best practices into the remaining pockets of resistance will lead to better and safer products. And for us, designers, it will finally standardize the practices we encounter and have to follow in our work – which again should lead to less misunderstanding, miscommunication and errors/malfunctions.
Wherever you are on this journey LICRIT can support you with consultation, training and helping you to bring best practices into your environment. Contact us and let’s make world safer place together.