Safety Justification

To develop the overall technical, market and regulatory context for the project. Rather than seeking to harmonise the differences between different working practices, but rather documents the variations so that how to address them in later work packages becomes a clearly defined task.

The process of approving software-based equipment for executing safety critical functions is far from being trivial, and not yet properly and efficiently mastered by regulators, licensees and suppliers. The review of licensing approaches (CEMSIS deliverable WP1-D1.1) clearly shows that except for procedures that formalise negotiations between licensee and licensor, no systematic method is defined or in use in CEMSIS member countries for demonstrating the safety of a software-based system.

If a systematic and well-planned approach is not followed, licensing costs in resources and delays may outweigh the benefits expected from the upgrade or the modernisation. Great is then the temptation to reduce costs at the expense of safety.

The WP1 deliverable is based on an overall framework approach for the assessment of SIS computer/software equipment, and proposes a method to help justify the safety and license efficiently the embedded software and hardware being replaced or upgraded.

Two essential aims of the method are:

by proposing a pragmatic framework to make a cost-effective justification of safety, that is:

Illustration of a typical Level 1 argument supported by evidence and subclaims: