Leading researches and practitioners will present tutorials on Sunday 4th October
between 14.00 and 18.00. Three tutorials are planed:
Whether a tutorial is run depends on having enough participants. We hope all tutorials
will be presented, but this cannot be guaranteed. For this reason, please select first and
second choice tutorials on the registration form.
Tutorial 1: Safety Case Development
- Robin Bloomfield, Adelard, UK
A safety case is a requirement in many safety standards. Explicit safety cases are
required for military systems, the off shore oil industry, rail transport and the
nuclear industry. Furthermore, equivalent requirements can be found in other industry
standards, such as IEC 1508, the EN 292 Machinery Directive and DO 178B for avionics.
In regulated industries such as the nuclear industry, the need to demonstrate safety
to a regulator can be a major commercial risk. For example the computer-based Darlington
Reactor Protection System in Canada required around 50 man years of software assessment
effort which was probably more than the effort required to develop the software.
The Adelard safety case development methodology (SCAD) seeks to minimise safety risks
and commercial risks by constructing a demonstrable safety case. The main features of
the methodology are:
- The safety case makes claims about the behaviour of the system (i.e. functional
behaviour and system attributes) and methods for structuring the safety arguments
which are both understandable and traceable.
- Safety case development is an integral part of the development process, so that
the feasibility and costs of the associated safety case are considered from the
outset.
The tutorial will describe the basic technical approach together with the associated
management and procedural aspects of implementing a safety case. Specific safety case
examples will be used to illustrate the technical approach.
Tutorial 2: Safer use of C in Embedded Systems
Programming
- Paul Edwards, Rover Group Ltd, UK
The tutorial will be based around the "Guidelines for the use of the C language in
vehicle based software", published in April 1998 by the UK's Motor Industry Software
Reliability Association (MISRA). It will consider how the use of such programming
guidelines (or language 'subset') can make an important contribution to the overall
integrity of code, and provide practical guidance in applying the Guidelines.
The content of the tutorial will include:
- The C language and problems associated with it
- The use of C in embedded systems, with examples from the automotive industry
- Background to the development of the MISRA C Guidelines
- The Guidelines within wider system lifecycle issues
- Content of the Guidelines
- Practical advice on adopting the Guidelines within a company
- Associated topics such as: coding style guidelines, deviation procedure, complexity
metrics, choosing and validating compilers
- The use of static checking tools
The tutorial will be of interest to anyone using, or thinking of using, C in either
safety-related systems or embedded systems (or both). It will also be of interest to
anyone concerned with issues of programming languages for safety-related systems.
Tutorial 3: Draft International Standard IEC 61508
- Ron Bell, HSE, UK and Rainer Faller, TÜV-Bayern, D
The tutorial will provide an overview of the proposed International Electrotechnical
Commission (IEC) standard (IEC 61508) on "Functional safety of electrical/ electronic/
programmable electronic safety-related systems". The standards sets out a generic approach
for all Safety Lifecycle activities for electrical/ electronic/ programmable electronic
systems (E/E/PESs) that are used to perform safety functions. The emergence of this
international standard should be a major step towards the adoption of a more rational
and consistent technical policy for all electrically based safety-related systems.
A major objective is to facilitate the development of application sector standards.
In detail the tutorial will cover:
- Parts structure of IEC 61508
- IEC Basic Safety Publication: Applicability to IEC 61508
- Strategy to achieve functional safety of E/E/PE safety-related systems
- Role of the Safety Lifecycle in the Specification & Design process
- Safety Integrity levels
- Risk reduction concepts
- Hardware Safety Integrity
- Quantitative and Qualitative approaches
- Goals and messages of Software Requirements
- Refined life-cycle model: V-model
- Functional Safety Management - relation to process flow oriented Quality Management
- Other standards to be considered
- Software Development - forward path, including
- Requirements specification - requirements traceability
- Design and implementation - procedures and techniques
- Testing - integration sequence and methods
- Version and configuration management
- User defined application programs - limited variability programs
- Software Maintenance and Enhancement - backward path, including
- Feedback tracking and evaluation
- Modification procedure and impact analysis
- Regression testing
- Functional safety management: Learn for the future
- Documentation requirements
- Experience with the co-existance of IEC 61508-3 with other software safety
standards like EN 50128, IEC 601-1-4, DIN V VDE 0801 A1, and DO 178B
- PES complexity & implications for conformity assessment
- Way ahead and concluding remarks.
Key parts of IEC 61508 are expected to be published in 1998; with the other parts in 1999.
|