Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
Scope and Purpose
“content”: “
Scope and Purpose
CSA ISO/IEC TR 29110-5-3-19 – officially titled Systems and software engineering — Lifecycle profiles for Very Small Entities (VSEs) — Part 5-3-19: Aerospace profile – is a Canadian adoption of the ISO/IEC Technical Report 29110-5-3-19:2019. It is part of the ISO/IEC 29110 series, which provides a lifecycle framework specifically designed for very small entities (VSEs), typically organizations with up to 25 personnel.
This technical report extends the general VSE profile framework to the aerospace domain, offering a pragmatic set of process requirements and guidelines for service delivery and management. It recognizes that VSEs operating in aerospace often must comply with stringent regulatory standards (e.g., FAA/EASA regulations, DO-178C for airborne software, AS9100 quality management) while lacking the resources of large prime contractors. The standard helps these organizations adopt a lightweight but disciplined engineering process tailored to their size and risk profile.
Key intended users include micro-enterprises developing software or systems for avionics, ground support equipment, maintenance management tools, or other aerospace applications. Both new VSEs and those seeking to formalize their practices can benefit from the clear, minimalistic process definitions provided.
Technical Requirements and Process Framework
CSA ISO/IEC TR 29110-5-3-19 defines two essential process categories for aerospace VSEs: Project Management (PM) and Software Implementation (SI). These are adapted from the generic VSE Basic Profile but include specific enhancements for the aerospace context.
Project Management Process (PM)
The PM process covers project planning, monitoring, and closure, with additional emphasis on:
- Identification of regulatory and safety-critical requirements (e.g., allocation of integrity levels, certification constraints)
- Tailored configuration management aligned with aerospace traceability needs
- Communication with certification authorities and customers
- Risk management focused on safety and airworthiness
Software Implementation Process (SI)
The SI process guides the development of software following a defined lifecycle (e.g., requirements analysis, architecture, detailed design, coding, integration, and testing). Specific adaptations for aerospace include:
- Traceability from system requirements to lower-level software requirements
- Adherence to coding standards (e.g., MISRA C, DO-331)
- Verification and validation activities commensurate with the software’s criticality level
- Documentation outputs that serve as evidence for certification (e.g., Software Configuration Index, Software Accomplishment Summary)
Additional Aerospace-Specific Requirements
The technical report also covers supporting processes such as:
- Hardware-Software Integration: Defining interfaces between software and target hardware
- Configuration Management: Establishing baselines and controlling changes with approval authorities
- Quality Assurance: Audits and reviews to confirm compliance with the defined process and applicable regulations
| Process Area | Generic VSE Basic Profile (ISO/IEC 29110-5-1) | Aerospace Profile (CSA ISO/IEC TR 29110-5-3-19) |
|---|---|---|
| Project Management | Standard planning & monitoring | Adds safety-critical risk management, certification communication, and regulatory compliance tracking |
| Software Implementation | Basic lifecycle with verification & validation | Emphasizes traceability to system/aircraft-level requirements, DO-178C objectives, and evidence generation |
| Configuration Management | Identify and control work products | Requires formal baseline management, versioning for safety artifacts, and audit trails for certification |
| Quality Assurance | Process and product evaluation | Tailored to aerospace quality systems (AS9100/ISO 9001) and includes independent review of safety-related work products |
Tip: When adopting the aerospace profile, VSEs are encouraged to map each mandatory process output to specific certification deliverables early in the project to avoid rework. This alignment saves time in both development and audit phases.
Implementation Highlights for VSEs
Implementing CSA ISO/IEC TR 29110-5-3-19 requires a strategic approach to avoid overwhelming the small team. The following key points can facilitate adoption:
1. Leverage the Scale-Based Approach
The standard is designed to be minimal yet sufficient. For example, instead of requiring independent test teams, the profile allows a single developer to perform testing, provided that activities such as requirements review involve a second person. This pragmatic scaling helps VSEs stay productive while maintaining engineering rigor.
2. Integrate with Regulatory Frameworks
Aerospace VSEs often need to comply with DO-178C (for airborne software) or DO-254 (for airborne hardware). The profile explicitly aligns with these supplements by referencing similar lifecycle stages and documentation. A mapping matrix between the report’s process outcomes and the DO-178C objectives should be created at project start.
3. Use Lightweight Tooling
To support traceability and configuration management without large overhead, VSEs can adopt open-source or low-cost tools (e.g., Git for version control, JIRA or Redmine for issue tracking, and spreadsheets for requirement lists). The profile does not prescribe specific tools, enabling flexibility.
