Global Sources
EE Times-Asia
Stay in touch with EE Times Asia
EE Times-Asia > Embedded

Basics of software standards compliance

Posted: 04 Mar 2015 ?? ?Print Version ?Bookmark and Share

Keywords:security assessment? safety-critical software? IEC 61508? Risk Reduction Factor? Safety Integrity Levels?

In the mid-1990s, a formal investigation was conducted into a series of fatal accidents involving the Therac-25 radiotherapy machine. Led by Nancy Leveson of the University of Washington, the investigation resulted in a set of recommendations on how to create safety-critical software solutions in an objective manner. Since then, industries as disparate as aerospace, automotive, and industrial control have encapsulated the practices and processes outlined in these recommendations into specific industry standards.

Although subtly different in wording and emphasis, the standards across industries follow a similar approach to ensuring the development of safe and/or secure systems. This common approach includes ten phases:
1. Perform a system safety or security assessment
2. Determine a target system failure rate
3. Use the system target failure rate to determine the appropriate level of development rigor
4. Use a formal requirements capture process
5. Create software that adheres to an appropriate coding standard
6. Trace all code back to their source requirements
7. Develop all software and system test cases based on requirements
8. Trace test cases to requirements
9. Use coverage analysis to assess test completeness against both requirements and code
10. For certification, collect and collate the process artifacts required to demonstrate that an appropriate level of rigor has been maintained.

Phases 2 and 3 are discussed in the main body of this article, with particular attention on how the IEC 61508 standard for the Functional Safety of Electrical/Electronic/Programmable Electronic Safety-Related Systems approaches these objectives. Future articles over the next few months will address the other phases.

Determining failure rates
When software was first introduced to control systems, the creation of software was more of an art than a science as the principles of software engineering had not yet been developed. As the role of software increased to include safety-related applications, concern grew about how to prove that the systems were safe. At the time, the challenges of proving that software and their specifications were correct were not well understood, which added to the complexity of the situation.

The International Electrotechnical Commission (IEC) introduced the Functional Safety of Electrical / Electronic / Programmable Electronic Safety-Related Systems (IEC 61508) standard to help address these concerns. Ratified in 2000, the standard seeks to guide system designers and developers through what they need to do in order to claim that their systems are acceptably safe for their intended uses.

This article focuses on three main areas:
???The approach that IEC 61508 advocates for performing a system safety assessment and how that is then used to determine the target system failure rates;
???The similarities between the IEC 61508 concept of system safety and the concepts of system safety used within the avionics community; and
???The types of tools that can be used to capture the system safety objectives and failure rates and also to ensure that the objectives are followed throughout the software development process.

1???2???3?Next Page?Last Page

Article Comments - Basics of software standards complia...
*? You can enter [0] more charecters.
*Verify code:


Visit Asia Webinars to learn about the latest in technology and get practical design tips.

Back to Top