User:IveGoneAway/sandbox/FAA Order 8110.49

Objectives: ''' '''
 * 1) Coverage of the historic but now reduced Mega Order
 * 2) Redirect target for the original Orders replaced by the Mega Order (so they don't need separate stubs)
 * 3) Traceability from CASTs to the Mega Order and EASA CMs
 * 4) Traceability from the Mega Order to the replacement Orders and ACs
 * 5) Feature on DYK

FAA Order 8110.49A, Software Approval Guidelines, is an FAA publication that explains how Federal Aviation Administration (FAA) aircraft certification offices and designees (e.g., DERs) can use and apply DO-178B/DO-178C standards when reviewing software projects and conducting Software Conformity Inspections. These guidelines apply to Aircraft Certification Service and Flight Standards District Office personnel, persons designated by the administrator, and organizations associated with the certification processes required by Title 14 of the Code of Federal Regulations (14 CFR). Past revisions of the order also provided guidelines to applicants to those certification processes; for example, Leanna Rierson referred applicants to a number of chapters of the Change 1 release of Order 8110.49.

Originally known as the Mega Order because of its replacement of several FAA orders and notices with a single large FAA order, the present Revision A deals with just two subjects: The order also contains worksheets that certification authorities may use to determine their level of review involvement in a software project (previously known as Level of FAA Involvement, or LOFI).
 * The FAA Software Review Process (for assessing compliance with agreed certification bases)
 * Software Conformity Inspection.

The Mega Order
At just three chapters, the present revision is a much-reduced publication compared to its prior issues. The original Order 8110.49 issue was called the Mega Order because it collected the contents of several existing FAA Orders into a single large order. The FAA withdrew the replaced orders after their inclusion in Order 8110.49. Later, the FAA replaced Order 8110.110, splitting that Order's content into four chapters that were largely concerned with particular aspects of Configuration Management, thereby expanding Order 8110.49 to sixteen chapters.

The replaced orders and notices include:

The replaced orders' titles and their mappings to the Mega Order chapters are listed in the revision history section, below.

Background
Included in the release of DO-178B was the requirement that applicants for certification under that standard define the methods they will use to perform the required activities to accomplish the standard's objectives. Applicants sought both clarifications on guidance in DO-178B and suggestions for acceptable methods. In particular, the Commercial Aviation Safety Team (CAST) developed a number of position papers that attempted to provide clarification and standardization in application of DO-178B by DERs. These publications also included suggested methods. Some of CAST's clarification efforts contributed to the eventual publication of DO-178C, but prior to that, methods similar to those described by CAST were incorporated into some of the FAA Orders and Notices listed above.

Wording along this line appears in the 2022 AC 20-189 and AC 00-71 for management of Open Problem Reports. While these ACs do not define methods for problem reporting they do define a standard interface for problem reports, that is, standard attributes for tracking criticality and status of Open Problem Reports. However, both ACs state that applicants may define alternative means for tracking and communicating OPRs to DERs, but also that use of such alternative means may not be a "basis for affirmative enforcement action or other administrative penalty."

"Streamlining"
However, since early 2018, most of these subjects were considered too prescriptive to private applicants for inclusion in a work order of requirements for FAA employees and representatives. A few of the topics were deleted from the whole of active FAA publications. The FAA moved some of those subjects to Advisory Circulars (AC) or other publications as "supporting information". In this process, however, most of the retained topics were "streamlined", which largely meant removal of any suggested methodology, leaving only a few clarifying statements in the remnant AC publication.

streamline...AMC 20-115D on the EASA side, and AC 00-SW ...

The "sister" EASA publication is EASA CM-SWCEH-002 Issue: 01 Revision: 01 Software Aspects of Certification. This CM largely has the same chapters and contents as the FAA Mega Order. Less concerned about prescriptive guidance, the EASA has maintained their "Mega Order", even expanding it to cover 7 additional chapters.

FAA software review process
Stages of Involvement (SOIs) [see also concept introduced by CAST]

Stages of Involvement (SOIs) https://repositorio.unifesp.br/xmlui/bitstream/handle/11600/61002/Dissertation_MPIT_TMRS_Final_post_defense.pdf?sequence=1&isAllowed=y See Page 15)

FAA conformity inspection process
parameter scrubbing

With the reduction of the scope … content was moved to

Removed content
Several sections of earlier revisions have been removed. Largely, these were sections covering activities performed by applicants rather than work instructions to FAA staff and representatives. So interpreted as instruction to applicant, some of those sections became regarded as overly prescriptive. The removed sections may still be referenced by applicants where these methods are practical to their processes.

