Top 5 Blogs

Software requirement level

DO-178B/C, ISO 26262, IEC 61508: How many level of Software requirements are necessary and useful?

In my daily projects in the automotive and industrial automation industry I’m continually confronted with the following question: How many levels of software requirements have to be written? That’s an interesting question, especially if we take the aerospace industry also into account. Software requirement level are a key topic if you want to improve your […]


FMEA – A powerful method, but not for software!

In the functional safety, there is a method which is always used – the FMEA (Failure Mode Effects Analysis). In particular, on system and hardware level the FMEA supports systematic analysis. There are also variants such as the FMECA and the FMEDA. In this blog post I use only the term FMEA. In project practice […]

ISO 26262: Fault Injection Test – Do you really need it?

The ISO 26262 defines the fault injection test as a test method for the system integration and unit test level (ISO 26262-4 [System] Tables 5, 8, 10, 13, 15, 18; ISO 26262-5 [Hardware] Table 11; ISO 26262-6 [software] tables 10, 13). This method has certainly a large part in the implementation of a possible error-free […]

All Article

Functional Safety

pragmatic software development

Functional safety and pragmatism is that possible?

Many people associate with the implementation of functional safety, a lot of formalism, and unnecessarily extensive documentation and many processes with a high proportion of theoretical framework. And yes, such projects are existing very often and in every industry. My experience shows that such projects are not very powerful when measured by the real implementation […]

Compiler for safety critical software – What needs to be done?

The compiler is the central „tool“, which is required for every software development. It forms the link between the human-readable high-level source code (e.g., C and C ++) and the machine code, interpretable for the hardware processor. For the development of safety critical software according to relevant functional safety standards special requirements apply for the tools […]

Freedom of Interference

Freedom of Interference – The practice in Industry!

In the last blog (June 2017), I explained the principle of Freedom of Interference. The example used was based on the automotive industry and the ISO26262. Now I would like to consider Freedom of Interference with respect to the industry sectors railway, aviation and automotive and share my industry experiences with you.

All Article


RTCA DO 331 Model-Based Development RTCA DO 331 Modellbasierte Entwicklung

RTCA DO 331 Model-Based Development and Verification in aerospace

With the enhancement of the RTCA DO178B to the RTCA DO178C, four so-called supplements have also been developed. The RTCA DO 331 Model-Based Development is one of these four supplements and describes the requirements for model-based development and verification in aerospace. The following article provides answers to the following questions: How is the RTCA DO331 […]

Supplements of DO178C

The Supplements of DO178C – Where do they come from and what is their content?

With the enhancement of the RTCA DO178B to the RTCA DO178C, four so-called supplements have been developed. These supplements of DO178C define the conditions under which modern software development methods can be used in aerospace. If you look at the history of the RTCA DO178, you will notice that changes to the standard are rarely […]


RTCA DO 178C – Software quality in aerospace!

RTCA DO 178C – The Myth! As early as 1980 there were first considerations in aerospace how to develop software safely and as accurately as possible. These considerations have led to the development of a standard that is widely respected far beyond software. Currently in the version RTCA DO 178C. The standard is used in […]

All Article


EN50128 Configurable Systems – The solution?

Chapter 8 of EN 50128 specifies the requirements for systems that are configured by application data or application algorithms. This blog summarizes the essential requirements of the standard and the practice-oriented challenges of software-configurable embedded systems. At the first glance the configurability offers only advantages. The functional behavior of the entire system can be adjusted […]

EN50128 – Functional Safety in the railway industry

The standards EN50126, EN50128 EN50129 describe the functional safety in the railway industry. These standards implement the IEC61508 for this industry. The peculiarity of the rail industry with regard to functional safety is that the systems are to be certified by an governmental authority (in Germany the federal railway authority), before they are allowed to […]

All Article


ISO26262: Freedom of interference – What is that?

There are four essential measures in the development of safety-critical systems. Design of safe systems Measures to minimize random hardware errors Measures to minimize systematic hardware and software errors Organizational measures (management of functional safety) Particularly in the design of safe systems, the principle of Freedom of interference is a powerful measure. What’s this? The […]

ISO 26262: configurable / calibratable Software – Chance or Risk?

Configurable Software Systems in ISO26262 are discussed in part 6 Annex C. This blog summarizes important requirements of the standard and shows practice-oriented challenges of software-configurable embedded systems. The use of calibration data in configurable systems offers a lot of advantages. The functional behavior of the entire system can be adjusted by simple and rapid […]

ISO 26262: Fault Injection Test – Do you really need it?

