SafetySoftwareSpecification

The software security specification, as part of the functional safety of programmable electronic systems, consists in the definition and documentation of specific safety requirements for the software. These requirements are generally derived from the system safety requirements and consist of two types of detail requirements:

  • Security functional requirements: define the software security functions.
  • Safety integrity requirements: define the reliability and availability of the protection system and have the aim to ensure that it will work when needed. The reliability of the protection system is expressed in levels (SIL) that substantially express the ranges of probability of success of the safety functions, which constitute the protection system..

HINTSW - T & T Systems carries out the work of defining the security requirements using the most current and technically rigorous approach suggested by the international standard IEC 61508 and by sector regulations derived from it. HINTSW - T & T Systems has a solid experience in the application of these standards, as it has used them in various projects, and therefore it has developed an effective method of definition, identification and tracking of safety requirements, making use of IT tools developed by it, or available on the market.


Detailed Information

GlobalSafetyLifeCycleIn many application areas, the standards concerning functional safety determine the overall safety lifecycles, or related only to the system or software. These cycles are derived mostly from those proposed by the IEC 61508 (general standards on functional safety of electrical / electronic / programmable electronic systems). In some cases, especially with regard to the software (eg IEC 61511 concerning the process industry), the industry standard simply call up the security of the software lifecycle as defined in IEC 61508.

IEC 61508 defines three life cycles:

  • The overall life cycle of safety concerns the whole  life of the system from its conception to its disposal.
  • The security system life cycle refers only to the realization phase of the system (ninth phase of overall life cycle) and includes all activities necessary to the design and implementation of the system.
  • The SW safety life cycle which concerns only the realization phase of the SW (ninth phase of overall life cycle) and includes all of the design and implementation activities (implementation and validation) of the SW.

One of the main activities, standardized by IEC 61508, is the work of defining the general safety requirements, of the system and of the software, to which are dedicated some of the initial phases of their life cycles. Even in later stages the safety requirements represent a fundamental topic; in fact, the control and continuous management of the security requirements are one of the main methods identified by the standard, in order to minimize the risk of introducing systematic errors which are against the safety. For this reason it is important to know very well, both the articles contained in the standard, and the implementing practices where one can encounter in these markets.

SystemSafetyLifeCycle

SoftwareSafetyLifeCycle

As already mentioned, the ninth stage of the overall security life cycle is the phase of realization and in it are defined two further cycles of life: the safety life cycle of the system / subsystem and the safety SW life cycle. In both cycles the first stage is that in which are defined the equivalent safety requirements of the system and of the SW respectively.

HW-SW-RelationsThe system security requirements are derived directly from the portion of the overall safety requirements allocated to the system / subsystem; while the security requirements of the software usually are derived from the system / subsystem and must take into account the hardware architecture of the system / subsystem.

Earlier it was outlined the fact that the management and the continuous control of the safety requirements, for all phases of the life cycle, are  the most important methods to avoid introducing systematic errors in the system. Experience has led to identifying some techniques that allow a management and an easier control of the safety requirements. The main ones are:

  • unambiguous identification of the requirements by assigning a unique identifier to each requirement;
  • tracing requirements by the use of appropriate tables usually calls traceability matrices; these arrays usually have the purpose of:
    • to correlate requirements with the various activities carried out in the different phases of the life cycle (ie to the corresponding parts of the high-level design, detailed design, test plan and test cases);
    • to correlate the requirements to the hazards identified in the analysis, so you can monitor their actual closure, or in order to check that you have completed all the activities planned for their elimination;
    • to correlate high-level requirements and the detailed requirements, if there are relations between them "one to many" or "many to many";
  • maintaining the history of changes to each requirement by assigning a version number (versioning);
  • computerized management of the requirements by means of, for example, databases.

Contacts

Tel.: +39 02.2897.0440; +39 02.2871.305

General info: This email address is being protected from spambots. You need JavaScript enabled to view it.

Commercial info: This email address is being protected from spambots. You need JavaScript enabled to view it.
Commercial contact: +39 348.600.32.82

Registered office: I-20129 Milano, via Plinio 1
Office: I-20127 Milano, via Natale Battaglia, 27

Read more ...

Industries

Settori

HINTSW - T&T Systems has been operating for over a decade in the field of functional safety concerning the main industrial sectors and public transport.

Read more ...

Consulting

consulting

HINTSW division provides highly professional and specialized consultancy in the development of programmable electronic system used in safety-critical applications.

Read more ...

Safety certification

certificazione

The safety certification of a system or equipment is often an arduous challenge to win, HINTSW provides all the support and know-how necessary to win.

Read more ...

Training

formazione

HINTSW, drawing from their expertise, offers a wide range of services in the field of vocational training.

Read more ...

Go to top