Cart (0)
- No items in cart.
Total
$0
There is a technical issue about last added item. You can click "Report to us" button to let us know and we resolve the issue and return back to you or you can continue without last item via click to continue button.
Not a subscriber? Register for a trial account.
Already a subscriber? 
MADCAD.com Free Trial
Sign up for a 3 day free trial to explore the MADCAD.com interface, PLUS access the
2009 International Building Code to see how it all works.
If you like to setup a quick demo, let us know at support@madcad.com
or +1 800.798.9296 and we will be happy to schedule a webinar for you.
| Email * | |
| Password * | |
| Confirm * | |
| First Name * | |
| Last Name * | |
| Title | |
| Company Name * | |
| Company Size * | |
| Industry * | |
| Address * | |
| Address 2 | |
| City * | |
| State * |
Zip *
|
| Country * | |
| Phone * | |
| How did you hear about MADCAD.com? * |
|
Reset password
Enter your personal account email address to request
a password reset:
a password reset:
Reset password
Enter your account email address to request
a password reset:
a password reset:
Security check
Please login to your authorized staff account to use this feature.
Are you sure you want to empty the cart?
Report To Us
Contact us for a custom quote
⨯To continue with accurate pricing,
please select your company type below:
⨯We need your input!
Are you a code official in a jurisdiction with less than 300,000 population?
⨯ We need your input!
⨯We need your input!
Are you an existing Madcad user?
If so, please login to continue with the free items in your cart.
⨯We need your input!
This bundle includes subscribed items.
Download File
eLibrary >
25/30507505 DC BS EN IEC 61508-7 Functional safety of electrical/electronic/programmable electronic safety-related systems - Part 7: Overview of techniques and measures >
Expand All
TOC Search:
25/30507505 DC BS EN IEC 61508-7 Functional safety of electrical/electronic/programmable electronic safety-related systems - Part 7: Overview of techniques and measures, 2025
- 65A_1168e_CDV.pdf [Go to Page]
- FOREWORD
- INTRODUCTION
- 1 Scope
- 2 Normative references
- 3 Definitions and abbreviations
- Annex A (informative) Overview of techniques and measures for E/E/PE safety-related systems: control of random hardware failures (see IEC 61508-2) [Go to Page]
- A.1 Electric [Go to Page]
- A.1.1 Failure detection by on-line monitoring
- A.1.2 Monitoring of relay contacts
- A.1.3 Comparator
- A.1.4 Majority voter
- A.1.5 Idle current principle (de-energised to trip)
- A.2 Electronic [Go to Page]
- A.2.1 Tests by redundant hardware
- A.2.2 Dynamic principles
- A.2.3 Standard test access port and boundary-scan architecture
- A.2.4 (Not used)
- A.2.5 Monitored redundancy
- A.2.6 Electrical/electronic components with automatic check
- A.2.7 Analogue signal monitoring
- A.2.8 De-rating
- A.3 Processing units [Go to Page]
- A.3.1 Self-test by software: limited number of patterns (one-channel)
- A.3.2 Self-test by software: walking bit (one-channel)
- A.3.3 Self-test supported by hardware (one-channel)
- A.3.4 Coded processing (one-channel)
- A.3.5 Reciprocal comparison by software
- A.4 Invariable memory ranges [Go to Page]
- A.4.1 Word-saving multi-bit redundancy (for example ROM monitoring with a modified Hamming code)
