• Aviation Safety & Avionics Standards
  • EV partner AFUZION services : consulting, certification, safety-critical audits, software tool selection, proposal optimization, ...
  • Gap Analysis
  • Efficiency Improvements
  • Automotive Standards
  • ISO26262
The safety assessments are an essential part of an aircraft or system development process. System safety represents best practice and is formally specified by numerous National Airworthiness Authorities (NAAs) and Military Airworthiness Authorities (MAAs) including FAA, and EASA. ARP-4761 describes guidelines and methods for performing safety assessments associated with showing compliance with certification requirements (14CFR/CS XX.1309). The safety assessment process is of fundamental importance in establishing appropriate safety objectives for the aircraft, systems and items and determining that the implementation satisfies these objectives.
ARP-4761 safety assessments are described as an integral process in ARP-4754A. There are fundamental relationships between safety assessments and the system development processes. Determining system, software and hardware criticality levels is one of the key outputs of the ARP-4761 process. This training provides attendees with the guideline information for applying safety assessments techniques, understanding the interaction between safety processes and the overall aircraft or system development processes.
SAE-ARP-4754A provides guidance for the development of aircraft and aircraft systems while taking into account the overall aircraft operating environment and functions. ARP-4754 was long “suggested” for commercial avionics; the new ARP-4754A is now required and increasingly mandatory for all avionics including worldwide militaries and UAV’s beginning as early as 2017. 
ARP-4754A is commonly called “DO-178 for Aviation Systems”, but it’s really much different :  ARP-4754A requires detailed Safety processes (ARP-4761) and data, systems-level planning, traceability, V&V and tight configuration management.  While bearing some semblance to DO-178, ARP-4754A really covers the Avionics Development Ecosystem and is a mandatory foundation – it must come BEFORE DO-178C
The processes for developing systems requirements are rigorous and formal processes must be proven in place before software and hardware development begin.
DO-254 Training
Since DO-254 was released ten years ago, the knowledge of software hardware development processes, techniques, and strategies for safety-critical hardware has vastly changed and in some cases improved.  However, there is a large gap between understanding the real intent of DO-254 certification and the minimalist words in the Book. Worldwide certification agencies such as EASA and the FAA are staffed with smart, hard-working individuals but typically they have less exposure to recent hands-on hardware development using these new technologies and advanced application of DO-254.

Avionics hardware world-wide is now commonly required to follow “DO-254” for literally all phases of development:  Safety, Requirements, Design, Logic Implementation, V&V, Quality Assurance, etc.  DO-254 was partly copied from software’s DO-178B, but there are many differences between hardware and software which must be understood to “truly” implement DO-254.  While DO-254 may seem onerous to follow, most planes, helicopters, and many UAV’s flying today must comply with it:  First-time users often complain of costs and schedules doubling while trying to comply. But is DO-254 really complex? What are the true meanings of DO-254 ? How can DO-254 be understood and applied cost-effectively the first time ?  What are the top mistakes when starting DO-254 projects and how to avoid them? What are the best practices for avionics hardware requirements, design, logic implementation, configuration management, V&V, QA, and certification ?
DO-178C Training
DO-178 has been the “Constitution” of avionics software for over 30 years. But avionics development has rapidly evolved and continues to do so:  the new DO-178C has important criteria for today ‘s avionics ranging from commercial aircraft, UAV’s, military aircraft, missiles, and helicopters; if it flies, it probably requires DO-178C. But what is DO-178C really ? Basic DO-178C requires plans, standards, and proof of highly reliable software requirements, design, code, test, CM, and QA.  But how is modern DO-178C really applied to achieve certification or true compliance ?  What are the best practices and most recent application rules for DO-178C ? We offer DO-178C training / consultancy services at all levels.
We provide private ARP-4754A, ARP-4761, DO-178C, DO-200A, DO-278A, DO-254 & ISO-26262 training and consultancy services to clients worldwide at all levels. Our instructor, Mr. Vance HILDERMAN is the author of the world’s best-selling book on DO-254 & DO-178C and has taught over 9,500 avionics engineers and managers worldwide.
DO-200A Training
DO-200A came after DO-178 so many persons incorrectly believe DO-200A is copied from DO-178:  False.  DO-200A has an entirely different premise, “preserving, ensuring, and proving data quality throughout the data processing chain”.  DO-200A is much different than DO-178, and this course explains the differences between quality “data” certification and avionics software.  This class focuses upon DO-200A’s true intent and real-world training compliance with DO-200A; also obtaining DO-200A Letters of Approval (LOA).   
What processes are required for DO-200A?  How are data quality requirements specified, managed, and proven?  What tools can be used for DO-200A and when must DO-200A tools be qualified?  What is the role of DO-200A quality assurance and audits?  What mandatory DO-200A processes are required and what are the DO-200A Best Practices?  What is the basis of DO-201 and how does it related to DO-200?   How can DO-200A compliance costs and schedule be reduced by 20-30% ?
DO-278A Training
Where DO-278 was often informally applied, DO-278A is increasingly required worldwide for aviation ground based systems: Communication Navigation Systems and Air Traffic Management (CNS/ATM). While DO-278A shares similarities with DO-178, there are important differences including Assurance Levels and classification, mitigation, commercial off-the-shelf (COTS) technology incorporation and many more.  But system/software development has rapidly evolved along with aviation airspace complexities:  many new technologies must be considered, and certified: C++, Model-Based Development, Formal Methods, COTS software/hardware, and advanced tools.
New techniques for specifying aviation requirements and design must also be understood.  But what are detailed and derived DO-278A requirements?  How can C++ and OOT be safely used and certified per DO-278A and DO-332?   What are DO-278A Model-Based Development best practices in applying DO-331?  How can legacy software/systems be certified to DO-278A?  What were the DO-278 weaknesses and how is DO-278A really different from DO-278?  How can DO-278A cost and schedule be reduced by 20-30%?
Until recently, automotive electronics could be liberally developed, trusting the good judgement and skill of the developers to yield high reliability and safety.  But the new ISO 26262 standard now requires proven processes, formal safety regimens, and “guilty-until-proven-innocent” rigor for automotive electronics.  However, many automotive manufacturers relied on senior engineers and decades of experience, thus ISO 26262 posed a huge gap in understanding and application. This course helps the attendee “close the gap” by explaining what ISO 26262 really requires and why. Similarities are explained between ISO 26262 and other standard processes including  IEC 61508, DO-178C, and CMMI, with the differences highlighted and rationalized. ISO 26262’s emphasis upon the Safety Case, Hazard Analysis, ASIL, and Functional Safety Management are clearly explained along with requisite processes to enable compliance.