• 703

Generation of Software Assessment Reports

Software assessment reports are required to demonstrate the software safety of components, railway vehicles, signaling systems, interlocking stations or other technical systems. At the beginning of each software assessment report there is the classification of the software according to the software safety integrity level (SW-SIL).

A variety of standards may be applied in this process:

  • EN 50657 „Railway applications: Rolling stock applications; Software on board of rolling stock, excluding railway control and protection applications“
  • EN 50128 „Railway applications: Communications, signalling and processing systems; Software for railway control and protection systems“
  • EN 61508 „Functional safety of electrical/electronic/programmable electronic safety-related systems“
  • Inspections based on EN 50129 „Railway applications: Communications, signalling and processing systems; Safety related electronic systems for signalling“
  • Safety classification according to EN 50126 „Railway applications: The specification and demonstration of Reliability, Availability, Maintainability and Safety (RAMS)“
  • EN 50239 „Railway applications: Radio remote control system of traction vehicle for freight traffic”
  • SIRF „Vehicle Safety Guideline – technical safety“

Important Evidence
In Germany, the National Safety Authority for Railways EBA requires the evidence of EN 50128 compliance in the homologation of building or maintenance vehicles and regular vehicles according to §32 of the EBO “Ordinance on the Construction and Operation of Railways”. For homologation projects according to the transeuropean railway interoperability regulation it is necessary to demonstrate the compliance with SIRF (safety guideline vehicles).

In the field of European homologation according to TSI the manufacturer may chose which way of proving evidence for software safety he prefers. The EN 50128 is often considered to be an industry standard but for some applications it may be too inflexible.

Method used in Safety Classifications

In cooperation with the manufacturer of operator, the first step of a safety classification is to investigate which hazards are relevant for the product. This leads to an assessment which usually follows the risk graph of the SIRF-procedure and which is assigned to a specific safety level SIL. In order to define which part of the technical responsibility of a product is attributed to the software, fault trees are an effective instrument. They show the splitting of safety responsibility in software, hardware and operational means. We perform the assessment in form of an audit and document the results on the spot. The final result is an assessment report.

Method used for a Software Assessment

In a software assessment we verify in an audit with the software manufacturer if the standard (e.g. EN 50128) is completely implemented. In this task, the requirements of the standard are reviewed with the software developers, testers or quality managers, chapter by chapter, and the result is evaluated. We perform this verification in form of an audit and document the results on the spot. The result is an assessment report.

The results are handed to you in paper form and .pdf and as an editable file, wide parts of which may be reused for future processes.


Do you already know what you need?

  • I want a safety classification for my software, … then
  • I want to homologate software… then
  • I want a safety assessment report for an Authority… then
  • I only want to make a change… then
  • I want to know if the software process in my company ok and safe… then
  • I want to upgrade software that is proven in use… then
  • I want to receive an assessment of individual dossier for chapter 13 of the EBA NNTR… then
  • I want to meet you…then