As with the recommendation that Applicants at Level D, for example, are still expected to assure that low-level requirements are developed and verified and the source code tested, an applicant may still employ the activities defined in DO-178C for the omitted objectives in doing so; however, evidence need not be submitted to the FAA.

Provided some

Was replaced by

The Software Conformity Review objective of DO-178C is not addressed by 8110.49; however, 8110.86 had 6 informative paragraphs on the subject.

Level of FAA Involvement (LOFI)
Relative Hazards of the application, experience of the developers and the maturity of their quality management systems, and the technical scope, complexities, and risks of the application,

SOI #3
Effort to date

Has or will accomplish
 * complete coverage of requirements by verification
 * adequate level of level of structural coverage by testing

Replaced FAA Orders
A series of FAA Orders and Notices for software review and approval processes were incorporated into the original and revised 8110.49, thereby replacing those orders, which were then canceled. However, the replaced orders were not entirely transcribed into the Mega Order; particularly, certain recommended methods were omitted. Even so, it can be useful to be aware of some of these omitted methods as they continued to be referenced by some developers and authors.

The following sections briefly summarize a few of the replaced notices and their omitted content.

Notice 8110.86
DO-178B/C provides some guidance on its Software Conformity Review activities but holds no guidance on the relationship to Software Conformity Inspection. Even though Notice 8110.86 Guidelines for Software Conformity Inspection and Software Conformity Review is canceled, it provides discussions of the distinct processes of Software Conformity Inspection and Software Conformity Review not found in the replacing order. FAA Order 8110.49 does nothing more that refer to Software Conformity Review by name, while 8110.86 provided 6 paragraphs of discussion to supplement the Software Conformity Review activities described in Section 8.3 of DO-178C. Knowledge of this content can be useful to applicants preparing their processes to support eventual FAA-managed audits and inspections.

Notice 8110.86 describes Design Assurance Software Conformity Inspection and Software Installation Conformity Inspection, which are replaced by the Software Part Conformity Inspection and Software Installation Conformity Inspection processes defined in 8110.49.

PCI is an assessment for existence of reasonable evidence of an airworthy design; that is, a verified type design

ICI is an assessment for existence of reasonable evidence of conformity of a part, as manufactured and installed, with its type design

Notice 8110.87
The conformity review portion of 8110.87, Guidelines for Determining the Level of Federal Aviation Administration Involvement in Software,

Revision history
The initial content was "supplemental information to DO-178B", which was guidance to software certification applicants, and was compared to DO-248B and DO-278. However, one of the efforts of the release of DO-178C was to clarify the meaning of "guidance", using that word to convey a stronger sense of obligation than "guidelines". The titles of several of the replaced orders began with the "guidelines", but their presence in the ''Order" conveyed that their contents were prescriptive to some degree.

out of place? "The FAA's position as expressed in the FAA Order 8110.49 and Software Job aid is that if an applicant provides evidence to satisfy the objectives, then the software is DO-178B compliant."

the initial 8110.49 incorporated and replaced 12 prior FAA Notices into the single order. Initially replaced … which were then canceled.

Prior to the original released of this order,

Guidelines for Software Conformity Inspection and Software Conformity Review Conformity Inspection is a certification liaison activity while Software Conformity Review is an applicant activity

Change 1 addition of 4 sections, largely concerned with issue of Configuration Management

Generally dated 2000-2002, corresponding with the release of DO-178B

Bone pile
EASA CM-SWCEH-001, EASA CM-SWCEH-002,

FAA Order 8110.105A ‘Simple and Complex Electronic Hardware Approval Guidance’, 5 April 2017 —

FAA Order 8110.49A "specifies how to determine the level of certification authority involvement in a software project."

Ferrell:"Waning Vigilance or Needed Correction?" "a number of the deleted topics have found there [sic] way into FAA AC 20-115D and the new 'software best practices' AC 00-69, both released in July of 2017. Even so, this is a significant shift in software design assurance policy. Orders are mandatory and govern how FAA personnel and their designees perform oversight of software development programs. ACs, as their name implies, are advisory only."

https://www.faa.gov/documentLibrary/media/Order/8110.49%20Chg%201.pdf |quote= [The page is titled “SW Mega Order”].

