®¿·-·²¹ -¬¿²¼¿®¼- ©±®´¼©·¼»
‡
ÒÑ ÝÑÐÇ×ÒÙ É×ÌØÑËÌ ÞÍ× ÐÛÎÓ×ÍÍ×ÑÒ ÛÈÝÛÐÌ ßÍ ÐÛÎÓ×ÌÌÛÜ ÞÇ ÝÑÐÇÎ×ÙØÌ ÔßÉ
ÞÍ× Í¬¿²¼¿®¼- Ы¾´·½¿¬·±²
ÞÍ ÛÒ ëðïîèæîðïï
ο·´©¿§ ¿°°´·½¿¬·±²- ‰
ݱ³³«²·½¿¬·±²ô -·¹²¿´´·²¹
¿²¼ °®±½»--·²¹ -§-¬»³- ‰
ͱº¬©¿®» º±® ®¿·´©¿§ ½±²¬®±´
¿²¼ °®±¬»½¬·±² -§-¬»³-
ݱ°§®·¹¸¬ Û«®±°»¿² ݱ³³·¬¬»» º±® Û´»½¬®±¬»½¸²·½¿´ ͬ¿²¼¿®¼·¦¿¬·±²
Ю±ª·¼»¼ ¾§ ×ØÍ «²¼»® ´·½»²-» ©·¬¸ ÝÛÒÛÔÛÝ
Ò±¬ º±® λ-¿´»Ò± ®»°®±¼«½¬·±² ±® ²»¬©±®µ·²¹ °»®³·¬¬»¼ ©·¬¸±«¬ ´·½»²-» º®±³ ×ØÍ
óóÀôôÀÀÀôôôôÀÀÀÀóÀóÀôôÀôôÀôÀôôÀóóó
ÞÍ ÛÒ ëðïîèæîðïï ÞÎ×Ì×ÍØ ÍÌßÒÜßÎÜ
Ò¿¬·±²¿´ º±®»©±®¼
̸·- Þ®·¬·-¸ ͬ¿²¼¿®¼ ·- ¬¸» ËÕ ·³°´»³»²¬¿¬·±² ±º ÛÒ ëðïîèæîðïïò ׬
-«°»®-»¼»- ÞÍ ÛÒ ëðïîèæîððï ©¸·½¸ ·- ©·¬¸¼®¿©²ò
׬ -¸±«´¼ ¾» ²±¬»¼ ¬¸¿¬ ¬¸·- -¬¿²¼¿®¼ ·- °®»-»²¬´§ «²¼»®¹±·²¹ º«®¬¸»®
®»ª·-·±² ¬± »¨°¿²¼ ·¬- ®»³·¬ ¬± ½±ª»® -±º¬©¿®» ¿°°´·½¿¬·±²- ©·¬¸·²
¬¸» ½±²¬»¨¬ ±º ¬¸» ©¸±´» ®¿·´©¿§ -§-¬»³ô ·²½´«¼·²¹ô ¾«¬ ²±¬ ´·³·¬»¼
¬±ô ®±´´·²¹ -¬±½µô º·¨»¼ ·²-¬¿´´¿¬·±²- ¿- ©»´´ ¿- -·¹²¿´´·²¹ -§-¬»³-ò
ɸ»² ®»ª·-»¼ ·¬ ·- °´¿²²»¼ ¬¸¿¬ ÛÒ ëðïîè ©·´´ ¾»½±³» ¿ °¿®¬ ±º ¬¸»
²»© -«·¬» ±º ÛÒ ëðïîê ®¿·´©¿§ -¬¿²¼¿®¼-ò
̸» ËÕ °¿®¬·½·°¿¬·±² ·² ·¬- °®»°¿®¿¬·±² ©¿- »²¬®«-¬»¼ ¬± Ì»½¸²·½¿´
ݱ³³·¬¬»» ÙÛÔñçñïô ο·´©¿§ Û´»½¬®±¬»½¸²·½¿´ ß°°´·½¿¬·±²- ó
Í·¹²¿´´·²¹ ¿²¼ ½±³³«²·½¿¬·±²-ò
ß ´·-¬ ±º ±®¹¿²·¦¿¬·±²- ®»°®»-»²¬»¼ ±² ¬¸·- ½±³³·¬¬»» ½¿² ¾»
±¾¬¿·²»¼ ±² ®»¯«»-¬ ¬± ·¬- -»½®»¬¿®§ò
̸·- °«¾´·½¿¬·±² ¼±»- ²±¬ °«®°±®¬ ¬± ·²½´«¼» ¿´´ ¬¸» ²»½»--¿®§
°®±ª·-·±²- ±º ¿ ½±²¬®¿½¬ò Ë-»®- ¿®» ®»-°±²-·¾´» º±® ·¬- ½±®®»½¬
¿°°´·½¿¬·±²ò
w ÞÍ× îðïï
×ÍÞÒ çéè ð ëèð êîéêè î
×ÝÍ íëòîìðòêðå ìëòðîðå çíòïðð
ݱ³°´·¿²½» ©·¬¸ ¿ Þ®·¬·-¸ ͬ¿²¼¿®¼ ½¿²²±¬ ½±²º»® ·³³«²·¬§ º®±³
´»¹¿´ ±¾´·¹¿¬·±²-ò
̸·- Þ®·¬·-¸ ͬ¿²¼¿®¼ ©¿- °«¾´·-¸»¼ «²¼»® ¬¸» ¿«¬¸±®·¬§ ±º ¬¸»
ͬ¿²¼¿®¼- б´·½§ ¿²¼ ͬ®¿¬»¹§ ݱ³³·¬¬»» ±² íï Ö«´§ îðïïò
ß³»²¼³»²¬- ·--«»¼ -·²½» °«¾´·½¿¬·±²
Ü¿¬» Ì»¨¬ ¿ºº»½¬»¼
ݱ°§®·¹¸¬ Û«®±°»¿² ݱ³³·¬¬»» º±® Û´»½¬®±¬»½¸²·½¿´ ͬ¿²¼¿®¼·¦¿¬·±²
Ю±ª·¼»¼ ¾§ ×ØÍ «²¼»® ´·½»²-» ©·¬¸ ÝÛÒÛÔÛÝ
Ò±¬ º±® λ-¿´»Ò± ®»°®±¼«½¬·±² ±® ²»¬©±®µ·²¹ °»®³·¬¬»¼ ©·¬¸±«¬ ´·½»²-» º®±³ ×ØÍ
óóÀôôÀÀÀôôôôÀÀÀÀóÀóÀôôÀôôÀôÀôôÀóóó
ÞÍ ÛÒ ëðïîèæîðïï
EUROPEAN STANDARD
EN 50128
NORME EUROPÉENNE
EUROPÄISCHE NORM
June 2011
CENELEC
European Committee for Electrotechnical Standardization
Comité Européen de Normalisation Electrotechnique
Europäisches Komitee für Elektrotechnische Normung
Management Centre: Avenue Marnix 17, B - 1000 Brussels
© 2011 CENELEC - All rights of exploitation in any form and by any means reserved worldwide for CENELEC members.
Ref. No. EN 50128:2011 E
ICS 35.240.60; 45.020; 93.100 Supersedes EN 50128:2001
English version
Railway applications -
Communication, signalling and processing systems -
Software for railway control and protection systems
A
pplications ferroviaires -
Systèmes de signalisation, de
télécommunication et de traitement -
Logiciels pour systèmes de commande et
de protection ferroviaire
Bahnanwendungen -
Telekommunikationstechnik,
Signaltechnik und
Datenverarbeitungssysteme -
Software für Eisenbahnsteuerungs- und
Überwachungssysteme
This European Standard was approved by CENELEC on 2011-04-25. CENELEC members are bound to
comply with the CEN/CENELEC Internal Regulations which stipulate the conditions for giving this European
Standard the status of a national standard without any alteration.
Up-to-date lists and bibliographical references concerning such national standards may be obtained on
application to the Central Secretariat or to any CENELEC member.
This European Standard exists in three official versions (English, French, German). A version in any other
language made by translation under the responsibility of a CENELEC member into its own language and
notified to the Central Secretariat has the same status as the official versions.
CENELEC members are the national electrotechnical committees of Austria, Belgium, Bulgaria, Croatia,
Cyprus, the Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland,
Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, the Netherlands, Norway, Poland, Portugal, Romania,
Slovakia, Slovenia, Spain, Sweden, Switzerland and the United Kingdom.
ݱ°§®·¹¸¬ Û«®±°»¿² ݱ³³·¬¬»» º±® Û´»½¬®±¬»½¸²·½¿´ ͬ¿²¼¿®¼·¦¿¬·±²
Ю±ª·¼»¼ ¾§ ×ØÍ «²¼»® ´·½»²-» ©·¬¸ ÝÛÒÛÔÛÝ
Ò±¬ º±® λ-¿´»Ò± ®»°®±¼«½¬·±² ±® ²»¬©±®µ·²¹ °»®³·¬¬»¼ ©·¬¸±«¬ ´·½»²-» º®±³ ×ØÍ
óóÀôôÀÀÀôôôôÀÀÀÀóÀóÀôôÀôôÀôÀôôÀóóó
ÞÍ ÛÒ ëðïîèæîðïï
EN 50128:2011 - 2 -
Contents
Foreword ........................................................................................................................................................... 6
Introduction ....................................................................................................................................................... 7
1 Scope ....................................................................................................................................................... 10
2 Normative references ............................................................................................................................. 11
3 Terms, definitions and abbreviations ................................................................................................... 11
