1 Scope
1.1 This part of GB/T 20438
a) is intended to be utilized only after a thorough understanding of GB/T 20438.1 and GB/T 20438.2.
b) applies to any software forming part of a safety-related system or used to develop a safety-related system within the scope of GB/T 20438.1 and GB/T 20438.2. Such software is termed safety-related software.
— Safety-related software includes operating systems, system software, software in communication networks, human-computer interface functions, support tools and firmware as well as application programs.
— Application programs include high level programs, low level programs and special purpose programs in limited variability languages (see 3.2.7 of GB/T 20438.4-2006).
c) requires that the software safety functions and software safety integrity levels are specified.
Note 1: If this has already been done as part of the specification of the E/E/PE safety-related systems (see 7.2 of GB/T 20438.2-2006), then it does not have to be repeated in this part.
Note 2: Specifying the software safety functions and software safety integrity levels is an iterative procedure – see Figures 2 and 6.
Note 3: See Clause 5 and Appendix A of GB/T 20438.1-2006 for documentation structure. The documentation structure may take account of company procedures, and of the working practices of specific application sectors.
d) establishes requirements for safety lifecycle phases and activities that are to be applied during the design and development of the safety-related software (the software safety lifecycle model). These requirements include the application of measures and techniques, which are graded against the safety integrity level, for the avoidance of and control of faults and failures in the software.
e) provides requirements for information relating to the software safety validation to be passed to the organization carrying out the E/E/PES integration.
f) provides requirements for the preparation of information and procedures concerning software needed by the user for the operation and maintenance of the E/E/PE safety-related system.
g) provides requirements to be met by the organization carrying out modifications to safety-related software.
h) provides, in conjunction with GB/T 20438.1 and GB/T 20438.2, requirements for support tools such as development and design tools, language translators, testing and debugging tools, configuration management tools.
Note 4: Figures 4 and 6 show the relationship between GB/T 20438.2 and GB/T 20438.3.
1.2 GB/T 20438.1, GB/T 20438.2, GB/T 20438.3 and GB/T 20438.4 are basic safety publications, although this status does not apply in the context of low complexity E/E/PE safety-related systems (see 3.4.4 of GB/T 20438.4-2006). As basic safety publications, they are intended for use by Technical Committees in the preparation of standards in accordance with the principles contained in ISO/IEC Guide 104 and ISO/IEC Guide 51. One of the responsibilities of a Technical Committee is, wherever applicable, to make use of basic safety publications in the preparation of its own publications. GB/T 20438 is also intended for use as a stand-alone standard.
1.3 Figure 1 shows the overall framework for GB/T 20438 and indicates the role that this part plays in the achievement of functional safety for E/E/PE safety-related systems. Appendix A of GB/T 20438.6-2006 describes the application of GB/T 20438.2 and GB/T 20438.3.
2 Normative References
The following normative documents contain provisions which, through reference in this text, constitute provisions of this part of GB/T 20438. For dated references, subsequent amendments to, or revisions of, any of these publications do not apply. However, parties to agreements based on this part are encouraged to investigate the possibility of applying the most recent editions of the normative documents indicated below. For undated references, the latest edition of the normative document referred to applies.
GB/T 20438.1-2006 Functional Safety of Electrical/Electronic/Programmable Electronic Safety-related Systems — Part 1: General Requirements (IEC 61508-1:1998, IDT)
GB/T 20438.2-2006 Functional Safety of Electrical/Electronic/Programmable Electronic Safety-related Systems — Part 2: Requirements for Electrical/Electronic/Programmable Electronic Safety-related Systems (IEC 61508-2:2000, IDT)
GB/T 20438.4-2006 Functional Safety of Electrical/Electronic/Programmable Electronic Safety-related Systems — Part 4: Definitions and Abbreviations (IEC 61508-4:1998, IDT)
GB/T 20438.5-2006 Functional Safety of Electrical/Electronic/Programmable Electronic Safety-related Systems — Part 5: Examples of Methods for the Determination of Safety Integrity Levels (IEC 61508-5:1998, IDT)
GB/T 20438.6-2006 Functional Safety of Electrical/Electronic/Programmable Electronic Safety-related Systems — Part 6: Guidelines on the Application of GB/T 20438.2-2006 and GB/T 20438.3-2006 (IEC 61508-6:2000, IDT)
GB/T 20438.7-2006 Functional Safety of Electrical/Electronic/Programmable Electronic Safety-related Systems — Part 7: Overview of Techniques and Measures (IEC 61508-7:2000, IDT)
ISO/IEC Guide 51:1990 Guidelines for the Inclusion of Safety Aspects in Standards
IEC Guide 104:1997 The Preparation of Safety Publications and the Use of Basic Safety Publications and Group Safety Publications
3 Definitions and Abbreviations
See GB/T 20438.4.
