Software development and verification has become increasingly important for all aerospace systems. The number of software lines of code in aerospace systems continues to increase. Military aircraft systems manufacturers face a particular challenge for software development and verification of safety-critical systems. Because military aircraft systems integrators often rely on suppliers familiar with the civil market, the infrastructure and familiarity with RTCA DO-178C “Software Considerations in Airborne Systems and Equipment Certification” is often leveraged as part of supplier contracts.
However, DO-178C is not identical to military software verification practices and methods prescribed in defence standards, such as the United States Department of Defense Handbook MIL-HDBK-516C “Airworthiness Certification Criteria”, United States Department of Defense Standard Practice MIL-STD-882E “System Safety”, United Kingdom Ministry of Defence standard 00-055 , “Requirements for Safety of Programmable Elements in Defence Systems” , and other military guidance . Further complicating the landscape is that military aircraft have the requirement to fly in civil airspace, and therefore their communication, navigation, and surveillance equipment standards must map to DO-178C for compatibility with civil requirements.
So, to what extent can DO-178C principles be followed in pursuit of military airworthiness certification?