DO-254 / ED-80 released in 2000 provides guidance for design assurance of airborne electronic hardware
from conception through initial certification and subsequent post certification product
improvements to ensure continued airworthiness. It was developed based on showing
compliance with certification requirements for transport category aircraft and equipment
but parts of this document may be applicable to other equipment.
FAA AC 20-152 view of DO-254:
EASA CM–SWCEH–001 view of ED-80 or DO-254:
AC 20-152 limited the scope of the application of the DO-254 guidance. Only applies to complex devices such as ASICs and PLDs. Application of DO-254 to Line Replaceable Units (LRUs) and Circuit Card Assemblies (CCAs) is no longer required. Application of the guidance to level D design assurance is optional and not subject to FAA oversight and or approval. Strengthened the exemption for COTS (Commercial-Off-The-Shelf) microprocessors.
At Equipment & Circuit Card Assemblies (CBA): Applies to all DALs. DAL-D can follow company processes (similar to “DO”). Basic Planning Docs. PHAC, HVP, HCI, HAS Full Supporting, CM, V&V according to Appendix A
For Simple ASICs & PLDs full process plans required. Basic Process Plans for DAL-D is sufficient. Verification for DAL A & B at gates or nodes within the device. Verification for DAL-C at Pin-Level and DAL-D at Device-Level.
For Complex devices on applies to DAL A, B and C. DO-254 Full Appendix A is applied with full documentation. DAL-C requires same level of traceability as DAL-B and A. HDL Standards required for DAL A & B.
For COTS Devices: Not Required for DAL-D. However for DAL-C and above, applicant could face up to 16 tasks based on complexity of device, Product Service Experience and DAL.
AMC 20-152A Application:
AMC 20-152A COTS Objectives:
AMC 20-152A COTS IP Objectives:
Applies to AEH that contributes to DAL A, B, or C functions.
AC/AMC 20-152A does not address: Address Single Event Effects (SEE) aspects. However SEE aspects, or the assessment of susceptibility, should be addressed according to EASA CM-AS-004.
ALL hardware requirements should be validated (CD-3): The requirements against which the hardware item is to be verified are complete and correct. Requirements are evaluated for impact on Safety. Omissions and errors are fed back to the appropriate processes.
The AMC/AC 20-152A guidance provide more general objectives than previous guidance. Fundamentally the same issues are addressed. The new objectives enable a broader range of COTS components to be used in avionics applications provided the potential impact on the application is mitigated.
Applicant must perform Complexity Assessment: Multiple functionalities. Significant configurability. Multiple, or advanced, processing or switching elements.
Design Assurance for Complex COTS Components: Electronic Component management Process. Device usage ranges. Embedded micro-code considerations. Device malfunctions. COTS Device usage.
Elaborations and objectives for COTS IP which follows DO-178C Multi-core aspects per CAST-32A or AMC 20-193.
COTS-IP should be selected based on its technical suitability for implementing the intended function. COTS IP architecture or IP design concept provides an understanding of the functionality, modes, and configuration of the IP.
The availability and quality of data and documentation allow the understanding of all aspects of the COTS IP functions, modes, and behavior, and enable the integration and verification of the COTS IP.
Information exists for the IP user to be able to create the physical implementation of the COTS IP.
12707 High Bluff Drive, Suite 200
San Diego, California, 92130
Phone: +1 858-444-6762
Fax: +1 858-430-3117