Software nach IEC 61508-3

Download Report

Transcript Software nach IEC 61508-3 

Systems with safety-related software according
to IEC 61508-3 – costs out of control?
Experience from a development project
04/27/2006
Dr. Claudia Nowak
Slide 1
Safety-related software (IEC 61508-3)
Software as part of development project
Field Device Project: Components of Development
Sensor Design
Electronic Design
Mechanical Design
Software Design
04/27/2006
Dr. Claudia Nowak
Slide 2
Safety-related software (IEC 61508-3)
Software development process
Main activities of software development process:
 Management activities
 Who, what, when, how?
 Software specification
 What shall the software do?
 Software design
 How to realise the software?
 Software verification
 Do we develop the correct software?
04/27/2006
Dr. Claudia Nowak
Slide 3
 Software validation
 Did we develop the software correctly?
Safety-related software (IEC 61508-3)
Safety-related software development process
Management
SW specification
and realisation
SW verification
SW functional safety
management plan
Software concept
Software test plan
Configuration
management
Software (safety)
requirements
Change
management
SW architecture
Software
criticality analysis
Requirements and
error tracking
SW fine design
Software HAZOP
Documentation
(Safety Manual, …)
SW coding
Functional safety
assessment
04/27/2006
Dr. Claudia Nowak
Slide 4
SW validation
Software
test specification
Gap
New/revised elements
Software
module tests
Integration tests
Safety-related software (IEC 61508-3)
Tool allocation to software V-model
Software (safety)
requirements
Software
architecture
Software
fine design
Software
validation
Safety criticality
analysis
Software
HAZOP
Software
module design
Software
integration tests
Software
function tests
Software
module tests
Software coding
Requirements and
validation test tool
04/27/2006
Dr. Claudia Nowak
Slide 5
Design tool
Tools
Programming enviroment
and analysis tool
SCA and HAZOP tool
Test tool for
automatic testing
Safety-related software (IEC 61508-3)
Requirements Specification und Testing
The software shall convert the sensor signal to an
analog pressure signal.
04/27/2006
Dr. Claudia Nowak
Slide 6
Safety-related software (IEC 61508-3)
Benefit from pilot project
 Functional Safety Management Plan (FSM)
 Re-use of pre-defined requirements and related tests
 Tools
 Document templates
 Coding guidelines
 Safety manual
 Lessons Learned
 Structured development
04/27/2006
Dr. Claudia Nowak
Slide 7
 Verification and documentation
Safety-related software (IEC 61508-3)
Cost aspects for SIL projects
 More time (and money) to be spent during conception and
specification phase of SIL projects (plus 30 % compared to
non-SIL projects)
 More accurate project planning, scheduling, specification, etc.
 Less changes at advanced project phases and more precise
planning of software changes  Change Control Board.
 Slightly increasing costs compared to earlier development
because more time is needed due to more documentation and
verification.
04/27/2006
Dr. Claudia Nowak
Slide 8
Benefit: These activities increase quality
and safety of the product!
Thank you very much
for your attention
04/27/2006
Dr. Claudia Nowak
Slide 9