[SystemSafety] Fwd: Rethinking Safety and Security/11 PCB Layout Myths

Mario Gleirscher mario.gleirscher at tum.de
Thu Dec 8 09:57:06 CET 2016


Hello Peter,
hello everyone,

according to my restricted knowledge of the field, I would say that DALs
and SILs are comparable, and that's what the article says, comparable
but not the same.

And, according to Peter's helpful description, it is actually derivable
that
SILs are in fact comparable to DALs
AND
SILs seem to be just a bit more specific than DALs, i.e.
SILs are associated with a set of reliability requirements for safety
functions
whereas
DALs are associated with a set of (reliability) requirements for various
parts/components of a critical system design.

So, for me, DALs and SILs are counterpart concepts in different
standards, with all the probably big differences in consequences. And,
note, I definitely wouldn't apply DALs instead of SILs to an item or the
other way round without exactly knowing how to transfer the best
practices behind these sets of requirements agreed upon in the DO and
26262 domains.

Best,
Mario Gleirscher

On 08.12.2016 09:19, David MENTRÉ wrote:
> Hello,
> 
> On 12/08/2016 06:35 AM, Peter Bernard Ladkin wrote:
>> Wong makes the common mistake of formulating equivalence between
>> "levels", here the Design Assurance
>> Levels (DAL) of avionics with the Automotive Safety Integrity Levels
>> (ASILs) of ISO 26262.
> 
> I would make the same mistake.
> 
>> DALs are criticality levels. How critical something is to the
>> operation of the system, and therefore
>> what level of assurance to which it should be subject.
>>
>> A SIL is a reliability requirement on a safety function. A safety
>> function is something whose action
>> reduces an unacceptable risk of a specific hazard to an acceptable
>> risk. It operates as designed
>> only if the reliability requirement set by the SIL is fulfilled.
>>
>> In principle, all safety functions have the same criticality: they are
>> all critical, period. So, one
>> criticality level, rather than the five of ED-12C.
> 
> [disclaimer: I never looked at ED-12C / DO-178C text.]
> 
> So all SIL A to D of ISO 26262 would correspond to one DAL of EC-12C?
> Which one? DAL A?
> 
> If this the case, why make the difference between several "sub-DAL-As"
> in ISO 26262?
> 
> From my software engineering point of view, ISO 26262 SILs and
> EC-12C/DO-128C DALs are the amount of work to reach a certain level of
> quality of the software, and in that sense are similar.
> 
> Best regards,
> D. Mentré
> _______________________________________________
> The System Safety Mailing List
> systemsafety at TechFak.Uni-Bielefeld.DE

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5053 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://lists.techfak.uni-bielefeld.de/mailman/private/systemsafety/attachments/20161208/166954a3/attachment.bin>


More information about the systemsafety mailing list