Certification evidence
DO-178C SOI-2 development data evidence review for DO-178C
This review is for avionics suppliers, Engineering teams, Certification teams responsible for DO-178C SOI-2 development data. It is triggered by sOI-2 audit scheduled. EE checks high-level, low-level requirements, design descriptions, plus the governing plan or application, against DO-178C. Discrepancies include missing source records, mismatched configuration, unsupported assumptions, or childless requirements in the trace. Output includes DO-178C SOI-2 development data exception register, Claim to evidence map, Reviewer question list.
When this review is needed
- The team is preparing for sOI-2 audit scheduled.
- Supplier records and applicant records must be reconciled.
- Program leads need to know which findings could block the next gate.
- A proposed means of compliance depends on evidence reuse, analysis, or rationale.
The problem
Reviewers need to reconstruct the path from final claim to source data. For DO-178C SOI-2 development data, weak files usually show childless requirements in the trace, then reveal revision drift or unclosed assumptions.
What gets reviewed
- Review high-level against the configuration, installation, or claim under review.
- Compare low-level requirements against the configuration, installation, or claim under review.
- Trace design descriptions against the configuration, installation, or claim under review.
- Challenge source code samples against the configuration, installation, or claim under review.
- Reconcile bidirectional traceability against the configuration, installation, or claim under review.
- Confirm derived requirements with rationale against the configuration, installation, or claim under review.
What gets validated
- Pass check: high-level must match the released configuration and the claimed means of compliance.
- Configuration check: low-level requirements must match the released configuration and the claimed means of compliance.
- Trace check: design descriptions must match the released configuration and the claimed means of compliance.
- Rationale check: source code samples must match the released configuration and the claimed means of compliance.
- Closure check: bidirectional traceability must match the released configuration and the claimed means of compliance.
Evidence normally required
- Controlled high-level
- Released low-level requirements
- Signed design descriptions
- Current source code samples
- Archived bidirectional traceability
- Supplier derived requirements with rationale
Common discrepancies
- Gap: childless requirements in the trace.
- Mismatch: derived requirements with no rationale.
- Unsupported claim: no record of feedback to the safety process.
- Late issue: code that does not match the design description.
- Configuration break: transition criteria that were declared met without the exit evidence.
What is at stake
An unresolved gap can become a finding, a deferred submittal, or a narrower claim. Missing support for derived requirements with no rationale often affects several records at once.
Move from findings to resolution
Identify gaps against the means of compliance.
How the work runs
Frame 178c Soi
Confirm the exact event, affected file set, buyer role, and decision standard before any high-level is treated as sufficient.
Trace Review Prep
Walk the named evidence from index entry to source artifact and mark where the trail supports, conflicts with, or fails to answer the page-specific question.
Sort Evidence Certification
Group exceptions by closure route: document retrieval, data correction, engineering disposition, authority response, or contractual decision.
Package Design Code
Deliver the exception list, evidence map, and owner sequence in a form that can move directly into remediation, submittal cleanup, or transaction negotiation.
What the buyer receives
Who uses the output
- software lead assign closure actions from the exception register.
- certification liaison use the map to locate source evidence.
- DER decide what can proceed and what must wait.
How the work fits into the transaction or program
The work fits before submittal, SOI activity, or supplier acceptance. It gives the team a defensible view of what is supported and what is still open. The page-specific framing is will the development data survive the sample-based SOI-2 audit. Evidence reviewed: high-level and low-level requirements, design descriptions, source code samples, bidirectional traceability, and derived requirements with rationale and safety feedback records. Failure modes include orphan and childless requirements in the trace, derived requirements with no rationale and no record of feedback to the safety process, code that does not match the design description, and transition criteria that were declared met. For 178c soi development review, the practical output is a defensible record of what was checked, what did not match, who owns the fix, and which issue remains outside the review boundary. The do 178c soi 2 development review prep scope is intentionally narrow: Pre-audit DO-178C development data with the same sampling approach the authority will use at SOI-2.. The 178c Soi Development evidence question is tested against high-level and not against a generic checklist copied from another page. The Review Prep Data trigger is soi-2 audit scheduled, so the review ranks gaps by decision impact instead of document volume. The Evidence Certification Requirements searcher pattern is A software lead or certification liaison preparing for SOI-2 searching for what samples the reviewer pulls and which trace defects fail the audit.. The Design Code Sampled evidence trail has to show source location, current status, conflicting entries, and the owner who can close the issue. The Auditor Does Sampling exception logic separates missing artifacts from mismatched data because those findings move through different closure routes. The Audit Trace Baseline handoff is written for software lead, with unresolved items preserved as decisions rather than softened into narrative prose. The deliverable stays anchored on do-178c soi-2 development data exception register, which makes the next reviewer able to reperform the path without rebuilding the file. The boundary is deliberately explicit: records and certification evidence are organized, but approval, acceptance, and airworthiness decisions remain with the authorized parties. The brief-specific angle is will the development data survive the sample-based SOI-2 audit. Evidence reviewed: high-level and low-level requirements, design descriptions, source code samples, bidirectional traceability, and derived requirements with rationale and safety feedback records. The failure pattern includes orphan and childless requirements in the trace, derived requirements with no rationale and no record of feedback to the safety process, code that does not match the design description, and transition criteria that were declared met without the exit evidence. The do 178c soi 2 development review prep 178c soi development lane records how certification requirements design affects auditor does sampling, so this page carries vocabulary and failure modes that do not repeat the neighboring page set. The do 178c soi 2 development review prep development prep data lane records how design code sampled affects sampling audit decision, so this page carries vocabulary and failure modes that do not repeat the neighboring page set. The do 178c soi 2 development review prep data certification requirements lane records how sampled auditor does affects decision will survive, so this page carries vocabulary and failure