DO-178B & DO-254
DO178B are design assurance standards governing the development of avionics and are recognised and mandated by aviation authorities across the globe. While DO-178B focuses on the development of embedded software and DO-254 covers hardware the principals behind the standards are similar. Both standards require the generation of multiple supporting documents and records as evidence that strict lifecycles have been adhered to. The quantity of items needed for certification and the amount of information that they must contain, is determined by the level of certification being sought. There are five levels of compliance, A-E, which depend on the effect a failure of the system will have on the operation of the aircraft. Level A is the most stringent, defined as "catastrophic", while a failure of Level E hardware will not affect the safety of the aircraft. Meeting Level A compliance for complex electronic hardware requires a much higher level of validation and verification than Level E compliance.
As complex electronic systems are developed the aviation authorities have indicated that should avionics equipment contain both hardware and software, and each is critical to safe operation of aircraft, then the requirements of both DO-178B and DO-254 should be satisfied. Silver Atena has developed both software and hardware applications to all levels of DO-178B and DO-254 standards satisfying even the most stringent requirements at level A.
CENELEC EN 50128 & EN 50129
CENELEC, the European Committee for Electro technical Standardisation, has developed and mandated a set of design assurance standards specific to the development of electronic Railway systems. EN 50128 and EN50129 govern the development processes of software and systems respectively and can be applied to either onboard or trackside equipment. Each standard identifies techniques and measures for 5 levels of safety integrity where 0 is the minimum level and 4 the highest level.
Silver Atena has developed both software and hardware applications to the highest integrity level, SIL 4 for use on mainline, metro and ERTMS (European Rail Traffic Management System) rail networks.
BS IEC 60880-2:2000
The BS IEC 60880-2:2000 governs the development of software for computers important to safety for nuclear power plants; including software aspects of defence against common cause failures, use of software tools and of pre-developed software. The standard states that the integrity of software must be weighted to those parts of the system and to those technical issues that have the highest importance to safety.
ISO 26262 (Functional Safety – Road vehicles) should ensure the functional safety of a system with electrical / electronic components in series production passenger cars with a maximum gross vehicle mass up to 3 500 kg. It is derived from IEC 61508 (standard for electrical, electronic and programmable electronic safety-related systems) and addresses possible hazards caused by malfunctioning behaviour of E/E safety-related systems, including interaction of these systems.
MISRA (Motor Industry Software Reliability Association)
The MISRA project started in 1990 to address the growth of the electronics content of vehicles, including software and provide practical “how to” guidance for developing safe and reliable vehicle electronic systems.
MISRA software standards are a set of guidelines applicable to the authoring of software. Although MISRA standards are not mandated Silver Atena has frequently followed these guidelines on projects both in automotive and aerospace projects, the latter in conjunction with DO-178B.
IEC 61508 is the international standard for electrical, electronic and programmable electronic safety related systems. It sets out the requirements for ensuring that systems are designed, implemented, operated and maintained to provide the required safety integrity level (SIL). Four SILs are defined according to the risks involved in the system application, with SIL 4 being applied for the highest risks. The standard specifies a process that can be followed by all links in the supply chain so that information about the system can be communicated using common terminology and system parameters.