3.1Terms and definitions ............................................................................................................................. 11
3.2Abbreviations .......................................................................................................................................... 15
4 Objectives, conformance and software safety integrity levels .......................................................... 16
5 Software management and organisation.............................................................................................. 17
5.1Organisation, roles and responsibilities .............................................................................................. 17
5.2Personnel competence ........................................................................................................................... 20
5.3Lifecycle issues and documentation .................................................................................................... 21
6 Software assurance ................................................................................................................................ 23
6.1Software testing ...................................................................................................................................... 23
6.2Software verification ............................................................................................................................... 25
6.3Software validation ................................................................................................................................. 27
6.4Software assessment ............................................................................................................................. 28
6.5Software quality assurance.................................................................................................................... 30
6.6Modification and change control........................................................................................................... 33
6.7Support tools and languages ................................................................................................................ 34
7 Generic software development .............................................................................................................. 37
7.1Lifecycle and documentation for generic software ............................................................................. 37
7.2Software requirements ........................................................................................................................... 37
7.3Architecture and Design ......................................................................................................................... 40
7.4Component design ................................................................................................................................. 46
7.5Component implementation and testing .............................................................................................. 49
7.6Integration ................................................................................................................................................ 50
7.7Overall Software Testing / Final Validation .......................................................................................... 52
8 Development of application data or algorithms: systems configured by application data or
algorithms ................................................................................................................................................ 54
ݱ°§®·¹¸¬ Û«®±°»¿² ݱ³³·¬¬»» º±® Û´»½¬®±¬»½¸²·½¿´ ͬ¿²¼¿®¼·¦¿¬·±²
Ю±ª·¼»¼ ¾§ ×ØÍ «²¼»® ´·½»²-» ©·¬¸ ÝÛÒÛÔÛÝ
Ò±¬ º±® λ-¿´»Ò± ®»°®±¼«½¬·±² ±® ²»¬©±®µ·²¹ °»®³·¬¬»¼ ©·¬¸±«¬ ´·½»²-» º®±³ ×ØÍ
óóÀôôÀÀÀôôôôÀÀÀÀóÀóÀôôÀôôÀôÀôôÀóóó
ÞÍ ÛÒ ëðïîèæîðïï
- 3 - EN 50128:2011
8.1Objectives ................................................................................................................................................ 54
8.2Input documents ..................................................................................................................................... 55
8.3Output documents .................................................................................................................................. 55
8.4Requirements .......................................................................................................................................... 55
9 Software deployment and maintenance ............................................................................................... 60
9.1Software deployment .............................................................................................................................. 60
9.2Software maintenance ............................................................................................................................ 62
Annex A (normative) Criteria for the Selection of Techniques and Measures .......................................... 65
