Dr. Claudia Nowak

Slide 1

04/27/2006

Systems with safety-related software according to IEC 61508-3 – costs out of control?

Experience from a development project

Safety-related software (IEC 61508-3)

Dr. Claudia Nowak

Slide 2

04/27/2006

Field Device Project: Components of Development

Software as part of development project

Sensor Design

Electronic Design

Mechanical Design

Software Design

Safety-related software (IEC 61508-3)

Dr. Claudia Nowak

Slide 3

04/27/2006

Software development process

Main activities of software development process:

Management activities Who, what, when, how?

Software specification What shall the software do?

Software design How to realise the software?

Software verification Do we develop the correct software?

Software validation Did we develop the software correctly?

Safety-related software (IEC 61508-3)

Dr. Claudia Nowak

Slide 4

04/27/2006

Safety-related software development process

Softwarecriticality analysis

SW specificationand realisation

SW verification SW validation

Software (safety)requirements

Software concept

SW architecture

Softwaretest specification

Software test plan

Software HAZOPSW fine design

SW functional safetymanagement plan

Software module tests

SW coding

Integration tests

Management

Documentation(Safety Manual, …)

Configurationmanagement

Changemanagement

Requirements anderror tracking

Functional safety assessment New/revised elements

Gap

Safety-related software (IEC 61508-3)

Dr. Claudia Nowak

Slide 5

04/27/2006

Tools

Tool allocation to software V-model

Requirements and validation test tool

Programming enviroment

and analysis toolDesign tool

Test tool for automatic testing

SCA and HAZOP tool

Software (safety)requirements

Software architecture

Software fine design

Software module design

Software coding

Software module tests

Software integration tests

Software function tests

Software validation

Safety criticalityanalysis

Software HAZOP

Safety-related software (IEC 61508-3)

Dr. Claudia Nowak

Slide 6

04/27/2006

Requirements Specification und Testing

The software shall convert the sensor signal to an analog pressure signal.

Safety-related software (IEC 61508-3)

Dr. Claudia Nowak

Slide 7

04/27/2006

Benefit from pilot project

Functional Safety Management Plan (FSM)

Re-use of pre-defined requirements and related tests

Tools

Document templates

Coding guidelines

Safety manual

Lessons Learned

Structured development

Verification and documentation

Safety-related software (IEC 61508-3)

Dr. Claudia Nowak

Slide 8

04/27/2006

Cost aspects for SIL projects

More time (and money) to be spent during conception and specification phase of SIL projects (plus 30 % compared to non-SIL projects)

More accurate project planning, scheduling, specification, etc.

Less changes at advanced project phases and more precise planning of software changes Change Control Board.

Slightly increasing costs compared to earlier development because more time is needed due to more documentation and verification.Benefit: These activities increase quality

and safety of the product!

Dr. Claudia Nowak

Slide 9

04/27/2006

Thank you very muchfor your attention