Foreword III
Introduction IV
1 Scope
2 Normative References
3 Definitions and Abbreviations
4 Conformance to This Standard
5 Documentation
6 Software Quality Management System
6.1 Objectives
6.2 Requirements
7 Software Safety Lifecycle Requirements
7.1 General
7.2 Software safety requirements specification
7.3 Software safety validation planning
7.4 Software design and development
7.5 Programmable electronics integration (hardware and software)
7.6 Software operation and modification procedures
7.7 Software safety validation
7.8 Software modification
7.9 Software verification
8 Functional Safety Assessment
Appendix A (Normative) Guide to the Selection of Techniques and Measures
Appendix B (Normative) Detailed Tables
Figure 1 Overall Framework of GB/T 20438
Figure 2 E/E/PES Safety Lifecycle (in Realisation Phase)
Figure 3 Software Safety Lifecycle (in Realisation Phase)
Figure 4 Relationship and Scope for GB/T 20438.2 and GB/T 20438.3
Figure 5 Software Safety Integrity and the Development Lifecycle (the V-model)
Figure 6 Relationship between the Hardware and Software Architectures of Programmable Electronics
Table 1 Software Safety Lifecycle: Overview
Table A.1 Software Safety Requirements Specification (See 7.2)
Table A.2 Software Design and Development: Software Architecture Design (See 7.4.3)
Table A.3 Software Design and Development: Support Tools and Programming Language (See 7.4.4)
Table A.4 Software Design and Development: Detailed Design (See 7.4.5 and 7.4.6)
Table A.5 Software Design and Development: Software Module Testing and Integration (See 7.4.7 and 7.4.8)
Table A.6 Programmable Electronics Integration (Hardware and Software) (See 7.5)
Table A.7 Software Safety Validation (See 7.7)
Table A.8 Modification (See 7.8)
Table A.9 Software Verification (See 7.9)
Table A.10 Functional Safety Assessment (See Clause 8)
Table B.1 Design and Coding Standards (Referenced by Table A.4)
Table B.2 Dynamic Analysis and Testing (Referenced by Tables A.5 and A.9)
Table B.3 Functional and Black Box Testing (Referenced by Tables A.5, A.6 and A7)
Table B.4 Failure Analysis (Referenced by Table A.10)
Table B.5 Modelling (Referenced by Table A.7)
Table B.6 Performance Testing (Referenced by Tables A.5 and A.6)
Table B.7 Semi-formal Methods (Referenced by Tables A.1, A.2 and A.4)
Table B.8 Static Analysis (Referenced by Table A.9)
Table B.9 Modular Approach (Referenced by Table A.4)
1 Scope
1.1 This part of GB/T 20438
a) is intended to be utilized only after a thorough understanding of GB/T 20438.1 and GB/T 20438.2.
b) applies to any software forming part of a safety-related system or used to develop a safety-related system within the scope of GB/T 20438.1 and GB/T 20438.2. Such software is termed safety-related software.
— Safety-related software includes operating systems, system software, software in communication networks, human-computer interface functions, support tools and firmware as well as application programs.
— Application programs include high level programs, low level programs and special purpose programs in limited variability languages (see 3.2.7 of GB/T 20438.4-2006).
c) requires that the software safety functions and software safety integrity levels are specified.
Note 1: If this has already been done as part of the specification of the E/E/PE safety-related systems (see 7.2 of GB/T 20438.2-2006), then it does not have to be repeated in this part.
Note 2: Specifying the software safety functions and software safety integrity levels is an iterative procedure – see Figures 2 and 6.
Note 3: See Clause 5 and Appendix A of GB/T 20438.1-2006 for documentation structure. The documentation structure may take account of company procedures, and of the working practices of specific application sectors.
d) establishes requirements for safety lifecycle phases and activities that are to be applied during the design and development of the safety-related software (the software safety lifecycle model). These requirements include the application of measures and techniques, which are graded against the safety integrity level, for the avoidance of and control of faults and failures in the software.
e) provides requirements for information relating to the software safety validation to be passed to the organization carrying out the E/E/PES integration.
f) provides requirements for the preparation of information and procedures concerning software needed by the user for the operation and maintenance of the E/E/PE safety-related system.
g) provides requirements to be met by the organization carrying out modifications to safety-related software.
h) provides, in conjunction with GB/T 20438.1 and GB/T 20438.2, requirements for support tools such as development and design tools, language translators, testing and debugging tools, configuration management tools.
Note 4: Figures 4 and 6 show the relationship between GB/T 20438.2 and GB/T 20438.3.
1.2 GB/T 20438.1, GB/T 20438.2, GB/T 20438.3 and GB/T 20438.4 are basic safety publications, although this status does not apply in the context of low complexity E/E/PE safety-related systems (see 3.4.4 of GB/T 20438.4-2006). As basic safety publications, they are intended for use by Technical Committees in the preparation of standards in accordance with the principles contained in ISO/IEC Guide 104 and ISO/IEC Guide 51. One of the responsibilities of a Technical Committee is, wherever applicable, to make use of basic safety publications in the preparation of its own publications. GB/T 20438 is also intended for use as a stand-alone standard.
