.. _fsd107: FSD107: System verification plan, validation test specifications and results ############################################################################# .. header .. list-table:: Header :header-rows: 0 * - Title - FSD107: System verification plan, validation test specifications and results * - Current version - V1 * - Products - Safety Simplifier * - Requirements - 61508-1 clause 7.18, 61508-2 clause 7.9 * - Purpose - Define the concept, overall scope, and market requirements for the Safety Simplifier * - Input - FSD114 Safety requirements specification, FSD120 Design requirements specification * - Output - FSD107: System verification plan, validation test specifications and results Table of contents .. contents:: Introduction ************ The purpose of this document is to specify the safety lifecycle plans, verification plans, and verification reports for each phase of the E/E/PE system safety lifecycle (figure 2 of EN 61508-2). All verification activities are documented for each phase, and all tests have clear pass/fail criteria. Tools and equipment to be used during the verification are stated in the verification document. If verification fails, it shall be stated if the failure is linked to: * the E/E/PE system safety lifecycle requirements, or * design requirements, or * requirements in Management of functional safety. .. needtable:: :tags: fsd107 :columns: id, title, status :sort: lineno Motivations *********** .. motivation:: EN 61508-2:2010, clause 7.9.2.1 :id: MOTIVATION_107_001 :tags: fsd107 :status: PASS Verification planning has been performed concurrently with the development of each phase. Documentation for verification activities is specified. See :ref:`FSD107`. .. motivation:: EN 61508-2:2010, clause 7.9.2.2 :id: MOTIVATION_107_002 :tags: fsd107 :status: PASS Pass/fail criteria and procedures for verifying each phase are specified in :ref:`FSD107`. .. motivation:: EN 61508-2:2010, clause 7.9.2.3 :id: MOTIVATION_107_003 :tags: fsd107 :status: PASS Each verification activity specifies the necessary activities to ensure correctness and consistency. see verification activities for each phase further below in this document. .. motivation:: EN 61508-2:2010, clause 7.9.2.4 :id: MOTIVATION_107_004 :tags: fsd107 :status: PASS \a) - \d) Specified for each verification activity in :ref:`FSD107`. .. motivation:: EN 61508-2:2010, clause 7.9.2.5 :id: MOTIVATION_107_005 :tags: fsd107 :status: PASS The pass criteria for each verification activity for each phase ensure that the functional and safety integrity requirements are met. see verification activities for each phase further below in this document. .. motivation:: EN 61508-2:2010, clause 7.9.2.6 :id: MOTIVATION_107_006 :tags: fsd107 :status: PASS See test results in :ref:`FSD107` for each phase. .. motivation:: EN 61508-2:2010, clause 7.9.2.7 :id: MOTIVATION_107_007 :tags: fsd107 :status: PASS See :need:`TEST_107_100`, :need:`TEST_107_101`, :need:`TEST_107_102`, and :need:`TEST_107_103`. .. motivation:: EN 61508-2:2010, clause 7.9.2.8 :id: MOTIVATION_107_008 :tags: fsd107 :status: PASS \a) - \c) See :ref:`fsd107_phase_10_3` .. motivation:: EN 61508-2:2010, clause 7.9.2.9 :id: MOTIVATION_107_009 :tags: fsd107 :status: PASS See :ref:`fsd107_phase_10_4` .. motivation:: EN 61508-2:2010, clause 7.9.2.10 :id: MOTIVATION_107_010 :tags: fsd107 :status: PASS See :ref:`fsd107`, and other test results in :ref:`FSD124`, :ref:`FSD150`, and :ref:`FSD300`. Phase 9: System safety requirements specification ************************************************* .. test:: Phase 9 :id: TEST_107_001 :tags: fsd107 :derived: RESULT_107_001 The system safety requirements specification shall be verified by inspection and review of the document. .. result:: Phase 9 :id: RESULT_107_001 :status: PASS :date: 2018-10-03 :verifyer: WF William has reviewed FSD114 and compared against the input documents FSD010 and FSD011. The document is complete and fulfills the requirements of EN 61508-1 clause 7.10. Note: the phases before phase 9 are not performed for this product, and thus the inputs to this phase don't map to those defined in 61508. 