[SystemSafety] Agile methods

M Mencke menckem at gmail.com
Mon Sep 2 14:38:47 CEST 2013 

René,

I have come across a situation in the railway field where an
organization was required by the customer to comply with a safety standard
which has specific requirements on the software development process, in
this case, EN 50128, where this was previously not required.

It seems to me that this type of situation typically arises in
industries/products where the SIL concept has traditionally not been
applied, or is being introduced. The customer creates a “SIL requirement”
as a type of marketing argument, where the SIL is understood by the
customer as applying to equipment rather than to a function (in order to be
able to state “This equipment is SIL X” in commercial scenarios).

Regarding your question, “Have you encountered a situation, in industrial
practice, in which an organization developing software following an agile
methodology has to comply with a safety standard which has specific
requirements on the software development process?”

This is a polar question, which can only be answered with a yes/no.

If you are interested in practical experience, it might be useful to add to
this question which aspect(s) of such a situation you are interested in.
For example, if the answer is “yes”, was the project actually a success?
Which measures/procedures were implemented in the company to approach this
problem and reconcile the development process with such requirements?, etc.
Depending on the type of information you are seeking, it may not be
possible to provide particular details regarding such a state of affairs,
as this information may be company-specific.
Regards,
Myriam.


2013/9/2 Jon Davies <jdavies at theiet.org>

> On 30 August 2013 18:02, René Senden <rene.senden at gmail.com> wrote:
> > Dear all,
> >
> > Do any of you have practical experience with reconciling established
> agile
> > software development with software safety requirements (e.g. IEC-61508 or
> > DO-178..) ?
>
> Yes, and we usually end up throwing away the software developed using
> "agile" methods, and starting again properly.
>
> I'm taking "agile software development" as meaning the development of
> software using processes consistent with the agile manifesto:
> http://agilemanifesto.org/ - to quote the relevant part:
> "...we value... working software over comprehensive documentation"
>
> this is fundamentally in conflict with many of the things we know
> about building high integrity software, and so "agile" methods are
> fundamentally in conflict with developing software for safety critical
> systems.
>
> There's plenty to learn from agile development methods that might be
> useful in high integrity software development, but that's a whole
> different discussion.  Every time we discuss agile development here,
> we end up back at the need to use a development process that builds in
> correctness - we can't test exhaustively, so we need a process that
> builds integrity in.  Agile methods don't do this.
>
> Jon
> _______________________________________________
> The System Safety Mailing List
> systemsafety at TechFak.Uni-Bielefeld.DE
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.techfak.uni-bielefeld.de/mailman/private/systemsafety/attachments/20130902/a3d9e4ae/attachment-0001.html>

More information about the systemsafety mailing list