Guidance on software aspects of dependability

IEC 62628:2012 addresses the issues concerning software aspects of dependability and gives guidance on achievement of dependability in software performance influenced by management disciplines, design processes and application environments. It establishes a generic framework on software dependability requirements, provides a software dependability process for system life cycle applications, presents assurance criteria and methodology for software dependability design and implementation and provides practical approaches for performance evaluation and measurement of dependability characteristics in software systems. Keywords: software, performance, dependability

Leitlinien zu Softwareaspekten der Zuverlässigkeit

Lignes directrices concernant la sûreté de fonctionnement du logiciel

La CEI 62628:2012 porte sur les problèmes concernant la sûreté de fonctionnement du logiciel et définit les lignes directrices pour la réalisation de la sûreté de fonctionnement dans les performances logicielles influencées par les disciplines de management, les processus de conception et les environnements d'application. Elle définit un cadre générique pour les exigences en matière de sûreté de fonctionnement du logiciel, fournit un processus de sûreté de fonctionnement du logiciel pour les applications du cycle de vie du système, présente les critères d'assurance et la méthodologie pour la conception et la mise en eouvre de la sûreté de fonctionnement du logiciel, et fournit des approches et mesures pratiques des caractéristiques de sûreté de fonctionnement dans les systèmes logiciels. Mots clé: logiciel, fonctionnement, performances

Navodilo o programskih vidikih zagotovljivosti

Ta mednarodni standard obravnava vprašanja v zvezi s programskimi vidiki zagotovljivosti in podaja navodila za doseganje zagotovljivosti pri delovanju programske opreme, na katero vpliva upravljanje disciplin, načrtovanje procesov in okolja aplikacij. Uveljavlja splošni okvir za zahteve programske zagotovljivosti, podaja postopek programske zagotovljivosti za življenjski cikel aplikacij, zagotavlja merila in metodologijo za načrtovanje in implementacijo programske zagotovljivosti ter podaja praktične pristope za oceno delovanja in merjenje značilnosti zagotovljivosti v programskih sistemih. Ta standard se uporablja za navodila razvijalcem in oskrbovalcem programskih sistemov, sistemskim integratorjem, upravljalcem, vzdrževalcem in uporabnikom programskih sistemov, ki jih zanimajo praktični pristopi in aplikacijski inženiring za doseganje zagotovljivosti programskih izdelkov in sistemov.

General Information

Status
Published
Publication Date
20-Sep-2012
Technical Committee
Drafting Committee
Current Stage
6060 - Document made available
Due Date
21-Sep-2012
Completion Date
21-Sep-2012

Buy Standard

Standard
EN 62628:2012
English language
64 pages
sale 10% off
Preview
sale 10% off
Preview

e-Library read for
1 day

Standards Content (sample)

SLOVENSKI STANDARD
SIST EN 62628:2012
01-december-2012
Navodilo o programskih vidikih zagotovljivosti
Guidance on software aspects of dependability
Leitlinien zu Softwareaspekten der Zuverlässigkeit
Lignes directrices concernant la sûreté de fonctionnement du logiciel
Ta slovenski standard je istoveten z: EN 62628:2012
ICS:
03.120.01 Kakovost na splošno Quality in general
35.020 Informacijska tehnika in Information technology (IT) in
tehnologija na splošno general
SIST EN 62628:2012 en

2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

---------------------- Page: 1 ----------------------
SIST EN 62628:2012
---------------------- Page: 2 ----------------------
SIST EN 62628:2012
EUROPEAN STANDARD
EN 62628
NORME EUROPÉENNE
September 2012
EUROPÄISCHE NORM
ICS 03.120.01
English version
Guidance on software aspects of dependability
(IEC 62628:2012)
Lignes directrices concernant la sûreté de Leitlinien zu Softwareaspekten der
fonctionnement du logiciel Zuverlässigkeit
(CEI 62628:2012) (IEC 62628:2012)

This European Standard was approved by CENELEC on 2012-09-12. CENELEC members are bound to comply

with the CEN/CENELEC Internal Regulations which stipulate the conditions for giving this European Standard

the status of a national standard without any alteration.