2 Phase 10.1: E/E/PES design requirements specification ******************************************************* 2.1 Phase objective -------------------- Specify the design requirements for each E/E/PE safety-related system, in terms of the subsystems and elements. 2.1.1 Input ^^^^^^^^^^^^ - :ref:`FSD010` - :ref:`FSD011` - :ref:`FSD114` 2.1.2 Output ^^^^^^^^^^^^ - :ref:`FSD120` - :ref:`FSD123` - :ref:`FSD124` - :ref:`FSD304` 2.2 Verification plan --------------------- .. test:: Phase 10.1 sreqs :tags: fsd107 :id: TEST_107_100 :derived: RESULT_107_100 The E/E/PE system design requirements (:ref:`FSD120`) shall fulfill the E/E/PE system safety requirements specification (input FSD114). Verify that each SREQ is covered by one or more E/E/PE system design requirement. .. result:: Phase 10.1 sreqs :id: RESULT_107_100 :status: PASS :date: 2025-06-08 :verifyer: WF By following the references from SREQs it is noted that each SREQ in FSD114 is covered by one or more DREQs. .. test:: Phase 10.1 mreqs :tags: fsd107 :id: TEST_107_101 :derived: RESULT_107_101 The E/E/PE system design requirements (output) shall match the market requirements for the product (input). Verify that there are no contradictions between the E/E/PE system design requirements and the market requirements, and that all the market requirements are covered by the E/E/PE system design requirements. .. result:: Phase 10.1 mreqs :id: RESULT_107_101 :status: PASS :date: 2025-06-08 :verifyer: WF The DREQs do not contradict any market requirements. .. test:: Phase 10.1 dreqs :tags: fsd107 :id: TEST_107_102 :derived: RESULT_107_102 The E/E/PE system design requirements (output) shall not contain any contradictions. Compare all DREQs against all other DREQs and verify that there are no contradictions. .. result:: Phase 10.1 dreqs :id: RESULT_107_102 :status: PASS :date: 2025-06-08 :verifyer: WF No contradictions among the DREQs were found. .. test:: Phase 10.1 design requirements :tags: fsd107 :id: TEST_107_103 :derived: RESULT_107_103 Verify that :ref:`FSD120` fulfill the requirements of points a-c in :need:`EN_61508_2_7_2_2_2`. .. result:: Phase 10.1 design requirements :id: RESULT_107_103 :status: PASS :date: 2025-06-08 :verifyer: WF The E/E/PE system design requirements specification (FSD120) fulfills the requirements of points a-c in :need:`EN_61508_2_7_2_2_2`. Every requirement has a parent SREQ and at least one derived (more detailed) requirement, or test specification covering the requirement. 3 Phase 10.2: E/E/PES safety validation planning ************************************************ 3.1 Phase objective ------------------- Develop the validation plan for the E/E/PE system. 3.1.1 Input ^^^^^^^^^^^ - :ref:`FSD114` - :ref:`FSD120` 3.1.2 Output ^^^^^^^^^^^^ .. note:: Documents containing validation test specifications can also contains the test results of those tests. Only the test specifications are output from this phase. - E/E/PE system safety validation plan (FSD116) - System validation test specifications: - :ref:`FSD124` - :ref:`FSD150` - :ref:`FSD300` 3.2 Verification plan --------------------- .. test:: Phase 10.2 test coverage :tags: fsd107 :id: TEST_107_200 :derived: RESULT_107_200 The E/E/PE system validation plan (output) shall contain integration test specifications that cover all E/E/PE system safety and design requirements (input). Verify for each E/E/PE system design and safety requirement (input) that there are one or more integration test specifications that together validate that the requirement is fulfilled. .. result:: Phase 10.2 :id: RESULT_107_200 :status: PASS :date: 2025-06-08 :verifyer: WF All DREQs have derived tests that fulfill the requirement. .. _fsd107_phase_10_3: 4 Phase 10.3: E/E/PES design and development *********************************************** 4.1 Phase objective ------------------- Design and develop the E/E/PE safety-related system to meet the E/E/PE system design requirements specification. 