IEC Certification Kit for ISO 26262 and IEC 61508
Qualify code generation and verification tools for ISO 26262 and IEC 61508 certification
IEC Certification Kit provides tool qualification artifacts, certificates, and test suites, and generates traceability matrices. The kit helps you qualify code generation and verification products and streamline certification of your embedded systems to ISO® 26262, IEC 61508, EN 50128, and related functional safety standards such as IEC 62304. Certificates and assessment reports from the certification authority TÜV SÜD are included in the kit for the supported products and standards.
IEC Certification Kit provides ISO 26262 tool qualification and classification work products, together with test suites. It includes templates that let you adapt the work products to meet specific project needs. You can generate project-specific artifacts, including traceability matrices covering requirements, models, and generated code. Project- and product-specific artifacts can be combined to produce a complete ISO 26262 tool qualification package for embedded system certification.
Note: ISO26262:2018 states that Simulink and Stateflow are suitable for Software Architecture and Software Unit Design Notations and as a basis for automatic code generation.
IEC 61508 (Functional safety of electrical/electronic/programmable electronic safety-related systems) is an international, industry-independent functional safety standard. The seven-part standard spans IEC 61508-1 to IEC 61508-7. IEC 61508-3 is concerned with software development, verification, and validation. IEC 61508-3 highly recommends certified tools and translators for safety integrity levels (SILs) SIL 2 and higher; clause 7.4.4 provides “Requirements for support tools.
ISO 26262 (Road vehicles — Functional safety) is an international functional safety standard. It is an adaptation of IEC 61508 specific to the application sector of electrical and electronic systems in the road vehicle industry. It consists of 10 parts: ISO 26262-1 to ISO 26262-10. ISO 26262-6 pertains to software development, verification, and validation. It includes guidance for projects using Model-Based Design and code generation. ISO 26262-8 addresses multiple cross-functional topics, including the classification and qualification of software tools. The degree of rigor required for tool qualification is based on the tool classification level (TCL) and the software automotive safety integrity levels (ASILs) A to D.
EN 50128 (Railway applications — Software for railway control and protection systems) is a European standard that specifies procedures and technical requirements for the development of programmable electronic systems for use in railway control and protection applications. EN 50128, developed by the European Committee for Electrotechnical Standardization (CENELEC), is part of a series of standards that represent the railway application-specific interpretation of the IEC 61508 standard series.
IEC 62304 (Medical device software – Software life cycle processes) is an international standard that describes the software development and maintenance processes required for medical device software. The required processes, tasks, and activities are impacted by the hazard (risk to patient, caregiver, or environment) level of the device software. The hazard levels are divided into 3 safety classes: Class A - No injury or damage to health is possible, Class B - Non-serious injury is possible, and Class C - Death or serious injury is possible. IEC 62304 does not directly address software tool qualification. However, it states that IEC 61508 can be looked to as a source of methods, tools and techniques that can be used to implement the requirements in IEC 62304. Additional guidance on tool validation for regional authorities such as the FDA is available on the FDA software validation page.
IEC Certification Kit includes TÜV SÜD certificates for IEC 61508:2010, ISO 26262:2011, EN 50128:2011, IEC 62304:2006, and IEC 61511:2003. You can also use IEC Certification Kit as a basis for qualifying tools and for guidance on using Model-Based Design to develop systems requiring certification to other IEC 61508–related standards and adaptions.
IEC Certification Kit follows an in-context approach to tool certification or qualification based on a typical workflow or use cases when the applicant applies supported tools to develop or verify software for functional safety standard-compliant or standard-certified applications. The workflow addresses risk levels ASIL A–ASIL D according to ISO 26262, SIL 1–SIL 3 according to IEC 61508, and SIL 0–SIL 4 according to EN 50128. The applicant must use the tools within the referenced workflows and within the constraints and use cases specified in the certification plans of the applicant’s projects.
IEC Certification Kit is designed to help you provide a complete certification package to certification authorities using MATLAB®, Simulink, and Polyspace products. To use IEC Certification Kit, follow these steps:
- Document compliance with the relevant functional safety standard’s requirements and your intended use cases.
- Propose an initial certification plan to certification authorities.
- Collect tool-provided artifacts such as TÜV SÜD certificates and perform application-independent tool qualification activities, including the execution of product test suites.
- Perform application-specific tool qualification activities such as generating model-to-code traceability using the traceability matrix-generation capability IEC Certification Kit provides.
- Provide the completed certification package to certification authorities.
IEC Certification Kit provides guidance and information for the above steps and includes the document templates, test cases, and test procedures that you need to qualify the supported products and standards.
For supported products, IEC Certification Kit includes these artifacts:
- TÜV SÜD certificate and certificate report
- Reference workflow
- Tool qualification plan
- Tool conformance demonstration template
- Test cases, procedures, and results (for Embedded Coder®, Polyspace products, and other products)
You need to execute the test cases and procedures from IEC Qualification Kit in your MATLAB or Polyspace installation environment. You should then compare your generated test results with the expected results from the kit and work to eliminate any differences.
IEC Certification Kit provides detailed workflow guidance needed for developing and verifying systems using Model-Based Design. The workflow guidance describes processes, methods, and tools used for each software development and verification step from high-level requirements validation to executable object code verification.
With IEC Certification Kit, you can generate a traceability matrix spreadsheet showing requirements-to-model-to-code bidirectional traceability paths and file information. You can also use IEC Certification Kit to generate a list of reported bugs that you can store and archive for key Simulink and Polyspace tools used for Model-Based Design.
Note: Simulink and Polyspace were not developed using an IEC 61508–compliant process. Using certified tools does not ensure the safety of the software or the system under consideration.
Qualification and Certification Artifacts
Qualify R2019b versions of supported products
Qualification of Simulink Test Custom Criteria
Qualify Simulink Test custom criteria including function-based MATLAB unit test methods
Qualification of Additional Model Advisor Check
Qualify high-integrity Model Advisor check "Check type and size of conditional expressions"
Enhanced Test Suite for Polyspace Code Prover and Polyspace Code Prover Server
Run qualification tests that include test cases for Shared Variable mode and data dictionaries
IEC Certification Kit Reference Workflow
Learn the role of System Composer in developing embedded systems according to functional safety standards