Assuring software quality

LRQA’s director for Aerospace Business Assurance Services, Dan Carmel reveals how aerospace software has set the quality standards for emerging software across other industries.

For years, the aerospace industry has had to confront the challenges of integrating software, hardware and user interfaces into environments that are often hostile to these systems. These include platform cockpits high in EMC, on-board processing hubs subject to interference, operational theatres undergoing jamming signals and airspaces with complex interoperability needs - all while managing obsolescence and environmental effects.

For many industries, this type of challenging product landscape consisting of interoperability needs, security risks and rapid obsolescence is only just emerging. This is especially true for automotive, rail and UAM vehicles, where on-board vehicle software-based systems are tasked with handling more automation, connectivity and real-time data than ever; all while maintaining security and datalink encryption at levels that can be considered military grade. Crucially, we cannot talk about software quality without including software security, DevSecOps and encryption, all of which are intrinsic parts of software quality, however, these are beyond the scope of this article focusing of software quality.

Whether it is a tablet-style controller for flying a UAV, a commercial IoT-enabled temperature control for a HVAC system or a networked device for controlling a CNC machine, these devices’ digital communications and other interfaces must be qualified during hardware/software integration. The aim is to verify that the whole system’s software will interact with the end-users and perform as expected in the intended environments and for this, quality in software development and construction is essential.

Due to the vast array of functional, security, interoperability and obsolescence requirements, software standards for the development of these increasingly digital systems are mainly internal, numerous and industry-specific. Industry lacks a consensus on what these standards should look like. So, we can turn to the sector that has been doing this for years: aerospace.

SW/HW development

In the aerospace industry, the manufacturing of products now needs to consider software integration more than ever before. One of the big delays affecting current Block 4 F-35 deliveries is the TR-3 software and sensor upgrade, which has led to increased temperatures in the central avionics core processing unit causing a redesign in cooling structures and hardware. In manufacturing, the aluminium metalwork that entombs many avionics motherboards needs to consider the on-board level of software function, sensor processor core temperatures, interference from EMC, conduction and convection from heat sinks, anti-vibration bonding, conformal coatings as well as the more traditional physical requirements of thickness, humidity, pressure, vibration and so on. One well-known point is that efficient, quality software leads to better temperature and functional performance of hardware, enhancing longevity and efficiency of the product.

One key method of assessing all these variables and the quality of software being run is to utilise ‘hardware in the loop’ (HIL or HWIL) design & testing[1]. This entails connecting the software-based device(s) to all communications, user interfaces and environments with which it will interface in real-world use and to perform a variety of tests. It can be an expensive and time-consuming activity but necessary to assure the software/hardware quality and performance in systems that are critical to control, can affect safety or impact overall functionality of a product.

Standards of software quality assurance have been refined and are now well-established via the latest NATO AQAP standards, as well as the SAE’s AS9115A software quality management supplement to the well-known AS 9100 requirements. Both standards are increasingly seen by many OEMs and software-based product developers across industrial sectors as a source of best-practice and a supporting framework that can be readily accepted into their wider quality management systems.

Quality Assurance Publications for Software - AQAP 2210:2022: Though currently unaccredited by any national accreditation bodies, this standard for quality assurance of software was developed by NATO, at the national level, for suppliers into the organisation. Along with other AQAP standards, (AQAP-2110: QA Requirements in Design, Development & Production and AQAP-2310: QA Requirements for Aerospace, Space & Defence suppliers) these formalise NATO’s (and many defence ministries’) quality assurance requirements for design, development and production of systems that serve the aerospace sector at the highest levels of functionality, security and reliability.

These software standards do not replace but come to include the ISO 9001 and AS 9100 standards, with additional requirements that are NATO-specific and beneficial, such as how products are certified and released, issuing of certificates of conformity, establishing a quality plan and risk register, enhanced configuration management, product and system performance evaluation, identification, traceability and dependability throughout the lifecycle.

In terms of software development and quality control, AQAP 2210 takes a full view of the end-to-end quality managed system applied to software development, via a waterfall model and although security is a key stakeholder, it does not govern key design considerations, such as security-by-design, physical security or obsolescence management. There are other standards for security considerations, such as coding standards and now, embedding automated checks early within the SDLC[2].

The AQAP 2210 standard does not specify any software development model, nor does it stipulate which software development methods should be used. It defines the requirements for software quality management activities and their documentation within a software quality plan. It fosters evaluation of the software quality management activities to ensure their effectiveness and takes a functional, rather than organisational, approach for software quality management that is common at all levels of the supply chain and removes organisation-specific requirements and terminologies.

A more specific standard for deliverable on-board software, AS9115A for aerospace applications is a fully integrated and applicable part of AQAP 2210. The two standards complement one-another to give full, software-specific clarification of requirements associated with products and processes that support design, development, and deployment of deliverable software into the aerospace sector. This standard can also be applied to any sector where software is a deliverable, which is increasingly the case across industries where products become more software-driven, not to mention AI-enabled, which is where ISO 42001:2023 for AI development comes in. Although a separate conversation for now, responsible development of AI enabled products will legally be required in the near future – requiring a comprehensive balance of innovation, security and quality[3].

Independent Assurance of Software Quality: LRQA can deliver consultancy, audits and assessments of client software quality management methodologies and performance, in line with AQAP 2210 and AS9115A. While there is currently no accredited certification to these standards, LRQA’s experienced software quality consultants and auditors can facilitate the deployment of best-practice that these standards require and through which, organisations involved in software development can implement aerospace-grade software quality principles and methodologies.

Whether through gap analyses, process assessments or a full audit programme of software development, LRQA can deploy a range of tools and personnel to ensure that your software quality management brings in the best practice as established by these aerospace industry standards. These standards have evolved over years and are designed to solve the kinds of software quality challenges that other sectors, such as automotive, rail and marine, are only just beginning to encounter as digitalisation and autonomous systems impact their product designs too.

[1] Assuring IoT device robustness through HIL testing, New Electronics magazine, March 2023

[2] BSIMM 13 Trends and Insights Report, Synopsis Application Security Leaders, November 2023

[3] Highlights of the 2023 Executive Order on Artificial Intelligence for Congress, Congressional Research Service, November, 2023

www.lrqa.com