Application software development for safety instrumented systems - A comparison and evaluation of applied approaches in light of IEC 61511
Abstract
Standards are used widely to provide guidance for the development of safety instrumented system.However, safety systems, implemented in railways, aviation, nuclear, etc., also require thedevelopment of a safety case to obtain the acceptance. At the same-time, it is important to knowthat like hardware, software reliability of such systems also has direct relation to safety, wheresafety is a condition of being safe from an unwanted situation. In other words, the state freefrom risk is called safe, which eventually leads to safety of the humans, environment and assets.Safety instrumented systems play a vital role to maintain the system safety and their reliableoperation and therefore they are important for the safe system operation. In order to ensuresystem safety, many principles and methods have been proposed and extensive research hasbeen done and still going along. However, in software, it is not possible to measure the associatedhazards, therefore, current standards in the railways, aviation and nuclear sectors haveidentified design and safety processes for different safety integrity levels (SILs) or developmentassurance levels (DALs). The assumption is that the software development for the componentswith higher SILs/DALs will be less prone to critical failures. Therefore, it is important to notethat for the safe system operation or overall system, safety is combined outcome of both systemhardware and the underlying software running on it. As earlier we mentioned that, significantresearch has been carried out on the reliability assessment of such systems with regard to hardwarepart, but little has been done with regard to software part.The goal of this thesis is the provision of support during the software development of safetyrelated systems in terms of guidelines on the important aspects based on the IEC 61508, IEC61511 standards that refer to the best practices in different sectors of the relevant area. In orderto achieve this goal, the best practices of the software development are evaluated by conductinginterviews in different industries and individuals based on their expertise in the area of safetyrelated systems and this evaluation is the main contribution of this thesis. Particularly, two differentmanufacturers, one of them works at the product level and the other at the applicationlevel (Integrator) have been interviewed to explore their best practices in the of software development.Different measures and standardized techniques which are widely and most likelyadapted by different sectors have been investigated. Pros and cons of traditional and agile software development methods are illustrated.It is recognized that the selection of appropriate techniques/ measures for the software developmentdecided according to the assigned safety integrity level. The software requirementsget stricter as the level of safety and integrity increases. Standards have ranked each technique/measure as highly recommended (HR), recommended (R) and not recommended (NR)based on the required SIL of the software system. The sole purpose of such ranking is to awareone regarding the importance of certain techniques/measures. For example, if some technique/measurehas assigned HR ranking, it means that technique/measure is highly recommended for that particularapplication and must be applied during the software development.The thesis concludes with the discussion of trends, new methods and approaches of softwaredevelopment of the safety critical system.