A.1 Clauses tables ................................................................................................................................ 66
A.2 Detailed tables ................................................................................................................................ 73
Annex B (normative) Key software roles and responsibilities ................................................................... 79
Annex C (informative) Documents Control Summary ................................................................................. 88
Annex D (informative) Bibliography of techniques ...................................................................................... 90
D.1 Artificial Intelligence Fault Correction .............................................................................................. 90
D.2 Analysable Programs ...................................................................................................................... 90
D.3 Avalanche/Stress Testing ............................................................................................................... 91
D.4 Boundary Value Analysis ................................................................................................................ 91
D.5 Backward Recovery ........................................................................................................................ 92
D.6 Cause Consequence Diagrams ...................................................................................................... 92
D.7 Checklists ....................................................................................................................................... 92
D.8 Control Flow Analysis...................................................................................................................... 93
D.9 Common Cause Failure Analysis ................................................................................................... 93
D.10Data Flow Analysis.......................................................................................................................... 94
D.11Data Flow Diagrams ....................................................................................................................... 94
D.12Data Recording and Analysis .......................................................................................................... 95
D.13Decision Tables (Truth Tables)....................................................................................................... 95
D.14Defensive Programming ................................................................................................................. 96
D.15Coding Standards and Style Guide ................................................................................................. 96
D.16Diverse Programming ..................................................................................................................... 97
D.17Dynamic Reconfiguration ................................................................................................................ 98
D.18Equivalence Classes and Input Partition Testing............................................................................ 98
D.19Error Detecting and Correcting Codes ............................................................................................ 98
D.20Error Guessing ................................................................................................................................ 99
D.21Error Seeding .................................................................................................................................. 99
D.22Event Tree Analysis ........................................................................................................................ 99
D.23Fagan Inspections......................................................................................................................... 100
D.24Failure Assertion Programming .................................................................................................... 100
D.25 SEEA . Software Error Effect Analysis ......................................................................................... 100
D.26Fault Detection and Diagnosis ...................................................................................................... 101
D.27Finite State Machines/State Transition Diagrams ......................................................................... 102
D.28Formal Methods ............................................................................................................................ 102
D.29Formal Proof ................................................................................................................................. 108
ݱ°§®·¹¸¬ Û«®±°»¿² ݱ³³·¬¬»» º±® Û´»½¬®±¬»½¸²·½¿´ ͬ¿²¼¿®¼·¦¿¬·±²
Ю±ª·¼»¼ ¾§ ×ØÍ «²¼»® ´·½»²-» ©·¬¸ ÝÛÒÛÔÛÝ
Ò±¬ º±® λ-¿´»Ò± ®»°®±¼«½¬·±² ±® ²»¬©±®µ·²¹ °»®³·¬¬»¼ ©·¬¸±«¬ ´·½»²-» º®±³ ×ØÍ
óóÀôôÀÀÀôôôôÀÀÀÀóÀóÀôôÀôôÀôÀôôÀóóó