• Twitter
  • LinkedIn
  • Xing
+49 7353 981781
Heicon Ulm
  • HOME
  • COMPANY
  • PRODUCTS
  • HEICON BLOG
  • English
    • Deutsch
    • English
  • Menu Menu
You are here: Home1 / FuSa_Railway2 / EN 50128 Functional Safety in the railway industry

EN 50128 Functional Safety in the railway industry

FuSa_Railway

The EN 50128 Functional Safety standard describes together with the EN 50126 and EN 50129 the functional safety in the railway industry. These standards implement the IEC61508 for this industry.
The peculiarity of the rail industry with regard to functional safety is that the systems are to be certified by an governmental authority (in Germany the federal railway authority), before they are allowed to be placed into a railway system. So, the manufacturer must provide proof of compliance with the functional safety standards already during the development of the product. In this point the aviation and rail industry are very similar.

EN 50128

In most other industries, there are (so far) no governmental authorities (e.g. automotive industry). The manufacturer must ensure himself the compliance with standards and only when the product liability law is applied, then the corresponding evidence must be provided.
In this blog I’m focusing on the functional safety in the railway industry. The following picture gives an overview about the contents of the three standards:
EN 50128 Functional SafetyThe EN 50128 defines the requirements for software to be installed in electronic railway applications. As software development process, the standard requires the V model. This is, in the first glance, very similar to other functional safety standards. However, the EN50128 focuses strongly on the definition of individual roles in the development process and the competencies that are need by the employees. Sure, this has the advantage that the project is forced to make clear thoughts, which team members are suitable to perform EN 50128 Functional Safety projects. A disadvantage is that it gets very difficult to apply new procedures or methods, such as for e.g. agile methods. This balance is managed in other standards in a better manner.

Competence and roles of team members

The following graphic gives an overview of the required roles and the demanded independence. In a SIL 3 SIL 4 project the validation must be carried out independent of the project manager. Within a SIL 1, software integrator and tester are allowed to be the same person.

In other areas of the standard, there are far more similarities with other functional safety standards. Of course also in these areas there are noticeable differences. However the strict definition of roles plays the most important role, if one manufactures products for multiple industries such as suppliers. For him it is essential to avoid the implementation of two different development processes. In case a supplier wants to develop the software product according to EN50128 and ISO26262, there will be a significant effort to be spent to develop a strategy to avoid a duplication of the development process and still be compliant to EN50128.

 Aspects for which detailed measures and techniques are required

At the end of this article, I want to give a view on the aspects for which detailed measures and techniques are required, depending on the SIL level to be met:

Software requirement specification (Chapter 7.2)
Software architecture (Chapter 7.3)
Software design and implementation (Chapter 7.4)
Verification and Test (Chapter 6.2 and 7.3)
Integration (Chapter 7.6)
Test of the complete software (Chapter 6.2 and 7.7)
Software analysis techniques (Chapter 6.3)
Software quality assurance (Chapter 6.5)
Software maintainability (Chapter 9.2)
Data generation (Chapter 8.4)

Conclusion:

Overall, the EN50128 provides the same requirements for safety-critical software and the development process as other functional safety standards.
There is a greater difference in the definition of the roles and competencies of team members.
However, the biggest difference from other industries arises from the fact that software and the corresponding embedded systems must be certified by a government agency. Only the aerospace industry has similar constraints in this area.

I’ll be glad to help you also with any specific questions about your project . Send an email to: martin.heininger [at] heicon-ulm.de
An overview of the services can also be found on the HEICON Homepage.


10. September 2015/0 Comments/by HEICON Global Engineering GmbH
Tags: CENELEC, EN50128, EN50128 Verification, Functional Safety, Software processes
Share this entry
  • Share on Facebook
  • Share on Twitter
  • Share on WhatsApp
  • Share on LinkedIn
https://heicon-ulm.de/wp-content/uploads/2020/02/DI1A6165_klein_Railway.jpg 435 547 HEICON Global Engineering GmbH https://heicon-ulm.de/wp-content/uploads/2020/07/heicon-logo-5.png HEICON Global Engineering GmbH2015-09-10 19:15:242021-01-04 20:47:01EN 50128 Functional Safety in the railway industry
You might also like
Validation and VerificationImplicit Testing – A good idea (Part 1)?
Other Functional Safety StandardsISO 25119: Software Development for Tractors and Machinery for agriculture and forestry
Functional SafetyAgile development methods and Functional safety – An unbridgeable contrast? (Part 1)
RailwayEN 50128 configurable Systems – The solution?
Functional SafetyIs the inverted V-model the secret to success?
Functional SafetyTool qualification – The pain of functional safety (part 2)!
0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Categories

  • A_Requirement Engineering
  • B_Validation and Verification
  • C_Config- / Change Management
  • D_Security
  • FuSa__General
  • FuSa_Aerospace
  • FuSa_Agriculture
  • FuSa_Automotive
  • FuSa_Industrial
  • FuSa_Railway

Contact

HEICON Global Engineering GmbH
Dipl. Ing. (FH) Martin Heininger
Kreuzweg 22
88477 Schwendi

Phone: +49 7353 – 98 17 81
Mobile: +49 176 – 24 73 99 60

Email: info[at]heicon-ulm.de

IMPRINT  |  DATA PROTECTION

Agile development methods and functional safety – An unbridgeable contrast?...Functional SafetyAutomotiveReuse scenarios in ISO 26262 (part 1)
Scroll to top