In the final part of our “Keeping Safety on track in the Rail Sector” blog, we are looking beyond the railway functional safety standardization framework to see how other safety relevant industries are addressing functional safety aspects.
The series of railway RAMS standards cover all areas of applications for the total railway system. The following diagram illustrates the relationship between these standards and the various areas of the railway systems.
In the automotive industry, functional safety is described in 12 parts in the ISO 26262 standard, 2nd Edition which is currently in ISO/FDIS stage. The 2nd Edition of ISO 26262 added (beyond other changes for the original 10 parts) two additional new parts:• Part 11: Guidelines on application of ISO 26262 to semiconductors, and
• Part 12: Adaptation for motorcycles.
The diagram below elaborates on the key content of the proposed 2nd Edition of 26262:
There are lots of useful methods and practices defined in ISO 26262 which enable organizations to develop safe and highly reliable designs. We would encourage our readers from the railway industry to visit ISO 26262 to see if there are any potential design methods and practices which would further enhance the safety and reliability of their designs.
Identification of the subject for functional safety purposes
ISO/FDIS 26262:2018 distinguishes two structural terms for the representation of the architecture – the Item and the Element. Items and Elements are related to each other by the means of interfaces on their boundaries. How Item(s) and Element(s) build up an architecture is rather implicitly defined in the standard. Let us describe it by using a diagram from our ISO 26262 training material:
The railway RAMS standards are taking a pragmatic approach by using the International Electrotechnical Vocabulary (IEC 60050) for architectural building block purposes to define terms including system, subsystem and component. Boundaries of the building blocks and interfaces between the building blocks are structured in a traditional way, as illustrated in the following diagram:
Functional Safety Assessment
Both the railway and automotive industries build functional safety confidence based on functional safety assessment of products and functional safety audits on processes. There are cases when the developed product is built to be integrated with another product, where the intended use of the integrated environment is vaguely known. These products can be re-used for various applications for multiple purposes.
In the railway industry it could be either defined as:
• Generic Product that can be re-used for different independent applications, or
• Generic Application that can be re-used with common functions for a class/types of applications.
Prior to releasing the generic product or generic application, the Safety Case should be assessed in an independent Functional Safety Assessment. For the automotive industry, the railway industry terms of generic product or generic application are referred to as Safety Elements out of Context (SEooC). Development of Safety Element out of Context should be based on assumed requirements of the item that it will integrate to. Also, there should be assumption on design external to the Safety Element out of Context.
In summary, it is not only safe design that can benefit from diversity. Diversity is a valuable approach for functional safety professionals and looking at other safety industry approaches to critical functional safety matters is recommended. For railway professionals visiting the automotive functional safety standards, this could help to fill some of the generic functional safety gaps that are left behind by railway functional safety standards due to their limited granularity.
In some other aspect however, like the elaboration of software techniques and measures in EN50128:2011, automotive functional safety professionals could benefit from visiting Annex D of this standard to get a steer on how to address methods mentioned in various tables of the ISO 26262-6 standard.
By Szabolcs Agai, Functional Safety Consultant