Functional safety of electrical/electronic/programmable electronic safety-related systems - Part 3: Software requirements (IEC 61508-3:2010)

1.1 This part of the IEC 61508 series
a) is intended to be utilized only after a thorough understanding of IEC 61508-1 and IEC 61508-2;
b) applies to any software forming part of a safety-related system or used to develop a safety-related system within the scope of IEC 61508-1 and IEC 61508-2. Such software is termed safety-related software (including operating systems, system software, software in communication networks, human-computer interface functions, and firmware as well as application software);
c) provides specific requirements applicable to support tools used to develop and configure a safety-related system within the scope of IEC 61508-1 and IEC 61508-2;
d) requires that the software safety functions and software systematic capability are specified; NOTE 1 If this has already been done as part of the specification of the E/E/PE safety-related  systems (see 7.2 of IEC 61508-2), then it does not have to be repeated in this part.
NOTE 2 Specifying the software safety functions and software systematic capability is an iterative procedure; see Figures 3 and 6.
NOTE 3 See Clause 5 and Annex A of IEC 61508-1 for documentation structure. The documentation structure may take account of company procedures, and of the working practices of specific application sectors.
NOTE 4 Note: See 3.5.9 of IEC 61508-4 for definition of the term "systematic capability".
e) establishes requirements for safety lifecycle phases and activities which shall be applied during the design and development of the safety-related software (the software safety lifecycle model). These requirements include the application of measures and techniques, which are graded against the required systematic capability, for the avoidance of and control of faults and failures in the software;
f) provides requirements for information relating to the software aspects of system safety validation to be passed to the organisation carrying out the E/E/PE system integration;
g) provides requirements for the preparation of information and procedures concerning software needed by the user for the operation and maintenance of the E/E/PE safetyrelated system;
h) provides requirements to be met by the organisation carrying out modifications to safetyrelated
software;
i) provides, in conjunction with IEC 61508-1 and IEC 61508-2, requirements for support tools such as development and design tools, language translators, testing and debugging tools, configuration management tools;
NOTE 4 Figure 5 shows the relationship between IEC 61508-2 and IEC 61508-3.
j) Does not apply for medical equipment in compliance with the IEC 60601 series.
1.2 IEC 61508-1, IEC 61598-2, IEC 61508-3 and IEC 61508-4 are basic safety publications, although this status does not apply in the context of low complexity E/E/PE safety-related systems (see 3.4.3 of IEC 61508-4). As basic safety publications, they are intended for use by technical committees in the preparation of standards in accordance with the principles contained in IEC Guide 104 and ISO/IEC Guide 51. IEC 61508-1, IEC 61508-2, IEC 61508-3 and IEC 61508-4 are also intended for use as stand-alone publications. The horizontal safety function of this international standard does not apply to medical equipment in compliance with the IEC 60601 series.
1.3 One of the responsibilities of a technical committee is, wherever applicable, to make use of basic safety publications in the preparation of its publications. In this context, the requirements, test methods or test conditions of this basic safety publication will not apply unless specifically referred to or included in the publications prepared by those technical committees.
1.4 Figure 1 shows the overall framework of the IEC 61508 series and indicates the role that IEC 61508-3 plays in the achievement of functional safety for E/E/PE safety-related systems.

Funktionale Sicherheit sicherheitsbezogener elektrischer/elektronischer/programmierbarer elektronischer Systeme - Teil 3: Anforderungen an Software (IEC 61508-3:2010)

Sécurité fonctionnelle des systèmes électriques/électroniques/électroniques programmables relatifs à la sécurité - Partie 3: Prescriptions concernant les logiciels CEI 61508-3:2010)

