Safety Related Systems

Similar documents
SPICE auf der Überholspur. Vergleich von ISO (TR) und Automotive SPICE

Reduce Medical Device Compliance Costs with Best Practices.

ida.com excellence in dependable automation

SAFE SOFTWARE FOR SPACE APPLICATIONS: BUILDING ON THE DO-178 EXPERIENCE. Cheryl A. Dorsey Digital Flight / Solutions cadorsey@df-solutions.

Cisco ASA und FirePOWER Services

Functional Safety and Automotive SW - Engineering Introduction ISO Daimler

Embedded Software Development and Test in 2011 using a mini- HIL approach

Intelligent development tools Design methods and tools Functional safety

Safety Issues in Automotive Software

SOFTWARE VERIFICATION RESEARCH CENTRE SCHOOL OF INFORMATION TECHNOLOGY THE UNIVERSITY OF QUEENSLAND. Queensland 4072 Australia TECHNICAL REPORT

Is Cloud relevant for SOA? Corsin Decurtins

SWISS OPERATIONS SAFETY ASSURANCE

Dokumentation über die Übernahme von. "GS-R-3" (The Management System for Facilities and Activities) "Sicherheitskriterien für Kernkraftwerke"

Benutzerfreundlich, tiefe Betriebskosten und hohe Sicherheit. Warum sich diese Ziele nicht widersprechen müssen

Vergleich der Versionen von Kapitel 7 des EU-GMP-Leitfadens (September 2012)

ENTWURF ÖVE/ÖNORM EN

ISO/IEC 27001:2013 Thema Änderungen der Kontrollen der ISO/IEC 27001:2013 im Vergleich zur Fassung aus 2005 Datum

Erfolgreiche Zusammenarbeit:

LEARNING AGREEMENT FOR STUDIES

IAC-BOX Network Integration. IAC-BOX Network Integration IACBOX.COM. Version English

Training for the Implementation of the European Eco-label for Tourist Accommodations and Camp Sites

Vergleich der Versionen von Kapitel 1 des EU-GMP-Leitfaden (Oktober 2012) 01 July November Januar 2013 Kommentar Maas & Peither

Safety-Critical Systems: Processes, Standards and Certification

How to Upgrade SPICE-Compliant Processes for Functional Safety

Building an Architecture Model Entwerfen Sie mit AxiomSys ein Kontextdiagramm, das folgendermaßen aussieht:

Training Courses. STI Instructor-led Training.

APPLICATION SETUP DOCUMENT

ONLINE LAUNCHER. Choose one of the following: RADEON Products. HydraVision. Compliance Information

Functional safety. Essential to overall safety

Syllabus Agile Management Foundation

Machineontwerp volgens IEC 62061

Über die Semantik von Modellierungssprachen

Microsoft Nano Server «Tuva» Rinon Belegu

I-Q SCHACHT & KOLLEGEN QUALITÄTSKONSTRUKTION GMBH ISO 26262:2011. Liste der Work Products aus der Norm

Integrating System Safety and Software Assurance

Smart Remote. with. QuickGuide

Controlling Risks Risk Assessment

Hybrid ist Pflicht mit Ultimate/Reliable Scrum und Critical Chain zu einer hochskalierbaren agile Projektorganisation Praxisberichte

Produktfamilienentwicklung

University of Paderborn Software Engineering Group II-25. Dr. Holger Giese. University of Paderborn Software Engineering Group. External facilities

Fundamental Principles of Software Safety Assurance

Kapitel 2 Unternehmensarchitektur III

Technische Alternative elektronische Steuerungsgerätegesellschaft mbh. A-3872 Amaliendorf, Langestr. 124 Tel +43 (0)

Safety and security related features in AUTOSAR

WHITEPAPER: SOFTWARE APPS AS MEDICAL DEVICES THE REGULATORY LANDSCAPE

Certificate SAP INTEGRATION CERTIFICATION

BK MIKRO9. Tool monitoring system. Getting Started with Profibus Release 1.00 /

Internet of Things and Automotive. Challenges and Tasks.

Synopse: EU-GMP- Leitfaden Annex 11 Computerised Systems

.OR.AT.ATTORNEY.AUCTION.BARGAINS.BAYERN.BERLIN.BLACKFRIDAY.BOUTIQUE.BRUSSELS.BUILDERS

Registries: An alternative for clinical trials?

Software-based medical devices from defibrillators

MODERN MATHEMATICS International Summer School for Students Participation Agreement

A: Ein ganz normaler Prozess B: Best Practices in BPMN 1.x. ITAB / IT Architekturbüro Rüdiger Molle März 2009

Introduction of ISO/DIS (ISO 26262) Parts of ISO ASIL Levels Part 6 : Product Development Software Level

Dr. Brian Murray March 4, 2011

Upgrading Your Skills to MCSA Windows Server 2012 MOC 20417

HYPO TIROL BANK AG. EUR 5,750,000,000 Debt Issuance Programme (the "Programme")

First Environmental Comparison of Rail Transport

How To Design An Integrated Project Management System

Certification Authorities Software Team (CAST) Position Paper CAST-9

Medical Liability Task Force

New quality management system

Power. Passion. Partnership.

