Re: [SystemSafety] Third White Paper

From: Peter Bernard Ladkin < >
Date: Wed, 20 Feb 2013 14:47:26 +0100


On 2/20/13 2:11 PM, Peter Bernard Ladkin wrote:
> Neither through the IEC nor through the German standardisation agencies (DIN, DKE, VDA, etc) is it
> possible for two versions of a standard to be in force at the same time. There comes with a standard
> version a Publication Date, and on this date the new version comes into force and the old version is
> retracted. This is automatic.

Ingo Rolle, the permanent secretary of DKE GK914, just pointed out to me some complications to what I said, for example the WWW page (in German) http://www.dke.de/de/DKE-Arbeit/MitteilungenzurNormungsarbeit/2011/Seiten/DINEN61508Uebergangsfristen.aspx

This has to do with IEC 61508 version 2, in its German version designated VDE 0803.

[begin resume]

CENELEC, the European standardisation agency, recognised IEC 61508 V2 in May 2010, and set the following deadlines for national adoption by its member states: 1 February 2011 for national adoption and 1 May 2011 the retraction of contradictory national standards.

Germany published IEC 61508 V2 on 1 February 2011 and from that point on is to be taken as state of the art (one says "state of the practice" in German, Stand der Praxis). However, it is explicitly said in the German national foreword that previous versions (that is, Version 1) may be used up to 1 May 2013.

The reasons given for this are that
* the IEC 61508 series is intended to operate mainly as guidance for other committees producing domain- or product-specific safety standards, and for this purpose specific deadlines are not decisive; * The IEC 61508 series is not specifically associated with laws of the land, for which specific validity dates are necessary;
* Use of and conformance to standards is a voluntary activity and is a matter for individual responsibility; this is so also for use of new versions.

[end resume]

I find it a odd that the primary purpose of 61508 is considered to be the development of other domain-specific standards. If you read the new version of 61511, the domain-specific safety standard for the process industries, you'll read that for SW development it refers/defers to IEC 61508 Part 3. In this use, 61508 tells SW developers how to go about developing and qualifying their product. Indeed, this guidance is what SW developers in Germany ask for. I would have thought that was the primary purpose of 61508 Part 3.

That conformance to standards is voluntary is theoretically true but can be misleading. Laws of the land often require explicit conformance with specific standards. In the UK there is an agency, HSE, which amongst other things is tasked with evaluation of infrastructure accidents (where there is no other specialist body to do so) and prosecution of those who might have engaged in negligent behavior which led to the accident, including nowadays companies ("corporate manslaughter" is a criminal offence in GB). HSE has explicitly said it takes conformance with IEC 61508 in domains in which it primarily applies (e.g., not aerospace or medical) as the touchstone for whether to prosecute or not. That makes the "voluntary" part of conformance somewhat theoretical.

PBL

-- 
Prof. Peter Bernard Ladkin, Faculty of Technology, University of Bielefeld, 33594 Bielefeld, Germany
Tel+msg +49 (0)521 880 7319  www.rvs.uni-bielefeld.de




_______________________________________________
The System Safety Mailing List
systemsafety_at_xxxxxx
Received on Wed Feb 20 2013 - 14:47:35 CET

This archive was generated by hypermail 2.3.0 : Tue Jun 04 2019 - 21:17:05 CEST