[SystemSafety] Software Safety Assessment

Martyn Thomas martyn at thomas-associates.co.uk
Wed Jul 8 13:47:40 CEST 2015 

In the UK, the governing legislation is the 1974 HSWA. As a duty holder,
one is required to assess the risks to workers and the general public
and to reduce those that are not and to mitigate those risksso far as
reasonably practicable (i.e. to the point where the cost of further risk
reduction would be very disproportionate to the benefit realised).

If standard X was replaced because it was considered inadequate to
satisfy the duty under the Act, then it should no longer be used.
Moreover, if Project A is still in use, then the duty holders must
question whether they have fulfilled their duties under the Act by
following Standard X - in particular, it may be considered negligent if
they have not reassessed A against the revised standard to establish
whether the risks of continued operation are still ALARP. If the
"improved checklist" is an internal company document, then both the
checklist and the revised standard would seem to be significant
documents that a reasonable person would take into account in assessing
whether the duties had been fulfilled.

A reassessment should also follow any material changes to the operating
environment.

These are my personal views only. I am not a lawyer and the views of HSE
or a UK Court may well differ from mine.

Martyn




On 08/07/2015 10:53, Carl Sandom wrote:
>
> Consider the following scenario:
>
>  
>
> In 2004 Project A software was assessed against a safety standard
> (let's call it Standard X). Standard X had a very prescriptive list of
> software safety requirements and a simple checklist was used for
> assessing SIL1 compliance.
>
>  
>
> In 2014, Project B began to integrate significant new functionality
> into Project A. Standard X, which was by 2014 an obsolete standard,
> was used to assess the significantly smaller software baseline of
> Project B. Under modern scrutiny, the simple Standard X checklist used
> for Project A in 2004 was not as explicit as it could have been and it
> was decided to use an improved checklist for Project B.
>
>  
>
> A couple of important questions can be raised with this scenario:
>
>  
>
> 1. Is it acceptable to use an obsolete safety standard to assess software?
>
>  
>
> 2. Is the SIL1 claim for 10 year old Project A invalid because the
> checklist could have been better?
>
>  
>
> 3. If Project B used the old checklist from Project A would that be
> adequate?
>
>  
>
> I've been having some interesting discussions with the Project
> Managers involved, any thoughts?
>
>  
>
> Regards
>
> Carl
>
> _________________________________
>
> Dr. Carl Sandom CErgHF CEng PhD
>
> Director
>
> iSys Integrity Ltd.
>
> +44 7967 672560
>
> carl at isys-integrity.com <mailto:carl at isys-integrity.com>
>
> www.isys-integrity.com <http://www.isys-integrity.com>
>
> _________________________________
>
>  
>
>
>
> _______________________________________________
> The System Safety Mailing List
> systemsafety at TechFak.Uni-Bielefeld.DE

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.techfak.uni-bielefeld.de/mailman/private/systemsafety/attachments/20150708/cbd44d9d/attachment.html>

More information about the systemsafety mailing list