Aircraft software is typically verified and validated to ensure that it performs reliably and according to its software requirements specification. As aircraft have evolved and become more complex, software verification and validation costs have increased significantly.
One solution to high software verification and validation costs is to segregate the vehicle control software into groups (e.g., flight critical software, mission critical software, and maintenance critical software) and perform a less rigorous or comprehensive verification and validation of the less safety-critical software.
Flight critical (FC) systems typically include the components and software associated with controlling the vehicle, and are the most safety critical vehicle systems. While mission critical (MC) systems typically include the components and software associated with a vehicle's guidance, navigation and health monitoring functions. Although the mission critical systems are important to ensure that the vehicle achieves its mission objectives, they are less safety-critical then the FC systems. Therefore, FC software typically receives a rigorous and comprehensive validation and verification, while MC software receives a less rigorous validation and verification. Because of this difference in verification and validation, the FC and MC systems are partitioned and communication between these software modules is severely limited.
However, both the FC and MC systems monitor and respond to the status and health of the vehicle. The FC system typically monitors a narrow set of gross system and component data such as actuator power thresholds, fuel pump controller power and high-level radar operating status checks. While the MC system typically monitors a more comprehensive and higher fidelity set of system and component data such as actuator power efficiency, radar mode performance and fuel pump outflow pressures. Improved communication between software modules of different criticality levels may therefore provide utility.