I was tempted to title this article “DAL starts with Design Assurance Levels,” the first abbreviation read as if to say the should-never-exist contraction, “it’DAL…” and I’m glad I didn’t.
The beginning of any project, be it writing an article or developing aerospace software, is crucial. Arguably, it’s the most crucial piece of its success. For virtually every Avionics and aerospace project type or discipline, it really does “all start with DAL.”
DALs, Design Assurance Levels, are the key measures assigned to software and hardware functions used to determine the level of stringency applied to different components of an avionics system. Be it hardware or software, components or systems, DAL measurements and designations are effectively dependent on failure conditions of those systems and the risks associated with each failure type or degree. The greater the potential impact of a certain component’s failure, the more secure it must be. Though DALs are used in all major guidelines, we’ll stick to their applications within the primary software and hardware guidance documents, DO-178 and DO-254, respectively.
DO-178B introduced (and DO-178C continued to use) the fundamental concept of the Design Assurance Level (DAL), which defines the amount of rigor that should be applied by the design assurance process based on the contribution to Aircraft Safety. The higher the DAL, the more activities and objectives that must be performed and met as part of the Design Assurance process because of the more severe consequences to the aircraft should the software fail or malfunction. Design Assurance Level A (DAL-A) is the highest level of design assurance that can be applied to airborne software and is applied when failure or malfunction of the software could contribute to a catastrophic failure of the aircraft. The activities and objectives that must be met through the Design Assurance process gradually decrease with each level alphabetically until DAL-E, which has no objectives as there is no consequence to aircraft safety should such software fail or malfunction.
DO-254 defines and measures DAL levels with the same conditions and protocols, where DAL-A describes flight electronics hardware whose failure or malfunction could cause a catastrophic or severely hazardous condition, down to DAL-E describing hardware whose failure or malfunction would have no effect on the aircraft’s operational capability or pilot workload.
DALs are a crucial first step to the success of virtually every avionics project, and should always be highly considered when developing projects. If you want to read more about DALs and how they’re applied to and connect with other verification protocols and measures, specifically in DO-178C, check out our Handbook for The Efficient Verification Through the DO-178C Lifecycle.