The ISO 26262 defines the fault injection test as a test method for the system integration and unit test level (ISO 26262-4 [System] Tables 5, 8, 10, 13, 15, 18; ISO 26262-5 [Hardware] Table 11; ISO 26262-6 [software] tables 10, 13). This method has certainly a large part in the implementation of a possible error-free […]

All Article


Functional Safety Basic Standard IEC61508

IEC 61508 – The Functional Safety Basic Standard

The Functional Safety Basic Standard IEC61508 is often referred to as the mother of all functional safety standards. This standard was introduced in 1998 with the intention of defining cross-industry processes and methods to be used for safety-relevant electrical, electronic and programmable electronic systems. IEC61508 is applied if no industry-specific standards are available for this […]

zertifizierte Werkzeuge, Tool qualification

IEC 61508 – Tool qualification – When? Why? How?

The term tool qualification triggers an unpleasant feeling and uncertainty in many people who deal with functional safety. IEC61508 requires the certification of software tools used for software development. Other functional safety standards also require similar measures. Unfortunately, however, the same terms are not always used. IEC61508 uses the term „certified tools“, often the term […]

IEC61508: Specification – Architecture – Requirements; Is there any difference?

For an increasing number of systems in the industrial automation functional safety requirements must be fulfilled. The IEC61508 compliance must be demonstrated for the software development. On the other hand, there are commercial requirements which often severely limit the product development budget. The solution lies in an efficient development process that meets the safety-relevant requirements. […]

All Article

Requirements Engineering

Requirement Engineering

RE for embedded and IT systems – It’s time for the embedded community to become aware of the differences!

If you analyses the book market, publications or conferences on requirements management and engineering (RE), you will find that more than 90% consider requirements engineering from the point of view of IT software systems. There are very few publications that look at the topic from the perspective of embedded systems. On the one hand, it […]

RE Engineering – Aspects which even not considerd in RE theory!

In most of the requirement engineering publications, the focus is on management aspects. The collection and management of requirements is discussed extensively. In the following blog I discuss important aspects which are not sufficiently considered in the RE theory. I start with the definition of Requirement Engineering in the book „Requirements Engineering Fundamentals“ (Klaus Pohl, […]

User Stories – The better Requirements?

The book „User Stories“ from Mike Cohn (ISBN 978-0321205681) has inspired me to think about the relationship between user stories and requirements. In software development, agile methods are often preferred in recent years. The classic approaches, especially the waterfall model and the V-model, seem to be more and more outdated. As a result, user stories […]

All Article

Validation and Verification

Implicit Testing – A good idea (Part 2)?

In the first part of the blog I defined the term „Implicit Testing“ and discussed root causes for the need of implicit tests. In the second part I will focus on the disadvantages of such tests and on possible solution approaches with the goal to avoid these disadvantages.

Implicit Testing – A good idea (Part 1)?

In larger safety-critical projects, quite often I hear the following statement: „Well, the Requirement A is indirectly or implicitly proven with the test XY!“ Do you know this sentence as well? Have you ever experienced what can happen in late project phases when you have tested many requirements indirectly? The blog defines the term in […]

Structural source code coverage and Requirements – Is there any dependency?

If you are newly engaged in the area of functional safety, then you will encounter fairly quickly the terms “structural source code coverage” and “requirements”. The specification of technical systems by requirements is, of course, also common in non-safety-critical areas. By contrast, the subject structural source code coverage is almost unknown outside safety-critical projects. In […]

All Article

Config and Quality

Quality Assurance in functional safety projects – Where is the difference?

The quality assurance checks the quality of the product. This is first of all an almost trivial statement. Depending on the definition of the term „product“, however, differentiate the responsibilities clearly. Do we monitor a production process or are we considering the assurance of quality in a software and electronics development? The following blog deals […]

Configuration Management: A challenging task!

Do you know the following situation? A software project is restarted and the individual tasks are distributed within the project team. Sometime if (nearly) all roles are assigned – no one has thought about the configuration management. Often this role is quickly assigned to the project leader, because – so the assumption -there is anyway […]

All Article


Security for Embedded Systems – What lies ahead of us?

The need for security protection measures in the Office IT environment is obvious since years. Firewall, virus scanner, encryption of data: Office IT is no longer thinkable without these aspects. On the other hand, security for embedded systems is relatively new. These systems are already vulnerable to possible malicious attacks. For a long time there […]

Security – A term that has many meanings!

Security is a topic which plays a key role for the success of topics like Internet of Things, Smart Home. If we consider the topic in more detail, it will be realized that it will be worthwhile, to separate the individual topics. It is important to be aware that the boundaries of the separate topics […]

All Article