ARP 4754A and its relation to DO-254 & DO-178C
ARP 4754A, “Guidelines for Development of Civil Aircraft and Systems,” as the name suggests addresses the development processes of aircraft and their systems. The initial version (ARP 4754) was published in November 1996 and Revision A was released in December 2010. The FAA recognized the document as an acceptable means of compliance via AC 20-174, published November 2011.. EUROCAE publishes the same document under the name ED-79 for the European audient.
Unlike DO-254 and DO-178C, ARP 4754A was developed by the Society of Automotive Engineers (SAE) working group called S-18. While documents developed under the RTCA simply begin with “DO” (for document), SAE documents are known as Aerospace Recommended Practice (ARP) documents and begin with this prefix. But the RTCA and SAE differ in more than just document naming. The style and philosophy of their documents differ as well. The SAE ARP documents provide more description and examples than the RTCA style documents. Many people find them easier to read and understand.
ARP 4754A relates to DO-254 and DO-178C by defining the aircraft and its systems, and flowing down the information that is pertinent to these lower levels of design. The ARP 4754A system requirements process feeds item requirements down into the processes of hardware and software. When the processes of DO-254 and DO-178C create new “derived requirements”, they must feed these requirements back up to the system (ARP 4754A) and safety (ARP 4761A) processes to ensure they do not adversely affect safety.
Likewise, the combination of the system architecture (defined within the bounds of ARP 4754A) and the system safety analysis (guided by ARP 4761(A) determine the Development Assurance Level (DAL) of each aircraft system. ARP4754A introduced two new terms: FDAL and IDAL. ARP 4754A determines the Functional Design Assurance Level (FDAL) during the Aircraft level safety assessment. ARP 4754A also assigns the item DAL (IDAL) for that portion of the system provided by the related hardware or software item. The IDAL defines the objectives and activities that DO-254 and DO-178C applicants must meet during their own compliance processes.
Also, in some newer areas of concern – such as with Single Event Upsets (SEU), the systems and safety processes tightly iterate and integrate with the hardware development, component selection, and compliance processes of DO-254.
What follows is a summary of the ARP 4754A document, describing each main step in the system development flow. The ARP 4754A applicant must go through an extensive aircraft and systems planning phase, which guides the five processes of aircraft/system development, the integral processes, and data/documentation. Each step has its own plans to guide it, its own objectives and activities, its own reviews to verify everything, and its own artifacts to show evidence of compliance.
The five processes of aircraft/system development are:
- Aircraft Function Development
This iterative process assigns top level functions (e.g., flight control, engine control, navigation, guidance, braking, etc.) to systems.
- Allocation of Aircraft Functions to Systems
This process groups system functions in order to allocate requirements from the systems level, and considers failure effects, implementation constraints, and interaction with aircraft architecture. This is the phase in which the team establishes the FDALs of each system.
- Development of System Architecture
This process establishes the structure and boundaries for each specific item to meet requirements, while iteratively considering the FHA, PASA, PSSA and CCA.
- Allocation of System Requirements to Items
This is where the team establishes the hardware and software IDALs and assigns them to the appropriate DO-254 and DO-178C teams.
- System Implementation
In this phase, the systems team flows the pertinent information down from the system process to hw/sw development processes. This information includes traceability, along with final product implementation and associated data. Note that the DO-254 and DO-178C processes feed information back up as noted also.
The Integral Processes are:
- Safety Assessment
This process links to ARP 4761(A), which performs safety assessment of aircraft and systems (preliminary and final) along with functional hazard assessments, common cause assessments, etc.
- Development Assurance Level Assignment
The aircraft level FHA and PASA result in assigning Function DALs, which the aircraft and system level safety analysis then validate. Item DALs result from analyzing the item function within a safety context.
- Requirements Capture
The team documents the aircraft/system requirements.
- Requirements Validation
The team validates the requirements to ensure they are the correct requirements for the system.
- Configuration Management
This process ensures proper data control and replication.
- Process Assurance
The Process Assurance representative ensures that the team adheres to the aircraft/system plans and documents any deviations.
- Certification & Regulatory Authority Coordination
The certification authority and regulatory authority review plans, processes, and artifacts periodically to ensure compliance.
ARP 4754A uniquely identifies data and documentation flowing out of these processes.
Certification Overview Course
You can learn more by purchasing the ARP 4754A document from SAE. If you want your team trained on the basics of certification with an overview of ARP 4754A, Tammy has a half day class that covers this. It’s a great way to get an entire team (systems, hardware, software, management, QA, etc.) all on the same page prior to starting a program. Learn more about the Certification Overview course.