The Big Standards Map

An SAE Aerospace Recommended Practice that provides guidelines for the development of civil aircraft and systems, considering the overall aircraft operating environment and functions. ARP4754B defines the aircraft and system development process, including planning, requirements capture, design, implementation, integration, verification, validation, configuration management, quality assurance, and certification liaison. It establishes the framework for assigning Development Assurance Levels (DALs) to functions, systems, and items based on failure condition severity, and describes the integral processes (safety assessment, requirements management, validation) that support development assurance.

An SAE Aerospace Recommended Practice that provides guidelines and methods for conducting the safety assessment process on civil airborne systems and equipment. ARP4761A describes the Functional Hazard Assessment (FHA), Preliminary System Safety Assessment (PSSA), System Safety Assessment (SSA), and Common Cause Analysis (CCA) processes, along with detailed guidance on specific analysis methods including Fault Tree Analysis (FTA), Failure Modes and Effects Analysis (FMEA), Markov Analysis, Dependency Diagrams, and other techniques used to demonstrate compliance with 25.1309 and equivalent regulations.

The primary guidance document used by certification authorities and industry for the development of airborne software. DO-178C defines the objectives, activities, and design considerations for software that performs functions in airborne systems and equipment. It establishes a framework of software lifecycle processes — planning, requirements, design, coding, integration, verification, configuration management, quality assurance, and certification liaison — with objectives that scale based on the software level (DAL A through E). DO-178C replaced DO-178B in 2011, adding technology-specific supplements and clarifying objectives.

A supplement to DO-178C that provides guidance on the qualification of software tools used in the development and verification of airborne software. DO-330 defines Tool Qualification Levels (TQL-1 through TQL-5) based on the potential impact of the tool on the airborne software and the software level. Tools that could introduce errors into the airborne software (development tools) or that could fail to detect errors (verification tools) require qualification at levels commensurate with their impact. The qualification process involves defining tool operational requirements, verifying the tool against those requirements, and demonstrating that the tool satisfies its qualification objectives.

A supplement to DO-178C that provides additional guidance for the use of model-based development and verification in airborne software. DO-331 addresses the use of models (such as Simulink, SCADE, or UML models) as design and requirements representations, including the specification of model-level requirements, simulation-based verification, and auto-code generation from models. The supplement defines when models can be used as requirements, design, or source code, and specifies additional objectives for model coverage analysis, model reviews, and traceability between models and the airborne software.

A supplement to DO-178C that provides additional guidance for the use of object-oriented technology (OOT) and related techniques in airborne software. DO-332 addresses the specific concerns that OOT introduces — including inheritance, polymorphism, dynamic dispatch, overloading, type conversion, exception handling, and templates/generics — and defines additional objectives to ensure these features do not compromise software development assurance. The supplement includes guidance on OOT-specific structural coverage criteria, such as subtype and dynamic coupling measures.

A supplement to DO-178C that provides guidance for the use of formal methods in airborne software development and verification. Formal methods use mathematically rigorous techniques to specify, develop, and verify software. DO-333 allows certain DO-178C objectives to be satisfied through formal analysis rather than through testing, provided the formal analysis is demonstrated to be sound and complete for the properties being verified. The supplement addresses formal specification, formal verification (theorem proving, model checking, abstract interpretation), and the relationship between formal analysis and traditional testing and review activities.

The primary guidance document for design assurance of airborne electronic hardware, including complex programmable hardware devices such as FPGAs, ASICs, PLDs, and complex COTS components. DO-254 defines a hardware design lifecycle similar in structure to DO-178C's software lifecycle, including planning, requirements capture, conceptual design, detailed design, implementation (synthesis, place-and-route), verification, configuration management, and process assurance. The objectives scale based on the hardware Design Assurance Level (DAL A through E). DO-254 applies specifically to complex electronic hardware; simple hardware items may be addressed through conventional quality assurance processes.

