Functional Safety Standards for Software
|

Merging Standards for Functional Safety – A Step Toward Simplification?

The functional safety landscape for software development is diverse, with various industries adhering to their own specific standards. Recently, efforts to simplify this complexity, such as the new EN 50716:2023 standard for railway applications, have raised important questions. This blog post explores the impact of merging standards like EN 50716, examines the challenges and benefits of harmonization across industries, and considers whether a unified standard could be effective or if tailored, industry-specific standards should remain the norm. We’ll also highlight innotec’s role in shaping the evolution of these standards, particularly through the development of TR 61508-6-1.

In November 2023, CENELEC published the new EN 50716:2023 standard titled “Railway Applications – Requirements for Software Development.” The primary significance of this new standard lies in its consolidation of the two previously existing standards: EN 50128:2011 and EN 50657:2017. EN 50128 was applicable to signaling systems, while EN 50657, derived from EN 50128, was tailored for rolling stock (on-board) systems.

The introduction of EN 50716, with the objective of establishing a unified standard for these two distinct domains (signaling and rolling stock), represents a significant advancement in simplifying the normative landscape related to functional safety and software development.

Understanding the Current Complex Landscape of Functional Safety Software Standards

In today’s industrial environment, software components such as libraries, middleware stacks, and tools are often designed for use across multiple industries. During the development of such critical software, it is not always clear where the software will ultimately be deployed. Will it be integrated into a car, a train, a pacemaker, or even an aircraft?

Meanwhile, each industry has its own set of applicable standards:

  • Software for machinery must adhere to ISO 13849 or IEC 61508, with IEC 61508 serving as a foundational standard for functional safety across various industries, including industrial process control, automotive, and machinery.
  • Software intended for automotive applications must comply with ISO 26262.
  • Software deployed in railway systems must meet the requirements of EN 50716 (and prior to 2023, EN 50128 for signaling systems).
  • Medical device software must fulfil IEC 62304 requirements.

This diversity of standards can be confusing for developers. From an engineering perspective, it might seem unnecessary to have so many different standards. After all, low-level generic software in safety applications must reliably perform the required functions, regardless of whether it is part of a car’s Electronic Control Unit (ECU) or an embedded system in a medical device.

However, each industry comes with its own unique characteristics and peculiarities: varying supply chains, distinct safety cultures, differing team sizes, and so forth. These factors shape the specific regulatory requirements for each industry, making them logically tailored to the unique needs and challenges of their respective fields.

Harmonization: A Positive Development

The introduction of EN 50716 marks a significant step toward harmonization and improved efficiency in the development of safety-related software in the railway sector. By consolidating the standards for signaling and rolling stock systems, the new standard reduces complexity and potential confusion, allowing developers to focus more effectively on ensuring that software meets safety requirements.

In other industries, the diversity of standards, while potentially overwhelming, can also be beneficial when approached with the right mindset. Different standards often provide varied perspectives on achieving the same goal—ensuring software functions correctly and proving this correctness through evidence. For instance, the specification of software requirements is formulated slightly differently across various standards. Some strongly recommend formal methods, while others merely suggest them. Terminology for required work products may vary as well. Despite these differences, the core objective remains the same: accurately defining software requirements is crucial, regardless of whether the software will be used in a car or a train.

Examples from Other Industries

A closer look at other industries further illustrates how varying standards influence software development to meet specific safety needs. In theory, a single, unified standard could serve multiple industries, simplifying the regulatory landscape. However, the practical challenges of such an approach are significant due to the unique requirements of each sector.

In the aviation industry, the DO-178C standard governs software for airborne systems, emphasizing rigorous documentation and testing due to the high stakes of aviation safety. While DO-178C shares common principles with standards like ISO 26262, it incorporates additional scrutiny unique to aerospace.

Similarly, the nuclear industry follows IEC 61513, which outlines stringent requirements for safety-critical instrumentation and control systems. The potential consequences of failures in this sector demand a unique approach to software development, with a strong emphasis on robustness and fail-safes.

In the medical device sector, IEC 62304 guides the software development process, with a focus on risk management and traceability to ensure patient safety. This standard is vital for software in life-sustaining devices, where malfunctions could have direct health impacts.

The automotive industry relies on ISO 26262 to manage the functional safety of electronic systems in vehicles. This standard addresses challenges specific to the automotive sector, such as managing hardware-software interactions and ensuring the safety of autonomous driving features.

In industrial automation, standards like IEC 61508 and ISO 13849 are applied to ensure the safety of machinery control systems. These standards emphasize reliability and redundancy, critical for maintaining safe operations in manufacturing environments.

Lastly, the energy sector follows standards such as IEC 61850 and IEC 61508 for power generation and distribution systems. Given the critical nature of energy infrastructure, these standards focus on ensuring cybersecurity, real-time operation, and robust software performance to prevent widespread outages and safety hazards.

These examples highlight how different industries adopt and adapt standards to address their unique safety challenges, balancing the benefits of harmonization with the need for tailored approaches to software development.

Conclusion: A Balanced Approach to Standards

While the unification of standards within specific industries, as seen with EN 50716, can simplify the regulatory environment and reduce the burden on developers, the existence of diverse standards across different sectors also holds value. Each industry’s standards are shaped by its unique demands and safety concerns, offering tailored guidance that helps ensure the development of reliable, safe software. The debate over whether it is better to harmonize and merge standards or to maintain different standards across industries is complex and depends on various factors.

Advantages of Harmonizing/Merging Standards:

  1. Simplification: Harmonized standards reduce complexity, making it easier for developers and companies to comply with regulatory requirements across multiple industries. This can lead to cost savings and efficiency gains.
  2. Cross-Industry Application: A unified standard allows for broader applicability, meaning that software components developed for one industry can more easily be adapted for use in another.
  3. Global Consistency: Harmonized standards promote consistency in safety practices across different regions and industries, facilitating international trade and collaboration.

Advantages of Maintaining Different Standards:

  1. Industry-Specific Requirements: Different industries have unique safety, operational, and regulatory needs. Tailored standards can better address these specific requirements, ensuring a higher level of safety and functionality.
  2. Flexibility: Having different standards allows each industry to evolve its guidelines according to its own technological advancements and safety challenges, without being constrained by a one-size-fits-all approach.
  3. Innovation: Industry-specific standards can encourage innovation by allowing for customized solutions that are optimized for the demands of that sector.

The general opinion tends to be divided. Many experts advocate for harmonization where it makes sense, especially in areas where cross-industry software components are common, as it can reduce redundancy and confusion. However, there is also a strong case for maintaining industry-specific standards, especially in highly specialized fields like aerospace, nuclear, and medical devices, where the risks and operational contexts are significantly different.

In practice, a balanced approach is often favored—harmonizing standards where possible but allowing for industry-specific requirements where necessary. This ensures both efficiency and the ability to address the unique challenges of each sector.


innotec’s involvement in the Evolution of Standards: TR 61508-6-1

Recognizing the importance of evolving and adapting standards, innotec has actively supported the development of the draft TR 61508-6-1, which is currently in publication. This technical report aims to provide guidance on applying IEC 61508 across various industries, highlighting practical examples and addressing emerging challenges in functional safety software development. Innotec’s involvement in this activity underscores our commitment to advancing the field of functional safety and contributing to the development of standards that enhance safety across multiple sectors.

Have a look at our consulting and training offer or feel free to contact us at any time.

Similar Posts