iTeh Standards logo
EURUSD
Your shopping cart is empty.
CLC

EN 61508-3:2010

(Main)

Functional safety of electrical/electronic/programmable electronic safety-related systems - Part 3: Software requirements

Functional safety of electrical/electronic/programmable electronic safety-related systems - Part 3: Software requirements

IEC 61508-3:2010 applies to any software forming part of a safety-related system or used to develop a safety-related system within the scope of IEC 61508-1 and IEC 61508-2; provides specific requirements applicable to support tools used to develop and configure a safety-related system within the scope of IEC 61508-1 and IEC 61508-2; requires that the software safety functions and software systematic capability are specified; establishes requirements for safety lifecycle phases and activities which shall be applied during the design and development of the safety-related software. These requirements include the application of measures and techniques, which are graded against the required systematic capability, for the avoidance of and control of faults and failures in the software; provides requirements for information relating to the software aspects of system safety validation to be passed to the organisation carrying out the E/E/PE system integration; provides requirements for the preparation of information and procedures concerning software needed by the user for the operation and maintenance of the E/E/PE safety-related system; provides requirements to be met by the organisation carrying out modifications to safety-related software; provides, in conjunction with IEC 61508-1 and IEC 61508-2, requirements for support tools such as development and design tools, language translators, testing and debugging tools, configuration management tools. This second edition cancels and replaces the first edition published in 1998. This edition constitutes a technical revision. It has been subject to a thorough review and incorporates many comments received at the various revision stages. It has the status of a basic safety publication according to IEC Guide 104. NEW! Also available:  IEC Standards+ 61508:2010, containing all parts, together with a commented Redline version. Changes made in this 2nd edition are highlighted and commented by a leading world expert.

Funktionale Sicherheit sicherheitsbezogener elektrischer/elektronischer/programmierbarer elektronischer Systeme - Teil 3: Anforderungen an Software

Sécurité fonctionnelle des systèmes électriques/électroniques/électroniques programmables relatifs à la sécurité - Partie 3: Exigences concernant les logiciels

La CEI 61508-3:2010 s'applique à tout logiciel faisant partie intégrante d'un système relatif à la sécurité ou utilisé pour développer un système relatif à la sécurité entrant dans le domaine d'application de la CEI 61508-1 et de la CEI 61508-2. Ce type de logiciel est désigné par le terme 'logiciel de sécurité'; fournit des exigences spécifiques applicables aux outils de support utilisés pour développer et configurer un système relatif à la sécurité dans le cadre du domaine d'application de la CEI 61508-1 et de la CEI 61508-2; nécessite que les fonctions de sécurité du logiciel et la capabilité systématique du logiciel soient précisées; établit des exigences concernant les phases et activités du cycle de vie de sécurité qui doivent être appliquées durant la conception et le développement du logiciel de sécurité. Ces exigences comprennent l'application de mesures et de techniques qui suivent une gradation basée sur la capabilité systématique requise, afin d'éviter et de maîtriser les anomalies et défaillances du logiciel; fournit les exigences pour les informations relatives aux aspects du logiciel applicables à la validation de la sécurité du système et devant être transmises à l'organisation en charge de l'intégration du système E/E/PE; fournit les exigences pour la préparation des informations et procédures concernant le logiciel requises par l'utilisateur pour le fonctionnement et la maintenance d'un système E/E/PE relatif à la sécurité; fournit les exigences devant être observées par l'organisation en charge des modifications du logiciel de sécurité; fournit, en accord avec la CEI 61508-1 et la CEI 61508-2, les exigences pour les outils de support tels que les outils de conception et développement, les traducteurs de langage, les outils d'essai et de mise au point et les outils de gestion de configuration; Cette deuxième édition annule et remplace la première édition publiée en 1998 dont elle constitue une révision technique. Elle a fait l'objet d'une révision approfondie et intègre de nombreux commentaires reçus lors des différentes phases de révision. Elle a le statut d'une publication fondamentale de sécurité conformément au Guide CEI 104.

Funkcijska varnost električnih/elektronskih/elektronsko programirljivih varnostnih sistemov - 3. del: Programske zahteve (IEC 61508-3:2010)

1.1 Ta del serije IEC 61508
a) je namenjen uporabi šele po temeljitem razumevanju IEC 61508-1 in IEC 61508-2;
b) velja za vso programsko opremo, ki je sestavni del varnostnega sistema ali ki se uporablja za razvoj varnostnega sistema v okviru IEC 61508-1 in IEC 61508-2. Taka programska oprema se imenuje varnostna programska oprema (vključuje operacijske sisteme, sistemsko programsko opremo, programsko opremo v komunikacijskih omrežjih, vmesniške funkcije človek-računalnik ter sistemske programe in uporabniško programsko opremo);
c) zagotavlja posebne zahteve, ki veljajo za podporna orodja, ki se uporabljajo za razvoj in konfiguracijo varnostnega sistema v okviru IEC 61508-1 in IEC 61508-2;
d) zahteva, da se opredelijo programske varnostne funkcije in sistemska zmogljivost programske opreme; OPOMBA 1: Če je to že opredeljeno kot del specifikacije varnostnih sistemov E/E/PE (glej točko 7.2 IEC 61508-2), v tem delu tega ni treba ponoviti.
OPOMBA 2: Opredelitev programskih varnostnih funkcij in sistemske zmogljivosti programske opreme je iterativen postopek; glej sliki 3 in 6.
OPOMBA 3: Za strukturo dokumentacije glej klavzulo 5 in dodatek A IEC 61508-1. Struktura dokumentacije lahko upošteva postopke podjetja in delovne postopke določenega applikacijskega sektorja.
OPOMBA 4: Pojasnilo: Za opredelitev izraza »sistemska zmogljivost» glej točko 3.5.9 IEC 61508-4;
e) vzpostavlja zahteve za faze in aktivnosti varnostnega cikla, ki se uporabijo med projektiranjem in razvojem varnostne programske opreme (model varnostnega cikla programske opreme). Te zahteve vključujejo uporabo tehnik in ukrepov, razvrščenih glede na zahtevano sistemsko zmogljivost, ki so namenjeni preprečevanju in nadzoru napak in okvar programske opreme;
f) zagotavlja zahteve za informacije v zvezi z vidiki programske opreme za validacijo varnosti sistema, namenjene organizaciji, ki izvaja integracijo sistemov E/E/PE;
g) zagotavlja zahteve za pripravo informacij in postopkov v zvezi s programsko opremo, ki jo potrebuje uporabnik za upravljanje in vzdrževanje varnostnih sistemov E/E/PE;
h) zagotavlja zahteve, ki jih mora izpolnjevati organizacija, ki izvaja spremembe varnostnih sistemov;
i) v povezavi z IEC 61508-1 in IEC 61508-2 zagotavlja zahteve za podporna orodja, kot so orodja za razvoj in projektiranje, jezikovni prevajalniki, orodja za preskušanje ter iskanje in odpravljanje napak, orodja za upravljanje konfiguracije;
OPOMBA 4: Slika 5 prikazuje razmerje med IEC 61508-2 in IEC 61508-3.
j) Ne velja za medicinsko opremo v skladu s serijo IEC 60601.
1.2 IEC 61508-1, IEC 61598-2, IEC 61508-3 in IEC 61508-4 so osnovne varnostne objave, čeprav ta status ne velja v okviru nezapletenih varnostnih sistemov E/E/PE (glej točko 3.4.3 IEC 61508-4). Kot osnovne varnostne objave so namenjeni temu, da jih uporabljajo tehnični odbori pri pripravi standardov v skladu z načeli, opredeljenimi v Vodilu IEC 104 in Vodilu ISO/IEC 51. IEC 61508-1, IEC 61508-2, IEC 61508-3 in IEC 61508-4 se lahko uporabljajo tudi kot samostojne objave. Horizontalno varnostno delovanje tega mednarodnega standarda ne velja za medicinsko opremo v skladu s serijo IEC 60601.
1.3 Ena od odgovornosti tehničnega odbora je, če je primerno, da uporabi temeljne varnostne objave pri pripravi svojih objav. V tem okviru zahteve, preskusne metode ali preskusni pogoji te temeljne varnostne objave ne veljajo, razen če se objave, ki so jih pripravili tehnični odbori, nanje izrecno sklicujejo ali jih vključujejo.
1.4 Slika 1 prikazuje celoten okvir serije IEC 61508 in nakazuje vlogo IEC 61508-3 pri doseganju funkcijske varnosti E/E/PE-varnostnih sistemov.