La CEI 61508-3:2010 s'applique à tout logiciel faisant partie intégrante d'un système relatif à la sécurité ou utilisé pour développer un système relatif à la sécurité entrant dans le domaine d'application de la CEI 61508-1 et de la CEI 61508-2. Ce type de logiciel est désigné par le terme 'logiciel de sécurité'; fournit des exigences spécifiques applicables aux outils de support utilisés pour développer et configurer un système relatif à la sécurité dans le cadre du domaine d'application de la CEI 61508-1 et de la CEI 61508-2; nécessite que les fonctions de sécurité du logiciel et la capabilité systématique du logiciel soient précisées; établit des exigences concernant les phases et activités du cycle de vie de sécurité qui doivent être appliquées durant la conception et le développement du logiciel de sécurité. Ces exigences comprennent l'application de mesures et de techniques qui suivent une gradation basée sur la capabilité systématique requise, afin d'éviter et de maîtriser les anomalies et défaillances du logiciel; fournit les exigences pour les informations relatives aux aspects du logiciel applicables à la validation de la sécurité du système et devant être transmises à l'organisation en charge de l'intégration du système E/E/PE; fournit les exigences pour la préparation des informations et procédures concernant le logiciel requises par l'utilisateur pour le fonctionnement et la maintenance d'un système E/E/PE relatif à la sécurité; fournit les exigences devant être observées par l'organisation en charge des modifications du logiciel de sécurité; fournit, en accord avec la CEI 61508-1 et la CEI 61508-2, les exigences pour les outils de support tels que les outils de conception et développement, les traducteurs de langage, les outils d'essai et de mise au point et les outils de gestion de configuration; Cette deuxième édition annule et remplace la première édition publiée en 1998 dont elle constitue une révision technique. Elle a fait l'objet d'une révision approfondie et intègre de nombreux commentaires reçus lors des différentes phases de révision. Elle a le statut d'une publication fondamentale de sécurité conformément au Guide CEI 104.

Funkcijska varnost električnih/elektronskih/elektronsko programirljivih varnostnih sistemov - 3. del: Programske zahteve (IEC 61508-3:2010)

1.1 Ta del serije IEC 61508
a) je namenjen uporabi šele po temeljitem razumevanju IEC 61508-1 in IEC 61508-2;
b) velja za vso programsko opremo, ki je sestavni del varnostnega sistema ali ki se uporablja za razvoj varnostnega sistema v okviru IEC 61508-1 in IEC 61508-2. Taka programska oprema se imenuje varnostna programska oprema (vključuje operacijske sisteme, sistemsko programsko opremo, programsko opremo v komunikacijskih omrežjih, vmesniške funkcije človek-računalnik ter sistemske programe in uporabniško programsko opremo);
c) zagotavlja posebne zahteve, ki veljajo za podporna orodja, ki se uporabljajo za razvoj in konfiguracijo varnostnega sistema v okviru IEC 61508-1 in IEC 61508-2;
d) zahteva, da se opredelijo programske varnostne funkcije in sistemska zmogljivost programske opreme; OPOMBA 1: Če je to že opredeljeno kot del specifikacije varnostnih sistemov E/E/PE (glej točko 7.2 IEC 61508-2), v tem delu tega ni treba ponoviti.
OPOMBA 2: Opredelitev programskih varnostnih funkcij in sistemske zmogljivosti programske opreme je iterativen postopek; glej sliki 3 in 6.
OPOMBA 3: Za strukturo dokumentacije glej klavzulo 5 in dodatek A IEC 61508-1. Struktura dokumentacije lahko upošteva postopke podjetja in delovne postopke določenega applikacijskega sektorja.
OPOMBA 4: Pojasnilo: Za opredelitev izraza »sistemska zmogljivost» glej točko 3.5.9 IEC 61508-4;
e) vzpostavlja zahteve za faze in aktivnosti varnostnega cikla, ki se uporabijo med projektiranjem in razvojem varnostne programske opreme (model varnostnega cikla programske opreme). Te zahteve vključujejo uporabo tehnik in ukrepov, razvrščenih glede na zahtevano sistemsko zmogljivost, ki so namenjeni preprečevanju in nadzoru napak in okvar programske opreme;
f) zagotavlja zahteve za informacije v zvezi z vidiki programske opreme za validacijo varnosti sistema, namenjene organizaciji, ki izvaja integracijo sistemov E/E/PE;
g) zagotavlja zahteve za pripravo informacij in postopkov v zvezi s programsko opremo, ki jo potrebuje uporabnik za upravljanje in vzdrževanje varnostnih sistemov E/E/PE;
h) zagotavlja zahteve, ki jih mora izpolnjevati organizacija, ki izvaja spremembe varnostnih sistemov;
i) v povezavi z IEC 61508-1 in IEC 61508-2 zagotavlja zahteve za podporna orodja, kot so orodja za razvoj in projektiranje, jezikovni prevajalniki, orodja za preskušanje ter iskanje in odpravljanje napak, orodja za upravljanje konfiguracije;
OPOMBA 4: Slika 5 prikazuje razmerje med IEC 61508-2 in IEC 61508-3.
j) Ne velja za medicinsko opremo v skladu s serijo IEC 60601.
1.2 IEC 61508-1, IEC 61598-2, IEC 61508-3 in IEC 61508-4 so osnovne varnostne objave, čeprav ta status ne velja v okviru nezapletenih varnostnih sistemov E/E/PE (glej točko 3.4.3 IEC 61508-4). Kot osnovne varnostne objave so namenjeni temu, da jih uporabljajo tehnični odbori pri pripravi standardov v skladu z načeli, opredeljenimi v Vodilu IEC 104 in Vodilu ISO/IEC 51. IEC 61508-1, IEC 61508-2, IEC 61508-3 in IEC 61508-4 se lahko uporabljajo tudi kot samostojne objave. Horizontalno varnostno delovanje tega mednarodnega standarda ne velja za medicinsko opremo v skladu s serijo IEC 60601.
1.3 Ena od odgovornosti tehničnega odbora je, če je primerno, da uporabi temeljne varnostne objave pri pripravi svojih objav. V tem okviru zahteve, preskusne metode ali preskusni pogoji te temeljne varnostne objave ne veljajo, razen če se objave, ki so jih pripravili tehnični odbori, nanje izrecno sklicujejo ali jih vključujejo.
1.4 Slika 1 prikazuje celoten okvir serije IEC 61508 in nakazuje vlogo IEC 61508-3 pri doseganju funkcijske varnosti E/E/PE-varnostnih sistemov.

