Maximizing aviation safety worldwide via optimized ARP4754A & ARP4754B aircraft systems engineering knowledge

Introduction To
ARP4754A & ARP4754B

Evolution of standard: ARP4754 🡢 ARP4754A 🡢 ARP4754B

You now know the “Old Days” of technology refer to any time prior to last year.  In the Very Old Days (moon landings, space shuttles, commercial jets with four engines) safety was addressed by brains and refinement: smart engineers did their best to prevent accidents then refinement was applied when those best efforts were less than perfect. In the Very Old days, computing horsepower was thinner, schedules were fatter, and acceptable safety generally ensued: space shuttles had a 98.5 percent chance of not exploding and commercial aircraft had fatal crashes “only” a few times annually.  Then the very old days gave way to mere old days, and the very old ways didn’t work as well.  Some said the engineers were not as smart while others said those engineers were trying to make the computers too smart. But all agreed that more formalized safety was needed and the Society of Automotive Engineers (SAE) had been handling Aerospace Recommended Practices (ARP’s) for decades.  SAE ARP4754, Certification Considerations for Highly-Integrated or Complex Aircraft Systems, was published in November 1996.  Its tightly-coupled sibling ARP4761, Guidelines and Methods for Conducting the Safety Assessment Process on Civil Airborne Systems and Equipment, was published the next month, December 1996. 

Download ARP4754 Handbook
Afuzion : Image of a document titled "arp4754a - introduction for engineers and managers," with text detailing safety and requirements in aviation systems engineering.
Afuzion : A man stands presenting in front of a screen in a conference room, engaging an audience of seated professionals.
Afuzion : A presenter discussing a flowchart during a business workshop in a conference room filled with attendees using laptops.

ARP4754A Today

The revised ARP4754A is officially titled “Guidelines for Development of Civil Aircraft And Systems.” It covers the development cycle for aircraft and avionics systems. Rarely can one judge a book by its cover or title; however, in this case, the title literally conveys a powerful message:  if you are involved with development of aircraft or systems, you should be well versed in ARP4754A’s ‘guidelines.’  Why?  There are two key points which should be understood before first opening the pages of ARP4754A:
  1. ARP4754A’s title states “guidelines,” but failure to understand and apply ARP4754A may reduce safety and will greatly reduce your ability to achieve certification. The ability to demonstrate robust, safe avionics begins with the approach to systems safety before development. It is very difficult to apply retrospectively in order to rectify a weak system.
  2. While its predecessor ARP4754 was largely similar, too many organizations treated it as “optional” befitting its name “Guideline”; however, certification organizations worldwide have increasingly, and formally, mandated adherence to this latest version, ARP4754A.
For experienced, proficient developers of aircraft or aircraft systems, ARP4754A reads like a book for maintaining good personal health: make a plan for health, understand healthy living, be safe, eat well, reduce stress, exercise, sleep, get regular check-ups to prove you followed your health plan, and repeat. For aircraft, an analogous synopsis of ARP4754A would state:
  1. Plan your aircraft/system’s development lifecycle ecosystem;
  2. Implement Safety activities per ARP4761 (ARP4761A starting in 2018);
  3. Define and justify Assurance Level;
  4. Define system architecture and requirements; Validate;
  5. Perform Verification and Configuration Management;
  6. Implement Process Assurance and prove Transition Criteria.
Afuzion : Three interlocking gears labeled "systems," "software," and "safety," with arrows indicating movement between them.
Remember the Safety, Systems & Hardware/Software ecosystem depicted below:
Figuratively and literally, systems development via ARP4754A is the centerpiece: it is preceded by, and must consider, the safety assessment which is used to help define aircraft/system architecture, and aircraft/system safety requirements. In turn, it precedes software and hardware development yet system considerations are continuously addressed during the entire software and hardware development. A refined view of the relevant guidelines is depicted here:
Afuzion : Flowchart showing the relationship between safety, aircraft, and implementation guidelines with reference labels, from arp4761a through various dos.
Download ARP4754 Handbook
Afuzion : A man stands presenting in front of a screen in a conference room, engaging an audience of seated professionals.
Afuzion : A presenter discussing a flowchart during a business workshop in a conference room filled with attendees using laptops.