- A.4.2 Modified checksum
- A.4.3 Signature of one word (8-bit)
- A.4.4 Signature of a double word (16-bit)
- A.4.5 Block replication (for example double ROM with hardware or software comparison)
- A.5 Variable memory ranges [Go to Page]
- A.5.1 RAM test "checkerboard"
- A.5.2 RAM test "walkpath"
- A.5.3 RAM test "galpat" or "transparent galpat"
- A.5.4 RAM test "Abraham"
- A.5.5 One-bit redundancy (for example RAM monitoring with a parity bit)
- A.5.6 RAM monitoring with a modified Hamming code, or detection of data failures with error-detection-correction codes (EDC)
- A.5.7 Double RAM with hardware or software comparison and read/write test
- A.5.8 RAM test "march”
- A.6 I/O-units and interfaces (external communication) [Go to Page]
- A.6.1 Test pattern
- A.6.2 Code protection
- A.6.3 Multi-channel parallel output
- A.6.4 Monitored outputs
- A.6.5 Input comparison/voting
- A.7 Data paths (internal communication) [Go to Page]
- A.7.1 One-bit hardware redundancy
- A.7.2 Multi-bit hardware redundancy
- A.7.3 Complete hardware redundancy
- A.7.4 Inspection using test patterns
- A.7.5 Transmission redundancy
- A.7.6 Information redundancy
- A.8 Power supply [Go to Page]
- A.8.1 Overvoltage protection with safety shut-off
- A.8.2 Voltage control (secondary)
- A.8.3 Power-down with safety shut-off
- A.9 Temporal and logical program sequence monitoring [Go to Page]
- A.9.1 Watch-dog with separate time base without time-window
- A.9.2 Watch-dog with separate time base and time-window
- A.9.3 Logical monitoring of program sequence
- A.9.4 Combination of temporal and logical monitoring of program sequences
- A.9.5 Temporal monitoring with on-line check
- A.10 Ventilation and heating [Go to Page]
- A.10.1 Temperature sensor
- A.10.2 Fan control
- A.10.3 Actuation of the safety shut-off via thermal fuse
- A.10.4 Staggered message from thermo-sensors and conditional alarm
- A.10.5 Connection of forced-air cooling and status indication
- A.11 Communication and mass-storage [Go to Page]
- A.11.1 Separation of electrical energy lines from information lines
- A.11.2 Spatial separation of multiple lines
- A.11.3 Design for immunity to electromagnetic interference
- A.11.4 Antivalent signal transmission
- A.12 Sensors [Go to Page]
- A.12.1 Reference sensor
- A.12.2 Positive-activated switch
- A.13 Final elements (actuators) [Go to Page]
- A.13.1 Monitoring
- A.13.2 Cross-monitoring of multiple actuators
- A.14 Measures against the physical environment
- Annex B (informative) Overview of techniques and measures for E/E/PE safety related systems: avoidance of systematic failures (see IEC 61508-2 and IEC 61508-3) [Go to Page]
- B.1 General measures and techniques [Go to Page]
- B.1.1 Project management
- B.1.2 Documentation
- B.1.3 Separation of E/E/PE system safety functions from non-safety functions
- B.1.4 Diverse hardware
- B.1.5 Traceability
- B.1.6 Functional Safety Assurance Role Independence
- B.2 E/E/PE system design requirements specification [Go to Page]
- B.2.1 Structured specification
- B.2.2 Formal methods
- B.2.3 Semi-formal methods [Go to Page]
- B.2.3.1 General
- B.2.3.2 Problem Frames
- B.2.3.3 Finite state machines / state transition diagrams
- B.2.3.4 Time Petri nets
- B.2.4 Computer-aided specification tools [Go to Page]
- B.2.4.1 General
