The Real Reason for Avionics Software Development Failure

April 11, 2019

Poor testing and verification and validation are often blamed for avionics software development failure. However, the cause is often a lot more fundamental than that. Discover the true cost of disastrous software design and how these can be avoided.

Airplane cockpit with two pilots

There are plenty of ways to fail at airborne software development. A few should immediately cross your mind - requirements, verification and validation (V&V), testing and coding. But there is something else that people sometimes forget and that is… design!

Indeed, design is often overlooked. Taking a ‘solution-fits-all’ approach might work in other industries, but not in avionics. In this sector, each system is developed according to very specific, unique designs. Avionics software developers depend on robust and flexible designs to achieve the necessary consistency and dependability while at the same time allowing for future system evolutions. So, what are the causes of design failure in avionics systems?

Reusing designs which are poorly understood or documented. If you are inheriting such a design, first document it, then analyse it to see if it is even worth modifying. Like modifying an old or decrepit building, it may be more cost-effective to simply start over the right way.

  • Failing to have, and verify conformance to, a software design standard that specifies details for all external and internal interfaces, including full bit patterns, encoding rules, use of any variant records, and source and destination information for all data items.
  • Failing to encapsulate hardware dependencies for future portability. Most successful avionics systems are eventually updated with newer hardware and increased functionality. Only by pre-planning future portability can future upgrades be properly accommodated.

Most people are bad at design and yet too often people point fingers at requirements or V&V teams without realising that disastrous design is actually the fundamental cause of a problem. Bad design can be a key source of V&V difficulties when it comes to incremental testing, data and control flow analysis, effective development of test stubs and many more issues.

Using frameworks and standards like AUTOSAR are key not only to enable modularity, integration and reusability, but also to create strong design. DO-178C - applied properly - can provide a useful framework for acceptable design.

Have you been overlooking the design of your airborne software?

If you are interested in learning about other common and not so common reasons for airborne software development failure and how best to avoid them, then check out our white paper “How to Fail (And How Not to Fail) at Airborne Software Development”.