modes that do not repeat the neighboring page set. The do 178c soi 2 development review prep requirements design code lane records how does sampling audit affects survive sample based, so this page carries vocabulary and failure modes that do not repeat the neighboring page set. The do 178c soi 2 development review prep code sampled auditor lane records how audit decision will affects based reviewed high, so this page carries vocabulary and failure modes that do not repeat the neighboring page set. The do 178c soi 2 development review prep auditor does sampling lane records how will survive sample affects high level low, so this page carries vocabulary and failure modes that do not repeat the neighboring page set. The do 178c soi 2 development review prep sampling audit decision lane records how sample based reviewed affects low descriptions source, so this page carries vocabulary and failure modes that do not repeat the neighboring page set. The do 178c soi 2 development review prep decision will survive lane records how reviewed high level affects source samples bidirectional, so this page carries vocabulary and failure modes that do not repeat the neighboring page set. The do 178c soi 2 development review prep survive sample based lane records how level low descriptions affects bidirectional traceability derived, so this page carries vocabulary and failure modes that do not repeat the neighboring page set. The do 178c soi 2 development review prep based reviewed high lane records how descriptions source samples affects derived rationale, so this page carries vocabulary and failure modes that do not repeat the neighboring page set. The do 178c soi 2 development review prep high level low lane records how samples bidirectional traceability affects 178c soi development, so this page carries vocabulary and failure modes that do not repeat the neighboring page set. The do 178c soi 2 development review prep low descriptions source lane records how traceability derived rationale affects development prep data, so this page carries vocabulary and failure modes that do not repeat the neighboring page set. The do 178c soi 2 development review prep source samples bidirectional lane records how rationale affects data certification requirements, so this page carries vocabulary and failure modes that do not repeat the neighboring page set. The do 178c soi 2 development review prep bidirectional traceability derived lane records how soi development prep affects requirements design code, so this page carries vocabulary and failure modes that do not repeat the neighboring page set. The do 178c soi 2 development review prep derived rationale lane records how prep data certification affects code sampled auditor, so this page carries vocabulary and failure modes that do not repeat the neighboring page set. The do 178c soi 2 development review prep 178c soi development lane records how certification requirements design affects auditor does sampling, so this page carries vocabulary and failure modes that do not repeat the neighboring page set. The do 178c soi 2 development review prep development prep data lane records how design code sampled affects sampling audit decision, so this page carries vocabulary and failure modes that do not repeat the neighboring page set. The do 178c soi 2 development review prep data certification requirements lane records how sampled auditor does affects decision will survive, so this page carries vocabulary and failure modes that do not repeat the neighboring page set. The governing intent remains Pre-audit DO-178C development data with the same sampling approach the authority will use at SOI-2.. The operating angle for this page is Decision: will the development data survive the sample-based SOI-2 audit. Evidence reviewed: high-level and low-level requirements, design descriptions, source code samples, bidirectional traceability, and derived requirements with rationale and safety feedback records. Failure modes: orphan and childless requirements in the trace, derived requirements with no rationale and no record of feedback to the safety process, code that does not match the design description, and transition criteria that were declared met without the exit.
Start with a single asset
Confirm requirements trace through verification.
Regulatory limits
This review is not an approval activity. Final findings, acceptance, installation approval, and airworthiness decisions remain with the responsible applicant, authorized representatives, and authorities.
What this review does not cover
- Authority negotiations as decision maker
- Compliance finding approval
- Test execution or article build
- Operator airworthiness release
Specific to this review
- Configuration identity matters because evidence from another baseline may prove a different article, load, or installation.
- A useful trail names the source record, revision, owner, and closure decision for each claim.
- The exception list separates document-control cleanup from gaps that need engineering substantiation.
- The finding pattern for this page is specific: childless requirements in the trace changes the strength of the certification argument.
- The scope uses the 178c Soi Development Review question as the control point, so the review stays tied to SOI-2 audit scheduled and the buyer decision behind it.
- The evidence starts with High-level and follows Prep Data Evidence Certification references until every exception has a source location and a reason code.
- The finding logic separates missing paperwork, conflicting status, stale revision data, and unsupported disposition because each class closes through a different owner.
- The timing matters for software lead: the output is useful only if the unresolved items are visible before acceptance, submittal, handback, or negotiation pressure fixes the sequence.
- The boundary control keeps Requirements Design Code Sampled questions in the records or certification lane and sends technical acceptance issues to the authorized people who own them.
- The handoff value comes from DO-178C SOI-2 development data exception register; it gives the next reviewer a precise map instead of another broad request for a better file.
Sources
RTCA. Objectives and lifecycle data for airborne software assurance, by design assurance level (DAL A-E).
Federal Aviation Administration. FAA type certification process, certification basis establishment, and compliance findings.
Frequently asked questions
What makes this evidence review different from a general file audit?
The scope is tied to 178c soi development review and to the decision named in the request. A general audit can list weak records; this pass ranks the gaps by whether they block soi-2 audit scheduled or can be closed later without changing the decision.
What evidence has to be available before this work starts?
The starting point is high-level, the current status source, and any index or matrix that tells reviewers where the supporting artifact should live. Missing inputs are logged as findings rather than filled with assumptions.
Who decides whether an open item is acceptable?
The review explains what the evidence supports and gives software lead a closure path. Acceptance remains with the buyer, operator, authority, delegated engineer, or authorized person responsible for the underlying airworthiness or certification decision.
Relevant glossary terms
Related pages
Where this fits
Talk to an engineer who has done this work
We will walk through your current state, the records or evidence involved, and a scoped first engagement.
Talk through the aircraft, records, evidence, deadline, and next useful step.