- B.2.4.2 Tools oriented towards no specific method
- B.2.4.3 Model orientated procedure with hierarchical analysis
- B.2.4.4 Entity-relationship-attribute data models
- B.2.4.5 Incentive and answer
- B.2.5 Checklists [Go to Page]
- B.2.5.1 Guidelines for Safe Automation of Chemical Processes. CCPS, AIChE, New York, 1993, ISBN-10: 0-8169-0554-1, ISBN-13: 978-0-8169-0554-6
- B.2.6 Inspection of the specification
- B.3 E/E/PE system design and development [Go to Page]
- B.3.1 Observance of guidelines and standards
- B.3.2 Structured design
- B.3.3 Use of well-tried components
- B.3.4 Modularisation
- B.3.5 Computer-aided design tools
- B.3.6 Simulation
- B.3.7 Inspection (reviews and analysis)
- B.3.8 Walk-through
- B.4 E/E/PE system operation and maintenance procedures [Go to Page]
- B.4.1 Operation and maintenance instructions
- B.4.2 User friendliness
- B.4.3 Maintenance friendliness
- B.4.4 Limited operation possibilities
- B.4.5 Operation only by skilled operators
- B.4.6 Protection against operator mistakes
- B.4.7 (Not used)
- B.4.8 Modification protection
- B.4.9 Input acknowledgement
- B.5 E/E/PE system integration [Go to Page]
- B.5.1 Functional testing
- B.5.2 Black-box testing
- B.5.3 Statistical testing
- B.5.4 Field experience
- B.6 E/E/PE system safety validation [Go to Page]
- B.6.1 Functional testing under environmental conditions
- B.6.2 Electromagnetic interference immunity testing
- B.6.3 Static analysis
- B.6.4 Dynamic analysis and testing
- B.6.5 Failure analysis [Go to Page]
- B.6.5.1 Failure modes and effects analysis (FMEA)
- B.6.5.2 Cause consequence diagrams
- B.6.5.3 Event tree analysis (ETA)
- B.6.5.4 Failure modes, effects and criticality analysis (FMECA)
- B.6.5.5 Fault tree analysis (FTA)
- B.6.5.6 Markov models
- B.6.5.7 Reliability block diagrams (RBD)
- B.6.5.8 Monte-Carlo simulation
- B.6.5.9 Fault tree models
- B.6.5.10 Generalised Stochastic Petri net models (GSPN)
- B.6.6 Worst-case analysis
- B.6.7 Expanded functional testing
- B.6.8 Worst-case testing
- B.6.9 Fault insertion testing
- Annex C (informative) Overview of techniques and measures for achieving systematic capability for software (see IEC 61508-3) [Go to Page]
- C.1 General
- C.2 Requirements and detailed design [Go to Page]
- C.2.1 Structured methods [Go to Page]
- C.2.1.1 General
- C.2.1.2 Controlled Requirements Expression (CORE)
- C.2.1.3 Strategies for Real-Time System Specification, Derek J. Hatley and Imtiaz A. Pirbhai, Dorset House Publishing, New York, 1988. Jackson System Development (JSD)
- C.2.1.4 Real-time Yourdon
- C.2.2 Data flow diagrams
- C.2.3 Structure diagrams
- C.2.4 Not used
- C.2.5 Defensive programming
- C.2.6 Design and coding standards [Go to Page]
- C.2.6.1 General
- C.2.6.2 Coding standards
- C.2.6.3 No dynamic variables or dynamic objects
- C.2.6.4 On-line checking during creation of dynamic variables or dynamic objects
- C.2.6.5 Limited use of interrupts
- C.2.6.6 Limited use of pointers
- C.2.6.7 Limited use of recursion
- C.2.7 Structured programming
- C.2.8 Information hiding/encapsulation
- C.2.9 Modular approach
- C.2.10 Use of trusted/verified software elements [Go to Page]
- C.2.10.1 Not Used
- C.2.10.2 Assess a body of verification evidence
- C.2.11 Not Used
- C.2.12 Aim: To maintain consistency between lifecycle stages.
