Railway applications - Communication, signalling and processing systems - Software for railway control and protection systems

1.1 This European Standard specifies the process and technical requirements for the development of software for programmable electronic systems for use in railway control and protection applications. It is aimed at use in any area where there are safety implications. These systems can be implemented using dedicated microprocessors, programmable logic controllers, multiprocessor distributed systems, larger scale central processor systems or other architectures. 1.2 This European Standard is applicable exclusively to software and the interaction between software and the system of which it is part. 1.3 This European Standard is not relevant for software that has been identified as having no impact on safety, i.e. software of which failures cannot affect any identified safety functions. 1.4 This European Standard applies to all safety related software used in railway control and protection systems, including – application programming, – operating systems, – support tools, – firmware. Application programming comprises high level programming, low level programming and special purpose programming (for example: Programmable logic controller ladder logic). 1.5 This European Standard also addresses the use of pre-existing software and tools. Such software may be used, if the specific requirements in 7.3.4.7 and 6.5.4.16 on pre-existing software and for tools in 6.7 are fulfilled. 1.6 Software developed according to any version of this European Standard will be considered as compliant and not subject to the requirements on pre-existing software. 1.7 This European Standard considers that modern application design often makes use of generic software that is suitable as a basis for various applications. Such generic software is then configured by data, algorithms, or both, for producing the executable software for the application. The general Clauses 1 to 6 and 9 of this European Standard apply to generic software as well as for application data or algorithms. The specific Clause 7 applies only for generic software while Clause 8 provides the specific requirements for application data or algorithms. 1.8 This European Standard is not intended to address commercial issues. These should be addressed as an essential part of any contractual agreement. All the clauses of this European Standard will need careful consideration in any commercial situation. 1.9 This European Standard is not intended to be retrospective. It therefore applies primarily to new developments and only applies in its entirety to existing systems if these are subjected to major modifications. For minor changes, only 9.2 applies. The assessor has to analyse the evidences provided in the software documentation to confirm whether the determination of the nature and scope of software changes is adequate. However, application of this European Standard during upgrades and maintenance of existing software is highly recommended.

Bahnanwendungen - Telekommunikationstechnik, Signaltechnik und Datenverarbeitungssysteme - Software für Eisenbahnsteuerungs- und Überwachungssysteme

Applications ferroviaires - Systèmes de signalisation, de télécommunication et de traitement - Logiciels pour systèmes de commande et de protection ferroviaire

Železniške naprave - Komunikacijski, signalni in procesni sistemi - Programska oprema za železniške krmilne in zaščitne sisteme

Ta evropski standard določa procesne in tehnične zahteve za razvoj programske opreme programirljivih elektronskih sistemov za uporabo pri železniških krmilnih in zaščitnih aplikacijah. Namenjen je uporabi na vseh področjih glede varnosti. Ti sistemi so lahko izvedeni z namenskimi mikroprocesorji, programirljivimi logičnimi krmilniki, mikroprocesorsko porazdeljenimi sistemi, večjimi centralnimi procesorskimi sistemi ali drugimi arhitekturami. Ta evropski standard velja izključno za programsko opremo in interakcijo med programsko opremo in sistemom, katerega del je. Ta evropski standard ni pomemben za programsko opremo, ki ne učinkuje na varnost, tj. programsko opremo, katere odpovedi ne vplivajo na prepoznane varnostne funkcije. Ta evropski standard velja za vse programske opreme, povezane z varnostjo, ki se uporabljajo v železniških krmilnih in zaščitnih sistemih, vključno z/s – aplikacijskim programiranjem, - operacijskimi sistemi, - podpornim orodjem, - sistemskimi programi. Aplikacijsko programiranje zajema programiranje na visoki ravni, programiranje na nizki ravni in programiranje za posebne namene (na primer: programirljiv logični krmilnik z lestvično logiko). Ta evropski standard obravnava tudi uporabo predobstoječe programske opreme in orodij. Taka programska oprema se lahko uporabi, če so izpolnjene zahteve iz točk 7.3.4.7 in 6.5.4.16 za predobstoječo programsko opremo in iz točke 6.7 za orodja. Programska oprema, razvita v skladu s katero koli različico tega evropskega standarda, velja za skladno in zanjo ne veljajo zahteve za predobstoječo programsko opremo. Ta evropski standard upošteva, da se pri modernem načrtovanju aplikacij pogosto uporablja univerzalna programska oprema, ki je primerna kot osnova za različne aplikacije. Taka univerzalna programska oprema se nato konfigurira s podatki, algoritmi ali obojim, da nastane izvršljiva programska oprema za določeno aplikacijo. Splošne točke 1 do 6 in 9 tega evropskega standard veljajo za univerzalno programsko opremo in za aplikacijske podatke ali algoritme. Specifična točka 7 velja samo za univerzalno programsko opremo, medtem ko točka 8 podaja specifične zahteve za aplikacijske podatke ali algoritme. Ta evropski standard ne obravnava komercialnih vprašanj, ki naj se obravnavajo kot bistveni del kakršnega koli pogodbenega dogovora Vse točke tega evropskega standarda je treba skrbno upoštevati v vseh komercialnih situacijah. Ta evropski standard ni retrospektiven. Velja torej predvsem za nov razvoj in v celoti velja le za obstoječe sisteme, če pri njih pride do večjih sprememb. Pri manjših spremembah velja le točka 9.2. Ocenjevalec mora analizirati dokaze v dokumentaciji programske opreme, s katerimi potrdi, da je ugotavljanje narave in obsega sprememb programske opreme ustrezno. Uporaba tega evropskega standarda se kljub temu močno priporoča med nadgradnjami in vzdrževanjem obstoječe programske opreme.

General Information

Status
Published
Publication Date
16-Jun-2011
Withdrawal Date
24-Apr-2017
Current Stage
6060 - Document made available - Publishing
Start Date
17-Jun-2011
Completion Date
17-Jun-2011

Relations

Buy Standard

Standard
EN 50128:2011 (EN)
English language
127 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day
Standard
EN 50128:2011 (FR)
French language
132 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day
Draft
prEN 50128:2009
English language
127 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day

Standards Content (Sample)

SLOVENSKI STANDARD
SIST EN 50128:2011
01-september-2011
1DGRPHãþD
SIST EN 50128:2002
äHOH]QLãNHQDSUDYH.RPXQLNDFLMVNLVLJQDOQLLQSURFHVQLVLVWHPL3URJUDPVND
RSUHPD]DåHOH]QLãNHNUPLOQHLQ]DãþLWQHVLVWHPH

Railway applications - Communication, signalling and processing systems - Software for

railway control and protection systems
Bahnanwendungen - Telekommunikationstechnik, Signaltechnik und
Datenverarbeitungssysteme - Software für Eisenbahnsteuerungs- und
Überwachungssysteme

Applications ferroviaires - Systèmes de signalisation, de télécommunication et de

traitement - Logiciels pour systèmes de commande et de protection ferroviaire
Ta slovenski standard je istoveten z: EN 50128:2011
ICS:
35.240.60 Uporabniške rešitve IT v IT applications in transport
transportu in trgovini and trade
45.020 Železniška tehnika na Railway engineering in
splošno general
SIST EN 50128:2011 en

2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

---------------------- Page: 1 ----------------------
SIST EN 50128:2011
---------------------- Page: 2 ----------------------
SIST EN 50128:2011
EUROPEAN STANDARD
EN 50128
NORME EUROPÉENNE
June 2011
EUROPÄISCHE NORM
ICS 35.240.60; 45.020; 93.100 Supersedes EN 50128:2001
English version
Railway applications -
Communication, signalling and processing systems -
Software for railway control and protection systems
Applications ferroviaires - Bahnanwendungen -
Systèmes de signalisation, de Telekommunikationstechnik,
télécommunication et de traitement - Signaltechnik und
Logiciels pour systèmes de commande et Datenverarbeitungssysteme -
de protection ferroviaire Software für Eisenbahnsteuerungs- und
Überwachungssysteme

This European Standard was approved by CENELEC on 2011-04-25. CENELEC members are bound to

comply with the CEN/CENELEC Internal Regulations which stipulate the conditions for giving this European

Standard the status of a national standard without any alteration.

