The operations and use of a certain number of systems require authorizations granted by safety authorities. The issuance of these authorizations is based on safety demonstrations. In aeronautics, onboard systems must satisfy airworthiness requirements.
These certificates are granted on the basis of satisfactory proof that demonstrates that the air transport system fulfills the specifications at least to the level required by defined standards (FAA, CAA, DGAC …). The basis for the proof in particular includes failure analyses, plans and trial results.
In the field of nuclear energy, plant operations are subject to authorizations granted by the Nuclear Safety Authority (Autorité de Sûreté Nucléaire) pursuant to procedures that include the designer’s and operator’s safety reports that must demonstrate the safety of the installation designed or used.
Similar terms apply to other sectors (rail transport, space, oil and chemical industries …).
Execution and Support
ClearSy provides support in the management of all the works related to safety demonstrations pursuant to the standards applicable in the field. They cover material and software features for the relevant system:
- Preliminary risk analysis
- Analysis of the principles of the architecture’s safety
- Critical code reading
- Safety analysis of code chain production safety
- Safety dossiers
and are performed in various contexts:
- Support to manufacturers
- Support to the bodies responsible for certification
This support has been specifically provided for critical systems (Safety Integrity Level 4):
- SBKL TIVD railway signal system
- MF 2000 rolling stock safety system
- Computerized control stations parameterization software
- Coding and extension software
As an alternative to traditional methods, Clearsy consultants have perfected a formal demonstration method for operational principles, in particular applied to protection and backup systems. This formal demonstration method guarantees the soundness of these systems with defined incidental and accidental hypotheses and also provides a secure means to diagnose failures and their effects.
This formal demonstration acts as a complement to calculations, simulations and trials that are conducted in parallel.
This formal method has been used in the context of:
- Principles for failure detection, isolation and recovery (FDIR) of the satellite control system, the components of which (non-spatialized) are subject to the ionizing radiation of the space environment.
- The diagnosis of failures of the components of an automobile based on effects observed on the automobile.