General Information

Status
Published
Publication Date
11-Apr-2011
Current Stage
6060 - National Implementation/Publication (Adopted Project)
Start Date
06-Apr-2011
Due Date
11-Jun-2011
Completion Date
12-Apr-2011

Relations

Buy Standard

Standard
EN 61508-3:2011
English language
114 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day

Standards Content (Sample)

SLOVENSKI STANDARD
SIST EN 61508-3:2011
01-maj-2011
1DGRPHãþD
SIST EN 61508-3:2007
)XQNFLMVNDYDUQRVWHOHNWULþQLKHOHNWURQVNLKHOHNWURQVNRSURJUDPLUOMLYLKYDUQRVWQLK
VLVWHPRYGHO3URJUDPVNH]DKWHYH ,(&
Functional safety of electrical/electronic/programmable electronic safety-related systems
- Part 3: Software requirements (IEC 61508-3:2010)
Funktionale Sicherheit sicherheitsbezogener
elektrischer/elektronischer/programmierbarer elektronischer Systeme - Teil 3:
Anforderungen an Software (IEC 61508-3:2010)
Sécurité fonctionnelle des systèmes électriques/électroniques/électroniques
programmables relatifs à la sécurité - Partie 3: Prescriptions concernant les logiciels CEI
61508-3:2010)
Ta slovenski standard je istoveten z: EN 61508-3:2010
ICS:
25.040.40 Merjenje in krmiljenje Industrial process
industrijskih postopkov measurement and control
SIST EN 61508-3:2011 en
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

---------------------- Page: 1 ----------------------

SIST EN 61508-3:2011

---------------------- Page: 2 ----------------------

SIST EN 61508-3:2011

EUROPEAN STANDARD
EN 61508-3

NORME EUROPÉENNE
May 2010
EUROPÄISCHE NORM

ICS 25.040.40 Supersedes EN 61508-3:2001


English version


Functional safety of electrical/electronic/programmable electronic
safety-related systems -
Part 3: Software requirements
(IEC 61508-3:2010)


Sécurité fonctionnelle des systèmes Funktionale Sicherheit sicherheitsbezogener
électriques/électroniques/électroniques elektrischer/elektronischer/programmierbarer
programmables relatifs à la sécurité - elektronischer Systeme -
Partie 3: Exigences concernant Teil 3: Anforderungen an Software
les logiciels (IEC 61508-3:2010)
(CEI 61508-3:2010)




This European Standard was approved by CENELEC on 2010-05-01. CENELEC members are bound to comply
with the CEN/CENELEC Internal Regulations which stipulate the conditions for giving this European Standard
the status of a national standard without any alteration.

Up-to-date lists and bibliographical references concerning such national standards may be obtained on
application to the Central Secretariat or to any CENELEC member.

