IEC 61508

IEC 61508

The IEC 61508 standard is the international umbrella standard for functional safety. The standard is used within all kinds of industries with requirements on reliability and safety, such as process industries, nuclear power plants and railway control systems. Other functional safety standards are derived from it.

In section C.4 of part 7 of the standard, requirements for support tools and programming languages are specified. SuperTest is designed to support the following key requirements from IEC 61508:

  • “C.4.3 Tools are necessary to help developers in the different phases of software development. Wherever possible tools should be certified so that some level of confidence can be assumed regarding the correctness of the outputs.” “Compilers (translators) are regularly subject to certification procedures; …they exercise compilers (translators) against international standards…”
  • “C.4.4 If the translator has shown small deficiencies, the related language constructs are noted down and carefully avoided during a safety related project.”

For the C and C++ languages, their specifications are defined by ISO international language standards. SuperTest verifies that the behavior of the executable code generated by the compiler conforms to the language standard (C.4.3). SuperTest contains automated tools that summarize the results of a validation run into manageable reports. One of these reports provides requirements traceability. It is a detailed match between the language specification and the tests that have PASSED or FAILED.

There are few, if any, compilers that pass SuperTest verification without failures. Most common are errors that fail to detect violations of constraints, which may allow programming errors to go unnoticed. More rare are errors that incorrectly implement the required behavior. These are run-time errors that potentially pose an unacceptable risk to a safety-critical system. To avoid the first category, undetected constraint violation, a good mitigation is to verify the source code with a more strict static analysis tool than the compiler. This static analysis tool can also be verified with SuperTest. Different options are available to mitigate errors of the second category – run-time errors. In most cases, the error can be linked to a specific programming construct or to compilation options. If the error is linked to a programming construct, Solid Sands can help to avoid this by providing an automatic analysis tool that detects the construct in the application source code (C.4.4).

Compliance with IEC 61508 is an important step in the development of safety-critical systems. SuperTest is the best tool available to provide validation for C and C++ compilers that are used for safety-critical systems.