[SystemSafety] A Fire Code for Software?

David Ward david.ward at horiba-mira.com
Thu Mar 8 14:01:10 CET 2018 

The statement on Type Approval is not quote correct - for braking and steering the so-called "Complex electronics annex" requires evidence of the software development process and the "safety concept" as well as witnessed fault injection tests.  It's nothing like a full-on ISO 26262 requirement but the ISO 26262 activities would produce the evidence needed.

The people who set the TA regulations are also considering how to deal with software updates, particularly where there are frequent changes (e.g. "over the air" updates).

David Ward

From: systemsafety [mailto:systemsafety-bounces at lists.techfak.uni-bielefeld.de] On Behalf Of Andrew Banks
Sent: 08 March 2018 06:12
To: 'Steve Tockey' <Steve.Tockey at construx.com>; 'Andy Ashworth' <andy at the-ashworths.org>
Cc: systemsafety at lists.techfak.uni-bielefeld.de
Subject: Re: [SystemSafety] A Fire Code for Software?

Hi Steve

And here is the rub:

>> My definition of "model based" involves creating and maintaining precise specifications of semantics:
>> policies that need to be enforced and processes that need to be carried out.

It is the absence of this up-front work that is so prevalent in software (and systems-) engineering... even in formal development environments, engineers need to "get on with it" and let the requirements catch up.  Then throw in the paradigm shift to more Agile methods and it gets even more unpredictable.

But The Authorities seem to not care: Eg in the automotive world, despite standards such as ISO 26262 there is no statutory requirement to follow a formal development process... only "conformity of production" matters - and the type approval process doesn't even mention the existence of software (or involve any checking of how it came into being), and just concerns itself with the physical characteristics of the vehicle.

Compare with civil engineering, where the detailed plans form part of the planning process, and implementation is controlled by strict building regulations, and independently monitored - and all components have to comply with appropriate standards.


Regards
Andrew



HORIBA MIRA Ltd

Watling Street, Nuneaton, Warwickshire, CV10 0TU, England
Registered in England and Wales No. 9626352
VAT Registration  GB 100 1464 84

This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.techfak.uni-bielefeld.de/mailman/private/systemsafety/attachments/20180308/094411a6/attachment-0001.html>

More information about the systemsafety mailing list