IEC-62425-2007.pdf

IEC 62425 Edition 1.0 2007-09 INTERNATIONAL STANDARD NORME INTERNATIONALE Railway applications Communication, signalling and processing systems Safety related electronic systems for signalling Applications ferroviaires Systèmes de signalisation, de télécommunications et de traitement Systèmes électroniques de sécurité pour la signalisation IEC 62425:2007 THIS PUBLICATION IS COPYRIGHT PROTECTED Copyright © 2007 IEC, Geneva, Switzerland All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from either IEC or IEC's member National Committee in the country of the requester. If you have any questions about IEC copyright or have an enquiry about obtaining additional rights to this publication, please contact the address below or your local IEC member National Committee for further information. Droits de reproduction réservés. Sauf indication contraire, aucune partie de cette publication ne peut être reproduite ni utilisée sous quelque forme que ce soit et par aucun procédé, électronique ou mécanique, y compris la photocopie et les microfilms, sans l'accord écrit de la CEI ou du Comité national de la CEI du pays du demandeur. Si vous avez des questions sur le copyright de la CEI ou si vous désirez obtenir des droits supplémentaires sur cette publication, utilisez les coordonnées ci-après ou contactez le Comité national de la CEI de votre pays de résidence. IEC Central Office 3, rue de Varembé CH-1211 Geneva 20 Switzerland Email: inmailiec.ch Web: www.iec.ch About the IEC The International Electrotechnical Commission (IEC) is the leading global organization that prepares and publishes International Standards for all electrical, electronic and related technologies. About IEC publications The technical content of IEC publications is kept under constant review by the IEC. Please make sure that you have the latest edition, a corrigenda or an amendment might have been published. ? Catalogue of IEC publications: www.iec.ch/searchpub The IEC on-line Catalogue enables you to search by a variety of criteria (reference number, text, technical committee,). It also gives information on projects, withdrawn and replaced publications. ? IEC Just Published: www.iec.ch/online_news/justpub Stay up to date on all new IEC publications. Just Published details twice a month all new publications released. Available on-line and also by email. ? Electropedia: www.electropedia.org The world's leading online dictionary of electronic and electrical terms containing more than 20 000 terms and definitions in English and French, with equivalent terms in additional languages. Also known as the International Electrotechnical Vocabulary online. ? Customer Service Centre: www.iec.ch/webstore/custserv If you wish to give us your feedback on this publication or need further assistance, please visit the Customer Service Centre FAQ or contact us: Email: csciec.ch Tel.: +41 22 919 02 11 Fax: +41 22 919 03 00 A propos de la CEI La Commission Electrotechnique Internationale (CEI) est la première organisation mondiale qui élabore et publie des normes internationales pour tout ce qui a trait à l'électricité, à l'électronique et aux technologies apparentées. A propos des publications CEI Le contenu technique des publications de la CEI est constamment revu. Veuillez vous assurer que vous possédez lédition la plus récente, un corrigendum ou amendement peut avoir été publié. ? Catalogue des publications de la CEI: www.iec.ch/searchpub/cur_fut-f.htm Le Catalogue en-ligne de la CEI vous permet deffectuer des recherches en utilisant différents critères (numéro de référence, texte, comité détudes,). Il donne aussi des informations sur les projets et les publications retirées ou remplacées. ? Just Published CEI: www.iec.ch/online_news/justpub Restez informé sur les nouvelles publications de la CEI. Just Published détaille deux fois par mois les nouvelles publications parues. Disponible en-ligne et aussi par email. ? Electropedia: www.electropedia.org Le premier dictionnaire en ligne au monde de termes électroniques et électriques. Il contient plus de 20 000 termes et définitions en anglais et en français, ainsi que les termes équivalents dans les langues additionnelles. Egalement appelé Vocabulaire Electrotechnique International en ligne. ? Service Clients: www.iec.ch/webstore/custserv/custserv_entry-f.htm Si vous désirez nous donner des commentaires sur cette publication ou si vous avez des questions, visitez le FAQ du Service clients ou contactez-nous: Email: csciec.ch Tél.: +41 22 919 02 11 Fax: +41 22 919 03 00 IEC 62425 Edition 1.0 2007-09 INTERNATIONAL STANDARD NORME INTERNATIONALE Railway applications Communication, signalling and processing systems Safety related electronic systems for signalling Applications ferroviaires Systèmes de signalisation, de télécommunications et de traitement Systèmes électroniques de sécurité pour