This European Standard exists in three official versions (English, French, German). A version in any other
language made by translation under the responsibility of a CENELEC member into its own language and notified
to the Central Secretariat has the same status as the official versions.

CENELEC members are the national electrotechnical committees of Austria, Belgium, Bulgaria, Croatia, Cyprus,
the Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy,
Latvia, Lithuania, Luxembourg, Malta, the Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia,
Spain, Sweden, Switzerland and the United Kingdom.

CENELEC
European Committee for Electrotechnical Standardization
Comité Européen de Normalisation Electrotechnique
Europäisches Komitee für Elektrotechnische Normung

Management Centre: Avenue Marnix 17, B - 1000 Brussels


© 2010 CENELEC - All rights of exploitation in any form and by any means reserved worldwide for CENELEC members.
Ref. No. EN 61508-3:2010 E

---------------------- Page: 3 ----------------------

SIST EN 61508-3:2011
EN 61508-3:2010 - 2 -
Foreword
The text of document 65A/550/FDIS, future edition 2 of IEC 61508-3, prepared by SC 65A, System
aspects, of IEC TC 65, Industrial-process measurement, control and automation, was submitted to the
IEC-CENELEC parallel vote and was approved by CENELEC as EN 61508-3 on 2010-05-01.
This European Standard supersedes EN 61508-3:2001.
It has the status of a basic safety publication according to IEC Guide 104.
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. CEN and CENELEC shall not be held responsible for identifying any or all such patent
rights.
The following dates were fixed:
– latest date by which the EN has to be implemented
at national level by publication of an identical
national standard or by endorsement (dop) 2011-02-01
– latest date by which the national standards conflicting
with the EN have to be withdrawn (dow) 2013-05-01
Annex ZA has been added by CENELEC.
__________
Endorsement notice
The text of the International Standard IEC 61508-3:2010 was approved by CENELEC as a European
Standard without any modification.
In the official version, for Bibliography, the following notes have to be added for the standards indicated:
[1] IEC 61511 series NOTE  Harmonized in EN 61511 series (not modified).
[2] IEC 62061 NOTE  Harmonized as EN 62061.
[3] IEC 61800-5-2 NOTE  Harmonized as EN 61800-5-2.
[4] IEC 61508-5:2010 NOTE  Harmonized as EN 61508-5:2010 (not modified).
[5] IEC 61508-6:2010 NOTE  Harmonized as EN 61508-6:2010 (not modified).
[6] IEC 61508-7:2010 NOTE  Harmonized as EN 61508-7:2010 (not modified).
[7] IEC 60601 series NOTE  Harmonized in 60601 series (partially modified).
[8] IEC 61131-3 NOTE  Harmonized as EN 61131-3.
__________

---------------------- Page: 4 ----------------------

SIST EN 61508-3:2011
- 3 - EN 61508-3:2010
Annex ZA
(normative)

Normative references to international publications
with their corresponding European publications

The following referenced documents are indispensable for the application of this document. For dated
references, only the edition cited applies. For undated references, the latest edition of the referenced
document (including any amendments) applies.

NOTE  When an international publication has been modified by common modifications, indicated by (mod), the relevant EN/HD
applies.

Publication Year Title EN/HD Year

IEC 61508-1 2010 Functional safety of EN 61508-1 2010
electrical/electronic/programmable electronic
safety-related systems -
Part 1: General requirements


IEC 61508-2 2010 Functional safety of EN 61508-2 2010
electrical/electronic/programmable electronic
safety-related systems -
Part 2: Requirements for
electrical/electronic/programmable electronic
safety-related systems


IEC 61508-4 2010 Functional safety of EN 61508-4 2010
electrical/electronic/programmable electronic
safety-related systems -
Part 4: Definitions and abbreviations


IEC Guide 104 1997 The preparation of safety publications and the - -
use of basic safety publications and group
safety publications


ISO/IEC Guide 51 1999 Safety aspects - Guidelines for their inclusion - -
in standards

---------------------- Page: 5 ----------------------

SIST EN 61508-3:2011

---------------------- Page: 6 ----------------------

SIST EN 61508-3:2011
IEC 61508-3
®
Edition 2.0 2010-04
INTERNATIONAL
STANDARD
NORME
INTERNATIONALE
BASIC SAFETY PUBLICATION
PUBLICATION FONDAMENTALE DE SÉCURITÉ
Functional safety of electrical/electronic/programmable electronic safety-related
systems –
Part 3: Software requirements

