Plan for Software Aspects of Certification (PSAC) review

When this review is needed

• A new software program is starting and the plan needs an independent read before the authority is asked to agree to it.
• The software level changed after the safety assessment and the plan has to be reconciled with the new objectives.
• Reused or commercial-off-the-shelf software is in scope and the plan has to state how credit will be claimed.
• A program was inherited mid-stream and the team wants to know whether the existing plan still describes what is being built.

The problem

The PSAC sets the terms the rest of the software program is judged against, yet it is often written once and left behind as the design moves. When the plan names a software level that no longer matches the safety assessment, or commits to lifecycle data the team is not actually producing, the gap surfaces during a stage-of-involvement review rather than at the desk where it could have been fixed cheaply.

What gets reviewed

• The assigned software level and its consistency with the safety assessment
• The lifecycle data the plan commits to produce and the objectives each item covers
• The standards the plan invokes and how the supplier verification approach is described
• Reuse, commercial-off-the-shelf, and previously developed software credit claims
• Consistency between the PSAC and the companion plans for development, verification, and configuration management
• Transition criteria between lifecycle phases and the entry conditions each phase declares

What gets validated

• The software level stated in the plan matches the level assigned by the safety assessment
• Each DO-178C objective expected at the assigned level maps to planned lifecycle data
• Reuse and commercial-off-the-shelf credit claims state the basis on which credit is sought
• Transition criteria between lifecycle phases are defined rather than implied
• The PSAC and the other software plans describe the same program without contradiction
• Verification independence is described where the assigned level requires it explicitly

Evidence normally required

• The current PSAC draft
• The safety assessment output that drives the software level
• The companion software development, verification, and configuration management plans
• Any prior authority correspondence or plan agreement notes

Common discrepancies

• A software level in the plan that no longer matches the safety assessment
• Objectives the level requires that have no planned lifecycle data behind them
• Credit for reused or off-the-shelf software asserted without a stated basis
• Verification independence described loosely where the level expects it explicitly
• Plan set members that contradict each other on tooling or transition criteria

What is at stake

A plan the authority will not agree to stalls the program before development objectives can be credited. Rework on the plan ripples into the verification approach and the supplier oversight terms, and the schedule absorbs the cost.

How the work runs

What the buyer receives

• A marked-up PSAC with each gap flagged against the relevant objective
• A list of plan commitments that are missing, vague, or inconsistent
• A short remediation note ordered by likely review impact

Who uses the output

• Certification leads taking the plan into authority agreement
• Software engineering leads adjusting the lifecycle data commitments
• Program management aligning the companion plans before the program scales

How the work fits into the transaction or program

The review steadies the plan the authority agrees to first, so the objectives credited later rest on a stable foundation. It pairs with a Software Accomplishment Summary review at the other end of the program, when the plan is checked against what the program actually delivered.

Regulatory limits

The review checks the applicant's plan for consistency and DO-178C alignment. It does not agree the plan on the authority's behalf, make compliance findings, or guarantee that the authority will accept the software level or the credit claims the plan asserts.

What this review does not cover

• Agreeing the plan or making findings on the authority's behalf
• Assigning the software level or performing the safety assessment
• Writing the lifecycle data the plan commits to produce

Specific to this review

• The PSAC is the artifact the authority agrees to first; an unstable plan undermines every objective claimed later.
• Software level drift after the safety assessment is a recurring cause of late plan rework, because the plan is rarely re-read when the level changes.
• Reuse and commercial-off-the-shelf claims that omit the basis for credit are flagged during plan review rather than at submittal.
• A PSAC commits the supplier to a fixed set of lifecycle data; planning to produce less than the level requires is visible at the desk long before a stage-of-involvement review.

Sources

Frequently asked questions

Relevant glossary terms

Related pages

Where this fits