la signalisation INTERNATIONAL ELECTROTECHNICAL COMMISSION COMMISSION ELECTROTECHNIQUE INTERNATIONALE XD ICS 45.060 PRICE CODE CODE PRIX ISBN 2-8318-9310-0 2 62425 © IEC:2007 CONTENTS FOREWORD.5 INTRODUCTION.7 1 Scope.8 2 Normative references9 3 Terms, definitions and abbreviations.10 3.1 Definitions .10 3.2 Abbreviations.15 4 Overall framework of this standard16 5 Conditions for safety acceptance and approval17 5.1 The safety case .17 5.2 Evidence of quality management19 5.3 Evidence of safety management 21 5.3.1 Introduction .21 5.3.2 Safety life-cycle .22 5.3.3 Safety organisation 23 5.3.4 Safety plan 24 5.3.5 Hazard log.25 5.3.6 Safety requirements specification.25 5.3.7 System/sub-system/equipment design25 5.3.8 Safety reviews .25 5.3.9 Safety verification and validation 25 5.3.10 Safety justification26 5.3.11 System/sub-system/equipment handover26 5.3.12 Operation and maintenance .26 5.3.13 Decommissioning and disposal 26 5.4 Evidence of functional and technical safety 26 5.5 Safety acceptance and approval 29 5.5.1 Introduction .29 5.5.2 Safety approval process.30 5.5.3 After safety approval32 5.5.4 Dependency between safety approvals.32 Annex A (normative) Safety integrity levels.33 Annex B (normative) Detailed technical requirements .47 Annex C (normative) Identification of hardware component failure modes .62 Annex D (informative) Supplementary technical information79 Annex E (informative) Techniques and measures for safety-related electronic systems for signalling for the avoidance of systematic faults and the control of random and systematic faults .86 Bibliography95 Figure 1 Scope of the main IEC railway application standards.9 Figure 2 Structure of IEC 62425 .17 62425 © IEC:2007 3 Figure 3 Structure of safety case19 Figure 4 Example of system life-cycle (from IEC 62278) .21 Figure 5 Example of design and validation portion of system life-cycle 23 Figure 6 Arrangements for independence .24 Figure 7 Structure of technical safety report29 Figure 8 Typical safety acceptance and approval process.31 Figure 9 Examples of dependencies between safety cases/safety approval.32 Figure A.1 Safety requirements and safety integrity 34 Figure A.2 Global process overview36 Figure A.3 Example risk analysis process.37 Figure A.4 Definition of hazards with respect to the system boundary38 Figure A.5 Example hazard control process40 Figure A.6 Interpretation of failure and repair times 41 Figure A.7 Treatment of functional independence by FTA .42 Figure A.8 Relationship between SILs and techniques 45 Figure B.1 Influences affecting the independence of items52 Figure B.2 Detection and negation of single faults.55 Figure C.1 Example of a 4-terminal resistor, using a hybrid thick layer technique 65 Figure D.1 Example of a fault analysis method .83 Table A.1 SIL-table 45 Table C.1 Resistors68 Table C.2 Capacitors69 Table C.3 Electromagnetic components69 Table C.4 Diodes .71 Table C.5 Transistors.72 Table C.6 Controlled rectifiers 73 Table C.7 Surge suppressors .74 Table C.8 Opto-electronic components.75 Table C.9 Filters.76 Table C.10 Interconnection assemblies 76 Table C.11 Fuses.77 Table C.12 Switches and push/pull buttons.77 Table C.13 Lamps77 Table C.14 Batteries.78 Table C.15 Transducers/sensors (not including those with internal electronic circuitry)78 Table C.16 Integrated circuits.78 Table D.1 Examples of measures to detect faults in large-scale integrated circuits by means of periodic on-line testing, with comparison (SW or HW), in a 2-out-of-n system 84 Table E.1 Safety planning and quality assurance activities (referred to in 5.2 and 5.3.4)88 Table E.2 System requirements specification (referred to in 5.3.6).88 Table E.3 Safety organisation (referred to in 5.3.3) .89 Table E.4 Architecture of system/sub-system/equipment (referred to in 5.4).89 4 62425 © IEC:2007 Table E.5 Design features (referred to in 5.4) 90 Table E.6 Failure and hazard analysis methods (referred to in 5.4) .91 Table E.7 Design and development of system/sub-system/equipment (referred to in 5.3.7)91 Table E.8 Design phase documentation (referred to in 5.2).92 Table E.9 Verification and validation of the system and product design (referred to in 5.3.9)93 Table E.10 Application, operation and maintenance (referred to in 5.3.12 and 5.4).94 62425 © IEC:2007 5 INTERNATIONAL ELECTROTECHNICAL COMMISSION _ RAILWAY APPLICATIONS COMMUNICATION, SIGNALLING AND PROCESSING SYSTEMS SAFETY RELATED ELECTRONIC SYSTEMS FOR SIGNALLING FOREWORD 1) The International Electrotechnical Commission (IEC) is a worldwide organization for standardization comprising all national electrotechnical committees (IEC National Committees). The object of IEC is to promote international co-operation on all questions concerning standardization in the electrical and electronic fields. To this end and in addition to other activities, IEC publishes International Standards, Technical Specifications, Technical Reports, Publicly Available Specifications (PAS) and Guides (hereafter referred to as “IEC Publication(s)”). Their preparation is entrusted to technical committees; any IEC National Committee interested in the subject dealt with may participate in this preparatory work. International, governmental and non- governmental organizations liaising with the IEC also participate in this preparation. IEC collaborates closely with the International Organization for Standardization (ISO) in accordance with conditions determined by agreement between the two organizations. 