Computer-based systems where there is a risk of harm to people or the environment are referred to as safety critical. These systems implement safety functions and are typically developed according to a functional safety standard such as the IEC 61508. What is functional safety I hear you ask; check out this older blog post to find out more.
Standards based on the IEC 61508 require that a functional safety assessment is performed as part of the development of the safety critical system. This assessment can take many forms, depending on whether the context is directly the IEC 61508 or, for instance, the railway standards EN 5012X.
A functional safety assessment is an assessment performed by competent persons to determine whether the system adequately achieves functional safety. The compliance achieved by the system is also assessed as part of the assessment.
The scope of the assessment covers all phases of the development activities of the safety critical system. The most important planning items which are checked are that the development plan defines an appropriate development lifecycle and that suitable techniques and measures have been selected commensurate with the Safety Integrity Level (SIL) of the system. An organisation with competent personnel must also be described. Other topics which are typically assessed include evidence of V&V activities and evidence that the system meets its requirements. Supporting processes such as configuration management are also addressed.
The assessment itself can be done in phases during the development or in one go towards the end of the development.
The safety standards specify requirements on competence and independence of the personnel performing the functional safety assessment. The higher the identified SIL of the system is, more independence is required of the people performing the assessment. Another consideration is whether the product requires certification. In this case, the assessment must be performed by an accredited provider.
All products which aim to achieve compliance with IEC 61508 (or one of its derivatives) must undergo a functional safety assessment. For the railway domain, safety critical rolling stock subsystems (RST) and control, command and signalling systems (CCS) require independent functional safety assessments by an accredited provider.
Read more about Huld’s safety offering.