Experts in embedded RTOS and Middleware, with a specialisation in safety certified software

  • twitter
  • google
  • liknedin
  • youtube
Contact   Newsletter

Industry

SAFERTOS Pre-Certified to IEC 61508 SIL3

Industrial | Rail | Automotive| Nuclear | Machinery

 

SAFERTOS provides Industrial developers with a responsive, deterministic embedded Real Time Operating System (RTOS) with a Design Assurance Pack that provides an easy route to achieving certification of SAFERTOS once integrated into an Industrial Safety Product.

SAFERTOS and its Design Assurance Pack (DAP) are available pre-certified by TÜV SÜD to IEC 61508 Safety Integrity Level 3 (SIL3), the highest level possible for a software only component.

Support for Multiple Safety Standards

IEC 61508 is a generic Industrial safety standard supporting the design, development and operation of electrical/electronic/programmable electronic systems. Different industries (see figure) have created their own sector specific standards based on IEC 61508. For software development the underlying principles are similar; however the domain specific adaptations include processes and procedures for managing the unique system level risks present within each industrial sector.

IEC 61508 Diagram

All SAFERTOS ports delivered with a DAP comply with the requirements of IEC 61508 SIL 3. SAFERTOS and the DAP also support certification to the domain specific adaptations of IEC 61508, with compliance demonstrated by the use of cross-referencing matrixes and/or independent certification.

When ordering SAFERTOS please let our RTOS consultants know which sector specific standard you are working to, so WHIS can include the required documentation with your SAFERTOS delivery.

IEC 61508 SIL 3 - Industrial

SAFERTOS and the Industrial Design Assurance Pack were initially certified against the safety standard IEC 61508 to Safety Integrity Level 3, the highest level possible for a software only product, in 2007 by TÜV SÜD. Since then, WHIS has routinely re-certified SAFERTOS to IEC 61508 on many different compiler/processor combinations.

Typical SAFERTOS industrial applications include safety critical motor controllers, industrial automation, industrial safety devices, traffic management systems, process engineering, and drilling/mining applications.

SAFERTOS and its Industrial Design Assurance Pack are available pre-certified by TÜV SÜD to SIL 3.

EN 50128 - Rail

The EN 50128 is a specialisation of IEC 61508, and is a European standard for the development of safety-related software for railway applications, both trackside and train side.

The majority of SAFERTOS rail developers purchase the standard Industrial DAP supporting certification to IEC 61508 SIL 3. For those companies that need to demonstrate compliance to EN 50128, WHIS can provide information required by EN 50128 within the DAP and supply a cross-referencing matrix from the DAP to the EN 50128 standard.

Typical SAFERTOS rail applications include signalling, control and communication systems.

ISO 26262 - Automotive

The standard ISO 26262 is an adaptation of the Functional Safety standard IEC 61508 for Automotive Electric/Electronic Systems. ISO 26262 defines functional safety for automotive equipment applicable throughout the lifecycle of all automotive electronic and electrical safety-related systems.

SAFERTOS  is available pre-certified to ISO 26262 ASIL D for use within automotive safety products, however SAFERTOS is not OSEC compliant so therefore may not be suitable for all European automotive applications.

Read more about SAFERTOS for Automotive

IEC 61513 – Nuclear

IEC 61513, supports the design and development of instrumentation and controls for systems important to safety within nuclear power plants.

Typical SAFERTOS implementations in the nuclear industry include monitoring/sensing and control systems.

SAFERTOS supports this development standard by the use of the standard SAFERTOS IEC 61508 Industrial DAP.

IEC 62061 - Safety of Machinery

IEC/EN 62061, “Safety of machinery: Functional safety of electrical, electronic and programmable electronic control systems” is the machinery specific implementation of IEC/EN 61508. It provides requirements that are applicable to the system level design of all safety related electrical control systems for machinery, and also for the design of non-complex subsystems or devices.

SAFERTOS supports this development standard by the use of the standard SAFERTOS Industrial IEC 61508 DAP.

Imperceptible boot time

With an imperceptible boot time, SAFERTOS is an ideal choice in systems that need to protect users and equipment from hazards quickly after a power on or brown out event.

The imperceptible boot time also means SAFERTOS is ideally suited for use on the booting core of a multi-core/multi processor safety system. SAFERTOS can quickly and effectively bring the system up, configure the safety partitions and execute critical safety functionality before enabling other cores/processors, which may require longer to boot.

Responsiveness

SAFERTOS provides deterministic event handling, frequently used in motor control applications requiring precision control. It is the ideal choice for systems that need to respond quickly to safety events, where the system must be placed into a safe state.

Mixed Safety Critical Designs

The Task Isolation and Separation feature of SAFERTOS using the processor's MPU/MMU enables developers to co-locate safety critical code with non-safety critical code. Used effectively this can greatly reduce the amount of safety critical code required within an industrial device, resulting in lower development and maintenance costs.

Design Assurance Pack (DAP)

The SAFERTOS Design Assurance Pack contains the planning, design, and verification evidence which supports the certification of SAFERTOS. It is specific to the selected processor/compiler combination, which removes the need for expensive and prolonged retesting on the target hardware.

Certification of SAFERTOS integrated into an Industrial product is straightforward. WHIS supplies an easy to follow Safety Manual that clearly details how to install and integrate SAFERTOS into a safety critical development environment. Following the concise instructions preserves the verification and validation already performed by the WHIS Safety engineers.

  • Deterministic, Responsive Embedded RTOS
  • Contains all Planning, Design and Verification artefacts
  • Specific to the selected Processor/Compiler combination
  • Demonstrates the exceptional high quality of SAFERTOS

Exceptional High Quality

WHIS uses a high integrity lifecycle to develop, maintain and support SAFERTOS and its Design Assurance Packs that’s supported by a deeply institutionalised Quality Management System (QMS). Work started on the QMS in 1999, when WHIS was developing flight control systems. Over the subsequent years WHIS has developed its QMS to encompass the range of applications and standards it supports today, as demand for its services and products from its customers have broadened and deepened.

Lloyds Register LRQA UK independently certifies the WHIS QMS to ISO 9001, with the applicable scope:

Design, development, installation and support of high integrity systems and software for medical, aviation and industrial applications.

Lloyds Register LRQA UK

Contact us today to see how we can help you with your project.

Beyond SAFERTOS Industrial Devices

  • SAFERTOS CORE: for industrial devices that only need to consider safety and don’t require full certification.
  • Safety Components: brings greater robustness to safety critical industry designs. WHIS Safety components are available with a Design Assurance Pack supporting certification to industrial standards.
  • Networking and Data Storage solutions: available tightly integrated with SAFERTOS using the Task Separation and Isolation functionality.
  • Board Support Packages and Drivers: delivered either as commercial grade components, or with a Design Assurance Pack supporting certification.
  • Training: maximise the use of your RTOS and middleware components, and increase development proficiency by attending one of our comprehensive training courses.
  • Peer review services: sometimes just a few hours of consultancy to review a preliminary design, and check the approach is taken is correct, can deliver significant benefits to the outcome of a project.
  • Consultancy services: designed to support our industrial customers, allowing us to share our knowledge and experience of industrial device development to help optimise the final design, improve the design processes and smooth the route to certification.

Menu