Leitfaden für die Antragstellung zur Förderung einer nationalen Biomaterialbankeninitiative

8800 Series VAC PSU XCM88PS1

A Methodology for Safety Case Development. Foreword

Lean E T HS MF Einführung des Lean Company Programms in der Siemens Business Unit E T HS

The number of fatalities fell even further last year to below 6,000 for the first time in 54 years since 1953.

LEHMAN BROTHERS SECURITIES N.V. LEHMAN BROTHERS (LUXEMBOURG) EQUITY FINANCE S.A.

Financial Reinsurance with Applications in Life Reassurance

Creating Competitive Advantage: The role for ALM in the PLM world

Technik vs. Lean: Widerspruch oder Ergänzung

Mit einem Auge auf den mathema/schen Horizont: Was der Lehrer braucht für die Zukun= seiner Schüler

Berufsakademie Mannheim University of Co-operative Education Department of Information Technology (International)

Controlling Risks Safety Lifecycle

Digicomp Microsoft Evolution Day MIM 2016 Oliver Ryf. Partner:

ENTWURF ÖVE/ÖNORM EN

Dietlinde Quack, Carl-Otto Gensch 1

Opportunities and Challenges in Software Engineering for the Next Generation Automotive

QAS DEBUG - User und Computer

Timebox Planning View der agile Ansatz für die visuelle Planung von System Engineering Projekt Portfolios

ICG-9 Meeting, Prague, Session 3, 11 th Nov Spectrum Monitoring applied to the Detection and Geolocation of GPS Jammers

Wolkige Versprechungen - Freiraum mit Tuecken

Closed-Loop Engineering Integrated Product Development at a Vehicle Manufacturer

Product Quality and Environmental Standards: The Effect of an International Environmental Agreement on Tropical Timber Trade

European technical approval

Servermigrationen zu Hyper-V / Azure mit Double-Take Move

WORKSHOP RC EVI Integração de Sistemas Junho de 2011 Eng. Nelson José Wilmers Júnior

ISO Introduction

Geschäftsprozesse mit Enterprise SPICE und ISO verbessern und ihre Reife messen

ISO Functional Safety Draft International Standard for Road Vehicles: Background, Status, and Overview

22. April 2010 Siemens Enterprise Communications

Transcription:

Safety Related Systems What are the demands? Seite 1

Safety Competence Center Vienna SCCV > Safe systems for a safer world! Seite 2

Safety Competence Center Vienna > Vision > Das Safety Competence Center Vienna (SCCV) wird Wissensdrehscheibe für System/Functional Safety mit internationaler Vernetzung. > Mission > Das SCCV versteht sich als Kompetenzträger im Bereich System/Functional Safety mit folgenden Dienstleistungen: > Lehrveranstaltungen und Trainings > Tool- und Methodenentwicklung > Coaching Seite 3

ISaP Integrativer Safety Prozess Problemraum Modellierungsraum Lösungsraum Anwendung Projekt- Management & Wartung Projekt- Initialisierung Projektstart Projekt-Controlling Projekt- Abschluss Wartung System Safety Management Preliminary Hazard Identification FHA PSSA System Safety Assessment Operational SSA Engineering & Operation Konzeptionierung Anf. Analyse Entwurf Konstruktion, (Realisierung), Integration & Test Betrieb & Technische Wartung Entsor gung Unterstützende Prozesse Konfigurationsmanagement, Qualitätsmanagement (Verifikation, Validierung) Problemlösungs- Management, Änderungsmanagement SCCV 20/09/10 Seite 4

Introduction > What is the motivation for considering safety? > What is safety? > What is a safety related system? > How is software involved? > What are the demands on safety related systems? > What is the role of the OS? Seite 5

Motivation > Why does safety become increasingly important? Seite 6

Complexity several years ago > Car electrical system 1970 Seite 7

Complexity now > Modern premium car source: http://images.thetruthaboutcars.com Seite 8

Complexity now > Modern premium car > Six different computer networks > More than 1.000 different messages > 20-70 electronic control units (ECUs) > 70-150 sensors > 100 million lines of code (LoC) source: www.embedded.com source http://spectrum.ieee.org/green-tech/advanced-cars/this-car-runs-on-code Seite 9

European union product liability > Product Liability Directive 85/374/EEC > Since 1988 > Applies to products, does not apply to services > The producers shall be liable for damage caused by a defect in their products > Death, personal injury, property damage > Factors taken into account > Presentation of the product > Reasonable use > Time the product was put into circulation > Producers may not limit their liability > Producer of a component is jointly liable with the producer of the product Seite 10

Safety regulations, norms and standards MIL STD 882D Def Stan 00-56 IEC 61800 Generic IEC 61508 Military IEC 61511 Electricdrive Processindustry Safety of machines EN/IEC 62061 EN/ISO 13849 EN/ISO 14121 EN/ISO 12100 IEC 61513 ISO/DIS 26262 CAP 670 EATMP RTCA DO-178B EUROCAE ED-12B (Software) ESARRs Aviation RTCA DO-254 (Hardware) Nuclear power Automotive IEC 60601 IEC 80001 Medicine CENELEC EN 50126 Railway CENELEC EN 50128 CENELEC EN 50129 CENELEC EN 50159 Seite 11

