"Implementation details" in code versus DO-178
This article discusses the degree of freedom in implementation of code versus low level requirements, for compliance with DO-178, and for DALs A, B, C. Some people are talking about “implementation details” but they often have difficulties to know what is behind this wording and what is DO-178 compliant or not. This article does not address the complete flow of declination from high level requirements to architecture and low-level, but has the unique objective to discuss what the “implementation details” at code level means.
Example with LLR: "If input I1 is < 100 LSBs or > 500 LSBs, an error shall be sent to …" (traced to HLR: If input i1 is < 1VDC or >5VDC, an error shall be sent to …). Extract from Hw/Sw interface document: Input I1 is red from ADC, at address XXX. Possible value is between 0 and 1024 LSBs. 1 LSB = 10mVDC.
Below are 3 different examples of code matching the DO-178 and one which is not matching.
In the 3 examples above, there are 3 different ways (Code 1, Code 2 and Code 3) to code the LLR: this is acceptable degree of freedom if doing what, and only what, is requested in the LLRs.
Author: Luc Pelle - System Design Assurance & Certification Manager, PMV Consulting & Services