General Information

Status
Published
Publication Date
27-May-2010
Withdrawal Date
30-Apr-2013
ICS
25.040.40 - Industrial process measurement and control
Technical Committee
CLC/TC 65X - Industrial-process measurement, control and automation
Drafting Committee
IEC/SC 65A - IEC_SC_65A
Parallel Committee
IEC/SC 65A - IEC_SC_65A
Current Stage
6060 - Document made available - Publishing
Start Date
28-May-2010
Completion Date
28-May-2010
Ref Project
SIST EN 61508-3:2011 - Functional safety of electrical/electronic/programmable electronic safety-related systems - Part 3: Software requirements (IEC 61508-3:2010)

Relations

Replaces
EN 61508-3:2001 - Functional safety of electrical/electronic/programmable electronic safety-related systems - Part 3: Software requirements
Effective Date
28-Jan-2023
Revised
prEN IEC 61508-3:2025 - Functional safety of electrical/electronic/programmable electronic safety-related systems - Part 3: Software requirements
Effective Date
11-Oct-2022

Overview

EN 61508-3:2010 (IEC 61508-3:2010) specifies the software requirements for electrical/electronic/programmable electronic (E/E/PE) safety‑related systems within the scope of IEC 61508. It is the second‑edition, technical revision that replaces the first edition. The standard defines what must be delivered for safety‑related software across the safety lifecycle, including specification, design, implementation, verification, validation, integration, operation, modification and documentation. It is a basic safety publication (IEC Guide 104) widely used in industrial process measurement and control.

Key topics and technical requirements

  • Software safety lifecycle: Requirements for lifecycle phases and activities (from requirements specification through validation and modification).
  • Software safety requirements specification (SRS): Mandates specifying software safety functions and the required software systematic capability.
  • Graded measures and techniques: Application of techniques and measures proportional to the required systematic capability to avoid and control software faults and failures.
  • Support tools: Requirements for tools used in development/configuration (compilers, debuggers, test tools, configuration management) and for qualification of tool chains.
  • Verification and validation: Defined activities and information to be passed to system integrators for system safety validation.
  • Documentation and safety manual: Prescribes content and procedures for operation and maintenance information provided to users, and additional safety‑related documentation for compliant items (see Annex D).
  • Software modification: Requirements and processes for safe modification of safety‑related software.
  • Annex guidance: Includes selection of techniques and measures (Annex A), detailed tables and properties for systematic capability (Annexes B–C), and guidance for special topics such as data‑driven systems and software non‑interference (Annexes F–G).

Practical applications

This standard is applied when developing or integrating safety‑related software for systems such as programmable safety controllers, PLCs, distributed control systems and embedded controllers used in industrial automation and process control. It is used to:

  • Define and demonstrate software safety integrity.
  • Select appropriate development techniques and verification methods.
  • Qualify development tools and toolchains.
  • Produce documentation required for certification, system integration and safe operation.

Who should use this standard

  • Safety engineers and system architects designing E/E/PE safety systems
  • Software developers and testers working on safety‑related code
  • Functional safety assessors and certification bodies
  • System integrators and maintenance organizations
  • Tool vendors and quality/validation teams

Related standards

  • IEC 61508-1 (General requirements)
  • IEC 61508-2 (System requirements)
  • IEC 61508-4 (Definitions)
  • IEC 61508-5/6/7 (supporting parts)
  • IEC 61511, IEC 62061, EN 61131-3 (related sector standards)

Keywords: IEC 61508-3, EN 61508-3:2010, functional safety, software safety lifecycle, safety‑related software, software systematic capability, support tools, E/E/PE systems.

EN 61508-3:2011EN 61508-3:2011
PreviousNext
Standard
EN 61508-3:2011
English language
114 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day

Standards Content (Sample)


SLOVENSKI STANDARD
01-maj-2011
1DGRPHãþD
SIST EN 61508-3:2007
)XQNFLMVNDYDUQRVWHOHNWULþQLKHOHNWURQVNLKHOHNWURQVNRSURJUDPLUOMLYLKYDUQRVWQLK
VLVWHPRYGHO3URJUDPVNH]DKWHYH ,(&
Functional safety of electrical/electronic/programmable electronic safety-related systems
- Part 3: Software requirements (IEC 61508-3:2010)
Funktionale Sicherheit sicherheitsbezogener
elektrischer/elektronischer/programmierbarer elektronischer Systeme - Teil 3:
Anforderungen an Software (IEC 61508-3:2010)
Sécurité fonctionnelle des systèmes électriques/électroniques/électroniques
programmables relatifs à la sécurité - Partie 3: Prescriptions concernant les logiciels CEI
61508-3:2010)
Ta slovenski standard je istoveten z: EN 61508-3:2010
ICS:
25.040.40 Merjenje in krmiljenje Industrial process
industrijskih postopkov measurement and control
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

EUROPEAN STANDARD
EN 61508-3
NORME EUROPÉENNE
May 2010
EUROPÄISCHE NORM
ICS 25.040.40 Supersedes EN 61508-3:2001

English version
Functional safety of electrical/electronic/programmable electronic
safety-related systems -
Part 3: Software requirements
(IEC 61508-3:2010)
Sécurité fonctionnelle des systèmes Funktionale Sicherheit sicherheitsbezogener
électriques/électroniques/électroniques elektrischer/elektronischer/programmierbarer
programmables relatifs à la sécurité - elektronischer Systeme -
Partie 3: Exigences concernant Teil 3: Anforderungen an Software
les logiciels (IEC 61508-3:2010)
(CEI 61508-3:2010)
This European Standard was approved by CENELEC on 2010-05-01. CENELEC members are bound to comply
with the CEN/CENELEC Internal Regulations which stipulate the conditions for giving this European Standard
the status of a national standard without any alteration.

Up-to-date lists and bibliographical references concerning such national standards may be obtained on
application to the Central Secretariat or to any CENELEC member.

This European Standard exists in three official versions (English, French, German). A version in any other
language made by translation under the responsibility of a CENELEC member into its own language and notified
to the Central Secretariat has the same status as the official versions.

CENELEC members are the national electrotechnical committees of Austria, Belgium, Bulgaria, Croatia, Cyprus,
the Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy,
Latvia, Lithuania, Luxembourg, Malta, the Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia,
Spain, Sweden, Switzerland and the United Kingdom.