Up-to-date lists and bibliographical references concerning such national standards may be obtained on

application to the CEN-CENELEC Management Centre or to any CENELEC member.

This European Standard exists in three official versions (English, French, German). A version in any other

language made by translation under the responsibility of a CENELEC member into its own language and notified

to the CEN-CENELEC Management Centre has the same status as the official versions.

CENELEC members are the national electrotechnical committees of Austria, Belgium, Bulgaria, Croatia, Cyprus,

the Czech Republic, Denmark, Estonia, Finland, Former Yugoslav Republic of Macedonia, France, Germany,

Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, the Netherlands, Norway, Poland,

Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and the United Kingdom.

CENELEC
European Committee for Electrotechnical Standardization
Comité Européen de Normalisation Electrotechnique
Europäisches Komitee für Elektrotechnische Normung
Management Centre: Avenue Marnix 17, B - 1000 Brussels

© 2012 CENELEC - All rights of exploitation in any form and by any means reserved worldwide for CENELEC members.

Ref. No. EN 62628:2012 E
---------------------- Page: 3 ----------------------
SIST EN 62628:2012
EN 62628:2012 - 2 -
Foreword

The text of document 56/1469/FDIS, future edition 1 of IEC 62628, prepared by IEC/TC 56,

"Dependability" was submitted to the IEC-CENELEC parallel vote and approved by CENELEC as

EN 62628:2012.
The following dates are fixed:
(dop) 2013-06-12
• latest date by which the document has
to be implemented at national level by
publication of an identical national
standard or by endorsement
(dow) 2015-09-12
• latest date by which the national
standards conflicting with the
document have to be withdrawn

Attention is drawn to the possibility that some of the elements of this document may be the subject of

patent rights. CENELEC [and/or CEN] shall not be held responsible for identifying any or all such patent

rights.
Endorsement notice

The text of the International Standard IEC 62628:2012 was approved by CENELEC as a European

Standard without any modification.

In the official version, for Bibliography, the following notes have to be added for the standards indicated:

IEC 62508 NOTE Harmonized as EN 62508.
IEC 60300-1 NOTE Harmonized as EN 60300-1.
IEC 60300-2 NOTE Harmonized as EN 60300-2.
IEC 60300-3-3 NOTE Harmonized as EN 60300-3-3.
IEC 62347 NOTE Harmonized as EN 62347.
IEC 61160 NOTE Harmonized as EN 61160.
IEC 61078 NOTE Harmonized as EN 61078.
IEC 61025 NOTE Harmonized as EN 61025.
IEC 61165 NOTE Harmonized as EN 61165.
1) 1)
IEC 62551 NOTE Harmonized as EN 62551 .
IEC 60812 NOTE Harmonized as EN 60812.
IEC 60300-3-1 NOTE Harmonized as EN 60300-3-1.
IEC 61508-3 NOTE Harmonized as EN 61508-3.
IEC 62429 NOTE Harmonized as EN 62429.
IEC 61014 NOTE Harmonized as EN 61014.
IEC 61164 NOTE Harmonized as EN 61164.
1) 1)
IEC 62506 NOTE Harmonized as EN 62506 .
To be published.
---------------------- Page: 4 ----------------------
SIST EN 62628:2012
- 3 - EN 62628:2012
Annex ZA
(normative)
Normative references to international publications
with their corresponding European publications

The following documents, in whole or in part, are normatively referenced in this document and are

indispensable for its application. For dated references, only the edition cited applies. For undated

references, the latest edition of the referenced document (including any amendments) applies.

