DO-178C¶
The do-178c pack enforces rules based on DO-178C / ED-12C -- Software Considerations in Airborne Systems and Equipment Certification. It covers structural coverage, coding standards, defensive programming, error handling, data coupling, timing constraints, and type safety for DAL A through DAL D software.
Free tier
This pack is available on all tiers, including the free tier.
Enable¶
Rules¶
The pack includes 22 rules across code enforcement and documentation obligations:
Code rules (18)¶
| ID | Clause | Severity | Description |
|---|---|---|---|
| DO178C-001 | 6.4.4.2 | high | Code after return/exit statements is unreachable dead code |
| DO178C-002 | 6.4.4.2 | medium | Suppressing unused variable warnings with pragmas hides dead code |
| DO178C-003 | 6.3.4 | critical | goto statements are banned in airborne software |
| DO178C-004 | 6.3.4 | critical | Recursion is banned due to unbounded stack usage and WCET analysis |
| DO178C-005 | 6.3.4 | critical | Dynamic memory allocation is banned after initialization |
| DO178C-006 | 6.3.3 | medium | Pointer dereference without prior null check risks undefined behavior |
| DO178C-007 | 6.3.3 | high | Empty catch blocks violate error handling and robustness requirements |
| DO178C-008 | 6.3.3 | medium | Ignoring return values from safety-critical functions violates error detection |
| DO178C-009 | 6.3.4 | high | Global mutable variables create uncontrolled data coupling |
| DO178C-010 | 6.3.4 | high | extern declarations of mutable variables indicate shared global state |
| DO178C-011 | 6.3.4 | medium | Deeply nested control structures (4+ levels) hinder verification |
| DO178C-012 | 6.3.4 | high | sleep/delay calls can cause missed deadlines in time-critical partitions |
| DO178C-013 | 6.3.4 | medium | Blocking I/O operations can cause deadline violations in time-partitioned systems |
| DO178C-014 | 6.3.4 | high | void pointer casts bypass type safety and create unverifiable data flows |
| DO178C-015 | 6.3.4 | medium | C-style casts bypass C++ type checking in safety-critical C++ code |
| DO178C-016 | 6.3.4 | high | Unbounded while(true)/for(;;) loops risk non-termination |
| DO178C-017 | 6.3.4 | medium | TODO/FIXME/HACK comments indicate incomplete work before certification |
| DO178C-018 | 6.3.4 | critical | eval()/exec() is prohibited in airborne software tooling (Python) |
Documentation obligations (4)¶
| ID | Clause | Description |
|---|---|---|
| DO178C-DOC-001 | 11.1 | Plan for Software Aspects of Certification (PSAC) |
| DO178C-DOC-002 | 5.5 | Bidirectional requirements traceability (system to software to code to tests) |
| DO178C-DOC-003 | 6.4 | Software verification results including test procedures and coverage analysis |
| DO178C-DOC-004 | 7.2 | Software Configuration Management Plan and records |
Use case¶
Aerospace and avionics teams developing airborne software subject to DO-178C certification. The pack provides:
- Structural coverage support -- Detects dead code, unreachable statements, and suppressed warnings that violate coverage analysis requirements
- Coding standards enforcement -- Bans goto, recursion, dynamic memory allocation, unbounded loops, and blocking calls required for DAL A-C compliance
- Timing safety -- Flags sleep/delay calls and blocking I/O that can cause deadline violations in ARINC 653 partitioned systems
- Certification lifecycle data -- Documentation obligations cover PSAC, requirements traceability, verification results, and configuration management