CENELEC
European Committee for Electrotechnical Standardization
Comité Européen de Normalisation Electrotechnique
Europäisches Komitee für Elektrotechnische Normung

Management Centre: Avenue Marnix 17, B - 1000 Brussels

© 2010 CENELEC - All rights of exploitation in any form and by any means reserved worldwide for CENELEC members.
Ref. No. EN 61508-3:2010 E
Foreword
The text of document 65A/550/FDIS, future edition 2 of IEC 61508-3, prepared by SC 65A, System
aspects, of IEC TC 65, Industrial-process measurement, control and automation, was submitted to the
IEC-CENELEC parallel vote and was approved by CENELEC as EN 61508-3 on 2010-05-01.
This European Standard supersedes EN 61508-3:2001.
It has the status of a basic safety publication according to IEC Guide 104.
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. CEN and CENELEC shall not be held responsible for identifying any or all such patent
rights.
The following dates were fixed:
– latest date by which the EN has to be implemented
at national level by publication of an identical
national standard or by endorsement (dop) 2011-02-01
– latest date by which the national standards conflicting
with the EN have to be withdrawn (dow) 2013-05-01
Annex ZA has been added by CENELEC.
__________
Endorsement notice
The text of the International Standard IEC 61508-3:2010 was approved by CENELEC as a European
Standard without any modification.
In the official version, for Bibliography, the following notes have to be added for the standards indicated:
[1] IEC 61511 series NOTE  Harmonized in EN 61511 series (not modified).
[2] IEC 62061 NOTE  Harmonized as EN 62061.
[3] IEC 61800-5-2 NOTE  Harmonized as EN 61800-5-2.
[4] IEC 61508-5:2010 NOTE  Harmonized as EN 61508-5:2010 (not modified).
[5] IEC 61508-6:2010 NOTE  Harmonized as EN 61508-6:2010 (not modified).
[6] IEC 61508-7:2010 NOTE  Harmonized as EN 61508-7:2010 (not modified).
[7] IEC 60601 series NOTE  Harmonized in 60601 series (partially modified).
[8] IEC 61131-3 NOTE  Harmonized as EN 61131-3.
__________
- 3 - EN 61508-3:2010
Annex ZA
(normative)
Normative references to international publications
with their corresponding European publications

The following referenced documents are indispensable for the application of this document. For dated
references, only the edition cited applies. For undated references, the latest edition of the referenced
document (including any amendments) applies.

NOTE  When an international publication has been modified by common modifications, indicated by (mod), the relevant EN/HD
applies.
Publication Year Title EN/HD Year

IEC 61508-1 2010 Functional safety of EN 61508-1 2010
electrical/electronic/programmable electronic
safety-related systems -
Part 1: General requirements
IEC 61508-2 2010 Functional safety of EN 61508-2 2010
electrical/electronic/programmable electronic
safety-related systems -
Part 2: Requirements for
electrical/electronic/programmable electronic
safety-related systems
IEC 61508-4 2010 Functional safety of EN 61508-4 2010
electrical/electronic/programmable electronic
safety-related systems -
Part 4: Definitions and abbreviations

IEC Guide 104 1997 The preparation of safety publications and the - -
use of basic safety publications and group
safety publications
ISO/IEC Guide 51 1999 Safety aspects - Guidelines for their inclusion - -
in standards
IEC 61508-3 ®
Edition 2.0 2010-04
INTERNATIONAL
STANDARD
NORME
INTERNATIONALE
BASIC SAFETY PUBLICATION
PUBLICATION FONDAMENTALE DE SÉCURITÉ
Functional safety of electrical/electronic/programmable electronic safety-related
systems –
Part 3: Software requirements
Sécurité fonctionnelle des systèmes électriques/électroniques/électroniques
programmables relatifs à la sécurité –
Partie 3: Exigences concernant les logiciels

INTERNATIONAL
ELECTROTECHNICAL
COMMISSION
COMMISSION
ELECTROTECHNIQUE
PRICE CODE
INTERNATIONALE
XE
CODE PRIX
ICS 25.040.40 ISBN 978-2-88910-526-7
– 2 – 61508-3 © IEC:2010
CONTENTS
FOREWORD.5
INTRODUCTION.7
1 Scope.9
2 Normative references .12
3 Definitions and abbreviations.13
4 Conformance to this standard.13
5 Documentation .13
6 Additional requirements for management of safety-related software .13
6.1 Objectives .13
6.2 Requirements.13
7 Software safety lifecycle requirements.14
7.1 General .14
7.1.1 Objective .14
7.1.2 Requirements .14
7.2 Software safety requirements specification.21
7.2.1 Objectives .21
7.2.2 Requirements .21
7.3 Validation plan for software aspects of system safety.24
7.3.1 Objective .24
7.3.2 Requirements .24
7.4 Software design and development.25
7.4.1 Objectives .25
7.4.2 General requirements .26
7.4.3 Requirements for software architecture design .29
7.4.4 Requirements for support tools, including programming languages.30
7.4.5 Requirements for detailed design and development – software
system design .33
7.4.6 Requirements for code implementation.34
7.4.7 Requirements for software module testing .35
7.4.8 Requirements for software integration testing .35
7.5 Programmable electronics integration (hardware and software) .36
7.5.1 Objectives .36
7.5.2 Requirements .36
7.6 Software operation and modification procedures .37
7.6.1 Objective .37
7.6.2 Requirements .37
7.7 Software aspects of system safety validation.37
7.7.1 Objective .37
7.7.2 Requirements .38
7.8 Software modification .39
7.8.1 Objective .39
7.8.2 Requirements .39
7.9 Software verification.41
7.9.1 Objective .41
7.9.2 Requirements .41
8 Functional safety assessment.44

61508-3 © IEC:2010 – 3 –
Annex A (normative) Guide to the selection of techniques and measures.46
Annex B (informative) Detailed tables .55
Annex C (informative) Properties for software systematic capability.60
Annex D (normative) Safety manual for compliant items – additional requirements for
software elements.97
Annex E (informative) Relationships between IEC 61508-2 and IEC 61508-3.100
Annex F (informative) Techniques for achieving non-interference between software
elements on a single computer .102
Annex G (informative) Guidance for tailoring lifecycles associated with data driven
systems .107
Bibliography.111

Figure 1 – Overall framework of the IEC 61508 series .11
Figure 2 – Overall safety lifecycle .12
Figure 3 – E/E/PE system safety lifecycle (in realisation phase).16
Figure 4 – Software safety lifecycle (in realisation phase).16
Figure 5 – Relationship and scope for IEC 61508-2 and IEC 61508-3 .17
Figure 6 – Software systematic capability and the development lifecycle (the V-model) .17
Figure G.1 – Variability in complexity of data driven systems .108

Table 1 – Software safety lifecycle – overview .18
Table A.1 – Software safety requirements specification .47
Table A.2 – Software design and development – software architecture design .48
Table A.3 – Software design and development – support tools and programming
language.49
Table A.4 – Software design and development – detailed design .50
Table A.5 – Software design and development – software module testing and
integration .51
Table A.6 – Programmable electronics integration (hardware and software).51
Table A.7 – Software aspects of system safety validation .52
Table A.8 – Modification .52
Table A.9 – Software verification .53
Table A.10 – Functional safety assessment .54
Table B.1 – Design and coding standards .55
Table B.2 – Dynamic analysis and testing.56
Table B.3 – Functional and black-box testing .56
Table B.4 – Failure analysis.57
Table B.5 – Modelling .57
Table B.6 – Performance testing.58
Table B.7 – Semi-formal methods .58
Table B.8 – Static analysis.59
Table B.9 – Modular approach .59
Table C.1 – Properties for systematic safety integrity – Software safety requirements
specification .64

