DAL Allocation and Partitioning
Section 11: Aircraft & Avionics Architecture
Definition
The process of assigning Design Assurance Levels to system components based on the failure condition classifications determined during the system safety assessment, and the use of architectural partitioning to limit the propagation of faults between components of different assurance levels. Partitioning enables a lower-DAL component to coexist with a higher-DAL component on the same hardware or in the same system without requiring the lower-DAL component to be developed at the higher level.
Where This Shows Up
DAL allocation flows from the Functional Hazard Assessment (FHA) and Preliminary System Safety Assessment (PSSA) conducted per ARP 4761 and ARP 4754A. The failure condition severity (Catastrophic, Hazardous, Major, Minor, No Safety Effect) maps to the required DAL (A, B, C, D, E respectively). In an IMA architecture, partitioning (per ARINC 653 for software, or hardware segregation for electronic hardware) allows functions of different DALs to share resources. The partitioning mechanism itself must be developed at the highest DAL of any function it protects. Without adequate partitioning, all components sharing a resource must be developed at the highest DAL of any function they could affect.
Primary Sources
Guidelines for Development of Civil Aircraft and Systems — defines the DAL allocation process and the role of architectural partitioning.
Related Terms
Need help navigating certification?
Understanding the terminology is the first step. If you need expert guidance on DO-178C, DO-254, ARP4754B, or any aspect of FAA, EASA, or TCCA certification, our team is here to help.