Costs of accidents > Enschede fireworks disaster (2000) 23 people killed, 947 injured Damage: 450 million > Elchtest Mercedes A-Class (1997) 150 million > Toyota recall (2010) 35 people killed $1,1 billion > Deepwater Horizon (2010) 11 people killed $0,5 billion + $6 million/day source: Hollnagel 2006, IHSK 2005, RRC AG, Bloomberg BusinessWeek, The Wall Street Journal pictures: Wikipedia, Süddeutsche, dpa Seite 12

Society > Absolute safety, zero risk cannot be achieved > Level of safety > In a given context > Reference to an acceptable risk > Based on current values of society > The values of society are reflected in > Laws and directives > Norms and standards > Public opinion > Increasing demand for safety in the society Seite 13

What is safety? Seite 14

Safety Definition des SCCV Das Ziel von System Safety ist das sichere Funktionieren eines Systems in seinem Umfeld. Grundvoraussetzung für die Erreichung dieses Zieles sind reife Prozesse. Das Risiko von Gefahren muss dabei präventiv auf einem akzeptierbaren Niveau gehalten werden, sodass weder Menschen, andere Lebewesen, die Umwelt noch das System selbst oder andere Systeme zu Schaden kommen. Seite 15

Safety and security Security System is protected against attacks Safety System does not cause harm Attack System Health Equipment Environment Seite 16

Safety vs. security > A security issue may collaterally become a safety issue Source: www.makeuseof.com/tech-fun/ > security needs to be considered for safety Seite 17

Safety and reliability > Reliability - the system operates as expected System Seite 18

Reliability of the safety functions > The safety functions perform as expected > Safety Integrity Level - measure for reliability of safety functions System Seite 19

Example Escalator source: www.thueringen.de source: www.flickr.com/photos/watzke/103459616/ Seite 20

Example Airplane Seite 21

Safety Related System Seite 22

System and system context System context System Seite 23

Failure chain within a system > Fault > Error > Cause of an error > System state, or part of the system state, that may lead to a failure > Failure > Deviation from the correct function > Failure mode is the way something fails > Failure Chain: System Fault Error Failure Seite 24

Failure propagation System Sub-System Failure Sub-Sub- System Fault Failure Fault Failure Fault Seite 25

Hazard > A situation, state or condition that can lead to an accident > Hazards are described at the system boundary > It s important to identify the system boundary! Hazard > Every dangerous failure is a hazard > Once the hazard has occurred > The system in question cannot stop the accidental sequence > Still mitigation may be possible by other systems or measures Seite 26

Causal factor > Factors that may contribute to hazards are called causal factors > Causal > Expressing a cause or reason > Factors > Circumstances, conditions, etc. that produce a result > It s important to distinguish causal factors from hazards Seite 27

Two types of hazards Internal caused Hazard > Internally caused hazard > Internal, endogenous > Causal factors in the system > Behavior > Properties System! > Externally caused hazard > External, environmental, exogenous > Causal factors outside the system > e.g. misjudged system environment External caused Hazard System! Seite 28

Accident > Unintended event or sequence of events > Results in loss > Death > Injury > Environmental damage > Financial loss > The consequences determine the severity of the accident Seite 29

Internally caused hazard to accident System Causal Factors Failure Fault Error! Accident Severity Seite 30

Externally caused hazard to accident Causal Factors Fault Error System Failure! Accident Severity Seite 31

All possible accidents From causal factor to accident System Hazard 1 Function 1! Causal Factor Failure 1! Causal Factor Failure n All Functions! Hazard m Worst case severity Seite 32

Safety related system System Seite 33

Safety related system > Properties of a safety related system > Failure can cause an accident > Provides safety functions > Safety related software > Part of a safety related System > Software used for safety related system development > Tools Seite 34

Strategies for achieving functional safety > Robust system > System where fault automatically leads to a safe state (safe fault) > Detect fault, change to a safe state and maintain it > Detect fault and warn user > Provide redundancy > Detect multiple point fault for avoiding latent faults Seite 35

Safety related software development > Avoid systematic failures > Requirements > Safety Requirements > Interfaces > Software development process > Traceability > Hardware, software, system integration > Verification and validation > Problem tracking, change management > Conformance with respect to safety standards > Safety case > Documented evidence, that the system is safe Seite 36

Safety and operating systems > OS manages the timing > Real time behaviour > OS manages resources > RAM > IO > Communication > > May provide separation of safety related and not safety related software > Prevents undesired interference of functions Seite 37

Conclusion > Safety has become more important for electronic systems and software > Safety is different from security > Safety needs to be designed into the system > Systematic failures need to be avoided during software development > OS plays a major role in a safety related system Seite 38

Thank you for your attention! Seite 39

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information