4.1.1 Input ^^^^^^^^^^^ - :ref:`FSD120` - :ref:`FSD124` 4.1.2 Output ^^^^^^^^^^^^ - :ref:`FSD129` - :ref:`FSD304` - Hardware - PCB018 (Safety Simplifier PLC) - PCB019 (Safety Simplifier display) - PCB022 (Safety Simplifier CAN card) - PCB023 (Radio module) - MEC1114ASM (Encapsulation) - Software - SRC002-021 (Firmware CPU1) - SRC002-022 (Firmware CPU2) - SRC002-104 logic compiler (:ref:`FSD331`) - Simplifier Manager (:ref:`FSD330`, :ref:`FSD124`) - Software safety lifecycle - FSD318 Software safety lifecycle requirements - FSD322 Software verification plan and results - FSD319 Software safety requirements specification - FSD321 Software design and development - FSD311-FSD314 Gitlogs - Integration and module tests and results in :ref:`FSD124`. 4.2 Verification plan --------------------- .. test:: Phase 10.3 verification :tags: fsd107 :id: TEST_107_300 :derived: RESULT_107_300 The design of the safety function(s) (output) shall fulfill the E/E/PE system safety function requirements. Verify that each E/E/PE system safety function requirement is fulfilled by the safety functions by comparing the completed software and hardware against the Safety design requirements specification (FSD120) and Software safety requirements specification (FSD319) .. result:: Phase 10.3 :id: RESULT_107_300 :status: PASS :date: 2025-06-08 :verifyer: WF Extensive reviews of the hardware have been performed formally (see FSD304, FSD212, FSD204, FSD203, FSD201, and FSD113. Reviews of these documents have been performed with reference to the safety and design requirements), and informally in meetings with RISE during development. Each requirement for software (FSD319) map to one or more module/integration tests that completely test the requirement. The software requirements have been developed in accordance with the design and safety requirements (FSD114 and FSD120). .. test:: Phase 10.3 techniques and measures :tags: fsd107 :id: TEST_107_301 :derived: RESULT_107_301 All recommended and highly recommended techniques and measures for SIL3 shall be applied for the development of the safety function(s). If not applied, a description of why not shall be provided. See :ref:`FSD303`. .. result:: Phase 10.3 :id: RESULT_107_301 :status: PASS :date: 2025-06-08 :verifyer: WF All tables of techniques and measures have been filled in, and the recommended and highly recommended techniques and measures have been applied for the development of the safety function(s). The techniques and measures which have not been applied have a description of why not. .. test:: Phase 10.3 software safety lifecycle :tags: fsd107 :id: TEST_107_302 :derived: RESULT_107_302 The software safety lifecycle phases specified in FSD318 shall be followed during the development of the software. Verify that the software safety lifecycle phases are followed during the software development by verifying that the correct documentation for each phase exists. .. result:: Phase 10.3 software safety lifecycle :id: RESULT_107_302 :status: PASS :date: 2025-06-08 :verifyer: WF The software safety lifecycle phases 1-4 specified in FSD318 have been followed during the development of the software according to the following documents: - Phase 1: FSD319 - Phase 2: FSD304 - Phase 3: FSD304 - Phase 4: - Coding: FSD311-FSD314 (logs), FSD310 - Module testing: FSD300 .. _fsd107_phase_10_4: 5 Phase 10.4: E/E/PES integration *********************************************** 5.1 Phase objective ------------------- Integrate and test the E/E/PE safety-related system. 