Certification evidence
Previously developed software reuse evidence review for DO-178C
This review is for avionics suppliers, equipment suppliers, Certification teams responsible for previously developed software reuse. It is triggered by reuse of legacy software on a new program. EE checks original approval evidence, its retrievability, change impact analysis covering processor, plus the governing plan or application, against DO-178C. Discrepancies include missing source records, mismatched configuration, unsupported assumptions, or baseline evidence that no one can actually produce anymore. Output includes Previously developed software reuse exception register, Claim to evidence map, Reviewer question list.
When this review is needed
- The plan names previously developed software reuse as a required deliverable.
- The review notes that evidence was carried forward from another configuration or installation.
- The authority or authorized representative is expected to sample the records.
- Open questions need to be separated from editorial cleanup.
The problem
File volume does not settle the question. The package must show why the evidence proves can previously developed software carry its certification credit into a new installation, changed environment, or higher DAL, especially where baseline evidence that no one can actually produce anymore.
What gets reviewed
- Review original approval evidence against the configuration, installation, or claim under review.
- Compare its retrievability against the configuration, installation, or claim under review.
- Trace change impact analysis covering processor against the configuration, installation, or claim under review.
- Challenge interfacing system changes against the configuration, installation, or claim under review.
- Reconcile gap analysis of original evidence against the new required level against the configuration, installation, or claim under review.
- Confirm service experience record being cited. against the configuration, installation, or claim under review.
What gets validated
- Pass check: original approval evidence must match the released configuration and the claimed means of compliance.
- Configuration check: its retrievability must match the released configuration and the claimed means of compliance.
- Trace check: change impact analysis covering processor must match the released configuration and the claimed means of compliance.
- Rationale check: interfacing system changes must match the released configuration and the claimed means of compliance.
- Closure check: gap analysis of original evidence against the new required level must match the released configuration and the claimed means of compliance.
Evidence normally required
- Controlled original approval evidence
- Released its retrievability
- Signed change impact analysis covering processor
- Current interfacing system changes
- Archived gap analysis of original evidence against the new required level
- Supplier service experience record being cited.
Common discrepancies
- Gap: baseline evidence that no one can actually produce anymore.
- Mismatch: unchanged-software claim invalidated by a new compiler or target.
- Unsupported claim: dAL upgrades attempted by testing alone when development data does not exist at the new level.
What is at stake
The cost is rework during authority-facing activity. Teams lose time when unchanged-software claim invalidated by a new compiler or target, because closure may touch configuration control and engineering rationale.
Move from findings to resolution
Identify gaps against the means of compliance.
How the work runs
Frame Previously Developed
Confirm the exact event, affected file set, buyer role, and decision standard before any original approval evidence is treated as sufficient.
Trace Reuse Review
Walk the named evidence from index entry to source artifact and mark where the trail supports, conflicts with, or fails to answer the page-specific question.
Sort 178c Certification
Group exceptions by closure route: document retrieval, data correction, engineering disposition, authority response, or contractual decision.
Package Change Impact
Deliver the exception list, evidence map, and owner sequence in a form that can move directly into remediation, submittal cleanup, or transaction negotiation.
What the buyer receives
- Previously developed software reuse exception register
- Claim to evidence map
- Reviewer question list
- Closure action plan
Who uses the output
- software lead assign closure actions from the exception register.
- certification manager use the map to locate source evidence.
- program manager decide what can proceed and what must wait.
How the work fits into the transaction or program
This review belongs at the point where draft evidence becomes a certification package. It prevents avoidable questions from becoming formal findings. The page-specific framing is can previously developed software carry its certification credit into a new installation, changed environment, or higher DAL. The review notes that evidence reviewed: the original approval evidence and its retrievability, change impact analysis covering processor, compiler, and interfacing system changes, gap analysis of original evidence against the new required level, and the service experience record being cited. Failure modes include baseline evidence that no one can actually produce anymore, an unchanged-software claim. For previously developed software reuse, the practical output is a defensible record of what was checked, what did not match, who owns the fix, and which issue remains outside the review boundary. The previously developed software reuse review scope is intentionally narrow: Review PDS reuse claims and change impact analysis before credit is asserted in the PSAC or certification plan.. The Previously Developed Software evidence question is tested against original approval evidence and not against a generic checklist copied from another page. The Reuse Review Evidence trigger is reuse of legacy software on a new program, so the review ranks gaps by decision impact instead of document volume. The 178c Certification Pds searcher pattern is A software lead reusing legacy code on a new program searching for what evidence reuse credit requires and when re-development is unavoidable.. The Change Impact Dal evidence trail has to show source location, current status, conflicting entries, and the owner who can close the issue. The Upgrade Gaps Claim exception logic separates missing artifacts from mismatched data because those findings move through different closure routes. The Credit Audit Baseline handoff is written for software lead, with unresolved items preserved as decisions rather than softened into narrative prose. The deliverable stays anchored on previously developed software reuse exception register, which makes the next reviewer able to reperform the path without rebuilding the file. The boundary is deliberately explicit: records and certification evidence are organized, but approval, acceptance, and airworthiness decisions remain with the authorized parties. The brief-specific angle is can previously developed software carry its certification credit into a new installation, changed environment, or higher DAL. The review notes that evidence reviewed: the original approval evidence and its retrievability, change impact analysis covering processor, compiler, and interfacing system changes, gap analysis of original evidence against the new required level, and the service experience record being cited. The failure pattern includes baseline evidence that no one can actually produce anymore, an unchanged-software claim invalidated by a new compiler or target, and DAL upgrades attempted by testing alone when development data does not exist at the new level. The previously developed software reuse review previously developed software lane records how certification pds change affects upgrade gaps claim, so this page carries vocabulary and failure modes that do not repeat the neighboring page set. The previously developed software reuse review software reuse 178c lane records how change impact dal affects claim credit audit, so this page carries vocabulary and failure modes that do not repeat the neighboring page set. The previously developed software reuse review 178c certification pds lane records how dal upgrade gaps affects audit decision can, so this page carries vocabulary and failure modes that do not repeat the neighboring page set. The previously developed software reuse review pds change impact lane records how gaps claim credit affects can carry its, so this page carries vocabulary and failure modes that do not repeat the neighboring page set. The previously developed software reuse review impact dal upgrade lane records how credit audit decision affects its new installation, so this page carries vocabulary and failure modes that do not repeat the neighboring page set. The previously developed software reuse review upgrade gaps claim lane records how decision can carry affects installation changed environment, so this page carries vocabulary and failure modes that do not repeat the neighboring page set. The previously developed software reuse review claim credit audit lane records how carry its new affects environment higher reviewed, so this page carries vocabulary and failure modes that do not repeat the neighboring page set. The previously developed software reuse review audit decision can lane records how new installation changed affects reviewed original approval, so this page carries vocabulary and failure modes that do not repeat the neighboring page set. The previously developed software reuse review can carry its lane records how changed environment higher affects approval retrievability analysis, so this page carries vocabulary and failure modes that do not repeat the neighboring page set. The previously developed software reuse review its new installation lane records how higher reviewed original affects analysis covering, so this page carries vocabulary and failure modes that do not repeat the neighboring page set. The previously developed software reuse review installation changed environment lane records how original approval retrievability affects previously developed software, so this page carries vocabulary and failure modes that do not repeat the neighboring page set. The previously developed software reuse review environment higher reviewed lane records how retrievability analysis covering affects software reuse 178c, so this page carries vocabulary and failure modes that do not repeat the neighboring page set. The previously developed software reuse review reviewed original approval lane records how covering affects 178c certification pds, so this page carries vocabulary and failure modes that do not repeat the neighboring page set. The previously developed software reuse review approval retrievability analysis lane records how developed software reuse affects pds change impact, so this page carries vocabulary and failure modes that do not repeat the neighboring page set. The previously developed software reuse review analysis covering lane records how reuse 178c certification affects impact dal upgrade, so this page carries vocabulary and failure modes that do not repeat the neighboring page set. The previously developed software reuse review previously developed software lane records how certification pds change affects upgrade gaps claim, so this page carries vocabulary and failure modes that do not repeat the neighboring page set. The previously developed software reuse review software reuse 178c lane records how change impact dal affects claim credit audit, so this page carries vocabulary and failure modes that do not repeat the neighboring page set. The previously developed software reuse review 178c certification pds lane records how dal upgrade gaps affects audit decision can, so this page carries vocabulary and failure modes that do not repeat the neighboring page set. The governing intent remains Review PDS reuse claims and change impact analysis before credit is asserted in the PSAC or certification plan.. The operating angle for this page is Decision: can previously developed software carry its certification credit into a new installation, changed environment, or higher DAL. The review notes that evidence reviewed: the original approval evidence and its retrievability, change impact analysis covering processor, compiler, and interfacing system changes, gap analysis of original evidence against the new required level, and the service experience record being cited. Failure modes: baseline evidence that no one can actually produce anymore, an unchanged-software claim invalidated by a new compiler or target, and DAL upgrades attempted by testing alone when development data does not exist at the new.
Start with a single asset
Confirm requirements trace through verification.
Regulatory limits
EE provides an evidence-quality assessment only. The work does not certify an article, sign a finding, approve a plan, or decide regulatory acceptance.
What this review does not cover
- Plan approval
- DER or DOA signature
- Conformity inspection
- Supplier selection
Specific to this review
- Configuration identity matters because evidence from another baseline may prove a different article, load, or installation.
- A useful trail names the source record, revision, owner, and closure decision for each claim.
- The exception list separates document-control cleanup from gaps that need engineering substantiation.
- The finding pattern for this page is specific: baseline evidence that no one can actually produce anymore changes the strength of the certification argument.
- The scope uses the Previously Developed Software Reuse question as the control point, so the review stays tied to Reuse of legacy software on a new program and the buyer decision behind it.
- The evidence starts with Original approval evidence and follows Review Evidence 178c Certification references until every exception has a source location and a reason code.
- The finding logic separates missing paperwork, conflicting status, stale revision data, and unsupported disposition because each class closes through a different owner.
- The timing matters for software lead: the output is useful only if the unresolved items are visible before acceptance, submittal, handback, or negotiation pressure fixes the sequence.
- The boundary control keeps Pds Change Impact Dal questions in the records or certification lane and sends technical acceptance issues to the authorized people who own them.
- The handoff value comes from Previously developed software reuse exception register; it gives the next reviewer a precise map instead of another broad request for a better file.
Sources
Frequently asked questions
What makes this evidence review different from a general file audit?
The scope is tied to previously developed software reuse and to the decision named in the request. A general audit can list weak records; this pass ranks the gaps by whether they block reuse of legacy software on a new program or can be closed later without changing the decision.
What evidence has to be available before this work starts?
The starting point is original approval evidence, the current status source, and any index or matrix that tells reviewers where the supporting artifact should live. Missing inputs are logged as findings rather than filled with assumptions.
Who decides whether an open item is acceptable?
The review explains what the evidence supports and gives software lead a closure path. Acceptance remains with the buyer, operator, authority, delegated engineer, or authorized person responsible for the underlying airworthiness or certification decision.
Relevant glossary terms
Related pages
Where this fits
Talk to an engineer who has done this work
We will walk through your current state, the records or evidence involved, and a scoped first engagement.
Talk through the aircraft, records, evidence, deadline, and next useful step.