With the Ethiopian Airlines crash there are many people are talking about software bugs and planes. It's a tragedy whenever there is a loss of life in aviation. It's amazing how safe aviation has come, but the industry has to continue to improve.
In order to maintain a high level of assurance the FAA follows a strict process to approve aircraft software.
A major part of these approval guidelines is a document called the DO-178C. It's the framework that the FAA uses to evaluate if a piece of software has gone through the rigor required to be considered airworthy.
The DO-178C is maintained by RTCA and costs a couple hundred bucks. I bought a copy of it and it is exactly what I expected. There are some neat diagrams, but it's mostly a big list of software development life cycle requirements.
Not much is documented publicly about the DO-178C but it's basically a big security compliance cert, like PCI or SOC2 but very specialized. Additionally not much is publicly documented about actual aircraft software. The information is kept mostly in the brains of industry insiders.
I wanted to change this by FOIA requesting more information about the DO-178C. It was denied because of trade-secret protections.
As the entire aviation industry began including more and more software in systems like the glass cockpit of the Boeing 787, or the Manueving Characteristics Augmentation System of the Boeing 737 Max that is in the news this week, flight has remained very safe with only a few software related incidents.
The DO-178C is major positive despite that little is known about the process outside of the aviation industry. Other industries like the automotive industry or the autonomous vehicle industry (once it is more developed) would benefit from a similar standard.
I think we will eventually have similar requirements in cars, but it will likely be more complex to implement due to the number of automotive manufacturers and the number of countries they are in.
March 10, 2019