1.3 Figure 1 shows the overall framework for GB/T 20438 and indicates the role that this part plays in the achievement of functional safety for E/E/PE safety-related systems. Appendix A of GB/T 20438.6-2006 describes the application of GB/T 20438.2 and GB/T 20438.3.
2 Normative References
The following normative documents contain provisions which, through reference in this text, constitute provisions of this part of GB/T 20438. For dated references, subsequent amendments to, or revisions of, any of these publications do not apply. However, parties to agreements based on this part are encouraged to investigate the possibility of applying the most recent editions of the normative documents indicated below. For undated references, the latest edition of the normative document referred to applies.
GB/T 20438.1-2006 Functional Safety of Electrical/Electronic/Programmable Electronic Safety-related Systems — Part 1: General Requirements (IEC 61508-1:1998, IDT)
GB/T 20438.2-2006 Functional Safety of Electrical/Electronic/Programmable Electronic Safety-related Systems — Part 2: Requirements for Electrical/Electronic/Programmable Electronic Safety-related Systems (IEC 61508-2:2000, IDT)
GB/T 20438.4-2006 Functional Safety of Electrical/Electronic/Programmable Electronic Safety-related Systems — Part 4: Definitions and Abbreviations (IEC 61508-4:1998, IDT)
GB/T 20438.5-2006 Functional Safety of Electrical/Electronic/Programmable Electronic Safety-related Systems — Part 5: Examples of Methods for the Determination of Safety Integrity Levels (IEC 61508-5:1998, IDT)
GB/T 20438.6-2006 Functional Safety of Electrical/Electronic/Programmable Electronic Safety-related Systems — Part 6: Guidelines on the Application of GB/T 20438.2-2006 and GB/T 20438.3-2006 (IEC 61508-6:2000, IDT)
GB/T 20438.7-2006 Functional Safety of Electrical/Electronic/Programmable Electronic Safety-related Systems — Part 7: Overview of Techniques and Measures (IEC 61508-7:2000, IDT)
ISO/IEC Guide 51:1990 Guidelines for the Inclusion of Safety Aspects in Standards
IEC Guide 104:1997 The Preparation of Safety Publications and the Use of Basic Safety Publications and Group Safety Publications
3 Definitions and Abbreviations
See GB/T 20438.4.
Contents of GB/T 20438.3-2006
Foreword III
Introduction IV
1 Scope
2 Normative References
3 Definitions and Abbreviations
4 Conformance to This Standard
5 Documentation
6 Software Quality Management System
6.1 Objectives
6.2 Requirements
7 Software Safety Lifecycle Requirements
7.1 General
7.2 Software safety requirements specification
7.3 Software safety validation planning
7.4 Software design and development
7.5 Programmable electronics integration (hardware and software)
7.6 Software operation and modification procedures
7.7 Software safety validation
7.8 Software modification
7.9 Software verification
8 Functional Safety Assessment
Appendix A (Normative) Guide to the Selection of Techniques and Measures
Appendix B (Normative) Detailed Tables
Figure 1 Overall Framework of GB/T 20438
Figure 2 E/E/PES Safety Lifecycle (in Realisation Phase)
Figure 3 Software Safety Lifecycle (in Realisation Phase)
Figure 4 Relationship and Scope for GB/T 20438.2 and GB/T 20438.3
Figure 5 Software Safety Integrity and the Development Lifecycle (the V-model)
Figure 6 Relationship between the Hardware and Software Architectures of Programmable Electronics
Table 1 Software Safety Lifecycle: Overview
Table A.1 Software Safety Requirements Specification (See 7.2)
Table A.2 Software Design and Development: Software Architecture Design (See 7.4.3)
Table A.3 Software Design and Development: Support Tools and Programming Language (See 7.4.4)
Table A.4 Software Design and Development: Detailed Design (See 7.4.5 and 7.4.6)
Table A.5 Software Design and Development: Software Module Testing and Integration (See 7.4.7 and 7.4.8)
Table A.6 Programmable Electronics Integration (Hardware and Software) (See 7.5)
Table A.7 Software Safety Validation (See 7.7)
Table A.8 Modification (See 7.8)
Table A.9 Software Verification (See 7.9)
Table A.10 Functional Safety Assessment (See Clause 8)
Table B.1 Design and Coding Standards (Referenced by Table A.4)
Table B.2 Dynamic Analysis and Testing (Referenced by Tables A.5 and A.9)
Table B.3 Functional and Black Box Testing (Referenced by Tables A.5, A.6 and A7)
Table B.4 Failure Analysis (Referenced by Table A.10)
Table B.5 Modelling (Referenced by Table A.7)
Table B.6 Performance Testing (Referenced by Tables A.5 and A.6)
Table B.7 Semi-formal Methods (Referenced by Tables A.1, A.2 and A.4)
Table B.8 Static Analysis (Referenced by Table A.9)
Table B.9 Modular Approach (Referenced by Table A.4)