– 4 – 61508-3 © IEC:2010
Table C.2 – Properties for systematic safety integrity – Software design and
development – software Architecture Design .67
Table C.3 – Properties for systematic safety integrity – Software design and
development – support tools and programming language.76
Table C.4 – Properties for systematic safety integrity – Software design and
development – detailed design (includes software system design, software module
design and coding) .77
Table C.5 – Properties for systematic safety integrity – Software design and
development – software module testing and integration .79
Table C.6 – Properties for systematic safety integrity – Programmable electronics
integration (hardware and software).81
Table C.7 – Properties for systematic safety integrity – Software aspects of system
safety validation.82
Table C.8 – Properties for systematic safety integrity – Software modification .83
Table C.9 – Properties for systematic safety integrity – Software verification .85
Table C.10 – Properties for systematic safety integrity – Functional safety assessment .86
Table C.11 – Detailed properties – Design and coding standards.87
Table C.12 – Detailed properties – Dynamic analysis and testing .89
Table C.13 – Detailed properties – Functional and black-box testing.90
Table C.14 – Detailed properties – Failure analysis .91
Table C.15 – Detailed properties – Modelling.92
Table C.16 – Detailed properties – Performance testing .93
Table C.17 – Detailed properties – Semi-formal methods.94
Table C.18 – Properties for systematic safety integrity – Static analysis .95
Table C.19 – Detailed properties – Modular approach.96
Table E.1 – Categories of IEC 61508-2 requirements.100
Table E.2 – Requirements of IEC 61508-2 for software and their typical relevance to
certain types of software.100
Table F.1 – Module coupling – definition of terms .104
Table F.2 – Types of module coupling.105

61508-3 © IEC:2010 – 5 –
INTERNATIONAL ELECTROTECHNICAL COMMISSION
____________
FUNCTIONAL SAFETY OF ELECTRICAL/ELECTRONIC/
PROGRAMMABLE ELECTRONIC SAFETY-RELATED SYSTEMS –

Part 3: Software requirements
FOREWORD
1) The International Electrotechnical Commission (IEC) is a worldwide organization for standardization comprising
all national electrotechnical committees (IEC National Committees). The object of IEC is to promote
international co-operation on all questions concerning standardization in the electrical and electronic fields. To
this end and in addition to other activities, IEC publishes International Standards, Technical Specifications,
Technical Reports, Publicly Available Specifications (PAS) and Guides (hereafter referred to as “IEC
Publication(s)”). Their preparation is entrusted to technical committees; any IEC National Committee interested
in the subject dealt with may participate in this preparatory work. International, governmental and non-
governmental organizations liaising with the IEC also participate in this preparation. IEC collaborates closely
with the International Organization for Standardization (ISO) in accordance with conditions determined by
agreement between the two organizations.
2) The formal decisions or agreements of IEC on technical matters express, as nearly as possible, an international
consensus of opinion on the relevant subjects since each technical committee has representation from all
interested IEC National Committees.
3) IEC Publications have the form of recommendations for international use and are accepted by IEC National
Committees in that sense. While all reasonable efforts are made to ensure that the technical content of IEC
Publications is accurate, IEC cannot be held responsible for the way in which they are used or for any
misinterpretation by any end user.
4) In order to promote international uniformity, IEC National Committees undertake to apply IEC Publications
transparently to the maximum extent possible in their national and regional publications. Any divergence
between any IEC Publication and the corresponding national or regional publication shall be clearly indicated in
the latter.
5) IEC itself does not provide any attestation of conformity. Independent certification bodies provide conformity
assessment services and, in some areas, access to IEC marks of conformity. IEC is not responsible for any
services carried out by independent certification bodies.
6) All users should ensure that they have the latest edition of this publication.
7) No liability shall attach to IEC or its directors, employees, servants or agents including individual experts and
members of its technical committees and IEC National Committees for any personal injury, property damage or
other damage of any nature whatsoever, whether direct or indirect, or for costs (including legal fees) and
expenses arising out of the publication, use of, or reliance upon, this IEC Publication or any other IEC
Publications.
8) Attention is drawn to the Normative references cited in this publication. Use of the referenced publications is
indispensable for the correct application of this publication.
9) Attention is drawn to the possibility that some of the elements of this IEC Publication may be the subject of
patent rights. IEC shall not be held responsible for identifying any or all such patent rights.
International Standard IEC 61508-3 has been prepared by subcommittee 65A: System
aspects, of IEC technical committee 65: Industrial-process measurement, control and
automation.
This second edition cancels and replaces the first edition published in 1998. This edition
constitutes a technical revision.
This edition has been subject to a thorough review and incorporates many comments received
at the various revision stages.
It has the status of a basic safety publication according to IEC Guide 104.

– 6 – 61508-3 © IEC:2010
The text of this standard is based on the following documents:
FDIS Report on voting
65A/550/FDIS 65A/574/RVD
Full information on the voting for the approval of this standard can be found in the report on
voting indicated in the above table.
This publication has been drafted in accordance with the ISO/IEC Directives, Part 2.
A list of all parts of the IEC 61508 series, published under the general title Functional safety
of electrical / electronic / programmable electronic safety-related systems, can be found on
the IEC website.
The committee has decided that the contents of this publication will remain unchanged until
the stability date indicated on the IEC web site under "http://webstore.iec.ch" in the data
related to the specific publication. At this date, the publication will be
• reconfirmed,
• withdrawn,
• replaced by a revised edition, or
• amended.
61508-3 © IEC:2010 – 7 –
INTRODUCTION
Systems comprised of electrical and/or electronic elements have been used for many years to
perform safety functions in most application sectors. Computer-based systems (generically
referred to as programmable electronic systems) are being used in all application sectors to
perform non-safety functions and, increasingly, to perform safety functions. If computer
system technology is to be effectively and safely exploited, it is essential that those
responsible for making decisions have sufficient guidance on the safety aspects on which to
make these decisions.
This International Standard sets out a generic approach for all safety lifecycle activities for
systems comprised of electrical and/or electronic and/or programmable electronic (E/E/PE)
elements that are used to perform safety functions. This unified approach has been adopted
in order that a rational and consistent technical policy be developed for all electrically-based
safety-related systems. A major objective is to facilitate the development of product and
application sector international standards based on the IEC 61508 series.
NOTE 1 Examples of product and application sector international standards based on the IEC 61508 series are
given in the bibliography (see references [1], [2] and [3]).
In most situations, safety is achieved by a number of systems which rely on many
technologies (for example mechanical, hydraulic, pneumatic, electrical, electronic, programmable
electronic). Any safety strategy must therefore consider not only all the elements within an
individual system (for example sensors, controlling devices and actuators) but also all the
safety-related systems making up the total combination of safety-related systems. Therefore,
while this International Standard is concerned with E/E/PE safety-related systems, it may also
provide a framework within which safety-related systems based on other technologies may be
considered.
It is recognized that there is a great variety of applications using E/E/PE safety-related
systems in a variety of application sectors and covering a wide range of complexity, hazard
and risk potentials. In any particular application, the required safety measures will be
dependent on many factors specific to the application. This International Standard, by being
generic, will enable such measures to be formulated in future product and application sector
international standards and in revisions of those that already exist.
This International Standard
– considers all relevant overall, E/E/PE system and software safety lifecycle phases (for
example, from initial concept, through design, implementation, operation and maintenance
to decommissioning) when E/E/PE systems are used to perform safety functions;
– has been conceived with a rapidly developing technology in mind; the framework is
sufficiently robust and comprehensive to cater for future developments;
– enables product and application sector international standards, dealing with E/E/PE
safety-related systems, to be developed; the development of product and application
sector international standards, within the framework of this standard, should lead to a high
level of consistency (for example, of underlying principles, terminology etc.) both within
application sectors and across application sectors; this will have both safety and economic
benefits;
– provides a method for the development of the safety requirements specification necessary
to achieve the required functional safety for E/E/PE safety-related systems;
– adopts a risk-based approach by which the safety integrity requirements can be
determined;
– introduces safety integrity levels for specifying the target level of safety integrity for the
safety functions to be implemented by the E/E/PE safety-related systems;
NOTE 2 The standard does not specify the safety integrity level requirements for any safety function, nor does it
mandate how the safety integrity level is determined. Instead it provides a risk-based conceptual framework and
example techniques.
– 8 – 61508-3 © IEC:2010
– sets target failure measures for safety functions carried out by E/E/PE safety-related
systems, which are linked to the safety integrity levels;
– sets a lower limit on the target failure measures for a safety function carried out by a
single E/E/PE safety-related system. For E/E/PE safety-related systems operating in
– a low demand mode of operation, the lower limit is set at an average probability of a
–5
dangerous failure on demand of 10 ;
– a high demand or a continuous mode of operation, the lower limit is set at an average

