Here's the most interesting picture from the report for my purposes:
(Source: Page 28 https://www.eurocontrol.int/sites/default/files/content/documents/communications/29012009-certification-cost-estimation-for-fci-platform.pdf.pdf )
Translating from DO-178B terminology, this means:
- DAL A (failure would be "catastrophic"): 3 - 12 SLOC/day
- DAL B (failure would be "hazardous"): 8 - 20 SLOC/day
- DAL C (failure would be "major"): 15 - 40 SLOC/day
- DAL D (failure would be "minor"): 25 - 64 SLOC/day
Worth noting is that, in my experience, really solid mission critical but NOT life-critical embedded software can be done at up to 16 SLOC per day for well-run experienced teams, so it tends to line up with DAL B costs.
For interpretation, "DAL" expresses a criticality level (a "Development Assurance Level"), with more critical software requiring more rigorous processes. The document has quite a lot to say about how the engineering process works, and is worth a read if you want to see how the aviation folks do business. (I'm aware that DO-178C is out, but this paper talks about the older "B" version.) Note that there are other cost models in the paper that are less pessimistic in that report, but this is the one that says "industry experience."
Have you found other cost of software data for embedded or mission critical systems?
That seems generally in-line with my experience in air traffic cotrol where we apply internal standards similar to DO-178B (I have also used DO-178B in avionics).
ReplyDeleteRecently I found out that the source for the graph is no longer served by that web site. I don't have a copy, but I'll leave the posting up since stand-alone it is still useful.
ReplyDeletePhil, I stumbled across this older page while searching for software cost comparisons. FYI, the figure/document reference link is now active here: https://www.eurocontrol.int/sites/default/files/2021-04/29012009-certification-cost-estimation-for-fci-platform.pdf
ReplyDelete