- C.2.13 Stateless software design (or limited state design)
- C.2.14 Offline numerical analysis
- C.2.15 Message sequence charts
- C.3 Architecture design [Go to Page]
- C.3.1 Fault detection and diagnosis
- C.3.2 Error detecting and correcting codes
- C.3.3 Failure assertion programming
- C.3.4 Diverse monitor
- C.3.5 Software diversity (diverse programming)
- C.3.6 Backward recovery
- C.3.7 Re-try fault recovery mechanisms
- C.3.8 Graceful degradation
- C.3.9 Not Used
- C.3.10 Dynamic reconfiguration
- C.3.11 Safety and Performance in real time: Time-Triggered Architecture
- C.3.12 UML [Go to Page]
- C.3.12.1 Class diagrams
- C.3.12.2 Use cases
- C.3.12.3 Activity diagrams
- C.4 Development tools and programming languages [Go to Page]
- C.4.1 Strongly typed programming languages
- C.4.2 Language subsets
- C.4.3 Not used
- C.4.4 Not used
- C.4.5 Suitable programming languages
- C.4.6 Automatic software generation
- C.4.7 Test management and automation tools
- C.5 Verification and modification [Go to Page]
- C.5.1 Probabilistic testing
- C.5.2 Data recording and analysis
- C.5.3 Interface testing
- C.5.4 Boundary value analysis
- C.5.5 Error guessing
- C.5.6 Error seeding
- C.5.7 Equivalence classes and input partition testing
- C.5.8 Structure-based testing
- C.5.9 Control flow analysis
- C.5.10 Data flow analysis
- C.5.11 Symbolic execution
- C.5.12 Formal proof (verification) [Go to Page]
- C.5.12.1 Model checking
- C.5.12.2 (void)
- C.5.13 Complexity metrics
- C.5.14 Formal inspections
- C.5.15 Walk-through (software)
- C.5.16 Design review
- C.5.17 Prototyping/animation
- C.5.18 Process simulation
- C.5.19 Performance requirements
- C.5.20 Performance modelling
- C.5.21 Avalanche/stress testing
- C.5.22 Response timing and memory constraints
- C.5.23 Impact analysis
- C.5.24 Software configuration management
- C.5.25 Regression validation
- C.5.26 Animation of specification and design
- C.5.27 Model based testing (test case generation)
- C.6 Functional safety assessment [Go to Page]
- C.6.1 Decision tables (truth tables)
- C.6.2 Software failure analysis [Go to Page]
- C.6.2.1 Introduction
- C.6.2.2 Overview
- C.6.2.3 Analysis Techniques [Go to Page]
- C.6.2.3.1 Software FMEA
- C.6.2.3.2 Software FTA
- C.6.2.4 Software HAZOP, see in particular Ref [4];
- C.6.2.5 The NASA Approach to Software Safety Analysis
- C.6.2.6 Considerations on coverage
- C.6.2.7 References:
- C.6.3 Common cause failure analysis
- C.6.4 Reliability block diagrams
- C.6.5 V&V Methods and Techniques Supporting IEC61508-3 Cl 7.3.2.3
- Table C.6.5 : V&V Methods and Techniques supporting Part 3 Clause 7.3.2.3
- Annex D (informative) Statistical evaluation techniques for in service software elements [Go to Page]
- D.1 Introduction
- D.2 Theoretical aspects [Go to Page]
- D.2.1 General
- D.2.2 References
- D.2.3 Terms and Definitions [Go to Page]
- D.2.3.1 Confidence level
- D.2.3.2 Continuous,
- D.2.3.3 Continuous,
- D.2.3.4 Failure,
- D.2.3.5 On-demand,
- D.2.3.6 On-demand,
- D.2.3.7 Operational profile
- D.2.4 Estimates of Software Statistical Parameters [Go to Page]
- D.2.4.1 On-demand Software
- D.2.4.2 Continuous Software
- D.2.4.3 Using Limit Theorems on a Sum of Factors
- D.2.5 The Sum Total of Operational Data Required
- D.2.6 Required Conditions for Operational History to be an Effective Guide to Future Use [Go to Page]
- D.2.6.1 the operational history has been gathered by an effective system for reporting and documenting failures
- D.3 Deployment aspects [Go to Page]
- D.3.1 Statistical evaluation deployment guidance
- D.3.2 Some Examples of Difficulties with Software Statistical Modelling [Go to Page]
- D.3.2.1 Example 1
- D.3.2.2 Example 2
- D.3.2.3 Example 3
- D.3.2.4 Example 4
- D.3.2.5 Example 5
- D.3.2.6 Example 6
- D.4 Route 2s proven in use claim
- D.5 Bibliography
- Annex E (informative) Overview of techniques and measures for design of complex integrated circuits
- Annex F (informative) Definitions of properties of software lifecycle phases
- Annex G (informative) Guidance for the development of safety-related object oriented software
- Annex H (informative) NOTE The overview of techniques and measures contained in this annex has been moved ot IEC 61508-2-1.
- Bibliography
- Index
- 30507505-NC.pdf [Go to Page]
Copyright 2025 Compu-tecture, Inc.
All Rights Reserved.
About Us /
Careers /
support@madcad.com /
1.800.798.9296