Assuring safety in a flexible aerospace certification — Lessons learned on applying OPs at the system level—

Fast development and adoption of new technologies has outpaced the development of new aerospace certification standards. Overarching Properties (OPs) have emerged as a promising flexible framework for proposing alternative Means of Compliance. The hope is that the FAA may eventually establish an Advisory Circular that offers the OPs for safety critical approvals by showing the product possesses the three OPs: In-tent (specification of the intended behavior), Correctness (implementation of the intended behavior), and Innocuity (safety of unintended behavior). However, there is a lack of industrial case studies that evaluate its applicability and scalability. This paper provides an experience report of using OPs for jointly seeking software and system certification approval for an industrial Auxiliary Power Unit (APU) Control System. This project results in a certification argument that allows to use of an efficient model-based system engineering (MBSE) approach for developing airworthy system. The proposed MBSE approach is currently not supported by certification standards. We combine textual and graphical notation for specifying the argument to facilitate its assessment by the evaluation team. This paper highlights important aspects for the creation and evaluation for these arguments. These aspects show that the greater the scope of the certification and more novel the technology, the more detailed the argument must be. Keywords— Overarching Properties, Certification, Arguments, Assurance Cases.