DO-178C itself describes when a tool must be qualified, but does not go into detail on how this should be done. The ED-215/DO-330: Software Tool Qualification Considerations supplement to DO-178C expands on this guidance by defining corresponding objectives for the specification, development and verification of qualified tools.

DO-330 guidance can be applied to any tools, not just those used for software development or verification, for example systems design or hardware development tools, and acts more like a stand-alone guidance document.

Many verification activities can be performed either manually or by using automated tools to help run the analysis. When automated tools are used to achieve a DO-178C objective without their output being verified, those tools must be qualified for use following the DO-330 Guidelines.

DO-178C defines 3 sets of tool assessment criteria which, when combined with the DAL level of your software, are used to classify tool at one of 5 different Tool Qualification Levels (TQLs) as shown in table below.

For example, a code generator tool that converts an architectural description of the software into package or class structures fulfils criteria 1. Verification tools typically fall into Criteria 3 (and are thus classified at TQL-5) as they neither create airborne software nor eliminate or reduce any processes other than the ones for which they are intended. Criteria 2 typically applies in cases such as model-based testing with a qualified code generator. In this case, the task of verifying the generated code is eliminated or reduced in favor of testing the model, and so the model-based testing tool meets criteria 2.

Tools with a lower numbered TQL (e.g. 1) must be tested more rigorously than those with a higher numbered TQL (e.g. 5), and the rigor of testing needed for tools with lower numbered TQLs approaches the rigor needed for testing DAL A software.

If you use any commercial verification tools to automate DO-178C verification processes and don’t plan on manually reviewing output from the tools, they will need to be qualified at the appropriate tool qualification level.

DO-330 defines some tool qualification activities that must be performed by the tool developer and some that must be performed by the tool user.

Many commercial verification tools have supporting qualification kits, which include evidence needed to demonstrate that the activities the tool developer must perform have been performed. Generally, not all features of verification tools are qualified. For each feature you intend to use and for which the way you intend to use it would require tool qualification, you should check with the tool developer whether the feature is included in the qualification kit.

All qualification kits should include all of the evidence needed from the tool developer. Some qualification kits may also include supporting material to help meet tool user objectives. It may pay to ask tool vendors what the scope of their qualification kits is and how they can help you qualify the tool.