–9 -1
frequency of a dangerous failure of 10 [h ];
NOTE 3 A single E/E/PE safety-related system does not necessarily mean a single-channel architecture.
NOTE 4 It may be possible to achieve designs of safety-related systems with lower values for the target safety
integrity for non-complex systems, but these limits are considered to represent what can be achieved for relatively
complex systems (for example programmable electronic safety-related systems) at the present time.
– sets requirements for the avoidance and control of systematic faults, which are based on
experience and judgement from practical experience gained in industry. Even though the
probability of occurrence of systematic failures cannot in general be quantified the
standard does, however, allow a claim to be made, for a specified safety function, that the
target failure measure associated with the safety function can be considered to be
achieved if all the requirements in the standard have been met;
– introduces systematic capability which applies to an element with respect to its confidence
that the systematic safety integrity meets the requirements of the specified safety integrity
level;
– adopts a broad range of principles, techniques and measures to achieve functional safety
for E/E/PE safety-related systems, but does not explicitly use the concept of fail safe.
However, the concepts of “fail safe” and “inherently safe” principles may be applicable and
adoption of such concepts is acceptable providing the requirements of the relevant
clauses in the standard are met.

61508-3 © IEC:2010 – 9 –
FUNCTIONAL SAFETY OF ELECTRICAL/ELECTRONIC/
PROGRAMMABLE ELECTRONIC SAFETY-RELATED SYSTEMS –

Part 3: Software requirements
1 Scope
1.1 This part of the IEC 61508 series
a) is intended to be utilized only after a thorough understanding of IEC 61508-1 and
IEC 61508-2;
b) applies to any software forming part of a safety-related system or used to develop a
safety-related system within the scope of IEC 61508-1 and IEC 61508-2. Such software is
termed safety-related software (including operating systems, system software, software in
communication networks, human-computer interface functions, and firmware as well as
application software);
c) provides specific requirements applicable to support tools used to develop and configure a
safety-related system within the scope of IEC 61508-1 and IEC 61508-2;
d) requires that the software safety functions and software systematic capability are
specified;
NOTE 1 If this has already been done as part of the specification of the E/E/PE safety-related systems (see 7.2 of
IEC 61508-2), then it does not have to be repeated in this part.
NOTE 2 Specifying the software safety functions and software systematic capability is an iterative procedure; see
Figures 3 and 6.
NOTE 3 See Clause 5 and Annex A of IEC 61508-1 for documentation structure. The documentation structure
may take account of company procedures, and of the working practices of specific application sectors.
NOTE 4 Note: See 3.5.9 of IEC 61508-4 for definition of the term "systematic capability".
e) establishes requirements for safety lifecycle phases and activities which shall be applied
during the design and development of the safety-related software (the software safety
lifecycle model). These requirements include the application of measures and techniques,
which are graded against the required systematic capability, for the avoidance of and
control of faults and failures in the software;
f) provides requirements for information relating to the software aspects of system safety
validation to be passed to the organisation carrying out the E/E/PE system integration;
g) provides requirements for the preparation of information and procedures concerning
software needed by the user for the operation and maintenance of the E/E/PE safety-
related system;
h) provides requirements to be met by the organisation carrying out modifications to safety-
related software;
i) provides, in conjunction with IEC 61508-1 and IEC 61508-2, requirements for support
tools such as development and design tools, language translators, testing and debugging
tools, configuration management tools;
NOTE 4 Figure 5 shows the relationship between IEC 61508-2 and IEC 61508-3.
j) Does not apply for medical equipment in compliance with the IEC 60601 series.
1.2 IEC 61508-1, IEC 61598-2, IEC 61508-3 and IEC 61508-4 are basic safety publications,
although this status does not apply in the context of low complexity E/E/PE safety-related
systems (see 3.4.3 of IEC 61508-4). As basic safety publications, they are intended for use by
technical committees in the preparation of standards in accordance with the principles
contained in IEC Guide 104 and ISO/IEC Guide 51. IEC 61508-1, IEC 61508-2, IEC 61508-3
and IEC 61508-4 are also intended for use as stand-alone publications. The horizontal safety

– 10 – 61508-3 © IEC:2010
function of this international standard does not apply to medical equipment in compliance with
the IEC 60601 series.
1.3 One of the responsibilities of a technical committee is, wherever applicable, to make
use of basic safety publications in the preparation of its publications. In this context, the
requirements, test methods or test conditions of this basic safety publication will not apply
unless specifically referred to or included in the publications prepared by those technical
committees.
1.4 Figure 1 shows the overall framework of the IEC 61508 series and indicates the role that
IEC 61508-3 plays in the achievement of functional safety for E/E/PE safety-related systems.

61508-3 © IEC:2010 – 11 –
Technical Requirements Other Requirements
Part 4
Part 1
Definitions &
Development of the overall
abbreviations
safety requirements
(concept, scope, definition,
hazard and risk analysis)
7.1 to 7.5
Part 5
Example of methods
for the determination Part 1
of safety integrity Documentation
levels Clause 5 &
Part 1
Annex A
Allocation of the safety requirements
to the E/E/PE safety-related systems
7.6
Part 1
Management of
functional safety
Clause 6
Part 1
Specification of the system safety
requirements for the E/E/PE
safety-related systems
Part 1
Functional safety
7.10 assessm ent
Clause 8
Part 6
Guidelines for the
application of
Parts 2 & 3
Part 2 Part 3
Realisation phase Realisation phase
for E/E/PE for safety-related
safety-related software
systems
Part 7
Overview of
techniques and
measures
Part 1
Installation, commissioning
& safety validation of E/E/PE
safety-related systems
7.13 - 7.14
Part 1
Operation, maintenance,repair,
modification and retrofit,
decommissioning or disposal of
E/E/PE safety-related systems
7.15 - 7.17
Figure 1 – Overall framework of the IEC 61508 series

– 12 – 61508-3 © IEC:2010
Concept
Overall scope definition
Hazard and risk
analysis
Overall safety
requirements
Overall safety
requirements allocation
E/E/PE system safety
requirements specification
Overall planning
Other risk
Overall Overall Overall
reduction measures
6 7 8
operation and safety installation and
maintenance validation commissioning
E/E/PE Specification and
planning planning planning
safety-related systems Realisation
Realisation
(see E/E/PE system
safety lifecycle)
Overall installation and
commissioning
Overall safety
Back to appropriate
validation
overall safety lifecycle
phase
Overall operation, Overall modification
maintenance and repair and retrofit
Decommissioning or
disposal
Figure 2 – Overall safety lifecycle
2 Normative references
The following referenced documents are indispensable for the application of this document.
For dated references, only the edition cited applies. For undated references, the latest edition
of the referenced document (including any amendments) applies.
IEC 61508-1: 2010, Functional safety of electrical/electronic/programmable electronic safety-
related systems – Part 1: General requirements

