Every good software developer in the off-highway industry codes with safety in mind, right? So, what’s all this functional safety stuff about and why do we need to know it? DISTek continuously strives to stay on top of things like this, and recently DISTek engineers were lucky enough to get answers to all their functional safety questions in a 3-day training session. We received training on Functional Safety Standards ISO 13849 and ISO 25119 by the experts at UL. Being familiar with these standards will help us add structure and consistency to our software engineering work on safety-critical systems.
The three days of training were packed full of information. Both standards cover a lot and we wanted to be exposed to all of it. We covered everything from hazard evaluation to software development and testing. Considering DISTek’s position as embedded software experts, we were particularly interested in how these standards impact the approach to embedded software development.
Among several other things, the training introduced us to the following concepts:
- HARA: Hazard Analysis and Risk Assessment and how a HARA is conducted and evaluated.
- AgPL: Required Agricultural Performance Level and how it is determined by the combination of the severity (S), exposure (E), and controllability (C) values for each identified hazardous situation in the HARA. The required performance level specifies the ability of safety-related parts of control systems to perform each safety-related function under foreseeable conditions.
- Cat: Hardware Category classification of the safety-related parts of a control system with respect to its resistance to dangerous failures, considering the subsequent behavior in the fault condition, which is achieved by the structural arrangement (architecture) of the parts. The Cat is expressed as B, 1, 2, 3, or 4.
- DC: Diagnostic Coverage which is the measure of the effectiveness of diagnostics as the ratio between the failure rate of detected dangerous failures and the failure rate of total dangerous failures expressed as None, Low, Medium, and High.
- MTTFd: Mean Time to Dangerous Failure is the average value of the expected time to a dangerous failure.
- SRL: Software Requirement Level is the ability of safety-related parts to perform a software safety-related function under foreseeable conditions. The SRL is categorized into four groups: B, 1, 2, and 3.
Our software development teams have now been exposed to the standards and they understand the concepts and approaches involved to creating embedded software while meeting these standards. Using our software development knowledge and exposure to Functional Safety (FuSa) will help us understand the “why, how, and what” of our customers’ needs to develop software to meet their functional safety requirements.
As autonomous operation controlled by programmable electronic systems continues to remove the machine operator from direct machine control, FuSa standards such as ISO 25119 and ISO 26262 provide a consistent approach to the assessment, design, and verification, for all safety-critical life cycle activities. As an embedded software development company, DISTek is embracing the challenges of software to meet these FuSa standards. The training we received was a great introduction into the history, hazard identification & ranking, and performance level identification of FuSa. Going forward, we will continue to use the FuSa standards to better understand and refine our software development processes and development methodologies.