Gastkommentar Jack Ganssle
Firmen zum Thema
Note that level C is roughly equivalent to Capability Maturity Model level 3, which is generally considered the entry point to disciplined software engineering. Level A (in the B version of the standard) has 66 objectives that must be met, while there are none at E.
If one skips the certification effort – which is huge - and just writes level A code, some studies (e.g., “Safety Critical Software and Development Productivity” by O. Benediktsson – though this paper looks at IEC 61508 rather than DO-178B) show that with the use of highly-disciplined processes there is no extra cost to producing the best possible software. Use an ad hoc approach and there’s a 70% hit.
Let’s be pessimistic and assume the very best avionics costs twice that of typical commercial firmware. My data pegs the latter at $20 to $40 per line of code, from initial specification to shipping. Doubling the high end puts the cost at $80/LOC, or 15 times cheaper than Toyota’s most recent payout. Add in their other settlements, legal costs, lost sales, bad PR, and, oh, yeah, the actual firmware engineering, and that difference grows dramatically.
Take your pick: $1200+++/LOC for crappy code, or $80-- for world-class.
One wonders why we as an industry continue to flail around with poor practices that are ultimately expensive and even deadly, when there is a body of knowledge that is provably effective.