Up-to-date lists and bibliographical references concerning such national standards may be obtained on

application to the Central Secretariat or to any CENELEC member.

This European Standard exists in three official versions (English, French, German). A version in any other

language made by translation under the responsibility of a CENELEC member into its own language and

notified to the Central Secretariat has the same status as the official versions.

CENELEC members are the national electrotechnical committees of Austria, Belgium, Bulgaria, Croatia,

Cyprus, the Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland,

Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, the Netherlands, Norway, Poland, Portugal, Romania,

Slovakia, Slovenia, Spain, Sweden, Switzerland and the United Kingdom.
CENELEC
European Committee for Electrotechnical Standardization
Comité Européen de Normalisation Electrotechnique
Europäisches Komitee für Elektrotechnische Normung
Management Centre: Avenue Marnix 17, B - 1000 Brussels

© 2011 CENELEC - All rights of exploitation in any form and by any means reserved worldwide for CENELEC members.

Ref. No. EN 50128:2011 E
---------------------- Page: 3 ----------------------
SIST EN 50128:2011
EN 50128:2011 - 2 -
Contents

Foreword ........................................................................................................................................................... 6

Introduction ....................................................................................................................................................... 7

1 Scope ....................................................................................................................................................... 10

2 Normative references ............................................................................................................................. 11

3 Terms, definitions and abbreviations ................................................................................................... 11

3.1 Terms and definitions ............................................................................................................................. 11

3.2 Abbreviations .......................................................................................................................................... 15

4 Objectives, conformance and software safety integrity levels .......................................................... 16

5 Software management and organisation.............................................................................................. 17

5.1 Organisation, roles and responsibilities .............................................................................................. 17

5.2 Personnel competence ........................................................................................................................... 20

5.3 Lifecycle issues and documentation .................................................................................................... 21

6 Software assurance ................................................................................................................................ 23

6.1 Software testing ...................................................................................................................................... 23

6.2 Software verification ............................................................................................................................... 25

6.3 Software validation ................................................................................................................................. 27

6.4 Software assessment ............................................................................................................................. 28

6.5 Software quality assurance.................................................................................................................... 30

6.6 Modification and change control........................................................................................................... 33

6.7 Support tools and languages ................................................................................................................ 34

7 Generic software development .............................................................................................................. 37

7.1 Lifecycle and documentation for generic software ............................................................................. 37

7.2 Software requirements ........................................................................................................................... 37

7.3 Architecture and Design ......................................................................................................................... 40

7.4 Component design ................................................................................................................................. 46

7.5 Component implementation and testing .............................................................................................. 49

7.6 Integration ................................................................................................................................................ 50

7.7 Overall Software Testing / Final Validation .......................................................................................... 52

8 Development of application data or algorithms: systems configured by application data or

algorithms ................................................................................................................................................ 54

---------------------- Page: 4 ----------------------
SIST EN 50128:2011
- 3 - EN 50128:2011

8.1 Objectives ................................................................................................................................................ 54

8.2 Input documents ..................................................................................................................................... 55

8.3 Output documents .................................................................................................................................. 55

8.4 Requirements .......................................................................................................................................... 55

9 Software deployment and maintenance ............................................................................................... 60

9.1 Software deployment .............................................................................................................................. 60

9.2 Software maintenance ............................................................................................................................ 62

Annex A (normative) Criteria for the Selection of Techniques and Measures .......................................... 65

A.1 Clauses tables ................................................................................................................................ 66

A.2 Detailed tables ................................................................................................................................ 73

Annex B (normative) Key software roles and responsibilities ................................................................... 79

Annex C (informative) Documents Control Summary ................................................................................. 88

Annex D (informative) Bibliography of techniques ...................................................................................... 90

D.1 Artificial Intelligence Fault Correction .............................................................................................. 90

D.2 Analysable Programs ...................................................................................................................... 90

D.3 Avalanche/Stress Testing ............................................................................................................... 91

D.4 Boundary Value Analysis ................................................................................................................ 91

D.5 Backward Recovery ........................................................................................................................ 92

D.6 Cause Consequence Diagrams ...................................................................................................... 92

D.7 Checklists ....................................................................................................................................... 92

D.8 Control Flow Analysis...................................................................................................................... 93

D.9 Common Cause Failure Analysis ................................................................................................... 93

D.10 Data Flow Analysis.......................................................................................................................... 94

D.11 Data Flow Diagrams ....................................................................................................................... 94

D.12 Data Recording and Analysis .......................................................................................................... 95

D.13 Decision Tables (Truth Tables)....................................................................................................... 95

D.14 Defensive Programming ................................................................................................................. 96

D.15 Coding Standards and Style Guide ................................................................................................. 96

D.16 Diverse Programming ..................................................................................................................... 97

D.17 Dynamic Reconfiguration ................................................................................................................ 98

D.18 Equivalence Classes and Input Partition Testing............................................................................ 98

D.19 Error Detecting and Correcting Codes ............................................................................................ 98

D.20 Error Guessing ................................................................................................................................ 99

D.21 Error Seeding .................................................................................................................................. 99

D.22 Event Tree Analysis ........................................................................................................................ 99

D.23 Fagan Inspections......................................................................................................................... 100

D.24 Failure Assertion Programming .................................................................................................... 100

D.25 SEEA – Software Error Effect Analysis ......................................................................................... 100

D.26 Fault Detection and Diagnosis ...................................................................................................... 101

D.27 Finite State Machines/State Transition Diagrams ......................................................................... 102

D.28 Formal Methods ............................................................................................................................ 102

D.29 Formal Proof ................................................................................................................................. 108

---------------------- Page: 5 ----------------------
SIST EN 50128:2011
EN 50128:2011 - 4 -

D.30 Forward Recovery ......................................................................................................................... 108

D.31 Graceful Degradation .................................................................................................................... 108

D.32 Impact Analysis ............................................................................................................................. 109

D.33 Information Hiding / Encapsulation ............................................................................................... 109

D.34 Interface Testing ........................................................................................................................... 110

D.35 Language Subset .......................................................................................................................... 110

D.36 Memorising Executed Cases ........................................................................................................ 110

D.37 Metrics .......................................................................................................................................... 111

D.38 Modular Approach ......................................................................................................................... 111

D.39 Performance Modelling ................................................................................................................. 112

D.40 Performance Requirements .......................................................................................................... 112

D.41 Probabilistic Testing ...................................................................................................................... 113

D.42 Process Simulation ....................................................................................................................... 113

D.43 Prototyping / Animation ................................................................................................................. 114

D.44 Recovery Block ............................................................................................................................. 114

D.45 Response Timing and Memory Constraints .................................................................................. 114

D.46 Re-Try Fault Recovery Mechanisms............................................................................................. 115

D.47 Safety Bag .................................................................................................................................... 115

D.48 Software Configuration Management ........................................................................................... 115

D.49 Strongly Typed Programming Languages .................................................................................... 115

D.50 Structure Based Testing ............................................................................................................... 116

D.51 Structure Diagrams ....................................................................................................................... 116

D.52 Structured Methodology ................................................................................................................ 117

D.53 Structured Programming ............................................................................................................... 117

D.54 Suitable Programming languages ................................................................................................. 118

D.55 Time Petri Nets ............................................................................................................................. 119

D.56 Walkthroughs / Design Reviews ................................................................................................... 119

D.57 Object Oriented Programming ...................................................................................................... 119

D.58 Traceability .................................................................................................................................... 120

D.59 Metaprogramming ......................................................................................................................... 121

D.60 Procedural programming .............................................................................................................. 121

D.61 Sequential Function Charts ........................................................................................................... 121

D.62 Ladder Diagram ............................................................................................................................ 122

D.63 Functional Block Diagram ............................................................................................................. 122

D.64 State Chart or State Diagram ....................................................................................................... 122

D.65 Data modelling .............................................................................................................................. 122

D.66 Control Flow Diagram/Control Flow Graph ................................................................................... 123

D.67 Sequence diagram ........................................................................................................................ 124

D.68 Tabular Specification Methods ..................................................................................................... 124

D.69 Application specific language ........................................................................................................ 124

D.70 UML (Unified Modeling Language) ............................................................................................... 125

D.71 Domain specific languages ........................................................................................................... 126

Bibliography .................................................................................................................................................. 127

---------------------- Page: 6 ----------------------
SIST EN 50128:2011
- 5 - EN 50128:2011
Figures

Figure 1 – Illustrative Software Route Map ......................................................................................................... 9

Figure 2 – Illustration of the preferred organisational structure ........................................................................ 18

Figure 3 – Illustrative Development Lifecycle 1 ................................................................................................ 22

Figure 4 – Illustrative Development Lifecycle 2 ................................................................................................ 23

Tables

Table 1 - Relation between tool class and applicable sub-clauses .................................................................. 37

Table A.1– Lifecycle Issues and Documentation (5.3) ..................................................................................... 66

Table A.2 – Software Requirements Specification (7.2) ................................................................................... 68

Table A.3 – Software Architecture (7.3) ............................................................................................................ 69

Table A.4– Software Design and Implementation (7.4) .................................................................................... 70

Table A.5 – Verification and Testing (6.2 and 7.3) ........................................................................................... 71

Table A.6 – Integration (7.6) ............................................................................................................................. 71

Table A.7 – Overall Software Testing (6.2 and 7.7) .......................................................................................... 71

Table A.8 – Software Analysis Techniques (6.3) .............................................................................................. 72

Table A.9 – Software Quality Assurance (6.5) ................................................................................................. 72

Table A.10 – Software Maintenance (9.2) ........................................................................................................ 72

Table A.11 – Data Preparation Techniques (8.4) ............................................................................................. 73

Table A.12 – Coding Standards ........................................................................................................................ 73

Table A.13 – Dynamic Analysis and Testing .................................................................................................... 74

Table A.14 – Functional/Black Box Test ........................................................................................................... 74

Table A.15 – Textual Programming Languages ............................................................................................... 75

Table A.16 – Diagrammatic Languages for Application Algorithms ................................................................. 75

Table A.17 – Modelling ..................................................................................................................................... 76

Table A.18 – Performance Testing ................................................................................................................... 76

Table A.19 – Static Analysis ............................................................................................................................. 76

Table A.20 – Components ................................................................................................................................ 77

Table A.21 – Test Coverage for Code .............................................................................................................. 77

Table A.22 – Object Oriented Software Architecture ........................................................................................ 78

Table A.23 – Object Oriented Detailed Design ................................................................................................. 78

Table B.1 – Requirements Manager Role Specification ................................................................................... 79

Table B.2 – Designer Role Specification .......................................................................................................... 80

Table B.3 – Implementer Role Specification..................................................................................................... 81

Table B.4 – Tester Role Specification .............................................................................................................. 82

Table B.5 – Verifier Role Specification ............................................................................................................. 83

Table B.6 – Integrator Role Specification ......................................................................................................... 84

Table B.7 – Validator Role Specification........................................................................................................... 85

Table B.8 – Assessor Role Specification .......................................................................................................... 86

Table B.9 – Project Manager Role Specification .............................................................................................. 87

Table B.10 – Configuration Manager Role Specification .................................................................................. 87

Table C.1 – Documents Control Summary ....................................................................................................... 88

---------------------- Page: 7 ----------------------
SIST EN 50128:2011
EN 50128:2011 - 6 -
Foreword

This European Standard was prepared by SC 9XA, Communication, signalling and processing systems, of

Technical Committee CENELEC TC 9X, Electrical and electronic applications for railways. .

It was submitted to the Formal Vote and was approved by CENELEC as EN 50128 on
2011-04-25.
This document supersedes EN 50128:2001.
The main changes with respect to EN 50128:2001 are listed below:

• requirements on software management and organisation, definition of roles and competencies,

deployment and maintenance have been added;
• a new clause on tools has been inserted, based on EN 61508-2:2010;
• tables in Annex A have been updated.

Attention is drawn to the possibility that some of the elements of this document may be the subject of patent

rights. CEN and CENELEC shall not be held responsible for identifying any or all such patent rights.

The following dates were fixed:
– latest date by which the EN has to be implemented
at national level by publication of an identical
national standard or by endorsement
(dop) 2012-04-25
– latest date by which the national standards conflicting
2014-04-25
with the EN have to be withdrawn
(dow)

This European Standard should be read in conjunction with EN 50126-1:1999 "Railway applications –

The specification and demonstration of Reliability, Availability, Maintainability and Safety (RAMS) – Part 1:

Basic requirements and generic process” and EN 50129:2003 "Railway applications – Communication,

signalling and processing systems – Safety related electronic systems for signalling".

__________
---------------------- Page: 8 ----------------------
SIST EN 50128:2011
- 7 - EN 50128:2011
Introduction

This European Standard is part of a group of related standards. The others are EN 50126-1:1999 "Railway

applications – The specification and demonstration of Reliability, Availability, Maintainability and Safety

(RAMS) – Part 1: Basic requirements and generic process” and EN 50129:2003 "Railway applications –

Communication, signalling and processing systems – Safety related electronic systems for signalling".

EN 50126-1 addresses system issues on the widest scale, while EN 50129 addresses the approval process

for individual systems which can exist within the overall railway control and protection system. This European

Standard concentrates on the methods which need to be used in order to provide software which meets the

demands for safety integrity which are placed upon it by these wider considerations.

This European Standard provides a set of requirements with which the development, deployment and

maintenance of any safety-related software intended for railway control and protection applications shall

comply. It defines requirements concerning organisational structure, the relationship between organisations

and division of responsibility involved in the development, deployment and maintenance activities. Criteria for

the qualification and expertise of personnel are also provided in this European Standard.

The key concept of this European Standard is that of levels of software safety integrity. This European

Standard addresses five software safety integrity levels where 0 is the lowest and 4 the highest one.

The higher the risk resulting from software failure, the higher the software safety integrity level will be.

This European Standard has identified techniques and measures
...

SLOVENSKI STANDARD
SIST EN 50128:2011
01-september-2011
Nadomešča:
SIST EN 50128:2002
Železniške naprave - Komunikacijski, signalni in procesni sistemi - Programska
oprema za železniške krmilne in zaščitne sisteme

Railway applications - Communication, signalling and processing systems - Software for

railway control and protection systems
Bahnanwendungen - Telekommunikationstechnik, Signaltechnik und
Datenverarbeitungssysteme - Software für Eisenbahnsteuerungs- und
Überwachungssysteme

Applications ferroviaires - Systèmes de signalisation, de télécommunication et de

traitement - Logiciels pour systèmes de commande et de protection ferroviaire
Ta slovenski standard je istoveten z: EN 50128:2011
ICS:
35.240.60 Uporabniške rešitve IT v IT applications in transport
prometu
45.020 Železniška tehnika na Railway engineering in
splošno general
SIST EN 50128:2011 en,fr

2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

---------------------- Page: 1 ----------------------
SIST EN 50128:2011
---------------------- Page: 2 ----------------------
SIST EN 50128:2011
NORME EUROPÉENNE
EN 50128
EUROPÄISCHE NORM
Juin 2011
EUROPEAN STANDARD
ICS 35.240.60; 45.020; 93.100 Remplace EN 50128:2001
Version française
Applications ferroviaires -
Systèmes de signalisation, de télécommunication et de traitement -
Logiciels pour systèmes de commande et de protection ferroviaire
Bahnanwendungen - Railway applications -
Telekommunikationstechnik, Communication, signalling and processing
Signaltechnik und systems -
Datenverarbeitungssysteme - Software for railway control and protection
Software für Eisenbahnsteuerungs- und systems
Überwachungssysteme

La présente Norme Européenne a été adoptée par le CENELEC le 2011-04-25. Les membres du CENELEC

sont tenus de se soumettre au Règlement Intérieur du CEN/CENELEC qui définit les conditions dans lesquelles

doit être attribué, sans modification, le statut de norme nationale à la Norme Européenne.

Les listes mises à jour et les références bibliographiques relatives à ces normes nationales peuvent être

obtenues auprès du Secrétariat Central ou auprès des membres du CENELEC.

La présente Norme Européenne existe en trois versions officielles (allemand, anglais, français). Une version

dans une autre langue faite par traduction sous la responsabilité d'un membre du CENELEC dans sa langue

nationale, et notifiée au Secrétariat Central, a le même statut que les versions officielles.

Les membres du CENELEC sont les comités électrotechniques nationaux des pays suivants: Allemagne,

Autriche, Belgique, Bulgarie, Chypre, Croatie, Danemark, Espagne, Estonie, Finlande, France, Grèce, Hongrie,

Irlande, Islande, Italie, Lettonie, Lituanie, Luxembourg, Malte, Norvège, Pays-Bas, Pologne, Portugal,

République Tchèque, Roumanie, Royaume-Uni, Slovaquie, Slovénie, Suède et Suisse.
CENELEC
Comité Européen de Normalisation Electrotechnique
Europäisches Komitee für Elektrotechnische Normung
European Committee for Electrotechnical Standardization
Management Centre: Avenue Marnix 17, B - 1000 Bruxelles

© 2011 CENELEC - Tous droits d'exploitation sous quelque forme et de quelque manière que ce soit réservés dans le monde entier aux

membres du CENELEC.
Ref. n° EN 50128:2011 F
---------------------- Page: 3 ----------------------
SIST EN 50128:2011
EN 50128:2011 - 2 -
Sommaire

Foreword ........................................................................................................................................................... 5

Introduction ....................................................................................................................................................... 7

1 Domaine d'application ............................................................................................................................ 10

2 Références normatives........................................................................................................................... 11

3 Termes, définitions et abréviations ....................................................................................................... 11

3.1 Termes et définitions .............................................................................................................................. 11

3.2 Abréviations ............................................................................................................................................ 15

4 Objectifs, conformité et niveaux d'intégrité de sécurité du logiciel .................................................. 16

5 Organisation et gestion du développement logiciel ........................................................................... 17

5.1 Organisation, rôles et responsabilités .................................................................................................. 17

5.2 Compétence du personnel ..................................................................................................................... 21

5.3 Questions relatives au cycle de vie et à la documentation ................................................................ 21

6 Assurance du logiciel ............................................................................................................................. 24

6.1 Test du logiciel ........................................................................................................................................ 24

6.2 Vérification du logiciel ............................................................................................................................ 26

6.3 Validation du logiciel .............................................................................................................................. 28

6.4 Évaluation du logiciel ............................................................................................................................. 29

6.5 Assurance Qualité du Logiciel ............................................................................................................... 31

6.6 Contrôle des modifications et des évolutions ..................................................................................... 34

6.7 Outils et langages ................................................................................................................................... 35

7 Développement de logiciel générique .................................................................................................. 39

7.1 Cycle de vie et documentation pour logiciel générique...................................................................... 39

7.2 Exigences relatives au logiciel .............................................................................................................. 39

7.3 Architecture et Conception .................................................................................................................... 42

7.4 Conception du Composant .................................................................................................................... 48

7.5 Réalisation et Test des composants ..................................................................................................... 51

7.6 Intégration ................................................................................................................................................ 52

7.7 Tests d'Ensemble du Logiciel / Validation Finale ................................................................................ 54

8 Développement de données d'application ou d'algorithmes d'application : systèmes

configurés par des données d'application ou par des algorithmes d'application ........................... 56

8.1 Objectifs ................................................................................................................................................... 56

8.2 Documents en entrée.............................................................................................................................. 57

---------------------- Page: 4 ----------------------
SIST EN 50128:2011
- 3 - EN 50128:2011

8.3 Documents en sortie............................................................................................................................... 57

8.4 Exigences ................................................................................................................................................ 57

9 Déploiement et maintenance du logiciel .............................................................................................. 62

9.1 Déploiement du logiciel .......................................................................................................................... 62

9.2 Maintenance du logiciel ......................................................................................................................... 64

Annexe A (normative) Critères de sélection des techniques et mesures ................................................ 67

A.1 Tableaux d'articles .......................................................................................................................... 68

A.2 Tableaux détaillés ........................................................................................................................... 76

Annexe B (normative) Principaux rôles et responsabilités relatifs au logiciel ....................................... 82

Annexe C (informative) Résumé du contrôle des documents .................................................................. 91

Annexe D (informative) Bibliographie des techniques .............................................................................. 93

D.1 Intelligence artificielle - Correction des défauts .............................................................................. 93

D.2 Programmes analysables ............................................................................................................... 93

D.3 Tests en avalanche/en surcharge ................................................................................................... 94

D.4 Analyse des valeurs aux limites ...................................................................................................... 94

D.5 Rattrapage par régression .............................................................................................................. 95

D.6 Schémas de cause et de conséquence .......................................................................................... 95

D.7 Listes de contrôle ............................................................................................................................ 95

D.8 Analyse de Flux de Contrôle ........................................................................................................... 96

D.9 Analyse des défaillances de mode commun .................................................................................. 96

D.10 Analyse du flux de données ............................................................................................................ 97

D.11 Organigrammes des données ........................................................................................................ 97

D.12 Enregistrement et analyse des données......................................................................................... 98

D.13 Tables de décision (Tables de vérité) ............................................................................................. 99

D.14 Programmation défensive ............................................................................................................... 99

D.15 Normes de codage et Guide de style............................................................................................ 100

D.16 Programmation diversifiée ............................................................................................................ 100

D.17 Reconfiguration dynamique .......................................................................................................... 101

D.18 Tests de classes d'équivalence et de partition d'entrée ............................................................... 101

D.19 Codes de détection et de correction d'erreurs .............................................................................. 102

D.20 Supposition d'erreurs .................................................................................................................... 102

D.21 Insertion d'erreurs ......................................................................................................................... 102

D.22 Analyse par arbre des événements .............................................................................................. 103

D.23 Inspection de Fagan ..................................................................................................................... 103

D.24 Programmation par assertion des défaillances ............................................................................ 103

D.25 AEEL – Analyse des Effets des Erreurs du Logiciel ..................................................................... 104

D.26 Détection des défauts et diagnostic .............................................................................................. 105

D.27 Automates à états finis/Schémas de transitions d'état ................................................................. 105

D.28 Méthodes formelles ...................................................................................................................... 106

D.28.1 CSP - Processus Séquentiels de Communication ................................................ 107

D.28.2 CCS - Algèbre des Systèmes de Transmission .................................................... 107

D.28.3 HOL - Logique d'Ordre Supérieur ......................................................................... 107

D.28.4 LOTOS .................................................................................................................. 108

D.28.5 OBJ ....................................................................................................................... 108

D.28.6 Logique temporelle ............................................................................................... 109

---------------------- Page: 5 ----------------------
SIST EN 50128:2011
EN 50128:2011 - 4 -

D.28.7 VDM - Méthode de Développement de Vienne .................................................... 109

D.28.8 Méthode Z ............................................................................................................. 109

D.28.9 Méthode B ............................................................................................................. 110

D.28.10Vérification du modèle .......................................................................................... 111

D.29 Preuve formelle ............................................................................................................................. 111

D.30 Rattrapage par progression .......................................................................................................... 112

D.31 Dégradation contrôlée ................................................................................................................... 112

D.32 Analyse d'impact ........................................................................................................................... 112

D.33 Masquage d'informations/Encapsulation ...................................................................................... 113

D.34 Tests d'interface............................................................................................................................ 113

D.35 Sous-ensemble de langage .......................................................................................................... 114

D.36 Mémorisation des cas exécutés ................................................................................................... 114

D.37 Métriques ...................................................................................................................................... 114

D.38 Approche modulaire ...................................................................................................................... 115

D.39 Modélisation des performances .................................................................................................... 115

D.40 Exigences en matière de performance ......................................................................................... 116

D.41 Tests probabilistes ........................................................................................................................ 116

D.42 Simulation de processus ............................................................................................................... 117

D.43 Prototypage/Anim ation .................................................................................................................. 118

D.44 Bloc de rattrapage ......................................................................................................................... 118

D.45 Temps de réponse et contraintes de place mémoire ................................................................... 118

D.46 Rattrapage par ré-exécution ......................................................................................................... 118

D.47 Sécurité Contrôlée ........................................................................................................................ 119

D.48 Gestion de la configuration du logiciel .......................................................................................... 119

D.49 Langages de programmation à fort typage ................................................................................... 119

D.50 Tests structurels ........................................................................................................................... 120

D.51 Schémas de structure ................................................................................................................... 120

D.52 Méthodologie structurée ............................................................................................................... 121

D.53 Programmation structurée ............................................................................................................ 121

D.54 Langages de programmation adaptés .......................................................................................... 122

D.55 Réseaux de Pétri temporels ......................................................................................................... 123

D.56 Révisions structurées/ Revues de la conception .......................................................................... 123

D.57 Programmation orientée objet ...................................................................................................... 124

D.58 Traçabilité ..................................................................................................................................... 124

D.59 Métaprogrammation ...................................................................................................................... 125

D.60 Programmation procédurale ......................................................................................................... 125

D.61 Graphes séquentiels de fonction .................................................................................................. 126

D.62 Schéma à contact ......................................................................................................................... 126

D.63 Diagramme fonctionnel ................................................................................................................. 126

D.64 Graphe d'états ou Diagramme d'états .......................................................................................... 126

D.65 Modélisation de données .............................................................................................................. 127

D.66 Diagramme de flux de commande/Graphe de flux de commande ............................................... 127

D.67 Diagramme de séquence .............................................................................................................. 128

D.68 Méthodes de spécification en tableaux ......................................................................................... 129

D.69 Langage spécifique à l'application ................................................................................................ 129

D.70 UML (Unified Modeling Language, langage de modélisation unifié)............................................. 129

D.71 Langages spécifiques à un domaine ............................................................................................ 130

Bibliographie ................................................................................................................................................. 132

---------------------- Page: 6 ----------------------
SIST EN 50128:2011
- 5 - EN 50128:2011
Avant-propos

La présente Norme Européenne a été préparée par le SC 9XA, Systèmes de signalisation, de

télécommunications et de traitement, du comité technique CENELEC TC 9X, Applications électriques et

électroniques dans le domaine ferroviaire.

Le texte du projet a été soumis au vote formel et a été approuvé par le CENELEC comme EN 50128 le

2011-04-25.
Ce document remplace l'EN 50128:2001.

Les principales modifications par rapport à l'EN 50128:2001 sont énumérées ci-après :

• des exigences relatives à la gestion et à l'organisation, à la définition des rôles et des compétences, au

déploiement et à la maintenance des logiciels ont été ajoutées;

• un nouvel article concernant les outils a été ajouté, fondé sur l'EN 61508-2:2010;

• les Tableaux dans l'Annexe A ont été mis à jour.

L'attention du lecteur est attiré sur la possibilité que certains éléments de ce document peuvent être couverts

par des brevets. Le CEN et le CENELEC ne sauraient être tenus pour responsable de l'identification de tels

brevets.
Les dates suivantes ont été fixées:
– date limite à laquelle l'EN doit être mise en application au
niveau national par publication d'une norme nationale
identique ou par entérinement
(dop) 2012-04-25
– date limite à laquelle les normes nationales conflictuelles
2014-04-25
doivent être annulées
(dow)

Il convient de lire la présente Norme Européenne conjointement à l'EN 50126-1:1999 «Applications

ferroviaires - Spécification et démonstration de la fiabilité, de la disponibilité, de la maintenabilité et de la

sécurité (FDMS) - Partie 1 : Exigences de base et procédés génériques» et à l'EN 50129:2003 «Applications

ferroviaires - Systèmes de signalisation, de télécommunications et de traitement - Systèmes électroniques de

sécurité pour la signalisation».
__________
---------------------- Page: 7 ----------------------
SIST EN 50128:2011
EN 50128:2011 - 6 -
Figures

Figure 1 – Démarche illustrative relative au logiciel............................................................................................ 9

Figure 2 – Illustration de la structure organisationnelle préférentielle .............................................................. 18

Figure 3 – Cycle de vie de développement 1 .................................................................................................... 23

Figure 4 – Illustration d'un cycle de vie de développement 2 ........................................................................... 24

Tableaux

Tableau 1 - Relation entre les classe d'outils et les paragraphes applicables ................................................. 38

Tableau A.1– Problèmes liés au cycle de vie et Documentation (5.3) ............................................................. 68

Tableau A.2 – Spécification des Exigences du Logiciel (7.2) ........................................................................... 70

Tableau A.3 – Architecture du Logiciel (7.3) ..................................................................................................... 71

Tableau A.4– Conception et mise en œuvre du logiciel (7.4) ........................................................................... 72

Tableau A.5 – Vérification et Tests (6.2 et 7.3) ................................................................................................ 73

Tableau A.6 – Intégration (7.6) ......................................................................................................................... 73

Tableau A.7– Tests d'Ensemble du Logiciel (6.2et 7.7) ................................................................................... 73

Tableau A.8 – Techniques d'analyse logicielle (6.3) ......................................................................................... 74

Tableau A.9 – Assurance Qualité du logiciel (6.5) ............................................................................................ 74

Tableau A.10 – Maintenance du Logiciel (9.2) ................................................................................................. 74

Tableau A.11 – Techniques de préparation des données (8.4)........................................................................ 75

Tableau A.12 – Normes de codage .................................................................................................................. 76

Tableau A.13 – Analyse et Tests dynamiques.................................................................................................. 76

Tableau A.14 – Test fonctionnel/boîte noire ..................................................................................................... 77

Tableau A.15 – Langages de programmation textuels ..................................................................................... 77

Tableau A.16 – Langages diagrammatiques pour algorithmes d'application ................................................... 78

Tableau A.17 – Modélisation ............................................................................................................................ 78

Tableau A.18 – Tests de Performance ............................................................................................................. 78

Tableau A.19 – Analyse statique ...................................................................................................................... 79

Tableau A.20 – Composants ............................................................................................................................ 79

Tableau A.21 – Couverture des tests pour le code .......................................................................................... 80

Tableau A.22 – Architecture de logiciel orienté objet ....................................................................................... 81

Tableau A.23 – Conception détaillée orientée objet ......................................................................................... 81

Tableau B.1 — Spécification du Rôle du Gestionnaire des Exigences ............................................................ 82

Tableau B.2 — Spécification du Rôle du Concepteur ...................................................................................... 83

Tableau B.3 — Spécification du Rôle du Réalisateur ....................................................................................... 84

Tableau B.4 — Spécification du Rôle du Chargé des tests .............................................................................. 85

Tableau B.5 — Spécification du Rôle du Chargé de vérification ...................................................................... 86

Tableau B.6 — Spécification du Rôle du Chargé d'intégration ......................................................................... 87

Tableau B.7 — Spécification du Rôle du Chargé de Chargé de validation ...................................................... 88

Tableau B.8 — Spécification du Rôle du Chargé d'évaluation ......................................................................... 89

Tableau B.9 — Spécification du Rôle du Chef de projet .................................................................................. 90

Tableau B.10 — Spécification du Rôle du Gestionnaire de la Configuration ................................................... 90

Tableau C.1 — Résumé du Contrôle des Documents ..................................................................................... 91

---------------------- Page: 8 ----------------------
SIST EN 50128:2011
- 7 - EN 50128:2011
Introduction

La présente Norme Européenne fait partie intégrante d'un groupe de normes connexes. Les autres

documents de ce groupe sont les EN 50126-1:1999 «Applications ferroviaires - Spécification et

démonstration de la fiabilité, de la disponibilité, de la maintenabilité et de la sécurité (FDMS) –

Partie 1 : Exigences de base et procédés génériques» et EN 50129:2003 «Applications ferroviaires -

Systèmes de signalisation, de télécommunications et de traitement - Systèmes électroniques de sécurité

pour la signalisation».

L'EN 50126-1 traite des systèmes au niveau le plus général, tandis que l'EN 50129 traite des processus

d'approbation des systèmes individuels qui peuvent exister dans le cadre du système ferroviaire global

...

SLOVENSKI STANDARD
oSIST prEN 50128:2009
01-oktober-2009
äHOH]QLãNHQDSUDYH.RPXQLNDFLMVNLVLJQDOQLLQSURFHVQLVLVWHPL3URJUDPVND
RSUHPD]DåHOH]QLãNHNUPLOQHLQ]DãþLWQHVLVWHPH

Railway applications - Communication, signalling and processing systems - Software for

railway control and protection systems
Bahnanwendungen - Telekommunikationstechnik, Signaltechnik und
Datenverarbeitungssysteme - Software für Eisenbahnsteuerungs- und
Überwachungssysteme

Applications ferroviaires - Systèmes de signalisation, de télécommunication et de

traitement - Logiciels pour systèmes de commande et de protection ferroviaire
Ta slovenski standard je istoveten z: prEN 50128:2009
ICS:
35.240.60 Uporabniške rešitve IT v IT applications in transport
transportu in trgovini and trade
45.020 Železniška tehnika na Railway engineering in
splošno general
oSIST prEN 50128:2009 en,fr,de

2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

---------------------- Page: 1 ----------------------
oSIST prEN 50128:2009
---------------------- Page: 2 ----------------------
oSIST prEN 50128:2009
DRAFT
EUROPEAN STANDARD
prEN 50128
NORME EUROPÉENNE
July 2009
EUROPÄISCHE NORM
ICS 35.240.60; 45.020; 93.100 Will supersede EN 50128:2001
English version
Railway applications -
Communication, signalling and processing systems -
Software for railway control and protection systems
Applications ferroviaires - Bahnanwendungen -
Systèmes de signalisation, Telekommunikationstechnik, Signaltechnik
de télécommunication et de traitement - und Datenverarbeitungssysteme -
Logiciels pour systèmes de commande Software für Eisenbahnsteuerungs-
et de protection ferroviaire und Überwachungssysteme

This draft European Standard is submitted to CENELEC members for CENELEC enquiry.

Deadline for CENELEC: 2010-01-08.
It has been drawn up by CLC/SC 9XA.

If this draft becomes a European Standard, CENELEC members are bound to comply with the CEN/CENELEC

Internal Regulations which stipulate the conditions for giving this European Standard the status of a national

standard without any alteration.

This draft European Standard was established by CENELEC in three official versions (English, French, German).

A version in any other language made by translation under the responsibility of a CENELEC member into its own

language and notified to the Central Secretariat has the same status as the official versions.

CENELEC members are the national electrotechnical committees of Austria, Belgium, Bulgaria, Cyprus, the

Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia,

Lithuania, Luxembourg, Malta, the Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain,

Sweden, Switzerland and the United Kingdom.

Warning : This document is not a European Standard. It is distributed for review and comments. It is subject to

change without notice and shall not be referred to as a European Standard.
CENELEC
European Committee for Electrotechnical Standardization
Comité Européen de Normalisation Electrotechnique
Europäisches Komitee für Elektrotechnische Normung
Central Secretariat: Avenue Marnix 17, B - 1000 Brussels

© 2009 CENELEC - All rights of exploitation in any form and by any means reserved worldwide for CENELEC members.

Project: 20508 Ref. No. prEN 50128:2009 E
Draft for Enquiry
---------------------- Page: 3 ----------------------
oSIST prEN 50128:2009
prEN 50128:2009 – 2 –
1 Foreword

2 This draft European Standard was prepared by SC 9XA, Communication, signalling and processing systems,

3 of Technical Committee CENELEC TC 9X, Electrical and electronic applications for railways. It is submitted

4 to the CENELEC enquiry.
5 This document will supersede EN 50128:2001.
6 The main changes with respect to the previous edition are listed below:

7 • requirements on software management and organisation, definition of roles and competencies,

8 deployment and maintenance have been added;
9 • a new clause on tools has been inserted, based on EN 61508-2:2008;
10 • tables in Annex A have been updated.

11 This European Standard should be read in conjunction with EN 50126-1:1999 "Railway applications –

12 The specification and demonstration of Reliability, Availability, Maintainability and Safety (RAMS) – Part 1:

13 Basic requirements and generic process” and EN 50129:2003 "Railway applications – Communication,

14 signalling and processing systems – Safety related electronic systems for signalling".

15 This draft European Standard has been prepared under a mandate given to CENELEC by the European

16 Commission and the European Free Trade Association and covers essential requirements of EC Directives

17 2001/16/EC and 96/48/EC.
18 __________
Draft for Enquiry
---------------------- Page: 4 ----------------------
oSIST prEN 50128:2009
- 3 - prEN 50128:2009
19 Contents

20 Introduction ....................................................................................................................................................... 7

21 1 Scope ....................................................................................................................................................... 10

22 2 Normative references ............................................................................................................................. 11

23 3 Terms, definitions and abbreviations ................................................................................................... 11

24 3.1 Terms and definitions ..................................................................................................................... 11

25 3.2 Abbreviations .................................................................................................................................. 15

26 4 Objectives, Conformance and Software Safety Integrity Levels ........................................................ 16

27 5 Software management and organisation.............................................................................................. 17

28 5.1 Organisation, Roles and Responsibilities ....................................................................................... 17

29 5.2 Personnel Competence .................................................................................................................. 19

30 5.3 Lifecycle issues and documentation ............................................................................................... 20

31 6 Software assurance ................................................................................................................................ 22

32 6.1 Software testing .............................................................................................................................. 22

33 6.2 Software verification ........................................................................................................................ 23

34 6.3 Software validation .......................................................................................................................... 25

35 6.4 Software assessment ..................................................................................................................... 26

36 6.5 Software quality assurance ............................................................................................................. 28

37 6.6 Modification and change control ..................................................................................................... 30

38 6.7 Support tools and languages .......................................................................................................... 31

39 7 Generic software development .............................................................................................................. 34

40 7.1 Lifecycle and documentation for generic software .......................................................................... 34

41 7.2 Software requirements .................................................................................................................... 35

42 7.3 Architecture and Design.................................................................................................................. 37

43 7.4 Component design .......................................................................................................................... 43

44 7.5 Component implementation and testing ......................................................................................... 45

45 7.6 Integration ....................................................................................................................................... 46

46 7.7 Final Acceptance/Validation ............................................................................................................ 48

47 8 Development of application data or algorithms: systems configured by application data or

48 algorithms ................................................................................................................................................ 50

49 8.1 Objectives ....................................................................................................................................... 50

50 8.2 Input documents ............................................................................................................................. 51

51 8.3 Output documents .......................................................................................................................... 51

52 8.4 Requirements ................................................................................................................................. 51

53 9 Software deployment and maintenance ............................................................................................... 54

54 9.1 Software deployment ...................................................................................................................... 54

55 9.2 Software maintenance .................................................................................................................... 55

56 Annex A (normative) Criteria for the Selection of Techniques and Measures .......................................... 58

57 A.1 Clauses tables ................................................................................................................................ 59

58 A.2 Detailed tables ................................................................................................................................ 65

Draft for Enquiry
---------------------- Page: 5 ----------------------
oSIST prEN 50128:2009
prEN 50128:2009 – 4 –

59 Annex B (normative) Key software roles and responsibilities ................................................................... 71

60 Annex C (informative) Documents Control Summary and Document Flow Diagrams ............................ 80

61 Annex D (informative) Bibliography of techniques ...................................................................................... 82

62 D.1 AI Fault Correction .......................................................................................................................... 82

63 D.2 Analysable Programs ...................................................................................................................... 82

64 D.3 Avalanche/Stress Testing ............................................................................................................... 83

65 D.4 Boundary Value Analysis ................................................................................................................ 83

66 D.5 Backward Recovery ........................................................................................................................ 84

67 D.6 Cause Consequence Diagrams ...................................................................................................... 84

68 D.7 Certified Tools and Certified Translators ........................................................................................ 84

69 D.8 Checklists ....................................................................................................................................... 85

70 D.9 Control Flow Analysis...................................................................................................................... 85

71 D.10 Common Cause Failure Analysis ................................................................................................... 86

72 D.11 Data Flow Analysis.......................................................................................................................... 86

73 D.12 Data Flow Diagrams ....................................................................................................................... 87

74 D.13 Data Recording and Analysis .......................................................................................................... 87

75 D.14 Decision Tables (Truth Tables)....................................................................................................... 88

76 D.15 Defensive Programming ................................................................................................................. 88

77 D.16 Coding Standards and Style Guide ................................................................................................. 89

78 D.17 Diverse Programming ..................................................................................................................... 89

79 D.18 Dynamic Reconfiguration ................................................................................................................ 90

80 D.19 Equivalence Classes and Input Partition Testing............................................................................ 90

81 D.20 Error Detecting and Correcting Codes ............................................................................................ 91

82 D.21 Error Guessing ................................................................................................................................ 91

83 D.22 Error Seeding .................................................................................................................................. 91

84 D.23 Event Tree Analysis ........................................................................................................................ 92

85 D.24 Fagan Inspections........................................................................................................................... 92

86 D.25 Failure Assertion Programming ...................................................................................................... 92

87 D.26 SEEA – Software Error Effect Analysis ........................................................................................... 93

88 D.27 Fault Detection and Diagnosis ........................................................................................................ 94

89 D.28 Fault Tree Analysis ......................................................................................................................... 94

90 D.29 Finite State Machines/State Transition Diagrams ........................................................................... 95

91 D.30 Formal Methods .............................................................................................................................. 95

92 D.31 Formal Proof ................................................................................................................................. 100

93 D.32 Forward Recovery ......................................................................................................................... 101

94 D.33 Graceful Degradation .................................................................................................................... 101

95 D.34 Hazard and Operability Study (HAZOP) ....................................................................................... 101

96 D.35 Impact Analysis ............................................................................................................................. 102

97 D.36 Information Hiding / Encapsulation ............................................................................................... 103

98 D.37 Interface Testing ........................................................................................................................... 103

99 D.38 Language Subset .......................................................................................................................... 104

100 D.39 Memorising Executed Cases ........................................................................................................ 104

101 D.40 Library of Trusted/Verified Components ....................................................................................... 104

102 D.41 Markov Models.............................................................................................................................. 105

103 D.42 Metrics .......................................................................................................................................... 105

Draft for Enquiry
---------------------- Page: 6 ----------------------
oSIST prEN 50128:2009
- 5 - prEN 50128:2009

104 D.43 Modular Approach ......................................................................................................................... 106

105 D.44 Monte-Carlo Simulation ................................................................................................................ 106

106 D.45 Performance Modelling ................................................................................................................. 107

107 D.46 Performance Requirements .......................................................................................................... 107

108 D.47 Probabilistic Testing ...................................................................................................................... 108

109 D.48 Process Simulation ....................................................................................................................... 108

110 D.49 Prototyping / Animation ................................................................................................................. 109

111 D.50 Recovery Block ............................................................................................................................. 109

112 D.51 Reliability Block Diagram .............................................................................................................. 109

113 D.52 Response Timing and Memory Constraints .................................................................................. 110

114 D.53 Re-Try Fault Recovery Mechanisms............................................................................................. 110

115 D.54 Safety Bag .................................................................................................................................... 110

116 D.55 Sneak Circuit Analysis .................................................................................................................. 110

117 D.56 Software Configuration Management ........................................................................................... 111

118 D.57 Strongly Typed Programming Languages .................................................................................... 111

119 D.58 Structure Based Testing ............................................................................................................... 112

120 D.59 Structure Diagrams ....................................................................................................................... 112

121 D.60 Structured Methodology ................................................................................................................ 113

122 D.61 Structured Programming ............................................................................................................... 116

123 D.62 Suitable Programming languages ................................................................................................. 116

124 D.63 Symbolic Execution ....................................................................................................................... 117

125 D.64 Time Petri Nets ............................................................................................................................. 117

126 D.65 Translator Proven In Use .............................................................................................................. 118

127 D.66 Walkthroughs / Design Reviews ................................................................................................... 118

128 D.67 Object Oriented Programming ...................................................................................................... 119

129 D.68 Traceability .................................................................................................................................... 122

130 D.69 Static verification of runtime properties by abstract interpretation ................................................ 122

131 D.70 Dataflow ........................................................................................................................................ 123

132 D.71 Metaprogramming ......................................................................................................................... 123

133 D.72 Procedural programming .............................................................................................................. 123

134 D.73 Sequential Function Charts ........................................................................................................... 124

135 D.74 Ladder Diagram ............................................................................................................................ 124

136 D.75 Functional Block Diagram ............................................................................................................. 124

137 D.76 State Chart or State Diagram ....................................................................................................... 124

138 D.77 Data modelling .............................................................................................................................. 124

139 D.78 Control Flow Diagram/Control Flow Graph ................................................................................... 125

140 D.79 Sequence diagram ........................................................................................................................ 126

141 Bibliography .................................................................................................................................................. 127

142
Draft for Enquiry
---------------------- Page: 7 ----------------------
oSIST prEN 50128:2009
prEN 50128:2009 – 6 –
143 Figures

144 Figure 1 – Illustrative Software Route Map ......................................................................................................... 9

145 Figure 2 – Independence and combination of roles versus software safety integrity levels ............................. 18

146 Figure 3 – Illustrative Development Lifecycle 1 ................................................................................................ 21

147 Figure 4 – Illustrative Development Lifecycle 2 ................................................................................................ 22

148 Tables

149 Table 1 – Relation between tool class and applicable subclauses ................................................................... 34

150 Table A.1 – Lifecycle Issues and Documentation (5.3) .................................................................................... 59

151 Table A.2 – Software Requirements Specification (7.2) ................................................................................... 60

152 Table A.3 – Software Architecture (7.3) ............................................................................................................ 61

153 Table A.4 – Software Design and Implementation (7.4) ................................................................................... 62

154 Table A.5 – Verification and Testing (6.2 and 7.3) ........................................................................................... 63

155 Table A.6 – Integration (7.6) ............................................................................................................................. 63

156 Table A.7 – Overall Software Testing (6.2 and 7.7) .......................................................................................... 63

157 Table A.8 – Software Analysis Techniques (6.3) .............................................................................................. 64

158 Table A.9 – Software Quality Assurance (6.5) .................................................................................................. 64

159 Table A.10 – Software Maintenance (9.2) ........................................................................................................ 64

160 Table A.11 – Coding Standards ........................................................................................................................ 65

161 Table A.12 – Dynamic Analysis and Testing .................................................................................................... 65

162 Table A.13 – Functional/Black Box Test ........................................................................................................... 66

163 Table A.14 – Textual Programming Languages ............................................................................................... 66

164 Table A.15 – Diagrammatic Languages for Application Algorithms ................................................................. 67

165 Table A.16 – Modelling ..................................................................................................................................... 67

166 Table A.17 – Performance Testing ................................................................................................................... 67

167 Table A.18 – Static Analysis ............................................................................................................................. 68

168 Table A.19 – Components ................................................................................................................................ 68

169 Table A.20 – Test Coverage for Code .............................................................................................................. 69

170 Table A.21 – Object Oriented Software Architecture ........................................................................................ 70

171 Table A.22 – Object Oriented Detailed Design ................................................................................................. 70

172 Table B.1 – Requirements Manager Role Specification ................................................................................... 71

173 Table B.2 – Designer Role Specification .......................................................................................................... 72

174 Table B.3 – Implementer Role Specification..................................................................................................... 73

175 Table B.4 – Tester Role Specification .............................................................................................................. 74

176 Table B.5 – Verifier Role Specification ............................................................................................................. 75

177 Table B.6 – Integrator Role Specification ......................................................................................................... 76

178 Table B.7 – Validator Role Specification........................................................................................................... 77

179 Table B.8 – Assessor Role Specification .......................................................................................................... 78

180 Table B.9 – Project Manager Role Specification .............................................................................................. 79

181 Table B.10 – Configuration Manager Role Specification .................................................................................. 79

182 Table C.1 – Documents Control Summary ....................................................................................................... 80

183
Draft for Enquiry
---------------------- Page: 8 ----------------------
oSIST prEN 50128:2009
- 7 - prEN 50128:2009
184 Introduction

185 This European Standard is part of a group of related standards. The others are EN 50126-1:1999 "Railway

186 applications – The specification and demonstration of Reliability, Availability, Maintainability and Safety

187 (RAMS) – Part 1: Basic requirements and generic process” and EN 50129:2003 "Railway applications –

188 Communication, signalling and processing systems – Safety related electronic systems for signalling".

189 EN 50126-1 addresses system issues on the widest scale, while EN 50129 addresses the approval process

190 for in
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.