5.1.1 Input ^^^^^^^^^^^ - Hardware (see output from the previous phase) - Software (see output from the previous phase) 5.1.2 Output ^^^^^^^^^^^^ - :ref:`FSD124` - :ref:`FSD150` .. test:: Phase 10.4 system integration :tags: fsd107 :id: TEST_107_400 :derived: RESULT_107_400 The E/E/PE system integration shall be performed according to the E/E/PE system safety validation plan (FSD116). Verify that the integration is performed according to the E/E/PE system safety validation plan (FSD116). .. result:: Phase 10.4 :id: RESULT_107_400 :status: PASS :date: 2025-06-08 :verifyer: WF The software safety lifecycle phases 5-6 specified in FSD318 have been followed during the development of the software according to the following documents: - Phase 5: FSD319 - Phase 6: FSD304 .. test:: Phase 10.4 integration tests :tags: fsd107 :id: TEST_107_401 :derived: RESULT_107_401 The integration tests in FSD124 and FSD150 shall be passed. Verify that the integration tests in FSD124 and FSD150 are all passed. Note that the only the integration tests of chapters 3 and 4 in FSD124, and the integration tests in FSD150 are applicable here. .. result:: Phase 10.4 integration tests :id: RESULT_107_401 :status: PASS :date: 2025-06-08 :verifyer: WF All integration tests in FSD124 and FSD150 are passed. 6 Phase 10.5: E/E/PES installation, commissioning, operation & maintenance procedures ********************************************************************************************** 6.1 Phase objective ------------------- Develop the installation, commissioning, operation and maintenance procedures that are necessary for correct use of the product. 6.1.1 Input ^^^^^^^^^^^ - FSD120 System design requirements specification - Hardware - Software 6.1.2 Output ^^^^^^^^^^^^ - safety manual requirements - User manual(s) 6.2 Verification plan --------------------- .. test:: Phase 10.5 safety manual requirements :tags: fsd107 :id: TEST_107_500 :derived: RESULT_107_500 The safety manual requirements (output) shall cover all the requirements specified in FSD501 safety manual requirements. Verify that the manual(s) contain the necessary information about every procedure of installing, operating, maintaining, and commissioning the E/E/PE system. .. result:: Phase 10.5 safety manual requirements :id: RESULT_107_500 :status: PASS :date: 2025-06-08 :verifyer: WF See :ref:`FSD501`. 7 Phase 10.6: E/E/PES safety validation **************************************** 7.1 Phase objective ------------------- Validate the E/E/PE safety-related system meets, in all respects, the requirements for safety in terms of the required safety functions and safety integrity. 7.1.1 Input ^^^^^^^^^^^ - :ref:`FSD114` - :ref:`FSD120` - :ref:`FSD116` 7.1.2 Output ^^^^^^^^^^^^ - FSD127 List of DREQ pass and reference - FSD128 List of DREQ pass and reference - Integration and module test results - FSD124 - FSD150 - FSD300 7.2 Verification plan --------------------- 7.2.1 Verification 1 ^^^^^^^^^^^^^^^^^^^^ .. test:: Phase 10.6 integration tests :tags: fsd107 :id: TEST_107_600 :derived: RESULT_107_600 All integration tests shall be performed according to their specification and all integration tests shall be passed. Verify that the integration tests in FSD124 and FSD150 are performed as specified in their test specifications. Note that the only the integration tests of chapters 3 and 4 in FSD124, and the integration tests in FSD150 are applicable here. Due to the magnitude of tests that have been performed, a reasonable subset of the integration test results are selected and reviewed against their specification. .. result:: Phase 10.6 integration tests :id: RESULT_107_600 :status: PASS :date: 2025-06-08 :verifyer: WF The selected tests in FSD124 and FSD150 are performed as specified in their test specifications. See FSD124 and FSD150 for test results.