The standard that defines environmental test conditions and procedures for airborne equipment. DO-160G specifies the environmental tests that equipment must pass to demonstrate it can function correctly in the aircraft environment, including tests for temperature (altitude, temperature variation, thermal shock), vibration (random, sinusoidal), humidity, shock, power input (normal and abnormal power conditions), voltage spike, audio frequency conducted susceptibility, induced signal susceptibility, radio frequency susceptibility (radiated and conducted), radio frequency emission, lightning (direct and indirect effects), icing, fluid susceptibility, sand and dust, fungus, salt spray, magnetic effect, fire/flammability, and waterproofness.

A standard that establishes requirements for the processing of aeronautical data to ensure data quality and integrity throughout the data chain. DO-200B defines a framework for data quality requirements including accuracy, resolution, integrity, traceability, timeliness, and completeness. It applies to organizations that originate, process, or distribute aeronautical data used in airborne systems, including navigation databases, terrain databases, and obstacle databases. The standard requires data quality assurance processes, including independent verification, configuration management, and traceability from data source to end use.

A standard that defines the airworthiness security process for aircraft systems, addressing intentional unauthorized electronic interactions (IUEI) — cybersecurity threats — that could affect the safety of the aircraft. DO-326A establishes a security risk assessment process that evaluates how threat agents could exploit vulnerabilities in aircraft systems to cause failure conditions. The standard defines security objectives commensurate with safety impact: systems whose compromise could lead to catastrophic failure conditions require the most rigorous security measures. DO-326A integrates security considerations into the existing safety assessment framework of ARP4754B and ARP4761A.

A companion document to DO-326A that provides detailed methods and considerations for implementing the airworthiness security process. While DO-326A defines the process framework, DO-356A provides practical guidance on security risk assessment methods, threat modeling, vulnerability analysis, security requirements development, security architecture design, and security verification. DO-356A addresses topics such as attack surface analysis, threat identification, security testing (penetration testing, fuzz testing), and the relationship between security assurance and development assurance levels.

A standard that provides guidance on managing information security aspects related to the continuing airworthiness of aircraft throughout their operational life. While DO-326A and DO-356A address security during type design and certification, DO-355 addresses the ongoing security management after the aircraft enters service. This includes guidance on monitoring for new threats and vulnerabilities, assessing the airworthiness impact of security events, managing security patches and updates, and maintaining the effectiveness of security measures over the aircraft's operational life.

The EUROCAE publication of the software certification guidance document that is technically identical to RTCA DO-178C. ED-12C is published by EUROCAE (European Organisation for Civil Aviation Equipment) and is the European designation for the same standard. ED-12C is referenced by EASA through AMC 20-115D as the acceptable means for airborne software development assurance in the European regulatory framework. All technical content, objectives, tables, and appendices are identical to DO-178C.

The EUROCAE publication of the hardware design assurance guidance document that is technically identical to RTCA DO-254. ED-80 is referenced by EASA as the acceptable means for complex airborne electronic hardware design assurance. All technical content, objectives, and guidance are identical to DO-254.

The EUROCAE publication of the environmental test standard that is technically identical to RTCA DO-160G. ED-14G defines the same environmental test conditions, procedures, and categories as DO-160G. It is referenced in EASA certification specifications, ETSOs, and certification programs as the accepted environmental qualification standard for airborne equipment.

The EUROCAE publication of the systems development assurance guidance that is technically aligned with SAE ARP4754B. ED-79B provides guidelines for the development of civil aircraft and systems, addressing the same topics as ARP4754B: system development processes, development assurance level assignment, safety assessment integration, validation, verification, and configuration management. ED-79B is referenced by EASA in AMC 20-152A.

The EUROCAE publication of the safety assessment guidelines that is the European equivalent of SAE ARP4761A. ED-135 provides guidelines and methods for conducting the safety assessment process, including FHA, PSSA, SSA, and CCA, as well as detailed guidance on analysis methods such as FTA, FMEA, Markov Analysis, and Dependency Diagrams. ED-135 is referenced by EASA in certification specifications and acceptable means of compliance.