The aspect that I found most difficult to grasp in the DO-178B document is related to the CC1 and CC2 - to put it formally, Data Control Category 1 and Data Control Category 2. CC1 and CC2 define which of the 13 configuration management objectives are applicable to the software life cycle data. The map between CCx and Data is available in Annex A Tables.
But why this categorisation? Won't it be easier to just have one set of objective that applies to all data? After all every data has a reason to exist.
Even more puzzling is the fact that the same data can have different Control Category depending on the Level of the SW. How can the importance of data reduce just because sw moves from Level A down to say Level C? For example, Software Verification Cases and Procedures (SVCP) are CC1 for Level A and B, and CC2 for Level C and D. Does this mean that for Level A and B, SVCP shall be subjected to Baselines and Control Change - Tracking, but not for Level C and D? Ditto for 4 PLANS (except PSAC)
and Standards, and surprise, surprise, Design Description (?????).
To add to the confusion, SVCP is CC1 for Level A in Table A-6 and CC2 for Level A in Table A-7. Fortunately, one quickly realises that there is a typo in Table A-7: it should be Software Verification Results instead of SVCP.
Ok here is another one that I figured out very recently. Problem Reporting is an objective that is covered under CC1. However, Problem Reports themselves are CC2 data. I eventually realised that all this means is that one does not require a Problem Report to modify a Problem Report! Fair enough.
Unfortunately, there is no explanation given in DO-178B as to why a particular Control Category applies. So, no logic can be applied.
However, there is a small reprieve. Paragraph 7.3.b indicates that "the SCM process objectives for software life cycle data categorized as CC2 should be applies according to Table 7.1 as a minimum. We at AKS take refuge in "as a minimum".
To start with we treat all data at CC1, whatever be the categorisation specified in DO-178B and irrespective of the SW level. For example, we have figured out a way how we can have baselines for Problem Reports. For others we have decided that certain objectives cannot be applied and DO-178B is correct in specifying these at CC2. As a result, we have data at CC1 and CC1Minus. Of course, it helps if one has a configuration tool that is intuitive (which we have and is an in-house product and one that we are very proud of.)
I shall continue to dig into CC1/CC2 puzzles till I discover the underlying logic behind every aspect of the Control Categories.