Commercial off-the-shelf (COTS) software solutions have become commonplace in many domains, including the military, because they can provide standardized functionality with more responsiveness, a shorter time-to-market and at lower costs than custom-made solutions. In one domain, however, that of certifiable safety-critical applications, COTS software has not been adopted. One particular type of certifiable safety-critical domain, the civil air transport industry, is under pressure to reduce cost and time-to-market while simultaneously increasing safety. Therefore, the use of COTS software, rather than exclusive reliance on custom-made software, would appear to be a solution worthy of investigation. This study examines the certifiability of COTS software, its technical feasibility in this environment, and the ability to achieve the expected responsiveness, time-to-market and cost benefits. A detailed evaluation of COTS software and domain-specific certification requirements is used to demonstrate that the certification of COTS-based systems is possible. A prototype COTS-based system (built upon a number of COTS components) is created to illustrate the technical feasibility of such a system in the civil air transport domain. Expected benefits from COTS solutions are evaluated both by examining process artefacts from the development of the COTS-based system and by comparing this development process with the domain's traditional custom-development process.