NOTE When an international publication has been modified by common modifications, indicated by (mod), the relevant EN/HD

applies.
Publication Year Title EN/HD Year
IEC 60050-191 - International Electrotechnical Vocabulary - -
(IEV) -
Chapter 191: Dependability and quality of
service
IEC 60300-3-15 - Dependability management - EN 60300-3-15 -
Part 3-15: Application guide - Engineering of
system dependability
---------------------- Page: 5 ----------------------
SIST EN 62628:2012
---------------------- Page: 6 ----------------------
SIST EN 62628:2012
IEC 62628
Edition 1.0 2012-08
INTERNATIONAL
STANDARD
NORME
INTERNATIONALE
Guidance on software aspects of dependability
Lignes directrices concernant la sûreté de fonctionnement du logiciel
INTERNATIONAL
ELECTROTECHNICAL
COMMISSION
COMMISSION
ELECTROTECHNIQUE
PRICE CODE
INTERNATIONALE
CODE PRIX XB
ICS 03.120.01 ISBN 978-2-83220-303-3

Warning! Make sure that you obtained this publication from an authorized distributor.

Attention! Veuillez vous assurer que vous avez obtenu cette publication via un distributeur agréé.

® Registered trademark of the International Electrotechnical Commission
Marque déposée de la Commission Electrotechnique Internationale
---------------------- Page: 7 ----------------------
SIST EN 62628:2012
– 2 – 62628 © IEC:2012
CONTENTS

FOREWORD ........................................................................................................................... 4

INTRODUCTION ..................................................................................................................... 6

1 Scope ............................................................................................................................... 7

2 Normative references ....................................................................................................... 7

3 Terms, definitions and abbreviations ................................................................................ 7

3.1 Terms and definitions .............................................................................................. 7

3.2 Abbreviations .......................................................................................................... 9

4 Overview of software aspects of dependability ................................................................. 9

4.1 Software and software systems ............................................................................... 9

4.2 Software dependability and software organizations ............................................... 10

4.3 Relationship between software and hardware dependability .................................. 10

4.4 Software and hardware interaction ........................................................................ 11

5 Software dependability engineering and application........................................................ 12

5.1 System life cycle framework .................................................................................. 12

5.2 Software dependability project implementation ...................................................... 12

5.3 Software life cycle activities .................................................................................. 13

5.4 Software dependability attributes ........................................................................... 14

5.5 Software design environment ................................................................................ 15

5.6 Establishing software requirements and dependability objectives .......................... 15

5.7 Classification of software faults ............................................................................. 16

5.8 Strategy for software dependability implementation ............................................... 17

5.8.1 Software fault avoidance ........................................................................... 17

5.8.2 Software fault control ................................................................................. 17

6 Methodology for software dependability applications ...................................................... 18

6.1 Software development practices for dependability achievement ............................. 18

6.2 Software dependability metrics and data collection ................................................ 18

6.3 Software dependability assessment ....................................................................... 19

6.3.1 Software dependability assessment process .............................................. 19

6.3.2 System performance and dependability specification ................................. 20

6.3.3 Establishing software operational profile .................................................... 21

6.3.4 Allocation of dependability attributes ......................................................... 21

6.3.5 Dependability analysis and evaluation ....................................................... 22

6.3.6 Software verification and software system validation ................................. 24

6.3.7 Software testing and measurement ............................................................ 25

6.3.8 Software reliability growth and forecasting ................................................. 28

6.3.9 Software dependability information feedback ............................................. 29

6.4 Software dependability improvement ..................................................................... 29

6.4.1 Overview of software dependability improvement ....................................... 29

6.4.2 Software complexity simplification ............................................................. 29

6.4.3 Software fault tolerance ............................................................................. 30

6.4.4 Software interoperability ............................................................................ 30

6.4.5 Software reuse .......................................................................................... 31

6.4.6 Software maintenance and enhancement .................................................. 31

6.4.7 Software documentation ............................................................................ 32

6.4.8 Automated tools ........................................................................................ 33

6.4.9 Technical support and user training ........................................................... 33

---------------------- Page: 8 ----------------------
SIST EN 62628:2012
62628 © IEC:2012 – 3 –

7 Software assurance ........................................................................................................ 34

7.1 Overview of software assurance ............................................................................ 34

7.2 Tailoring process ................................................................................................... 34

7.3 Technology influence on software assurance......................................................... 34

7.4 Software assurance best practices ........................................................................ 35

Annex A (informative) Categorization of software and software applications ........................ 37

Annex B (informative) Software system requirements and related dependability

activities ............................................................................................................................... 39