61508-3 © IEC:2010 – 13 –
IEC 61508-2: 2010, Functional safety of electrical/electronic/programmable electronic safety-
related systems – Part 2: Requirements for electrical/electronic/programmable electronic
safety-related systems
IEC 61508-4: 2010, Functional safety of electrical/electronic/programmable electronic safety-
related systems – Part 4: Definitions and abbreviations
IEC Guide 104:1997, The preparation of safety publications and the use of basic safety
publications and group safety publications
IEC/ISO Guide 51:1999, Safety aspects – Guidelines for their inclusion in standards
3 Definitions and abbreviations
For the purposes of this document, the definitions and abbreviations given in IEC 61508-4
apply.
4 Conformance to this standard
The requirements for conformance to this standard are given in Clause 4 of IEC 61508-1.
5 Documentation
The objectives and requirements for documentation are given in Clause 5 of IEC 61508-1.
6 Additional requirements for management of safety-related software
6.1 Objectives
The objectives are as detailed in 6.1 of IEC 61508-1.
6.2 Requirements
6.2.1 The requirements are as detailed in 6.2 of IEC 61508-1, with the following additional
requirements.
6.2.2 The functional safety planning shall define the strategy for software procurement,
development, integration, verification, validation and modification to the extent required by the
safety integrity level of the safety functions implemented by the E/E/PE safety-related system.
NOTE The philosophy of this approach is to use the functional safety planning as an opportunity to customize this
standard to take account of the required safety integrity for each safety function implemented by the E/E/PE safety-
related system.
6.2.3 Software configuration management shall:
a) apply administrative and technical controls throughout the software safety lifecycle, in
order to manage software changes and thus ensure that the specified requirements for
safety-related software continue to be satisfied;
b) guarantee that all necessary operations have been carried out to demonstrate that the
required software systematic capability has been achieved;
c) maintain accurately and with unique identification all configuration items which are
necessary to meet the safety integrity requirements of the E/E/PE safety-related system.
Configuration items include at least the following: safety analysis and requirements;
software specification and design documents; software source code modules; test plans

– 14 – 61508-3 © IEC:2010
and results; verification documents; pre-existing software elements and packages which
are to be incorporated into the E/E/PE safety-related system; all tools and development
environments which are used to create or test, or carry out any action on, the software of
the E/E/PE safety-related system;
d) apply change-control procedures:
• to prevent unauthorized modifications; to document modification requests;
• to analyse the impact of a proposed modification, and to approve or reject the request;
• to document the details of, and the authorisation for, all approved modifications;
• to establish configuration baseline at appropriate points in the software development,
and to document the (partial) integration testing of the baseline;
• to guarantee the composition of, and the building of, all software baselines (including
the rebuilding of earlier baselines).
NOTE 1 Management decision and authority is needed to guide and enforce the use of administrative and
technical controls.
NOTE 2 At one extreme, an impact analysis may include an informal assessment. At the other extreme, an
impact analysis may include a rigorous formal analysis of the potential adverse impact of all proposed changes
which may be inadequately understood or implemented. See IEC 61508-7 for guidance on impact analysis.
e) ensure that appropriate methods are implemented to load valid software elements and
data correctly into the run-time system;
NOTE 3 This may include consideration of specific target location systems as well as general systems.
Software other than application might need a safe loading method, e.g. firmware.
f) document the following information to permit a subsequent functional safety audit:
configuration status, release status, the justification (taking account of the impact
analysis) for and approval of all modifications, and the details of the modification;
g) formally document the release of safety-related software. Master copies of the software
and all associated documentation and version of data in service shall be kept to permit
maintenance and modification throughout the operational lifetime of the released software.
NOTE 4 For further information on configuration management, see IEC 61508-7
7 Software safety lifecycle requirements
7.1 General
7.1.1 Objective
The objective of the requirements of this subclause is to structure the development of the
software into defined phases and activities (see Table 1 and Figures 3 to 6).
7.1.2 Requirements
7.1.2.1 A safety lifecycle for the development of software shall be selected and specified
during safety planning in accordance with Clause 6 of IEC 61508-1.
7.1.2.2 Any software lifecycle model may be used provided all the objectives and
requirements of this clause are met.
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

Loading comments...

Frequently Asked Questions

EN 61508-3:2010 is a standard published by CLC. Its full title is "Functional safety of electrical/electronic/programmable electronic safety-related systems - Part 3: Software requirements". This standard covers: IEC 61508-3:2010 applies to any software forming part of a safety-related system or used to develop a safety-related system within the scope of IEC 61508-1 and IEC 61508-2; provides specific requirements applicable to support tools used to develop and configure a safety-related system within the scope of IEC 61508-1 and IEC 61508-2; requires that the software safety functions and software systematic capability are specified; establishes requirements for safety lifecycle phases and activities which shall be applied during the design and development of the safety-related software. These requirements include the application of measures and techniques, which are graded against the required systematic capability, for the avoidance of and control of faults and failures in the software; provides requirements for information relating to the software aspects of system safety validation to be passed to the organisation carrying out the E/E/PE system integration; provides requirements for the preparation of information and procedures concerning software needed by the user for the operation and maintenance of the E/E/PE safety-related system; provides requirements to be met by the organisation carrying out modifications to safety-related software; provides, in conjunction with IEC 61508-1 and IEC 61508-2, requirements for support tools such as development and design tools, language translators, testing and debugging tools, configuration management tools. This second edition cancels and replaces the first edition published in 1998. This edition constitutes a technical revision. It has been subject to a thorough review and incorporates many comments received at the various revision stages. It has the status of a basic safety publication according to IEC Guide 104. NEW! Also available: IEC Standards+ 61508:2010, containing all parts, together with a commented Redline version. Changes made in this 2nd edition are highlighted and commented by a leading world expert.

IEC 61508-3:2010 applies to any software forming part of a safety-related system or used to develop a safety-related system within the scope of IEC 61508-1 and IEC 61508-2; provides specific requirements applicable to support tools used to develop and configure a safety-related system within the scope of IEC 61508-1 and IEC 61508-2; requires that the software safety functions and software systematic capability are specified; establishes requirements for safety lifecycle phases and activities which shall be applied during the design and development of the safety-related software. These requirements include the application of measures and techniques, which are graded against the required systematic capability, for the avoidance of and control of faults and failures in the software; provides requirements for information relating to the software aspects of system safety validation to be passed to the organisation carrying out the E/E/PE system integration; provides requirements for the preparation of information and procedures concerning software needed by the user for the operation and maintenance of the E/E/PE safety-related system; provides requirements to be met by the organisation carrying out modifications to safety-related software; provides, in conjunction with IEC 61508-1 and IEC 61508-2, requirements for support tools such as development and design tools, language translators, testing and debugging tools, configuration management tools. This second edition cancels and replaces the first edition published in 1998. This edition constitutes a technical revision. It has been subject to a thorough review and incorporates many comments received at the various revision stages. It has the status of a basic safety publication according to IEC Guide 104. NEW! Also available: IEC Standards+ 61508:2010, containing all parts, together with a commented Redline version. Changes made in this 2nd edition are highlighted and commented by a leading world expert.

EN 61508-3:2010 is classified under the following ICS (International Classification for Standards) categories: 25.040.40 - Industrial process measurement and control. The ICS classification helps identify the subject area and facilitates finding related standards.

EN 61508-3:2010 has the following relationships with other standards: It is inter standard links to EN 61508-3:2001, prEN IEC 61508-3:2025. Understanding these relationships helps ensure you are using the most current and applicable version of the standard.

