Covering Industry Standards

IEC 61508 is the international industry standard governing functional safety of programmable electronic systems. IEC 61508 certification confirms that a product or system complies with objectives set by the standard. IEC 61508 is comprised of seven (7) parts. In “Part 3: Software requirements” (IEC 61508-3), the document defines software requirements and sets the safety lifecycle for software, including validation and verification. The safety lifecycle begins with a risk analysis to determine the Safety Integrity Level (SIL) required. IEC 61508-3 highly recommends certified tools and translators for safety integrity levels of SIL-2 and higher.

The International Electrotechnical Commission created the IEC 62304 standard. The standard, formulated to govern the requirements for medical software, describes the process that medical software must go through in order to be approved for use in Europe. The standard includes guidelines for testing any software components that are part of a medical device.

The DO-178C, Software Considerations in Airborne Systems and Equipment Certification, has been published jointly by the RTCA and the EUROCAE. For certification authorities, it is the main document for approving commercial software-based aerospace systems. The current version is available since 2012 and has replaced the DO-178B, which was the leading document in the field for twenty years.

The DO-178C is based on objectives that must be achieved with the processes and activities of the corresponding project. The strictness of these objectives is determined by the Data Assurance Level (DAL), which is defined from A (most stringent requirements) to D (lowest requirements). The core of the development process is a requirements-based approach, based on High-Level and Low-Level Requirements, with full bi-directional traceability to source code, executable object code, and test cases, procedures, and results.

The European Standards EN 50128:2011 and EN 50657:2017 provide a process framework and a procedural model for the development and test of safety critical electronic systems in railway systems. It is a derivative of the International Electronic Commission document, IEC 61508 adapted for the challenges met in railway systems.

First published in 2011, the ISO 26262 is the international standard for functional safety of electrical and/or electronical systems, which are installed in serial production road vehicles. Since the release of the second edition in December 2018, this includes cars, trucks, busses, vocational vehicles and motorcycles (not mopeds). It is derived from the standard for functional safety in industrial applications, the IEC 61508. And, like the IEC 61508 the ISO 26262 is a risk-based standard. In contrast to cybersecurity, functional safety is about protecting the environment and people in it from negative effects caused by malfunctions of the system being developed. The starting point for each development project is the Hazard Analysis and Risk Assessment (HARA), which can lead to the definition of safety-relevant functions with an Automotive Safety Integrity Level (ASIL), reaching from A (low residual risk) to D (high residual risk). Based on the ASIL more requirements must be fulfilled and more methods are recommended to be applied.