We all interact with software in our daily lives—you’re utilizing countless software programs to read this article on your phone or computer right now. Of course, software goes well beyond a computer screen. Software drives some of the most critical applications in the world, from defense systems to medical equipment, even the car you drive. While a simple code read or play test might suffice for a phone application or video game, safety-critical applications demand a more thorough review through a process commonly referred to as Independent Verification & Validation (IV&V).
What is Software IV&V?
In general, it’s an independent party that checks your software for defects. It combines a few different aspects defined below:
- Verification — Is the product being built in accordance with the requirements defined in the design process?
- Validation — Are the requirements we’re setting out to fulfill sufficient to achieve the intended use?
- Independence — Is the testing being performed by an objective third party with no motive to overlook potential flaws that would bring the product to market prematurely?
Basically, it’s the review, analysis and testing of software performed by an independent third party that ensures that the software fulfills all the needs and requirements for its intended purpose.
Do I need to have my software independently verified and validated?
It depends on the application. For something that doesn’t have potential to cause harm (or isn’t regulated), it’s not legally required—although
a thorough quality review is highly recommended for any software system prior to introducing it to the public. After all, nobody likes something that doesn’t work.
Sometimes, however, IV&V is mandated by federal agencies like the FAA (Avionics) through the DO-178C standard, and the FDA (Medical Devices). Whether or not your software requires this thorough review depends on the level of risk involved, known as a Design Assurance Level (DAL) in aviation or an FDA Classification for medical devices. A DAL ranges in risk from A-E, with E having no impact on the safety of the aircraft, up to A which has to potential to cause catastrophic harm. Generally, no IV&V is mandated for DAL-E applications, with increasing levels of scrutiny applied from DAL-D to DAL-A.
Similarly, the FDA classifies medical devices as Class 1 (minimal to no risk), Class 2 (moderate risk of harm), and Class 3 (high risk of harm). A Class 1 device, such as a bandage, is generally not mandated to have IV&V, with some exceptions. Class 2 devices, the most common class, and Class 3 devices, the most risky, almost always require some level of IV&V in order to achieve FDA certification.
Outside of the FAA and FDA, defense applications such as missiles and shipboard systems, as well as space applications such as rockets and satellites, draw from the same principles as these regulations and are almost always built with these restrictions in mind. However, they aren’t technically mandated as the nature of the defense industry sometimes requires expedited product reviews to serve the warfighter. Institutions like NASA and the Department of Defense have the ability to self-certify products that meet their expectations, although some level of documentation is still required to satisfy risk concerns.
What if my software isn’t mandated to be formally certified? Do I still need IV&V?
Software verification and validation isn’t only for companies who need to maintain compliance. It’s also a good business decision for any
organization that wants to improve quality and prove critical software is operating the way it should. They can save money by catching defects early in the software process, preventing any critical mishap down the road that could lead to loss of time and money.
We follow a 1:10:100 rule, where a flaw that costs $1 to fix in the design process costs $10 to fix during development, and $100 to fix after the product is launched. In safety-critical applications, the $100 is more like $1,000+ when recalls and fines are considered.
In short, it’s a good idea to catch defects early to save costly overruns later on.
What are some languages I should consider if I want to build a safety-critical device?
It’s important to consider the intended use of a product when choosing languages and frameworks to build your product. Commonly used (and easily testable) languages for embedded software applications include C/C++, ADA, and ASM. These languages are mostly used in safety-critical embedded systems, with ADA used in many military, avionic, and space applications such as missiles and other weapons systems.
Introducing fancy features such as cloud connectivity or machine learning may seem like a good idea to woo investors, but these systems are exponentially more difficult to test (and to appease regulators), and should only be implemented if absolutely required to achieve your intended use.
Are there any tools I can use to streamline the IV&V process?
There are a number of COTS testing tools on the market such as LDRA, Trace32, and VectorCast, that can help you test your software.
However, these tools aren’t perfect, and still require a tremendous amount of time and expertise to use correctly.
We’ve developed our own in-house Unit Test Tool that works with other COTS tools for a more efficient testing process. It automates some of the processes giving us more time to spend on testing resulting in total time and cost savings. It generates clear concise documentation that is a favorite among certifying authorities. Each construct of our tool is validated, ensuring that it meets the tool qualification requirements of regulators.
We have extensive experience performing IV&V on over 70 different military and commercial aircraft projects. This includes avionics systems for components on the Flight Control Computer (FCC), Vehicle Management Computer (VMC), Flight Management Computer (FMC), Electronic Engine Controls (EEC), as well as Health Monitoring Units (HMU) and many more. For assistance with the IV&V of your application, check out our IV&V page for more information, or Contact a Qualified Engineer to discuss your project today.