You can purchase EN 61508-3:2010 directly from iTeh Standards. The document is available in PDF format and is delivered instantly after payment. Add the standard to your cart and complete the secure checkout process. iTeh Standards is an authorized distributor of CLC standards.

SIST EN 61508-3:2011은 전기/전자/프로그래머블 전자 안전 관련 시스템의 기능적 안전성을 다루는 표준으로, 소프트웨어 요구사항을 세세히 규정하고 있습니다. 이 문서의 범위는 IEC 61508-1 및 IEC 61508-2의 범위 내에서 안전 관련 시스템의 일부로 구성되는 소프트웨어 또는 안전 관련 시스템 개발에 사용되는 소프트웨어에 적용됩니다. 이 표준은 안전 관련 소프트웨어의 설계 및 개발 과정 중 요구되는 안전 생애 주기 단계 및 활동에 대한 요구 사항을 제시하고 있으며, 각 단계에서 불량 및 오류를 피하고 통제하기 위한 조치를 규정합니다. 특히 소프트웨어의 안전 기능 및 체계적 능력의 명세화가 요구되며, 이를 통해 시스템의 안전성을 높이는 데 기여합니다. 강력한 점은 안전 관련 시스템을 개발하기 위한 지원 도구에 대한 명확한 요구 사항을 제공한다는 것입니다. 개발 도구, 디자인 도구, 언어 변환기, 테스트 및 디버깅 도구, 구성 관리 도구 등 다양한 도구들이 이 문서에 포함되어 있습니다. 이러한 통합적인 관점은 소프트웨어 개발 과정에서 시스템 통합을 수행하는 조직이 필요한 정보를 효과적으로 전달받을 수 있도록 하여 시스템 안전성 검증의 질을 높입니다. 또한, 이 문서는 1998년에 발표된 첫 번째 판을 대체하며, 기술적 개정이 이루어져 다양한 수정 사항이 반영되었습니다. 이는 사용자와 개발자가 안전 관련 소프트웨어를 운영하고 유지 보수하는 데 필요한 정보 및 절차를 준비하는 데도 큰 도움이 됩니다. SIST EN 61508-3:2011은 또한 IEC Guide 104에 따라 기본 안전 출판물로서의 지위를 보유하고 있으며, 세계적 전문가에 의해 하이라이트 및 댓글이 포함된 개정 사항이 첨부되어 있습니다. 이러한 점에서 본 문서는 전반적인 소프트웨어 요구사항의 이해를 돕고, 기능적 안전성을 높이기 위한 필수 표준으로 자리 잡고 있습니다.

The EN 61508-3:2010 standard is a crucial component of the overarching IEC 61508 framework, specifically focused on the software requirements for safety-related systems. Its scope is substantial, covering all software aspects integral to the development and operation of safety-related systems, ensuring that any software considered within the safety context adheres to rigorous safety standards. One of the significant strengths of this standard lies in its comprehensive approach to defining software safety functions and systematic capabilities. By mandating that these critical aspects are specified, the standard effectively mitigates risks associated with software faults and failures. The detailed requirements for phase-specific safety lifecycle activities not only promote thorough planning and execution during design and development but also ensure that the software complies with the required systematic capability levels. The EN 61508-3:2010 standard is particularly relevant in today’s technological landscape, as it outlines necessary measures and techniques for fault avoidance and control within safety-related software. This guidance is essential for organizations aiming to enhance their safety systems' reliability and integrity. Furthermore, the standard’s requirements for validation, integration, and maintenance of the software aspects underscore its emphasis on ongoing safety assurance throughout the system lifecycle. Moreover, the second edition of this standard, which replaces the first published in 1998, represents a technical revision that reflects contemporary practices and insights. The inclusion of user guidance for operation and maintenance, as well as stipulations regarding modifications to safety-related software, adds practical value for organizations. Therefore, organizations are encouraged to refer to the updated document, which now also includes commentary by leading experts, facilitating a deeper understanding of the safety requirements. In summary, the EN 61508-3:2010 standard serves as a foundational reference that addresses extensive software requirements, reinforces systematic safety considerations, and enhances the overall reliability of electrical/electronic/programmable electronic safety-related systems.

EN 61508-3:2010は、電気/電子/プログラム可能な電子安全関連システムの機能的安全性に関する重要な標準であり、ソフトウェアの要件に特化しています。この標準は、IEC 61508-1およびIEC 61508-2の範囲内で安全関連システムの一部として形成されるソフトウェアに適用され、または安全関連システムの開発に使用されるソフトウェアに特有の要件を提供します。 この標準の強みは、ソフトウェアの安全機能や体系的能力を明確に特定することを要求している点です。これにより、安全関連ソフトウェアの設計と開発の際に適用すべき安全ライフサイクルのフェーズやアクティビティに関する明確な基準が設けられています。故障や失敗を防ぎコントロールするための措置や技術が必要とされ、それに応じて体系的能力がグレーディングされることにより、高い安全性が確保されます。 また、システムの安全性バリデーションに関する情報がE/E/PEシステム統合を行う組織に提供されることが求められており、利用者による安全関連システムの運用と保守に必要なソフトウェアに関する情報と手続きを準備する要求事項も含まれています。これにより、ユーザーが安全関連ソフトウェアを効率的に運用できるようになります。 さらに、改訂されたこの第二版は、1998年に発行された初版を取り消し置き換えたものであり、技術的な修正を含んでいます。各改訂段階で寄せられた多くのコメントが反映されており、IECガイド104に従った基本的な安全出版物としての地位を有します。このような特徴から、EN 61508-3:2010は、産業界における安全関連ソフトウェアの開発とメンテナンスにおいて、欠かせないリソースといえます。

This May Also Interest You

CLC
EN IEC 62453-1:2025(Main)
Field device tool (FDT) interface specification - Part 1: Overview and guidance
SIST EN IEC 62453-1:2025

IEC 62453-1:2025 is available as IEC 62453-1:2025 RLV which contains the International Standard and its Redline version, showing all changes of the technical content compared to the previous edition.IEC 62453-1:2025 presents an overview and guidance for the IEC 62453 series. It • explains the structure and content of the IEC 62453 series (see Clause 5); • provides explanations of some aspects of the IEC 62453 series that are common to many of the parts of the series; • describes the relationship to some other standards; • provides definitions of terms used in other parts of the IEC 62453 series. This third edition cancels and replaces the first edition published in 2016. This edition constitutes a technical revision. This edition includes the following significant technical changes with respect to the previous edition: a) introduction of a new implementation technology (defined in IEC TS 62453-43); b) introduction of an OPC UA information model for FDT (defined in IEC 62453-71).

  • Standard
    56 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CLC
EN IEC 63489:2025(Main)
Common data concepts for smart manufacturing
SIST EN IEC 63489:2025

IEC 63489:2025 specifies the definition of cross-domain product data concepts (classes and properties) in the context of smart manufacturing. This document will be published as a set of concepts within cross-domain data dictionary "General Items (IEC 61360-7)” in the IEC CDD.

  • Standard
    13 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CLC
EN IEC 61326-2-6:2025(Main)
Electrical equipment for measurement, control and laboratory use - EMC requirements - Part 2-6: Particular requirements - In vitro diagnostic (IVD) medical electrical equipment
SIST EN IEC 61326-2-6:2025

IEC 61326-2-6:2025 applies to the BASIC SAFETY and ESSENTIAL PERFORMANCE of IN VITRO DIAGNOSTIC MEDICAL ELECTRICAL EQUIPMENT (IVD MEE). This part of IEC 61326 applies to the BASIC SAFETY and ESSENTIAL PERFORMANCE of IVD MEE in the presence of electromagnetic disturbances and to electromagnetic disturbances emitted by IVD MEE. BASIC SAFETY with regard to electromagnetic disturbances is applicable to all IVD MEE. NOTE 1 Performance with respect to electromagnetic disturbances other than ESSENTIAL PERFORMANCE is the subject of IEC 61326-1:2020 NOTE 2 IT equipment can be a part of an IVD MEE, if it is required to maintain BASIC SAFETY or ESSENTIAL PERFORMANCE. This edition includes the following significant technical changes with respect to the previous edition: - Update of the document with respect to test levels and documentation.

