In the DO 178C text, the development tools and verification tools are required to be qualified. A complier is certainly a development tool. But when searching "DO 178C qualified C compilers" I did not really find a compiler for C language. Instead, some articles said "DO 178C does not require to qualify compliers". Could someone help to explain why?
Does DO-178C require compliers to be qualified?
1k views Asked by user15694577 At
2
There are 2 answers
2
On
The qualification of tool are further defined in DO-330 (Software Tool Qualification Considerations) standard. According to DO-330, the tool must be qualified when the following three conditions are TRUE.
- the tool's output required to meet an objective of DO-178/DO-254/DO-278 standard.
- the tool can insert an error into the SW/HW or fail to detect an existing error in the SW/HW.
- the tool’s output is not be verified or confirmed by other verification activities.
So, if there is no verification to the compiler output, then the compiler must be qualified.
As far as I understand, a pure C language isn't recommended for any safety-critical software development, so regular C compiler can't be qualified. Subset of C (e.g. MISRA-C) potentially can be qualified.
Clarification: these tools must be qualified if their output is not otherwise verified by some other part of the process. In projects I have worked, the compiler is typically not qualified. However, its output is considered to be verified because all the verification tests are run against the output of the compiler (i.e. the compiled/linked executable software).