The commissioning and operation of a number of systems requires prior authorisation by safety authorities.
This authorisation is conditional on the provision of safety demonstrations.
In aeronautics, on-board systems must meet airworthiness requirements.
These certificates are granted on the basis of satisfactory evidence that the aircraft system meets specifications at least equal to defined standards (FAA, CAA, DGAC, ..). Means of proof include failure analyses, drawings and test results.
In the field of nuclear energy, the operation of power plants is subject to authorisations issued by the Nuclear Safety Authority after procedures including the provision by the designer and the operator of safety reports demonstrating the safety of the installation designed or operated. Similar provisions can be found in other sectors (rail transport, space, oil and chemical industries, etc.).
IMPLEMENTATION AND SUPPORT
CLEARSY takes care of all the work related to the demonstration of safety, respecting the requirements of the normative framework of the domain. This work covers the hardware and software aspects of the system under consideration
- Preliminary Risk Analysis
- