Guidance on system dependability specifications

This International Standard gives guidance on the preparation of system dependability specifications. It provides a process for system evaluation and presents a procedure for determining system dependability requirements. This International Standard is not intended for certification or to perform conformity assessment for contractual purposes. It is not intended to change any rights or obligations provided by applicable statutory or regulatory requirements.

Anleitung zur Spezifikation der Zuverlässigkeit von Systemen

Lignes directrices pour les spécifications de sûreté de fonctionnement des systèmes

La présente Norme internationale apporte des recommandations pour la préparation des spécifications de sûreté de fonctionnement des systèmes. Elle fournit un processus pour l'évaluation des systèmes et présente une procédure pour déterminer les exigences de sûreté de fonctionnement des systèmes. La présente Norme internationale n'est pas destinée à la certification ou à la réalisation de l'évaluation de la conformité dans un cadre contractuel. Elle n'est pas destinée à modifier des droits ou des obligations résultant d'exigences statutaires ou réglementaires applicables.

Napotki za specifikacije sistemske zagotovljivosti (IEC 62347:2006)

General Information

Status
Published
Publication Date
07-Nov-2007
Technical Committee
Current Stage
6060 - National Implementation/Publication (Adopted Project)
Start Date
24-Oct-2007
Due Date
29-Dec-2007
Completion Date
08-Nov-2007

Buy Standard

Standard
SIST EN 62347:2008
English language
38 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day

Standards Content (Sample)

SLOVENSKI STANDARD
SIST EN 62347:2008
01-januar-2008
Napotki za specifikacije sistemske zagotovljivosti (IEC 62347:2006)
Guidance on system dependability specifications
Anleitung zur Spezifikation der Zuverlässigkeit von Systemen

Lignes directrices pour les spécifications de sûreté de fonctionnement des systèmes

Ta slovenski standard je istoveten z: EN 62347:2007
ICS:
03.120.01 Kakovost na splošno Quality in general
21.020 =QDþLOQRVWLLQQDþUWRYDQMH Characteristics and design of
VWURMHYDSDUDWRYRSUHPH machines, apparatus,
equipment
SIST EN 62347:2008 en,fr,de

2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

---------------------- Page: 1 ----------------------
SIST EN 62347:2008
---------------------- Page: 2 ----------------------
SIST EN 62347:2008
EUROPEAN STANDARD
EN 62347
NORME EUROPÉENNE
March 2007
EUROPÄISCHE NORM
ICS 03.120.01
English version
Guidance on system dependability specifications
(IEC 62347:2006)
Lignes directrices Anleitung zur Spezifikation
pour les spécifications de sûreté der Zuverlässigkeit von Systemen
de fonctionnement des systèmes (IEC 62347:2006)
(CEI 62347:2006)

This European Standard was approved by CENELEC on 2007-03-01. CENELEC members are bound to comply

with the CEN/CENELEC Internal Regulations which stipulate the conditions for giving this European Standard

the status of a national standard without any alteration.

Up-to-date lists and bibliographical references concerning such national standards may be obtained on

application to the Central Secretariat or to any CENELEC member.

This European Standard exists in three official versions (English, French, German). A version in any other

language made by translation under the responsibility of a CENELEC member into its own language and notified

to the Central Secretariat has the same status as the official versions.

CENELEC members are the national electrotechnical committees of Austria, Belgium, Bulgaria, Cyprus, the

Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia,

Lithuania, Luxembourg, Malta, the Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain,

Sweden, Switzerland and the United Kingdom.
CENELEC
European Committee for Electrotechnical Standardization
Comité Européen de Normalisation Electrotechnique
Europäisches Komitee für Elektrotechnische Normung
Central Secretariat: rue de Stassart 35, B - 1050 Brussels

© 2007 CENELEC - All rights of exploitation in any form and by any means reserved worldwide for CENELEC members.

Ref. No. EN 62347:2007 E
---------------------- Page: 3 ----------------------
SIST EN 62347:2008
EN 62347:2007 - 2 -
Foreword

The text of document 56/1138/FDIS, future edition 1 of IEC 62347, prepared by IEC TC 56,

Dependability, was submitted to the IEC-CENELEC parallel vote and was approved by CENELEC as

EN 62347 on 2007-03-01.
The following dates were fixed:
– latest date by which the EN has to be implemented
at national level by publication of an identical
national standard or by endorsement (dop) 2007-12-01
– latest date by which the national standards conflicting
with the EN have to be withdrawn (dow) 2010-03-01
Annex ZA has been added by CENELEC.
__________
Endorsement notice

The text of the International Standard IEC 62347:2006 was approved by CENELEC as a European

Standard without any modification.

In the official version, for Bibliography, the following notes have to be added for the standards indicated:

IEC 60300-1 NOTE Harmonized as EN 60300-1:2003 (not modified).
IEC 60300-2 NOTE Harmonized as EN 60300-2:2004 (not modified).
IEC 61069 NOTE Harmonized in EN 61069 series (not modified).
IEC 61069-1 NOTE Harmonized as EN 61069-1:1993 (not modified).
ISO 9000 NOTE Harmonized as EN ISO 9000:2005 (not modified).
__________
---------------------- Page: 4 ----------------------
SIST EN 62347:2008
- 3 - EN 62347:2007
Annex ZA
(normative)
Normative references to international publications
with their corresponding European publications

The following referenced documents are indispensable for the application of this document. For dated

references, only the edition cited applies. For undated references, the latest edition of the referenced

document (including any amendments) applies.

NOTE When an international publication has been modified by common modifications, indicated by (mod), the relevant EN/HD

applies.
Publication Year Title EN/HD Year
IEC 60050-191 - International Electrotechnical Vocabulary - -
(IEV) -
Chapter 191: Dependability and quality of
service
ISO/IEC 15288 - Systems engineering - System life cycle - -
processes
Undated reference.
---------------------- Page: 5 ----------------------
SIST EN 62347:2008
---------------------- Page: 6 ----------------------
SIST EN 62347:2008
NORME CEI
INTERNATIONALE
IEC
62347
INTERNATIONAL
Première édition
STANDARD
First edition
2006-11
Lignes directrices pour les spécifications de
sûreté de fonctionnement des systèmes
Guidance on system dependability specifications
© IEC 2006 Droits de reproduction réservés ⎯ Copyright - all rights reserved

Aucune partie de cette publication ne peut être reproduite ni No part of this publication may be reproduced or utilized in any

utilisée sous quelque forme que ce soit et par aucun procédé, form or by any means, electronic or mechanical, including

électronique ou mécanique, y compris la photocopie et les photocopying and microfilm, without permission in writing from

microfilms, sans l'accord écrit de l'éditeur. the publisher.

International Electrotechnical Commission, 3, rue de Varembé, PO Box 131, CH-1211 Geneva 20, Switzerland

Telephone: +41 22 919 02 11 Telefax: +41 22 919 03 00 E-mail: inmail@iec.ch Web: www.iec.ch

CODE PRIX
PRICE CODE
Commission Electrotechnique Internationale
International Electrotechnical Commission
МеждународнаяЭлектротехническаяКомиссия
Pour prix, voir catalogue en vigueur
For price, see current catalogue
---------------------- Page: 7 ----------------------
SIST EN 62347:2008
62347 © IEC:2006 – 3 –
CONTENTS

FOREWORD...........................................................................................................................5

INTRODUCTION.....................................................................................................................9

1 Scope.............................................................................................................................11

2 Normative references .....................................................................................................11

3 Terms and definitions ......................................................................................................11

4 Concepts dealing with system dependability...................................................................13

4.1 Understanding the system .....................................................................................13

4.2 System life cycle ...................................................................................................17

4.3 System operation ..................................................................................................21

4.4 System operating profile........................................................................................21

4.5 Dependability requirements ...................................................................................23

5 Procedure for specifying system dependability ...............................................................27

5.1 System specification process ................................................................................27

5.2 System dependability specification process...........................................................27

5.3 Determining dependability values ..........................................................................29

5.4 Procedural steps for determining system dependability requirements ....................31

Annex A (informative) Evaluation of dependability characteristics ........................................39

Annex B (informative) An example on developing a system dependability specification

– A home security system ....................................................................................................53

Bibliography..........................................................................................................................69

Figure 1 – An example of system properties and related characteristics................................15

Figure 2 – Overview of system life cycle stages ....................................................................19

Figure 3 – Relationships of system operating profile and scenario in system operation .........23

Figure 4 – Overview of system specification process ............................................................29

Figure 5 – Steps for determining system dependability requirements ....................................33

Figure B.1 – System configuration for normal mode of operation...........................................61

Figure B.2 – System configuration for panic mode of operation.............................................63

Figure B.3 – System configuration for security service mode of operation .............................63

Table A.1 – Examples of influencing factors under each influencing condition.......................49

Table A.2 – Relationship of system properties with influencing conditions.............................51

---------------------- Page: 8 ----------------------
SIST EN 62347:2008
62347 © IEC:2006 – 5 –
INTERNATIONAL ELECTROTECHNICAL COMMISSION
____________
GUIDANCE ON SYSTEM DEPENDABILITY SPECIFICATIONS
FOREWORD

1) The International Electrotechnical Commission (IEC) is a worldwide organization for standardization comprising

all national electrotechnical committees (IEC National Committees). The object of IEC is to promote

international co-operation on all questions concerning standardization in the electrical and electronic fields. To

this end and in addition to other activities, IEC publishes International Standards, Technical Specifications,

Technical Reports, Publicly Available Specifications (PAS) and Guides (hereafter referred to as “IEC

Publication(s)”). Their preparation is entrusted to technical committees; any IEC National Committee interested

in the subject dealt with may participate in this preparatory work. International, governmental and non-

governmental organizations liaising with the IEC also participate in this preparation. IEC collaborates closely

with the International Organization for Standardization (ISO) in accordance with conditions determined by

agreement between the two organizations.

2) The formal decisions or agreements of IEC on technical matters express, as nearly as possible, an international

consensus of opinion on the relevant subjects since each technical committee has representation from all

interested IEC National Committees.

3) IEC Publications have the form of recommendations for international use and are accepted by IEC National

Committees in that sense. While all reasonable efforts are made to ensure that the technical content of IEC

Publications is accurate, IEC cannot be held responsible for the way in which they are used or for any

misinterpretation by any end user.

4) In order to promote international uniformity, IEC National Committees undertake to apply IEC Publications

transparently to the maximum extent possible in their national and regional publications. Any divergence

between any IEC Publication and the corresponding national or regional publication shall be clearly indicated in

the latter.

5) IEC provides no marking procedure to indicate its approval and cannot be rendered responsible for any

equipment declared to be in conformity with an IEC Publication.

6) All users should ensure that they have the latest edition of this publication.

7) No liability shall attach to IEC or its directors, employees, servants or agents including individual experts and

members of its technical committees and IEC National Committees for any personal injury, property damage or

other damage of any nature whatsoever, whether direct or indirect, or for costs (including legal fees) and

expenses arising out of the publication, use of, or reliance upon, this IEC Publication or any other IEC

Publications.

8) Attention is drawn to the Normative references cited in this publication. Use of the referenced publications is

indispensable for the correct application of this publication.

9) Attention is drawn to the possibility that some of the elements of this IEC Publication may be the subject of

patent rights. IEC shall not be held responsible for identifying any or all such patent rights.

International Standard IEC 62347 has been prepared by IEC technical committee 56:

Dependability.
The text of this standard is based on the following documents:
FDIS Report on voting
56/1138/FDIS 56/1161/RVD

Full information on the voting for the approval of this standard can be found in the report on

voting indicated in the above table.

This publication has been drafted in accordance with the ISO/IEC Directives, Part 2.

---------------------- Page: 9 ----------------------
SIST EN 62347:2008
62347 © IEC:2006 – 7 –

The committee has decided that the contents of this publication will remain unchanged until

the maintenance result date indicated on the IEC web site under "http://webstore.iec.ch" in

the data related to the specific publication. At this date, the publication will be

• reconfirmed;
• withdrawn;
• replaced by a revised edition, or
• amended.
---------------------- Page: 10 ----------------------
SIST EN 62347:2008
62347 © IEC:2006 – 9 –
INTRODUCTION

A system is a physical and/or virtual entity. It is necessary sometimes to define a system’s

boundary so that it can be distinguished or separated from other systems. A system interacts

with its surroundings or environment to fulfil a specific need or purpose, or to achieve a

defined objective. This is accomplished through the interaction of the system’s elements

representing the necessary functions designed to meet the intended objective. Determining

the functions needed to meet a specific objective represents the process of developing a

system specification. Detailed system design begins only after the functions have been

identified.

Systems may vary in their complexity structurally and functionally. A system can consist of

hardware, software, and human elements, or a combination of any of these elements to

perform the necessary functions. A system consisting of a single function can be a product,

such as a television set or a software program for lighting controls. A system performing

multiple functions can be a home theatre system or an aircraft. Individual systems with

defined boundaries can be joined together to form a complex set of interacting systems such

as a power distribution network or an internet protocol service.

System specification establishes the envelope and boundary for the system. System structure

is often hierarchical linking subsystems and interacting systems. System specification is

applicable to all systems under the generic definition of system irrespective of its hierarchy. It

does not replace or substitute for use a product specification, which provides specific details

of the product requirements.

The dependability of a system infers that the system is perceived to be trustworthy and has

the ability to provide service upon demand as desirable performance attributes. Such

performance attributes can be achieved through the incorporation of dependability into the

functions. Dependability implies the awareness of user confidence acquired through prior

experience of the system with reliable performance results in meeting user expectations.

This International Standard provides the rationale on the importance of dependability in

system specification by functions. It presents a procedure for determining system

dependability requirements. For generic system operation, the process of determining the

functions needed to meet system dependability objective is described. For specific system

operation, the concept of an operating profile is introduced to establish the requirements of

functions in an environment relevant to the specific system operation. This International

Standard is based on the system model and categorization of functions established in the

IEC 61069 series. Relevant technical processes for the definition and analysis of system

requirements are adopted from ISO/IEC 15288. The procedural steps and processes for

determining system dependability requirements are presented with applicable examples.

IEC 60300-1 and IEC 60300-2 are used to guide dependability management. This

International Standard extends the dependability specification process to address functions as

a prerequisite for system design. It complements IEC 60300-3-4 in specification of

dependability requirements for products and equipment. The technical process for
engineering dependability into systems is described in IEC 60300-3-15.
---------------------- Page: 11 ----------------------
SIST EN 62347:2008
62347 © IEC:2006 – 11 –
GUIDANCE ON SYSTEM DEPENDABILITY SPECIFICATIONS
1 Scope

This International Standard gives guidance on the preparation of system dependability

specifications. It provides a process for system evaluation and presents a procedure for

determining system dependability requirements.

This International Standard is not intended for certification or to perform conformity

assessment for contractual purposes. It is not intended to change any rights or obligations

provided by applicable statutory or regulatory requirements.
2 Normative references

The following referenced documents are indispensable for the application of this document.

For dated references, only the edition cited applies. For undated references, the latest edition

of the referenced document (including any amendments) applies.

IEC 60050(191), International Electrotechnical Vocabulary (IEV) – Chapter 191: Dependability

and quality of service
ISO/IEC 15288, Systems engineering – System life cycle processes
3 Terms and definitions

For the purposes of this document, the terms and definitions given in IEC 60050(191) and the

following apply.
3.1
system
set of interrelated or interacting elements
[ISO 9000:2005, 3.2.1]
NOTE 1 In the context of dependability, a system will have:
• a defined purpose expressed in terms of intended functions;
• stated conditions of operation/use; and
• defined boundaries.
NOTE 2 The structure of a system may be hierarchical.
[IEC 60300-1, 3.6]

NOTE 3 For some systems, such as Information Technology products, data is an important part of the system

elements.
3.2
operating profile
complete set of tasks to achieve a specific system objective

NOTE An operating profile is the sequence of tasks to be performed by the system to achieve its operational

objective. The operating profile represents a specific operating scenario for the system in operation.

---------------------- Page: 12 ----------------------
SIST EN 62347:2008
62347 © IEC:2006 – 13 –
3.3
function

elementary operation performed by the system which, combined with other elementary

operations (system functions), enables the system to perform a task
[IEC 61069-1, definition 2.2.5]

NOTE For some systems, information and data are important parts of the system elements.

3.4
element

combination of components that form the basic building block to perform a distinct function

NOTE An element may comprise hardware, software, information and/or human components.

3.5
influencing condition

condition set forth by external influencing elements and/or other factors that interact with and

affect system performance
NOTE Influencing conditions may also include regulations and constraints.
4 Concepts dealing with system dependability
4.1 Understanding the system
4.1.1 Purpose and objective

A system is designed for a purpose. A system must have a defined objective to achieve its

purpose. The purpose of a home theatre system is to provide cinema-like entertainment in a

home environment. The objectives may include users’ perception of a clear picture vision and

superb sound quality, reliability and safety in operation, and ease of installation and upgrade.

A system may have a specific objective to perform a dedicated task, such as an aircraft

carrying cargo to reach a delivery target. The objectives of a system may include the com-

pletion of a sequence of tasks, such as delivering different payloads to different destinations.

Defining the system to meet its generic or specific objectives is an important prerequisite of

specifying the system requirements.

A system with multiple functions and complex operating scenario often involves external

interacting systems to achieve its objectives. A system may also evolve with time, resulting

from enhancements of its performance capability, to sustain service demands in operation

and for market competition.
4.1.2 System properties and characteristics

A system has a set of properties specifically assigned, selected or designed into the system

to meet its intended objectives. Specific system properties are used to develop the needed

functions to perform the tasks. These properties represent the special features or attributes

inherent in the system. They may be categorized in major groupings as defined in IEC 61069

series. Under each group is a set of characteristics relevant to and dominant in that group.

The functions are derived from those system properties by means of interacting elements

within the system. The interacting elements are designed to provide specific characteristics

capable of delivering the system functions and to carry out the tasks once these functions can

be realized. System characteristics may be qualitative or quantitative. Figure 1 shows an

example of the system characteristics grouped under various system properties.
---------------------- Page: 13 ----------------------
SIST EN 62347:2008
62347 © IEC:2006 – 15 –
System properties

Functionality Performance Operability Dependability Supportability Application specifics

••capa bility •• adequ acy •• a ccess ••availability ••serviceability •• saf ety

capacity precision interface reliability upgradeability security
•• •• •• •• •• ••

••cov erage •• r esponse time •• u ser-friendliness ••maintainability ••disposability •• im munity

••conf igurability •• repeat ability •• si mplicity ••maintenance
••program mability •• ro bustness support
IEC 2131/06
••expa ndability

NOTES Functionality: the extent to which the processing, monitoring and control functions are provided.

Performance: the extent to which the provided functions can be executed under defined operational

and environmental conditions.

Operability: the extent to which information can be effectively communicated via the human interfaces

and established protocols.

Dependability: the extent to which the system can be relied upon to perform its intended functions

under defined operational and environmental conditions at a given instant of time or over a given time

interval.

Supportability: the extent to which the system can be supported and maintained for continual

operation.

Application specifics: the extent to which the system can be designed for risk avoidance and risk

containment, such as security operational measures.
Figure 1 – Example of system properties and related characteristics
4.1.3 Influencing conditions

In order to determine which functions have the selected characteristics appropriate to

achieving a specific objective, it is necessary to define the conditions that the system is

capable of withstanding or meeting the demands and duration of the assigned tasks. The

following areas of influence or domains affecting the system should be considered:

• task requirements imposed on the system;
• human interface with the system;
• process involved with system operation;
• environment to which the system is exposed;
• support services available for the system;
• utilities needed to operate the system;
• external interacting systems;
• constraints and regulations.

A system dependability specification cannot be completed in isolation. It requires the input of

detailed information at the system planning stage to determine how the system is intended to

perform for the entire duration of its defined life. This effort is essential to permit identification

and selection of dependability and other relevant characteristics, and justification for design

trade-off and system optimization.
---------------------- Page: 14 ----------------------
SIST EN 62347:2008
62347 © IEC:2006 – 17 –
4.1.4 Influencing factors

Each influencing condition can be affected by various factors influencing the status of its

condition. For example, the task requirements imposed on the system could be influenced by

factors associated with the nature and duration of the task; the system environment could be

influenced by the temperature and humidity of the system ambience. Influencing factors are

not equal to the extent of their influence. Some factors are more prominent or dominant in the

extent of their influence while others may have less influence or be negligible.

Annex A provides typical examples of influencing factors on system functions to serve as

criteria for evaluation of system dependability characteristics.
4.1.5 Relationships of system properties with influencing conditions

Establishing the relationships of system properties with influencing conditions can help

identify the relevance and criticality of a specific external condition influencing the design of a

function. The identification process will lead to the selection of specific properties and

associated characteristics that are needed for the function. The selected characteristics are

not exclusive to a specific function. The same characteristics may be needed in the design of

other functions. The importance of these characteristics is determined by an iterative process

for evaluation and design trade-off. The results derived from this evaluation can help

determine the system configuration and establish the appropriate system boundaries in

meeting the intended objective. The relevant information and data captured in this evaluation

process will form the basis for specifying the important characteristics in the design of system

functions.

The relationships of system properties with influencing conditions can be used as guidance

for evaluation of system functions. The identification of functions is presented in Annex A to

facilitate determination of relevant dependability characteristics.
4.1.6 Realization of system functions

A system can consist of any combination of hardware, software, and human elements. System

functions can be realized by means of using hardware and/or software in their construction.

Some functions may involve human intervention to achieve their assigned tasks. For new

system development, system functions can be realized through engineering design and

production as described in IEC 60300-3-15 (under consideration). Sometimes it may be more

economical or expedient to modify an existing design or to utilize a commercial-off-the-shelf

(COTS) product to serve as the needed function. Evolving systems often require additional

functions for performance capability enhancement and removal of obsolete functions. In such

a case, the engineering effort would have to deal with legacy issues as described in Annex A.

4.2 System life cycle

A system, irrespective of its size and complexity, follows a life cycle progression from its initial

conception through to its eventual retirement. A system life cycle is generally represented by

a sequence of discrete stages. Each system life cycle stage can be further represented by

sub-stages to facilitate planning, operation and support. A typical system life cycle can consist

of the following identifiable stages as shown in Figure 2.
---------------------- Page: 15 ----------------------
SIST EN 62347:2008
62347 © IEC:2006 – 19 –
System life cycle stages
Concept/ Design/ Realization/ Operation/
Retirement/
Enhancement
Development
Definition Implementation Maintenance
Decommission
IEC 2132/06
Figure 2 – Overview of system life cycle stages
The objective of each life cycle stage is presented as follows:

• Concept/definition: to identify system requirements and develop system specifications.

• Design/development: to conduct preliminary design and develop viable system functions

to meet performance objectives.

• Realization/implementation: to produce, out-source or acquire the system elements in

hardware and software forms for assembly of subsystems suitable for human interactions

as needed in system operation.

• Operation/maintenance: to engage the system for provision of operational service and to

sustain the prescribed level of system performance capability.
• Enhancement: to improve the system performance with additional features.
• Retirement/decommission: to end the existence of the system entity.

The description of system life cycle stages in Figure 2 is viewed from a generic systems

engineering perspective. There
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.