  • Standard
    36 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CLC
EN IEC 61131-3:2025(Main)
Programmable controllers - Part 3: Programming languages
SIST EN IEC 61131-3:2025

IEC 61131-3:2025 specifies the syntax and semantics of programming languages for programmable controllers as defined in IEC 61131-1. This document specifies the syntax and semantics of a unified suite of programming languages for programmable controllers (PCs). This suite consists of the textual language structured text (ST), and the graphical languages, ladder diagram (LD) and function block diagram (FBD). An additional set of graphical and equivalent textual elements named sequential function chart (SFC) is defined for structuring the internal organization of programs and function blocks. Also, configuration elements are defined which support the installation of programmable controller programs into programmable controller systems. In addition, features are defined which facilitate communication among programmable controllers and other components of automated systems. This edition includes the following significant technical changes with respect to the previous edition: a) inclusion of UTF-8 strings and their associated functions; b) Annex B contains a comprehensive list of features that have been added, removed or deprecated in comparison to IEC 61131-3:2013.

  • Standard
    256 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CLC
EN IEC 62541-15:2025(Main)
OPC Unified Architecture - Part 15: Safety
SIST EN IEC 62541-15:2025

IEC 62541-15:2025 describes a safety communication layer (services and a protocol) for the exchange of SafetyData using IEC 62541 mechanisms. It identifies the principles for functional safety communications defined in IEC 61784‑3 that are relevant for this safety communication layer. This safety communication layer is intended for implementation in safety devices only. NOTE 1 This document targets controller-to-controller communication. However, easy expandability to other use-cases (e.g. OPC UA field level communication) has already been considered in the design of this document. NOTE 2 This document does not cover electrical safety and intrinsic safety aspects. Electrical safety relates to hazards such as electrical shock. Intrinsic safety relates to hazards associated with potentially explosive atmospheres. This document defines mechanisms for the transmission of safety-relevant messages among participants within a network using OPC UA technology in accordance with the requirements of the IEC 61508 series and IEC 61784-3 for functional safety. These mechanisms can be used in various industrial applications such as process control, manufacturing, automation, and machinery. This document provides guidelines for both developers and assessors of compliant devices and systems. NOTE 3 The resulting SIL claim of a system depends on the implementation of this document within the system – implementation of this document in a standard device is not sufficient to qualify it as a safety device.

  • Standard
    107 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CLC
EN IEC 62657-2:2025(Main)
Industrial networks - Coexistence of wireless systems - Part 2: Coexistence management
SIST EN IEC 62657-2:2025

IEC 62657-2:2025 specifies: – the fundamental assumptions, concepts, parameters, and procedures for wireless communication coexistence; – specifies coexistence parameters and how they are used in an application requiring wireless coexistence; – provides guidelines, requirements, and best practices for wireless communication's availability and performance in an industrial automation plant; it covers the life‑cycle of wireless communication coexistence; – helps the work of all persons involved with the relevant responsibilities to cope with the critical aspects at each phase of life-cycle of the wireless communication coexistence management in an industrial automation plant. Life-cycle aspects include: planning, design, installation, implementation, operation, maintenance, administration and training; – provides a common point of reference for wireless communication coexistence for industrial automation sites as a homogeneous guideline to help the users assess and gauge their plant efforts; – deals with the operational aspects of wireless communication coexistence regarding both the static human/tool-organization and the dynamic network self-organization. This document provides a major contribution to national and regional regulations by supporting to fulfil the requirements using coexistence management. This edition includes the following significant technical changes with respect to the previous edition: a) alignment of some definitions and specifications of coexistence parameters in order to facilitate their future inclusion in the IEC Common Data Dictionary (IEC CDD) maintained by the IEC; b) alignment of some definitions and specifications to be consistent with the new IEC 62657-3 and IEC 62657-4; c) edition 3 of this document was published in June 2022. Some comments were made in the last development stages of this document asking for explanations on how the parts of the IEC 62657 series were structured and how they were related to each other. Resolution of these comments was deferred until a next edition, which means this edition.

  • Standard
    118 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CLC
EN IEC 61987-100:2025(Main)
Industrial-process measurement and control - Data structures and elements in process equipment catalogues - Part 100: Data base standard for process measurement, control and automation equipment
SIST EN IEC 61987-100:2025

IEC 61987-100:2025 provides the semantics of the data needed for the area of process automation, the Industrial Internet of Things (IIoT), and smart manufacturing. Classification and description of products with classes and properties for future objects within the scope of TC 65 (Industrial-process measurement, control and automation) will be developed as IEC 61987 DB standard and published via IEC CDD data dictionary IEC 61987.

  • Standard
    11 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CLC
EN IEC 63206:2025(Main)
Industrial-process control systems - Recorders - Testing and performance evaluation
SIST EN IEC 63206:2025

IEC 63206:2024 specifies the characterization, the classification (e.g.: analogue chart recorder, digital recorder, X-Y recorder, paperless recorder, event recorder, data logger, and data acquisition device, etc.) and performance evaluation methods of recorders. It covers type tests as well as routine tests. This document is applicable to recorder devices and recorder modules for control systems. IEC 63206 is intended for use by manufacturers to determine the performance of their products and by users or independent testing bodies to verify manufacturers’ performance specifications. IEC 63206 has fully covered IEC 60873-1 and IEC 60873-2 which are withdrawn.

  • Standard
    42 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CLC
EN IEC 63261:2024(Main)
Representation of electrical and instrument objects in digital 3D plant models during engineering
SIST EN IEC 63261:2025

IEC 63261:2024 provides requirements for the E&I objects of a digital 3D plant model, used in the engineering phase to design and construct a process plant and its instrumentation. It provides guidance how to model plants and their electrical and instrumentation equipment. This document also specifies the content and the possible output of the 3D plant model at project milestones. This document can be used by the contractual partners to agree upon the content of the 3D plant model to be delivered at specified milestones. This document does not specify the transfer and format of digital 3D plant models. This document does not specify definitions or instructions to equipment representations and details of elements in the 3D plant model not belonging to electrical and instrumentation domains.

  • Standard
    14 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CLC
CLC IEC/TS 62443-6-1:2024(Main)
Security for industrial automation and control systems - Part 6-1: Security evaluation methodology for IEC 62443-2-4
SIST-TS CLC IEC/TS 62443-6-1:2025

This part of IEC 62443 specifies the evaluation methodology to support interested parties (e.g. during conformity assessment activities) to achieve repeatable and reproducible evaluation results against IEC 62443-2-4 requirements. This document is intended for first-party, secondparty or third-party conformity assessment activity, for example by product suppliers, service providers, asset owners and conformity assessment bodies. NOTE 1 62443-2-4 specifies requirements for security capabilities of an IACS service provider. These security capabilities can be offered as a security program during integration and maintenance of an automation solution. NOTE 2 The term “conformity assessment” and the terms first-party conformity assessment activity, second-party conformity assessment activity and third-party conformity assessment activity are defined in ISO/IEC 17000.

  • Technical specification
    135 pages
    English language
    sale 10% off
    e-Library read for
    1 day