MODUK DEF STAN 00-55: PART 2 [ Cancelled ]

This Part of the Standard provides information and guidance on the procedures necessary for the production of software of all levels of safety integrity. However, it places particular emphasis on describing the procedures necessary for specification, design, coding, production and in-service maintenance and modification of Safety Critical Software (SCS).

It should be emphasized that safety is a system property and achieving and maintaining safety requires attention to all aspects of the system, including its human, electronic and mechanical components. This Standard addresses only one important component - ie the development of software to meet a predetermined safety integrity level. The achievement of safety targets by overall design, and in particular whether safety features are to be controlled by hardware, software or manual procedures, is not addressed. A systems approach to hazard analysis and safety risk assessment is explained in Def Stan 00-56.

Where safety is dependent on the safety related software (SRS) fully meeting its requirements, demonstrating safety is equivalent to demonstrating correctness with respect to the Software Requirement. In other cases, safety may be dependent on the SRS behaving in accordance with an identifiable set of safety requirements, contained within the Software Requirement, rather than correctness with the total Software Requirement to provide the required safety integrity level. Because of the difficulties of separating safety properties from the other behavioural properties of the SRS and the need to demonstrate adequate partitioning between these properties, this Standard tends towards the former approach and assumes that correctness is equivalent to safety. However, providing that safety can be achieved and demonstrated, overall correctness need not be an objective from a safety point of view.