BS EN 50716:2023
$215.11
Railway Applications. Requirements for software development
Published By | Publication Date | Number of Pages |
BSI | 2023 | 128 |
1.1 This European Standard specifies the process and technical requirements for the development of software for programmable electronic systems for use in control, command for signaling applications and any on-board of rolling stock. This European Standard is not intended to be applied in the area of electric traction power supply (fixed installation) or for power supply and control of conventional applications, e.g. station power supply for offices, shops etc. These applications are covered typically by standards for energy distribution and/or non-railway sectors and/or local legal frameworks. For railway related fixed installations (electric traction power control and supply) the EN 50562 is applicable. 1.2 This European Standard is applicable exclusively to software and the interaction between software and the system of which it is part. 1.3 Intentionally left blank 1.4 This European Standard applies to all software used in railway systems, including – application programming, – operating systems, – support tools, – firmware. Application programming comprises high level programming, low level programming and special purpose programming (for example: Programmable logic controller ladder logic). 1.5 This European Standard also addresses the use of pre-existing software and tools. Such software may be used, if the specific requirements in 7.3.4.7 and 6.5.4.16 on pre-existing software and for tools in 6.7 are fulfilled. 1.6 Software developed according to any version of EN 50128 or EN 50657 will be considered as compliant and not subject to the requirements on pre-existing software. 1.7 This European Standard considers that modern application design often makes use of software that is suitable as a basis for various applications. Such software is then configured by application data for producing the executable software for the application. 1.8 Entry intentionally left empty. 1.9 This European Standard is not intended to be retrospective. It therefore applies primarily to new developments and only applies in its entirety to existing systems if these are subjected to major modifications. For minor changes, only 9.2 applies. The assessor has to analyse the evidences provided in the software documentation to confirm whether the determination of the nature and scope of software changes is adequate. However, application of this European Standard during upgrades and maintenance of existing software is highly recommended. 1.10 For the development of User Programmable Integrated Circuits (e.g. FPGA & CPLD) guidance is provided in EN 50129:2018 Annex F for safety related functions and in EN 50155:2017 for non-safety related functions. Software running on soft-cores of User Programmable Integrated Circuits is within the scope of this European Standard. […]
PDF Catalog
PDF Pages | PDF Title |
---|---|
2 | undefined |
13 | 1 Scope 2 Normative references |
14 | 3 Terms, definitions and abbreviations 3.1 Terms and definitions |
19 | 3.2 Abbreviations |
20 | 4 Software integrity levels conformance |
21 | 5 Software management and organization 5.1 Organization and independence of roles 5.1.1 Objective 5.1.2 Requirements |
24 | 5.2 Personnel competence and responsibilities 5.2.1 Objectives 5.2.2 Requirements |
25 | 5.3 Lifecycle issues and documentation 5.3.1 Objectives 5.3.2 Requirements |
26 | 6 Software assurance 6.1 Software testing 6.1.1 Objective 6.1.2 Input documents 6.1.3 Output documents 6.1.4 Requirements |
27 | 6.2 Software verification 6.2.1 Objective 6.2.2 Input documents 6.2.3 Output documents |
28 | 6.2.4 Requirements |
29 | 6.3 Software validation 6.3.1 Objective 6.3.2 Input documents 6.3.3 Output documents 6.3.4 Requirements |
30 | 6.4 Software assessment 6.4.1 Objective |
31 | 6.4.2 Input documents 6.4.3 Output documents 6.4.4 Requirements |
32 | 6.5 Software quality assurance 6.5.1 Objectives 6.5.2 Input documents 6.5.3 Output documents 6.5.4 Requirements |
35 | 6.6 Modification and change control 6.6.1 Objectives 6.6.2 Input documents 6.6.3 Output documents 6.6.4 Requirements |
36 | 6.7 Support tools and languages 6.7.1 Objectives 6.7.2 Input documents 6.7.3 Output documents 6.7.4 Requirements |
39 | 7 Software development 7.1 Lifecycle and documentation for software 7.1.1 Objectives 7.1.2 Requirements 7.2 Software requirements 7.2.1 Objectives 7.2.2 Input documents 7.2.3 Output documents 7.2.4 Requirements |
41 | 7.3 Architecture and design 7.3.1 Objectives |
42 | 7.3.2 Input documents 7.3.3 Output documents 7.3.4 Requirements |
49 | 7.4 Component design 7.4.1 Objectives 7.4.2 Input documents 7.4.3 Output documents 7.4.4 Requirements |