--- For example, Change Impact Analysis was clearly worded as a task of Applicants. This topic was moved, with considerable changes and reduction, to AC 00-69.

8110.110 Software Approval Guidelines, Continued 2010-01-27 to 2011-01-27
 * url=https://www.faa.gov/documentLibrary/media/Notice/N%208110.110.pdf

https://www.faa.gov/search/?q=%22mega+order%22 Change 1 “the FAA “Mega Order” know in that previous revision as SW Mega Order

http://arsa.org/wp-content/uploads/2018/04/ARSA-Hotline-FDYTC-201803.pdf Order: Software Approval Guidelines Issued 03/29/2018 Document #: 8110.49A This order explains how Federal Aviation Administration (FAA) aircraft certification staff can use and apply RTCA/DO-178B and RTCA/DO-178C when working on certification projects. The guidelines are applicable to the approval of airborne systems and equipment and the software aspects of those systems. Because it’s impractical to cover all situations or conditions, supplement these instructions with good judgment when handling problems.

Synopsis of 2003 FAA National Software Conference Reno, Nevada • Sept. 16-19, 2003 By Mike Kress http://asq.org/software/2004/01/software-quality-v58-i01-full-issue.pdf FAA Order 8110.49 Software Approval Guidelines John Lewis Software Specialist FAA Aircraft Certification Service AIR 120 John Lewis is a computer engineer and software specialist for AIR 120 in Washington, D.C. He has experience in developing FAA Notices, Orders, TSO’s, and advisory circulars. He currently serves as secretary for RTCA SC 200 for IMA. John graduated from Virginia Tech with a BSEE and from Florida Tech with a Masters in Engineering Management and Business Administration. John reported on the consolidation of the 8110 series of FAA Notices into a single Mega-Order 8110.49 with 12 chapters.8110.49 incorporates 11 existing Notices and was coordinated within the FAA, industry and the public:
 * journal= Software Quality |issue = No.1 Winter 2004

Most of the information in these chapters was preserved from the original release of the Mega-Order, with the exception of Chapter 4 on Software Conformity Inspection and Chapter 6 on PMA via licensing agreements, which were significantly revised.

FAA Order 8110.49 Software Approval Guidelines John Lewis Software Specialist FAA Aircraft Certification Service AIR 120 John Lewis is a computer engineer and software specialist for AIR 120 in Washington, D.C. He has experience in developing FAA Notices, Orders, TSO’s, and advisory circulars.He currently serves as secretary for RTCA SC 200 for IMA. John graduated from Virginia Tech with a BSEE and from Florida Tech with a Masters in Engineering Management and Business Administration. John reported on the consolidation of the 8110 series of FAA Notices into a single Mega-Order 8110.49 with 12 chapters.8110.49 incorporates 11 existing Notices and was coordinated within the FAA, industry and the public: Chapter Topic 1 Introduction 2 Software Review Process 3 LOFI* in software Projects 4 SW Conformity 5 Approval of FLS 6 PMA of FLS 7 Approval of UMS 8 Previously developed Software 9 Qualification of software tools 10 Software Changes in Legacy systems 11 SW Change Impact Analysis 12 Reused software life cycle data Most of the information in these chapters was preserved from the original release of the mega-order, with the exception of Chapter 4 on Software conformity and Chapter 6 on PMA via licensing agreements, which were significantly revised.
 * Level of FAA Involvement

Update of the Software Review Job Aid Leanna Rierson National Resource Specialist Leanna Rierson is the FAA’s chief scientist and Technical Advisor for Aircraft Computer Software since 1999. She has over 15 years’ experience in the computer/aviation industry.She graduated summa cum laude with a bachelor’s degree in electrical engineering. She also holds a master’s degree in software Engineering and is pursuing a doctorate. The Software Review Job Aid was first released in 1998 to provide a tool for standardized reviews by FAA engineers and designees and to improve the quality of the reviews. The purpose of the update is to address policy that has change and matured, correct errors, and implement lessons learned. The tool has four parts: Overview Software Review Tasks Stages of Involvement (SOI) Activities and Questions Summary of Compliance/Findings The Job Aid is built around the framework and requirements of DO-178B and the guidance of 8110.49. The stages of involvement are the classical R-D-C-I life cycle stages and the Aid provides guidance to the review of the artifacts of those stages. Many of the changes were editorial in nature but some added new material to accommodate developments in OO, the realtime development course, and the new 8110.49 order.