ARP4754A Today

The revised ARP4754A is officially titled “Guidelines for Development of Civil Aircraft And Systems.” It covers the development cycle for aircraft and avionics systems. Rarely can one judge a book by its cover or title; however, in this case, the title literally conveys a powerful message:  if you are involved with development of aircraft or systems, you should be well versed in ARP4754A’s ‘guidelines.’  Why?  There are two key points which should be understood before first opening the pages of ARP4754A:
  1. ARP4754A’s title states “guidelines,” but failure to understand and apply ARP4754A may reduce safety and will greatly reduce your ability to achieve certification. The ability to demonstrate robust, safe avionics begins with the approach to systems safety before development. It is very difficult to apply retrospectively in order to rectify a weak system.
  2. While its predecessor ARP4754 was largely similar, too many organizations treated it as “optional” befitting its name “Guideline”; however, certification organizations worldwide have increasingly, and formally, mandated adherence to this latest version, ARP4754A.
For experienced, proficient developers of aircraft or aircraft systems, ARP4754A reads like a book for maintaining good personal health: make a plan for health, understand healthy living, be safe, eat well, reduce stress, exercise, sleep, get regular check-ups to prove you followed your health plan, and repeat. For aircraft, an analogous synopsis of ARP4754A would state:
  1. Plan your aircraft/system’s development lifecycle ecosystem;
  2. Implement Safety activities per ARP4761 (ARP4761A starting in 2018);
  3. Define and justify Assurance Level;
  4. Define system architecture and requirements; Validate;
  5. Perform Verification and Configuration Management;
  6. Implement Process Assurance and prove Transition Criteria.
Afuzion : Three interlocking gears labeled "systems," "software," and "safety," with arrows indicating movement between them.
Remember the Safety, Systems & Hardware/Software ecosystem depicted below:
Figuratively and literally, systems development via ARP4754A is the centerpiece: it is preceded by, and must consider, the safety assessment which is used to help define aircraft/system architecture, and aircraft/system safety requirements. In turn, it precedes software and hardware development yet system considerations are continuously addressed during the entire software and hardware development. A refined view of the relevant guidelines is depicted here:
Afuzion : Flowchart showing the relationship between safety, aircraft, and implementation guidelines with reference labels, from arp4761a through various dos.
Download ARP4754 Handbook

Why ARP4754A? Background.

Before delving into ARP4754A specifics, one should truly consider why it exists. When avionics systems were simpler decades ago, it was possible for smart designers to mentally conceive those systems and proceed immediately with implementation. Admittedly today, the need for ARP4754A is less justifiable for simple systems. At the same time, the number, variety, and complexity of systems continues to grow exponentially. Clearly, avionics systems can be much more complex than commercial brick and mortar buildings, but it would be inconceivable to begin building a commercial office building without a soil/earthquake analysis, foundation design, and a plan for inspections. Those inspections obviously continue throughout the building process including satisfactory electrical, plumbing, emergency exits, and proper reinforcement. While it is possible great builders could possibly build a safe building without detailed plans, blueprints, processes, and inspections, there would be no way to fully verify the building’s “greatness.” Why? “Greatness” must be associated with proof a building is great. Proof is based upon assessing implementation versus plans then correcting any deficiencies found.
Clearly, without plans and processes for a building, there is no way to assess, or claim, a building’s design and construction are safe.  Since developing avionics can be more complex than constructing a building, it is clear that avionics systems require big-picture planning, processes, requirements, safe development, verification/validation, and evidentiary proof of conformance. Welcome to ARP4754A, “Guidelines for Development of Civil Aircraft And Systems.”
Download ARP4754 Handbook
Afuzion : A conference room with attendees seated at tables facing a man presenting at the front, name tags visible on the tables.
Afuzion : A business seminar in progress with attendees seated facing a presenter at the front, next to a banner about aviation systems.
Afuzion : A group of military personnel in uniform attentively listening to a presenter in a conference room.
Afuzion : A presenter stands in front of a room of seated attendees during a business seminar, using a projection screen to display a presentation.

Background: ARP4754

The original ARP4754 standard was first published in 1996 with the purpose of assisting avionics development organizations to think beyond mere hardware and software. Remember, DO-178 (and its European equivalent ED-12) was published over a decade prior to provide guidelines for avionics software. But by the early 90’s it was clear that safe software, and software certification itself, required both knowledge of the system and confirmation of system level safety aspects. ARP4754 was focused upon aircraft systems whose failure could potentially affect safety of aircraft or occupants. While there are certainly critical stand-alone components on aircraft which could affect safety, ARP4754 is focused not upon components, but rather systems which have complex interactions with other systems on or off the aircraft. These systems typically involve multiple knowledge domains and are likely to evolve over time. Thus they are developed by different persons via different disciplines often separated by space and time; the best means to ensure safe implementation is via codified development processes based upon deterministic safety: ARP4754.
The original ARP4754 standard was also written before the onset of more recent avionics development trends such as model-based development (MBD) and integrated modular avionics (IMA). Its focus was upon a top-down, iterative approach to avionics system development where individual system functionality is identified and then increasingly refined. At its inception, the aircraft and systems safety processes were less refined and ARP4761 was a mere concept. Also, there was a perception that ARP4754 was an SAE document and therefore not a true dedicated avionics guideline; admittedly, certification authorities typically may not always have required proof that it was being followed. ARP4754 provided a good reference for system development but the aforementioned aspects precluded it from being great. Thus the need for ARP4754A …
Afuzion : Flowchart detailing the updates in aviation software and hardware development standards, including terminology changes and the integration of arp-4761a and do-178/254 requirements.
ARP4754 was “good”: it described a foundational process for developing safe, good-quality avionics systems and aircraft. However, due to the evolution of related guidelines and certification refinement, and a requirement to address increasing integration and complexity of systems, ARP4754 was considered by many to be incomplete; thus it was not applied as rigorously as needed. The “iterative approach” within ARP4754 was expanded in ARP4754A (in conjunction with ARP4761) to ensure that developers apply a formal iteration process to safety whereby safety is continually addressed with refined safety assessments throughout the project.
By contrast, ARP4754A truly emphasizes the importance of an entire ecosystem for avionics system development, founded upon a formal Safety process (supported by ARP4761). ARP4754A provides specific guidance to complying with regulations, and instructions into a “how to” guide for aircraft and system development, emphasizing the need to integrate that Safety and Systems process continuously throughout development.
On a recent avionics project, this author performed an audit of the system developer’s documents, commonly referred to as “artifacts” within the aviation certification regime. The client’s Procedures looked more like Plans, and their Audits looked more like Reviews. Clearly it was time to go back to basics. While it would be easy to write chapters on this topic, it is much more challenging to say it all in one sentence. The writer Mark Twain supposedly said something akin to the following in the opening line of a 10-page letter: “Pardon the length of this letter; I did not have time to make it short.” Meaning: short summaries are more difficult than full novels. We hate long novels in avionics: too much fluff and serious developers lack the time for that. Here is an all-too-brief summary of Plans, Procedures, Reviews, and Audits for avionics systems:
  • “Plans” comply with safety requirements and summarize what you will do, while
  • “Processes” state how you will implement the Plans, and
  • “Checklists” denote objective review criteria to determine if Processes were followed, then
  • “Process Assurance  Audits” assess conformance of engineering/manufacturing activities, including respective transitions to those Processes and Reviews.
Download ARP4754 Handbook