51 | 7.5 Component implementation and testing 7.5.1 Objectives 7.5.2 Input documents 7.5.3 Output documents 7.5.4 Requirements |
52 | 7.6 Integration 7.6.1 Objectives 7.6.2 Input documents 7.6.3 Output documents 7.6.4 Requirements |
54 | 7.7 Overall software testing / Final validation 7.7.1 Objectives 7.7.2 Input documents 7.7.3 Output documents 7.7.4 Requirements |
56 | 8 Development of application data: systems configured by application data 8.1 Objectives 8.2 Input documents |
57 | 8.3 Output documents 8.4 Requirements 8.4.1 Application development process |
58 | 8.4.2 Application requirements specification |
59 | 8.4.3 Architecture and Design 8.4.4 Application data production |
60 | 8.4.5 Application integration and testing 8.4.6 Application validation and assessment 8.4.7 Application preparation procedures and tools |
61 | 9 Software deployment and maintenance 9.1 Software deployment 9.1.1 Objective 9.1.2 Input documents 9.1.3 Output documents 9.1.4 Requirements |
63 | 9.2 Software maintenance 9.2.1 Objective 9.2.2 Input documents 9.2.3 Output documents 9.2.4 Requirements |
66 | Annex A (normative)Criteria for the selection of techniques and measures A.1 General |
67 | A.2 Clauses tables |
73 | A.3 Detailed tables |
77 | Annex B (normative)Key software roles and responsibilities |
83 | Annex C (informative)Guidance on software development C.1 Lifecycle model examples C.1.1 General remarks C.1.2 Linear lifecycle models |
85 | C.1.3 Iterative lifecycle models |
89 | C.2 Modelling C.2.1 Modelling – General C.2.2 Modelling – Definition |
90 | C.2.3 Modelling – Lifecycle issues and documentation C.2.4 Modelling – Software assurance C.2.4.1 General C.2.4.2 Software testing C.2.4.3 Software verification |
91 | C.2.4.4 Software validation C.2.5 Modelling – Support tools and languages C.2.6 Modelling – Software development (Lifecycle and documentation) C.2.6.1 General C.2.6.2 Software requirements C.2.6.3 Architecture and design |
92 | C.2.6.4 Component design C.2.6.5 Component implementation and testing |
94 | C.2.6.6 Integration C.2.6.7 Overall software testing / Final validation C.3 Artificial Intelligence and Machine Learning C.3.1 General C.3.2 Usage of AI and ML within EN 50716 C.3.3 Challenges to the use of AI and ML within EN 50716 |
96 | Annex D (informative)Bibliography of techniques D.1 Intentionally left blank D.2 Analysable programs D.3 Avalanche/stress testing |
97 | D.4 Boundary value analysis D.5 Backward recovery D.6 Cause consequence diagrams |
98 | D.7 Checklists D.8 Control flow analysis |
99 | D.9 Intentionally left blank D.10 Data flow analysis D.11 Data flow diagrams |
100 | D.12 Data recording and analysis D.13 Decision tables and truth tables D.14 Defensive programming |
101 | D.15 Coding standards and style guide |
103 | D.16 Diverse programming D.17 Dynamic reconfiguration |
104 | D.18 Equivalence classes and input partition testing D.19 Error detecting and correcting codes D.20 Error guessing |
105 | D.21 Error seeding D.22 Event tree analysis D.23 Fagan inspections |
106 | D.24 Failure assertion programming D.25 SEEA – Software Error Effect Analysis |
107 | D.26 Fault detection and diagnosis D.27 Finite state machines/state transition diagrams |
108 | D.28 Formal methods D.29 Formal proof |
109 | D.30 Forward recovery D.31 Graceful degradation D.32 Impact analysis |
110 | D.33 Information hiding / encapsulation D.34 Interface testing D.35 Intentionally left blank D.36 Memorizing executed cases |
111 | D.37 Metrics D.38 Modular approach |
112 | D.39 Performance modelling D.40 Performance requirements |
113 | D.41 Intentionally left blank D.42 Process simulation D.43 Prototyping / animation |
114 | D.44 Recovery block D.45 Response timing and memory constraints D.46 Re-try fault recovery mechanisms D.47 Safety bag |
115 | D.48 Software configuration management D.49 Intentionally left blank D.50 Structure based testing D.51 Structure diagrams |
116 | D.52 Structured methodology |
117 | D.53 Structured programming D.54 Suitable programming languages |
119 | D.55 Petri nets |
120 | D.56 Walkthroughs / design reviews D.57 Intentionally left blank D.58 Traceability |
121 | D.59 Intentionally left blank D.60 Intentionally left blank D.61 Intentionally left blank D.62 Intentionally left blank D.63 Intentionally left blank D.64 Intentionally left blank D.65 Data modelling D.66 Control flow diagram/control flow graph |
123 | D.67 Sequence diagram D.68 Tabular specification methods D.69 Intentionally left blank D.70 Intentionally left blank D.71 Domain specific languages |
124 | Annex ZZ (informative)Relationship between this European Standard and the Essential Requirements of EU Directive (EU) 2016/797 aimed to be covered |