2) The formal decisions or agreements of IEC on technical matters express, as nearly as possible, an international consensus of opinion on the relevant subjects since each technical committee has representation from all interested IEC National Committees. 3) IEC Publications have the form of recommendations for international use and are accepted by IEC National Committees in that sense. While all reasonable efforts are made to ensure that the technical content of IEC Publications is accurate, IEC cannot be held responsible for the way in which they are used or for any misinterpretation by any end user. 4) In order to promote international uniformity, IEC National Committees undertake to apply IEC Publications transparently to the maximum extent possible in their national and regional publications. Any divergence between any IEC Publication and the corresponding national or regional publication shall be clearly indicated in the latter. 5) IEC provides no marking procedure to indicate its approval and cannot be rendered responsible for any equipment declared to be in conformity with an IEC Publication. 6) All users should ensure that they have the latest edition of this publication. 7) No liability shall attach to IEC or its directors, employees, servants or agents including individual experts and members of its technical committees and IEC National Committees for any personal injury, property damage or other damage of any nature whatsoever, whether direct or indirect, or for costs (including legal fees) and expenses arising out of the publication, use of, or reliance upon, this IEC Publication or any other IEC Publications. 8) Attention is drawn to the Normative references cited in this publication. Use of the referenced publications is indispensable for the correct application of this publication. 9) Attention is drawn to the possibility that some of the elements of this IEC Publication may be the subject of patent rights. IEC shall not be held responsible for identifying any or all such patent rights. International Standard IEC 62425 has been prepared by IEC technical committee 9: Electrical equipment and systems for railways. It was submitted to the National Committees for voting under the Fast Track Procedure as the following documents: FDIS Report on voting 9/1057/FDIS 9/1087/RVD Full information on the voting for the approval of this standard can be found in the report on voting indicated in the above table. This document is based on EN 50129. This publication has been drafted in accordance with the ISO/IEC Directives, Part 2. 6 62425 © IEC:2007 The committee has decided that the contents of this publication will remain unchanged until the maintenance result date indicated on the IEC web site under “http:/webstore.iec.ch“ in the data related to the specific publication. At this date, the publication will be reconfirmed, withdrawn, replaced by a revised edition, or amended. 62425 © IEC:2007 7 INTRODUCTION This standard is the first International Standard defining requirements for the acceptance and approval of safety-related electronic systems in the railway signalling field. This standard is derived from the European Standard EN 50129. Safety-related electronic systems for signalling include hardware and software aspects. To install complete safety-related systems, both parts within the whole life-cycle of the system have to be taken into account. The requirements for safety-related hardware and for the overall system are defined in this standard. Other requirements are defined in associated IEC standards. This standard is the common base for safety acceptance and approval of electronic systems for railway signalling applications. The aim of railway authorities and railway industry is to develop railway systems based on common standards. The safety authorities having jurisdiction can apply this standard to the relevant matters they choose. On this basis, cross- acceptance of safety approvals for sub-systems and equipment can be applied by the different national safety authorities. Cross-acceptance is applicable to generic approval, not to specific applications. The standard consists of the main part (Clause 1 to Clause 5) and Annexes A, B, C, D and E. The requirements defined in the main part of t