4. Adapt Documentation Templates
The standard provides examples of minimal work products. VSEs should develop templates for the Software Development Plan, Software Requirements Specification, Software Verification Report, and Software Configuration Index, tailored to their project’s criticality level. Using reusable templates accelerates compliance in multiple projects.
Success Story: Several Canadian aerospace VSEs have used the profile to achieve AS9100D certification more efficiently. By adopting the structured processes of 29110-5-3-19, they streamlined their quality management system and reduced the documentation burden typically associated with AS9100.
Compliance Notes and Certification
CSA ISO/IEC TR 29110-5-3-19 is published as a Technical Report (TR) and is not a normative international standard. However, its adoption by the Standards Council of Canada (via CSA Group) elevates it to a National Standard of Canada, giving it weight for regulatory and contractual use within the country.
Compliance Paths
- Self-Assessment: VSEs can perform a gap analysis using the provided process outcomes and work product descriptions. The report includes a checklist for verifying conformance.
- Third-Party Audits: Some certification bodies may offer conformity assessment against the profile, particularly when combined with AS9100 or ISO 9001 audits.
- Regulatory Approval: For aerospace projects, Transport Canada Civil Aviation or other authorities may recognize conformance as evidence of a mature software development process, reducing certification risks.
Relationship with Other Standards
The table below summarizes the interplay with key aerospace and quality standards.
| Standard | Relationship to CSA ISO/IEC TR 29110-5-3-19 |
|---|---|
| AS9100D / AS9110 | Provides the overarching quality management system; the profile can serve as the “process definition” layer for software/system engineering activities. |
| DO-178C | Contains software life cycle objectives for airborne systems; the profile’s SI process is designed to produce evidence that meets many DO-178C objectives. |
| ISO 9001:2015 | General quality management – the profile’s processes fulfill many QMS requirements when combined with business-level procedures. |
| ISO/IEC 12207 | A larger software life cycle framework; the profile is a simpler subset tailored for VSEs. |
Note: Conformance with CSA ISO/IEC TR 29110-5-3-19 does not automatically satisfy DO-178C or AS9100 requirements. It provides a sound engineering foundation that facilitates compliance, but VSEs must still address domain-specific objectives (e.g., coverage analysis, independence of verification for Level A software).
Frequently Asked Questions
Q: Is CSA ISO/IEC TR 29110-5-3-19 applicable to space, defense, or unmanned aircraft systems (UAS)?
A: While the technical report was developed with the broader aerospace sector in mind, its process outcomes are generic enough to be adaptable. For space or defense, additional regulatory requirements (e.g., ECSS, MIL-STD-882) may need to be integrated. For UAS, the profile can be used alongside specific airworthiness frameworks (e.g., ASTM F3269 for functionality). In all cases, the VSE should conduct a thorough gap analysis.
A: While the technical report was developed with the broader aerospace sector in mind, its process outcomes are generic enough to be adaptable. For space or defense, additional regulatory requirements (e.g., ECSS, MIL-STD-882) may need to be integrated. For UAS, the profile can be used alongside specific airworthiness frameworks (e.g., ASTM F3269 for functionality). In all cases, the VSE should conduct a thorough gap analysis.
Q: How does this standard differ from the generic ISO/IEC 29110 Basic Profile (Part 5-1)?
A: The aerospace profile (Part 5-3-19) adds guidance on safety-critical process, traceability, configuration management for certification artifacts, and ties to regulatory frameworks. The generic Basic Profile is more general and does not include these aerospace-specific extensions.
A: The aerospace profile (Part 5-3-19) adds guidance on safety-critical process, traceability, configuration management for certification artifacts, and ties to regulatory frameworks. The generic Basic Profile is more general and does not include these aerospace-specific extensions.
Q: Can a VSE already certified to AS9100 implement this profile without disruption?
A: Yes. In fact, the profile can complement an existing AS9100 system by providing a detailed, lower-level lifecycle process for software/system engineering. Many VSEs find that integrating the profile actually strengthens their AS9100 compliance by adding rigour to design and development processes. It is advisable to map the profile’s processes to AS9100 clauses and update the quality manual accordingly.
A: Yes. In fact, the profile can complement an existing AS9100 system by providing a detailed, lower-level lifecycle process for software/system engineering. Many VSEs find that integrating the profile actually strengthens their AS9100 compliance by adding rigour to design and development processes. It is advisable to map the profile’s processes to AS9100 clauses and update the quality manual accordingly.
“