Lessons learnt from IEC61508 software assessments

Abstract

With the advances in platform automation and the publication of NAN 06/2018 - Software integrity (previously NAN 02/2016), there has been a drive towards compliance to IEC61508 in the naval domain. Over the last few years Frazer-Nash have conducted a number of Original Equipment Manufacturer (OEM) audits and assessments to determine whether the requirements for safety critical software development in IEC61508 have been followed for a specific system or if a supplier's development processes are in line with the aspects of the standard which focus on software development, namely Part 3 - Software requirements. These audits have revealed some common problems across suppliers and highlighted that IEC61508 requires both organisational safety management processes as well as those specific for a system. As the naval industry looks to adopt the processes outlined in IEC61508 or an equivalent standard, this paper will present some of the lessons learnt from our IEC61508 assessments and offer some advice for new and existing suppliers. The paper will highlight some of the issues going forward as the development of safety critical systems is not a new concept but the specific factors arising in the naval domain from operating in variable environments, changing safe state conditions and ever increasing function complexity, present a key challenge. Included in the paper will be a view on how other industries are tackling IEC61508 compliance and where the strategies that have been adopted may be applicable in the naval domain as well as new tools which could assist with the development of safety critical systems.