专为FPGA设计人员提供的DO-254标准-xilinx - 白皮书店（通信电子）－全球企业门户

The standard that governs the design of avionic components and systems, DO-254, is one of the most poorly understood but widely applicable standards in the avionic industry. While information on the general aspects of the standard is easy to obtain, the details of exactly how to implement the standard are sketchy. And once an entity develops a process that achieves compliance, the details of how compliance was achieved become part of the intellectual property of that entity. This white paper focuses on the details of developing a DO-254 compliant process for the design of FPGAs.

DO-254, Design Assurance Guidance for Airborne Electronic Hardware [Ref 1], provides guidance for design assurance in airborne electronic hardware (AEH) to ensure safe operation. Rather than specify how to implement the standard or which test should be completed, it specifies the requirements for a process of design assurance and certification. It is the lack of specifics that causes uncertainty with the user community on how to develop a design assurance process that meets DO-254.

Per the standard, all flight hardware needs to be classified according to a design assurance level (DAL). The standard defines five levels regarding the safety and criticality of an avionic system (A to E). For example, engineers designing to level A or B face a much more rigorous test, verification, and documentation process than for levels C, D or E [Ref 2].

Central to DO-254 is the hardware life cycle, describing the general phases a project moves through, from initial planning to certification, including feedback loops to allow adaptation of requirements as necessary. Similar to other quality standards, DO-254 does not specify how to manage the life cycle nor the tools and methods to be used. However, it does require that design and certification procedures, methods, and tools be documented, along with the criteria used to determine when a project is allowed to move to the next phase.

Key to DO-254 is the designated engineering representative (DER) [Ref 3]. The DER is an appointed engineering resource who has the authority to pass judgment on aviation-related design and development, acting as the certification authority on behalf of the civilian aviation authorities. The standard allows the DER to be either an employee of the system developer or an independent consultant. Given that the DER must be approved by the civilian aviation authorities, the DER is often a consultant hired by the system developer. The DER has the authority to certify the process and can therefore assist in defining the process and the associated hardware life cycle.

A DER's involvement in a project depends upon the type and scope of a development project. Some example scenarios are:
• Self certify and submit without a DER: Very rare and only possible with system developers with extensive knowledge of DO-254 and aviation authority policy and a long history of safety.
• Internal DER: Common in larger avionics companies with sufficient activity to justify the expenses.
• Consultant DER: Common for line-replaceable-unit (LRU), board, or IP developers, or for companies whose main business is not avionics.
• DER as an auditor: A DER only audits the development on behalf of an aircraft integrator. This scenario can apply to board and IP developers where the end customer takes responsibility for managing the certification process.

→ 『关闭窗口』

发布人：365pr_net
[ → 我要发表 ]

上篇文章：先进的动力总成控制（Powertrain Control）-Freescale
下篇文章：高能效功率因数校正的电源和适配器方案

→ 主题所属分类： 白皮书店 → 通信电子