QP/C  7.4.0-rc.3
Real-Time Embedded Framework
Loading...
Searching...
No Matches
Functional Safety Management
Remarks
This document is part of the QP Certification Kit↑, which has been specifically designed to help companies in safety certification of their software based on the QP Framework treated as commercial off-the-shelf (COTS) software.

Traceability

Revision History

QP
version
Document
revision
Date
(YYYY-MM-DD)
By Description
7.3.4 A 2024-05-05 MMS Initial release for IEC-61508 SIL-3 and IEC-62304 Class-C.
7.4.0 A 2024-07-30 MMS Updated for QP 7.4.0.

Purpose and Scope

This Functional Safety Management (FSM) plan (Unique Identifier: DOC_FSM_QP) specifies a systematic plan to manage all activities necessary for QP Framework software to achieve the required safety integrity levels:

This FSM plan has the following main objectives ([IEC 61508-2:2010] Section 7):

  1. To structure, in a systematic manner, the phases of the QP Framework software safety lifecycle that shall be considered in order to achieve the required safety integrity levels.
  2. To document all information relevant to the functional safety of QP Framework software throughout the software safety lifecycle.

This FSM plan treats functional safety as an integral part of the overall software development process, so it combines the safety-related activities and other non-safety procedures involved in the QP Framework software development. However, for clarity and compliance with the functional safety standards, the safety specific activities are called out explicitly ([EXIDA:2014]). This document is a dynamic and shall be updated to reflect the organizational changes, lessons learned, and advances in applied methods and tools.

Remarks
Regulatory background
The FSM plan is the basis for claiming conformance to functional safety standards and corresponds to:

Document Organization

Note
This is a preview of the Functional Safety Management Plan. The full version is available as a separate product to commercial licensees↑ and contains the following sections:
  • Software Safety Lifecycle
  • Software Development Plan
  • Software Modification Management
  • Documentation Management
  • Validation Plan for Software Aspects of System Safety
  • Device Integration Plan

Document Conventions

Software Safety Lifecycle UIDs

For traceability, this Software Safety Lifecycle document uses the Unique Identifiers (UIDs) with the following structure:

 +---------------- [1] Work artifact class (e.g., 'SSR' for Software Safety Requirement)
 |  +------------- [2] Project identifier ('QP' for QP Framework or 'QA' for QP Application)
 |  |  +---------- [3] Work artifact ID
 |  |  |  +------- [4] Work artifact number
 |  |  |  |  +---- [5] Optional variant letter ('A', 'B', 'C'...)
 |  |  |  |  |+--- [6] Optional version number (1, 2, 3...)
 |  |  |  |  ||
FSM_QP_xx_yy[A2]

Examples: FSM_QP_PH_03, FSM_QP_SDLC_01

Acronyms and Abbreviations

AO Active Object
API Application Programming Interface
COTS Commercial Off-The-Shelf Software
CUT Code Under Test (in unit testing)
DBC Design By Contract
E/E/PE Electrical/Electronic/Programmable Electronic
EUC Equipment Under Control
FMEA Failure Mode and Effects Analysis
FSM Functional Safety Management
MBD Model-Based Design
MCU Microcontroller Unit
MISRA Motor Industry Software Reliability Association
OOP Object-Oriented Programming
PCLP PC-Lint Plus (static analysis tool)
QA QP Application (also PID for traceability)
QP QP Framework (also PID for traceability)
QM QM Model-Based Design (MBD) tool
QK Preemptive, non-blocking kernel (QP component)
QS "Quantum Spy" software tracing, target-resident component
QSPY "Quantum Spy" software tracing, host-based component
QUTEST Unit testing harness for QP Framework
SDP Software Design & Development Process
SMP Software Operation & Maintainence Procedures
SSL Software Safety Lifecycle
SDLC Software Development Lifecycle
SIL Safety Integrity Level ([IEC-61508-4:2010])
UID Unique Identifier (for traceability)

Definitions

Commercial off-the-shelf (COTS) software
Software element which already exists and is not developed specifically for the current project or safety-related system ([IEC-61508-4:2010] 3.2.8).
NOTE: The software could be a commercially available product, or it could have been developed by some organization for a previous product or system. Commercial off-the-shelf (COTS) software may or may not have been developed in accordance with the requirements of a safety-related standard.

Modification
Creation of a new item from an existing item.

References

[IEC 61508-1:2010] IEC 61508-1:2010, Functional safety of electrical/electronic/programmable electronic safety-related systems- Part 1: General requirements
[IEC 61508-2:2010] IEC 61508-2:2010, Functional safety of electrical/electronic/programmable electronic safety-related systems- Part 2: Requirements for E/E/PE safety-related systems
[IEC 61508-3:2010] IEC 61508-3:2010, Functional safety of electrical/electronic/programmable electronic safety-related systems- Part 3: Software requirements
[IEC 61508-7:2010] IEC 61508-7:2010, Functional safety of electrical/electronic/programmable electronic safety-related systems- Part 7: Overview of techniques and measures
[IEC 62304:2015] IEC 62304:2006/2015, Medical device software - Software life-cycle process, IEC 62304:2006 + IEC 62304:2006/Amd1:2015
[ISO 26262-1:2018] ISO 26262-1:2018(en) Road vehicles — Functional safety — Part 1: Vocabulary. International Standardization Organization.
[ISO 26262-2:2018] ISO 26262-2:2018(en) Road vehicles - Functional safety - Part 2: Management of functional safety. International Standardization Organization.
[ISO 26262-3:2018] ISO 26262-3:2018(en) Road vehicles - Functional safety - Part 3: Concept phase. International Standardization Organization.
[ISO 26262-4:2018] ISO 26262-3:2018(en) Road vehicles - Functional safety - Part 4: Definitions and abbreviations. International Standardization Organization.
[ISO 26262-6:2018] ISO 26262-6:2018(en) Road vehicles - Functional safety - Part 6: Product development at the software level. International Standardization Organization.
[ISO 26262-8:2018] ISO 26262-8:2018(en) Road vehicles - Functional safety - Part 8: Supporting processes. International Standardization Organization.
[Spexy:2023] Quantum Leaps, "Spexygen - Traceable Specifications Based on Doxygen" Quantum Leaps GitHub repo, 2023.
[EXIDA:2014] Michael Medoff, Rainer Faller, "Functional Safety - An IEC 61508 SIL 3 Compliant Development Process, 3nd. Ed." exida, 2014, ISBN 978-193977088.
[CODE2:2004] Steve McConnell, "Code Complete: A practical handbook of software construction, 2nd. Ed." Microsoft Press, 2004, ISBN 978-0-7356-1967-8.
[NASA10:2006] G.J. Holzmann, NASA/JPL Laboratory for Reliable Software "The Power of 10: Rules for Developing Safety-Critical Code", IEEE Computer. 39 (6): 95-99. doi:10.1109/MC.2006
[Pont:2017] Michael J. Pont, "The Engineering of Reliable Embedded Systems 2nd Ed.: Developing software for 'SIL 0' to 'SIL 3' designs using Time-Triggered architecture", SafeTTy Systems Ltd, 2017, ISBN 978-0-9930355-3-1.
[Lloyd:2009] Martin H. Lloyd, P. J. Reeve, "IEC 61508 and IEC 61511 Assessments - some Lessons Learned" IEEE Explore, 2009.

Traceability