Sécurité fonctionnelle des systèmes électriques/électroniques/électroniques
programmables relatifs à la sécurité –
Partie 3: Exigences concernant les logiciels

INTERNATIONAL
ELECTROTECHNICAL
COMMISSION
COMMISSION
ELECTROTECHNIQUE
PRICE CODE
INTERNATIONALE
XE
CODE PRIX
ICS 25.040.40 ISBN 978-2-88910-526-7
® Registered trademark of the International Electrotechnical Commission
Marque déposée de la Commission Electrotechnique Internationale

---------------------- Page: 7 ----------------------

SIST EN 61508-3:2011
– 2 – 61508-3 © IEC:2010
CONTENTS
FOREWORD.5
INTRODUCTION.7
1 Scope.9
2 Normative references .12
3 Definitions and abbreviations.13
4 Conformance to this standard.13
5 Documentation .13
6 Additional requirements for management of safety-related software .13
6.1 Objectives .13
6.2 Requirements.13
7 Software safety lifecycle requirements.14
7.1 General .14
7.1.1 Objective .14
7.1.2 Requirements .14
7.2 Software safety requirements specification.21
7.2.1 Objectives .21
7.2.2 Requirements .21
7.3 Validation plan for software aspects of system safety.24
7.3.1 Objective .24
7.3.2 Requirements .24
7.4 Software design and development.25
7.4.1 Objectives .25
7.4.2 General requirements .26
7.4.3 Requirements for software architecture design .29
7.4.4 Requirements for support tools, including programming languages.30
7.4.5 Requirements for detailed design and development – software
system design .33
7.4.6 Requirements for code implementation.34
7.4.7 Requirements for software module testing .35
7.4.8 Requirements for software integration testing .35
7.5 Programmable electronics integration (hardware and software) .36
7.5.1 Objectives .36
7.5.2 Requirements .36
7.6 Software operation and modification procedures .37
7.6.1 Objective .37
7.6.2 Requirements .37
7.7 Software aspects of system safety validation.37
7.7.1 Objective .37
7.7.2 Requirements .38
7.8 Software modification .39
7.8.1 Objective .39
7.8.2 Requirements .39
7.9 Software verification.41
7.9.1 Objective .41
7.9.2 Requirements .41
8 Functional safety assessment.44

---------------------- Page: 8 ----------------------

SIST EN 61508-3:2011
61508-3 © IEC:2010 – 3 –
Annex A (normative) Guide to the selection of techniques and measures.46
Annex B (informative) Detailed tables .55
Annex C (informative) Properties for software systematic capability.60
Annex D (normative) Safety manual for compliant items – additional requirements for
software elements.97
Annex E (informative) Relationships between IEC 61508-2 and IEC 61508-3.100
Annex F (informative) Techniques for achieving non-interference between software
elements on a single computer .102
Annex G (informative) Guidance for tailoring lifecycles associated with data driven
systems .107
Bibliography.111

Figure 1 – Overall framework of the IEC 61508 series .11
Figure 2 – Overall safety lifecycle .12
Figure 3 – E/E/PE system safety lifecycle (in realisation phase).16
Figure 4 – Software safety lifecycle (in realisation phase).16
Figure 5 – Relationship and scope for IEC 61508-2 and IEC 61508-3 .17
Figure 6 – Software systematic capability and the development lifecycle (the V-model) .17
Figure G.1 – Variability in complexity of data driven systems .108

Table 1 – Software safety lifecycle – overview .18
Table A.1 – Software safety requirements specification .47
Table A.2 – Software design and development – software architecture design .48
Table A.3 – Software design and development – support tools and programming
language.49
Table A.4 – Software design and development – detailed design .50
Table A.5 – Software design and development – software module testing and
integration .51
Table A.6 – Programmable electronics integration (hardware and software).51
Table A.7 – Software aspects of system safety validation .52
Table A.8 – Modification .52
Table A.9 – Software verification .53
Table A.10 – Functional safety assessment .54
Table B.1 – Design and coding standards .55
Table B.2 – Dynamic analysis and testing.56
Table B.3 – Functional and black-box testing .56
Table B.4 – Failure analysis.57
Table B.5 – Modelling .57
Table B.6 – Performance testing.58
Table B.7 – Semi-formal methods .58
Table B.8 – Static analysis.59
Table B.9 – Modular approach .59
Table C.1 – Properties for systematic safety integrity – Software safety requirements
specification .64