Annex C (informative) Capability maturity model integration process ................................... 43

Annex D (informative) Classification of software defect attributes ........................................ 46

Annex E (informative) Examples of software data metrics obtained from data collection ...... 50

Annex F (informative) Example of combined hardware/software reliability functions ............. 53

Annex G (informative) Summary of software reliability model metrics ................................... 55

Annex H (informative) Software reliability models selection and application ......................... 56

Bibliography .......................................................................................................................... 59

Figure 1 – Software life cycle activities ................................................................................. 14

Figure F.1 – Block diagram for a monitoring control system .................................................. 53

Table C.1 – Comparison of capability and maturity levels ..................................................... 43

Table D.1 – Classification of software defect attributes when a fault is found ........................ 46

Table D.2 – Classification of software defect attributes when a fault is fixed ......................... 47

Table D.3 – Design review/code inspection activity to triggers mapping ................................ 47

Table D.4 – Unit test activity to triggers mapping .................................................................. 48

Table D.5 – Function test activity to triggers mapping ........................................................... 48

Table D.6 – System test activity to triggers mapping ............................................................. 49

Table H.1 – Examples of software reliability models .............................................................. 57

---------------------- Page: 9 ----------------------
SIST EN 62628:2012
– 4 – 62628 © IEC:2012
INTERNATIONAL ELECTROTECHNICAL COMMISSION
____________
GUIDANCE ON SOFTWARE ASPECTS OF DEPENDABILITY
FOREWORD

1) The International Electrotechnical Commission (IEC) is a worldwide organization for standardization comprising

all national electrotechnical committees (IEC National Committees). The object of IEC is to promote

international co-operation on all questions concerning standardization in the electrical and electronic fields. To

this end and in addition to other activities, IEC publishes International Standards, Technical Specifications,

Technical Reports, Publicly Available Specifications (PAS) and Guides (hereafter referred to as “IEC

Publication(s)”). Their preparation is entrusted to technical committees; any IEC National Committee interested

in the subject dealt with may participate in this preparatory work. International, governmental and non-

governmental organizations liaising with the IEC also participate in this preparation. IEC collaborates closely

with the International Organization for Standardization (ISO) in accordance with conditions determined by

agreement between the two organizations.

2) The formal decisions or agreements of IEC on technical matters express, as nearly as possible, an international

consensus of opinion on the relevant subjects since each technical committee has representation from all

interested IEC National Committees.

3) IEC Publications have the form of recommendations for international use and are accepted by IEC National

Committees in that sense. While all reasonable efforts are made to ensure that the technical content of IEC

Publications is accurate, IEC cannot be held responsible for the way in which they are used or for any

misinterpretation by any end user.

4) In order to promote international uniformity, IEC National Committees undertake to apply IEC Publications

transparently to the maximum extent possible in their national and regional publications. Any divergence

between any IEC Publication and the corresponding national or regional publication shall be clearly indicated in

the latter.

5) IEC itself does not provide any attestation of conformity. Independent certification bodies provide conformity

assessment services and, in some areas, access to IEC marks of conformity. IEC is not responsible for any

services carried out by independent certification bodies.

6) All users should ensure that they have the latest edition of this publication.

7) No liability shall attach to IEC or its directors, employees, servants or agents including individual experts and

members of its technical committees and IEC National Committees for any personal injury, property damage or

other damage of any nature whatsoever, whether direct or indirect, or for costs (including legal fees) and

expenses arising out of the publication, use of, or reliance upon, this IEC Publication or any other IEC

Publications.

8) Attention is drawn to the Normative references cited in this publication. Use of the referenced publications is

indispensable for the correct application of this publication.

9) Attention is drawn to the possibility that some of the elements of this IEC Publication may be the subject of

patent rights. IEC shall not be held responsible for identifying any or all such patent rights.

International Standard IEC 62628 has been prepared by IEC technical committee 56:

Dependability.
The text of this standard is based on the following documents:
FDIS Report on voting
56/1469/FDIS 56/1480/RVD

Full information on the voting for the approval of this standard can be found in the report on

voting indicated in the above table.

