Prior to the introduction of software to the cockpit suite, mechanical flight indicators were designed to fail in an obvious fashion. In this way, pilots would immediately notice their faulty character, and could take appropriate action. Current instruments, however, often include significant amounts of embedded software.
The Federal Aviation Administration has established strict guidelines regarding the allowance of embedded software in avionics instrumentation in aircraft, e.g., the standard DO-178B was established by the FAA's Advisory Circular AC20-115B. DO-178B established categories A-E into which instrumentation is classified. Category “A” corresponds to the most vital instrumentation, that whose failure is often catastrophic, e.g., altitude indicators, airspeed indicators, and attitude indicators. Category “B” corresponds to instrumentation whose failure is hazardous, and so on. Category “E” corresponds to instrumentation whose failure has virtually no effect.
The time and expense of certifying an instrument to a given level is proportional to the category: category “A” instruments require an elaborate and inordinate amount of time and expense to certify, while category “E” instruments require much less so, with the intermediate products in between. This is in many cases converse to the consideration of the level of complexity of the instrument: i.e., category “A” instruments typically deliver simple types of information, e.g., airspeed, attitude, etc., while lower category instruments deliver much more complex information, e.g., navigational displays.
There is currently a trend in avionics instrumentation to provide a cluster of instruments on a single large display. However, if the cluster includes instruments of more than one category, all instruments must be certified to the highest category. For complex, lower-category instruments, this may translate to an extraordinary amount of testing to certify a complex instrument to a category “A”.