---------------------- Page: 9 ----------------------

SIST EN 61508-3:2011
– 4 – 61508-3 © IEC:2010
Table C.2 – Properties for systematic safety integrity – Software design and
development – software Architecture Design .67
Table C.3 – Properties for systematic safety integrity – Software design and
development – support tools and programming language.76
Table C.4 – Properties for systematic safety integrity – Software design and
development – detailed design (includes software system design, software module
design and coding) .77
Table C.5 – Properties for systematic safety integrity – Software design and
development – software module testing and integration .79
Table C.6 – Properties for systematic safety integrity – Programmable electronics
integration (hardware and software).81
Table C.7 – Properties for systematic safety integrity – Software aspects of system
safety validation.82
Table C.8 – Properties for systematic safety integrity – Software modification .83
Table C.9 – Properties for systematic safety integrity – Software verification .85
Table C.10 – Properties for systematic safety integrity – Functional safety assessment .86
Table C.11 – Detailed properties – Design and coding standards.87
Table C.12 – Detailed properties – Dynamic analysis and testing .89
Table C.13 – Detailed properties – Functional and black-box testing.90
Table C.14 – Detailed properties – Failure analysis .91
Table C.15 – Detailed properties – Modelling.92
Table C.16 – Detailed properties – Performance testing .93
Table C.17 – Detailed properties – Semi-formal methods.94
Table C.18 – Properties for systematic safety integrity – Static analysis .95
Table C.19 – Detailed properties – Modular approach.96
Table E.1 – Categories of IEC 61508-2 requirements.100
Table E.2 – Requirements of IEC 61508-2 for software and their typical relevance to
certain types of software.100
Table F.1 – Module coupling – definition of terms .104
Table F.2 – Types of module coupling.105

---------------------- Page: 10 ----------------------

SIST EN 61508-3:2011
61508-3 © IEC:2010 – 5 –
INTERNATIONAL ELECTROTECHNICAL COMMISSION
____________

FUNCTIONAL SAFETY OF ELECTRICAL/ELECTRONIC/
PROGRAMMABLE ELECTRONIC SAFETY-RELATED SYSTEMS –

Part 3: Software requirements


FOREWORD
1) The International Electrotechnical Commission (IEC) is a worldwide organization for standardization comprising
all national electrotechnical committees (IEC National Committees). The object of IEC is to promote
international co-operation on all questions concerning standardization in the electrical and electronic fields. To
this end and in addition to other activities, IEC publishes International Standards, Technical Specifications,
Technical Reports, Publicly Available Specifications (PAS) and Guides (hereafter referred to as “IEC
Publication(s)”). Their preparation is entrusted to technical committees; any IEC National Committee interested
in the subject dealt with may participate in this preparatory work. International, governmental and non-
governmental organizations liaising with the IEC also participate in this preparation. IEC collaborates closely
with the International Organization for Standardization (ISO) in accordance with conditions determined by
agreement between the two organizations.
2) The formal decisions or agreements of IEC on technical matters express, as nearly as possible, an international
consensus of opinion on the relevant subjects since each technical committee has representation from all
interested IEC National Committees.
3) IEC Publications have the form of recommendations for international use and are accepted by IEC National
Committees in that sense. While all reasonable efforts are made to ensure that the technical content of IEC
Publications is accurate, IEC cannot be held responsible for the way in which they are used or for any
misinterpretation by any end user.
4) In order to promote international uniformity, IEC National Committees undertake to apply IEC Publications
transparently to the maximum extent possible in their national and regional publications. Any divergence
between any IEC Publication and the corresponding national or regional publication shall be clearly indicated in
the latter.
5) IEC itself does not provide any attestation of conformity. Independent certification bodies provide conformity
assessment services and, in some areas, access to IEC marks of conformity. IEC is not responsible for any
services carried out by independent certification bodies.
6) All users should ensure that they have the latest edition of this publication.
7) No liability shall attach to IEC or its directors, employees, servants or agents including individual experts and
members of its technical committees and IEC National Committees for any personal injury, property damage or
other damage of any nature whatsoever, whether direct or indirect, or for costs (including legal fees) and
expenses arising out of the publication, use of, or reliance upon, this IEC Publication or any other IEC
Publications.
8) Attention is drawn to the Normative references cited in this publication. Use of the referenced publications is
indispensable for the correct application of this publication.
9) Attention is drawn to the possibility that some of the elements of this IEC Publication may be the subject of
patent rights. IEC shall not be held responsible for identifying any or all such patent rights.
International Standard IEC 61508-3 has been prepared by subcommittee 65A: System
aspects, of IEC technical committee 65: Industrial-process measurement, control and
automation.
This second edition cancels and replaces the first edition published in 1998. This edition
constitutes a technical revision.
This edition has been subject to a thorough review and incorporates many comments received
at the various revision stages.
It has the status of a basic safety publication according to IEC Guide 104.

