[SystemSafety] Separating critical software modules from non-critical software modules
Peter Bernard Ladkin
ladkin at rvs.uni-bielefeld.de
Tue Jul 23 10:50:49 CEST 2013
On 7/23/13 10:43 AM, Gerry R Creech wrote:
> The analysis of independence would also need to prove that any failure of the SIL 0 software could
> not affect the operation of the safety software.
Yes. IEC 61508 also has a "non-interference" requirement concerning pre-existing SW used in the same
system, and an "impact analysis" requirement to establish the non-interference.
Same caveat, though, as Myriam enunciates: the analysis shall be done, but how is it established
that it is done well?
PBL
Prof. Peter Bernard Ladkin, Faculty of Technology, University of Bielefeld, 33594 Bielefeld, Germany
Tel+msg +49 (0)521 880 7319 www.rvs.uni-bielefeld.de
More information about the systemsafety
mailing list