This publication has been drafted in accordance with the ISO/IEC Directives, Part 2.

---------------------- Page: 10 ----------------------
SIST EN 62628:2012
62628 © IEC:2012 – 5 –

The committee has decided that the contents of this publication will remain unchanged until

the stability date indicated on the IEC web site under "http://webstore.iec.ch" in the data

related to the specific publication. At this date, the publication will be
• reconfirmed,
• withdrawn,
• replaced by a revised edition, or
• amended.
---------------------- Page: 11 ----------------------
SIST EN 62628:2012
– 6 – 62628 © IEC:2012
INTRODUCTION

Software has widespread applications in today’s products and systems. Examples include

software applications in programmable control equipment, computer systems and

communication networks. Over the years, many standards have been developed for software

engineering, software process management, software quality and reliability assurance, but

only a few standards have addressed the software issues from a dependability perspective.

Dependability is the ability of a system to perform as and when required to meet specific

objectives under given conditions of use. The dependability of a system infers that the system

is trustworthy and capable of performing the desired service upon demand to satisfy user

needs. The increasing trends in software applications in the service industry have permeated

in the rapid growth of Internet services and Web development. Standardized interfaces and

protocols have enabled the use of third-party software functionality over the Internet to permit

cross-platform, cross-provider, and cross-domain applications. Software has become a driving

mechanism to realize complex system operations and enable the achievement of viable e-

businesses for seamless integration and enterprise process management. Software design

has assumed the primary function in data processing, safety monitoring, security protection

and communication links in network services. This paradigm shift has put the global business

communities in trust of a situation relying heavily on the software systems to sustain business

operations. Software dependability plays a dominant role to influence the success in system

performance and data integrity.

This International Standard provides current industry best practices and presents relevant

methodology to facilitate the achievement of software dependability. It identifies the influence

of management on software aspects of dependability and provides relevant technical

processes to engineer software dependability into systems. The evolution of software

technology and rapid adaptation of software applications in industry practices have created

the need for practical software dependability standard for the global business environment. A

structured approach is provided for guidance on the use of this standard.

The generic software dependability requirements and processes are presented in this

standard. They form the basis for dependability applications for most software product

development and software system implementation. Additional requirements are needed for

mission critical, safety and security applications. Industry specific software qualification

issues for reliability and quality conformance are not addressed in this standard.

This standard can also serve as guidance for dependability design of firmware. It does not

however, address the implementation aspects of firmware with software contained or

embedded in the hardware chips to realize their dedicated functions. Examples include

application specific integrated circuit (ASIC) chips and microprocessor driven controller

devices. These products are often designed and integrated as part of the physical hardware

features to minimize their size and weight and facilitate real time applications such as those

used in cell phones. Although the general dependability principles and practices described in

this standard can be used to guide design and application of firmware, specific requirements

are needed for their physical construction, device fabrication and embedded software product

implementation. The physics of failure of application specific devices behaves differently as

compared to software system failures.

This International Standard is not intended for conformity assessment or certification

purposes.
---------------------- Page: 12 ----------------------
SIST EN 62628:2012
62628 © IEC:2012 – 7 –
GUIDANCE ON SOFTWARE ASPECTS OF DEPENDABILITY
1 Scope
This International Standard addresses the issues concerning software aspects of

dependability and gives guidance on achievement of dependability in software performance

influenced by management disciplines, design processes and application environments. It

establishes a generic framework on software dependability requirements, provides a software

dependability process for system life cycle applications, presents assurance criteria and

methodology for software dependability design and implementation and provides practical

approaches for performance evaluation and measurement of dependability characteristics in

software systems.

This standard is applicable for guidance to software system developers and suppliers, system

integrators, operators and maintainers and users of software systems who are concerned with

practical approaches and application engineering to achieve dependability of software

products and systems.
2 Normative references

The following documents, in whole or in part, are normatively referenced in this document and

are indispensable for its application. For dated references, only the edition cited applies. For

undated references, the latest edition of the referenced document (including any
amendments) applies.