---------------------- Page: 11 ----------------------

SIST EN 61508-3:2011
– 6 – 61508-3 © IEC:2010
The text of this standard is based on the following documents:
FDIS Report on voting
65A/550/FDIS 65A/574/RVD
Full information on the voting for the approval of this standard can be found in the report on
voting indicated in the above table.
This publication has been drafted in accordance with the ISO/IEC Directives, Part 2.
A list of all parts of the IEC 61508 series, published under the general title Functional safety
of electrical / electronic / programmable electronic safety-related systems, can be found on
the IEC website.
The committee has decided that the contents of this publication will remain unchanged until
the stability date indicated on the IEC web site under "http://webstore.iec.ch" in the data
related to the specific publication. At this date, the publication will be
• reconfirmed,
• withdrawn,
• replaced by a revised edition, or
• amended.

---------------------- Page: 12 ----------------------

SIST EN 61508-3:2011
61508-3 © IEC:2010 – 7 –
INTRODUCTION
Systems comprised of electrical and/or electronic elements have been used for many years to
perform safety functions in most application sectors. Computer-based systems (generically
referred to as programmable electronic systems) are being used in all application sectors to
perform non-safety functions and, increasingly, to perform safety functions. If computer
system technology is to be effectively and safely exploited, it is essential that those
responsible for making decisions have sufficient guidance on the safety aspects on which to
make these decisions.
This International Standard sets out a generic approach for all safety lifecycle activities for
systems comprised of electrical and/or electronic and/or programmable electronic (E/E/PE)
elements that are used to perform safety functions. This unified approach has been adopted
in order that a rational and consistent technical policy be developed for all electrically-based
safety-related systems. A major objective is to facilitate the development of product and
application sector international standards based on the IEC 61508 series.
NOTE 1 Examples of product and application sector international standards based on the IEC 61508 series are
given in the bibliography (see references [1], [2] and [3]).
In most situations, safety is achieved by a number of systems which rely on many
technologies (for example mechanical, hydraulic, pneumatic, electrical, electronic, programmable
electronic). Any safety strategy must therefore consider not only all the elements within an
individual system (for example sensors, controlling devices and actuators) but also all the
safety-related systems making up the total combination of safety-related systems. Therefore,
while this International Standard is concerned with E/E/PE safety-related systems, it may also
provide a framework within which safety-related systems based on other technologies may be
considered.
It is recognized that there is a great variety of applications using E/E/PE safety-related
systems in a variety of application sectors and covering a wide range of complexity, hazard
and risk potentials. In any particular application, the required safety measures will be
dependent on many factors specific to the application. This International Standard, by being
generic, will enable such measures to be formulated in future product and application sector
international standards and in revisions of those that already exist.
This International Standard
– considers all relevant overall, E/E/PE system and software safety lifecycle phases (for
example, from initial concept, through design, implementation, operation and maintenance
to decommissioning) when E/E/PE systems are used to perform safety functions;
– has been conceived with a rapidly developing technology in mind; the framework is
sufficiently robust and comprehensive to cater for future developments;
– enables product and application sector international standards, dealing with E/E/PE
safety-related systems, to be developed; the development of product and application
sector international standards, within the framework of this standard, should lead to a high
level of consistency (for example, of underlying principles, terminology etc.) both within
application sectors and across application sectors; this will have both safety and economic
benefits;
– provides a method for the development of the safety requirements specification necessary
to achieve the required functional safety for E/E/PE safety-related systems;
– adopts a risk-based approach by which the safety integrity r
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.