ARP4754B versus ARP4755A

Key updates in the new ARP4754B over ARP4754A include:
  • Better alignment of ARP4754B to the forthcoming ARP4761A (itself an update over ARP4761)
  • Changes to Development Assurance Level (DAL) assignment
  • Model-based systems engineering
  • Applying ARP4754B’s greatly enhanced “Modifications and Reuse” for aircraft and avionics systems
  • Better examples for applying ARP4754B
Download ARP4754 Handbook
Afuzion : A presenter discussing a flowchart during a business workshop in a conference room filled with attendees using laptops.
Afuzion : A group of military personnel in uniform attentively listening to a presenter in a conference room.
Afuzion : A man presents to a group of attentive adults in a classroom with a projection of technical diagrams in the background.
Afuzion : A conference room with attendees seated at tables facing a man presenting at the front, name tags visible on the tables.

ARP4754’s Planning Process

What do aircraft, complex systems, and simple systems alike have in common? They come under the purview of ARP4754A. It is almost impossible for one guideline to be all things to all people; ARP4754A strives to come close. Since aircraft and systems can have huge variations, ARP4754A avoids mandating a prescriptive approach. Instead, guidance is provided for the developer to consider the ramifications of safety and functionality external and internal to their scope of development and proceed accordingly. The analogy is that of a personal fitness coach whose goals vary dramatically depending upon their coaching an injured patient, an average office-worker, or an Olympic athlete: different problem domains require a different focus. But there is only one ARP4754A so the guidelines must be generic enough to satisfy different domains. Central to any aircraft/system development process is ARP4754A’s required Planning process.
ARP4754A provides a comprehensive guideline for performing the myriad engineering activities necessary to develop safe, high-quality avionics systems. As all pilots know, it’s both common and helpful to file flight plans prior to takeoff for significant flying activity. Such flights plans fulfill three primary purposes:
Afuzion : Diagram comparing arp4754a’s planning process to a flight plan with key parallels in organization, verification, and safety responsibilities.
Afuzion : Three promotional banners for arp4754a/b services: training & certification, plans, templates & checklists, and services, engineering & mentoring, each with calls to action.
Afuzion : Rectangular banner displaying text about arp4754/5b gap analysis by afuzion, discussing the invention of aviation compliance gap analysis in 1989 and a call to action, "discover more here!.
Download ARP4754 Handbook

Workshop

Avionics Systems ARP4754A Training Workshop

Over 41,000 Trained, 130 Classes yearly. World’s largest. Public, Private, Remote, or Onsite.
Access ARP4754A/B Training

Infusing the majority of the world’s aviation / avionics companies with knowledge, expertise, and safety-critical compliance.

AFuzion’s training has been provided to over 23,000 aviation engineers from 1,000 companies in 30 countries; more than all other trainers in the world combined. Brief summary below; contact us for more free information.
ARP4754A.org
brought to you by:
Afuzion : Logo of "afluzion" in bold orange 3d letters with a metallic finish and stylized shadows.
ARP4754A.org and AFuzion Incorporated are in no way associated with, or represent, the Radio Technical Commission for Aeronautics (RTCA), EUROCAE or any of their publications. ARP4754A is published by SAE, in a joint effort with EUROCAE which publishes it as ED-79A. Full copies of ARP4754A and ED-79A should be purchased from SAE and EUROCAE.
See pages on this site for instructions to procure ARP4754A/B templates corresponding to the above eight Plans. Accompanying ARP4754 Checklists are also necessary and available herein.
Copyright © AFuzion Incorporated – 2024 All rights reserved.

Copyright © AFuzion Incorporated
2023 All rights reserved.