IEC 60050-191, International Electrotechnical Vocabulary – Chapter 191: Dependability and

quality of service

IEC 60300-3-15, Dependability management – Part 3-15: Application guide – Engineering of

system dependability
3 Terms, definitions and abbreviations

For the purposes of this document, the terms and definitions given in IEC 60050-191, as well

as the following apply.
3.1 Terms and definitions
3.1.1
software

programs, procedures, rules, documentation and data of an information processing system

Note 1 to entry: Software is an intellectual creation that is independent of the medium upon which it is recorded.

Note 2 to entry: Software requires hardware devices to execute programs and to store and transmit data.

Note 3 to entry: Types of software include firmware, system software and application software.

Note 4 to entry: Documentation includes: requirements specifications, design specifications, source code listings,

comments in source code, “help” text and messages for display at the computer/human interface, installation

instructions, operating instructions, user manuals and support guides used in software maintenance.

3.1.2
firmware

software contained in a read-only memory device, and not intended for modification

---------------------- Page: 13 ----------------------
SIST EN 62628:2012
– 8 – 62628 © IEC:2012
EXAMPLE Basic input/output system (BIOS) of a personal computer.

Note 1 to entry: Software modification requires the hardware device containing it to be replaced or re-

programmed.
3.1.3
embedded software
software within a system whose primary purpose is not computational

EXAMPLES Software used in the engine management system or brake control systems of motor vehicles.

3.1.4
software unit
software module

software element that can be separately compiled in programming codes to perform a task or

activity to achieve a desired outcome of a software function or functions

Note 1 to entry: The terms "module" and "unit" are often used interchangeably or defined to be sub-elements of

one another in different ways depending upon the context. The relationship of these terms is not yet standardized.

Note 2 to entry: In an ideal situation, a software unit can be designed and programmed to perform exactly a

specific function. In some applications, it may require two or more software units combined to achieve the specified

software function. In such cases, these software units are tested as a single software function.

3.1.5
software configuration item

software item that has been configured and treated as a single item in the configuration

management process

Note 1 to entry: A software configuration item can consist of one or more software units to perform a software

function.
3.1.6
software function

elementary operation performed by the software module or unit as specified or defined as per

stated requirements
3.1.7
software system

defined set of software items that, when integrated, behave collectively to satisfy a

requirement

EXAMPLES Application software (software for accounting and information management); programming software

(software for performance analysis and CASE tools) and system software (software for control and management of

computer hardware system such as operating systems).
3.1.8
software dependability

ability of the software item to perform as and when required when integrated in system

operation
3.1.9
software fault
bug
state of a software item that may prevent it from performing as required

Note 1 to entry: Software faults are either specification faults, design faults, programming faults, compiler-

inserted faults or faults introduced during software maintenance.

Note 2 to entry: A software fault is dormant until activated by a specific trigger, and usually reverts to being

dormant when the trigger is removed.

Note 3 to entry: In the context of this standard, a bug is a special case of software fault also known as latent

software fault.
---------------------- Page: 14 ----------------------
SIST EN 62628:2012
62628 © IEC:2012 – 9 –
3.1.10
software failure
failure that is a manifestation of a software fault

Note 1 to entry: A single software fault will continue to manifest itself as a failure until it is removed.

3.1.11
code

character or bit pattern that is assigned a particular meaning to express a computer program

in a programming language

Note 1 to entry: Source codes are coded instructions and data definitions expressed in a form suitable for input to

an assembler, compiler, or other translator.

Note 2 to entry: Coding is the process of transforming of logic and data from design specifications or descriptions

into a programming language.

Note 3 to entry: A programming language is a language used to express computer programs.

3.1.12
(computer) program

set of coded instructions executed to perform specified logical and mathematical operations

on data

Note 1 to entry: Programming is the general activity of software development in which the programmer or computer

user states a specific set of instructions that the computer must perform.

Note 2 to entry: A program consists of a combination of coded instructions and data definitions that enable

computer hardware to perform computational or control functions.
3.2 Abbreviations
ASIC Application specific integrated circuit
CASE Computer-aided software engineering
CMM Capability maturity model
CMMI Capability maturity model integration
COTS Co
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.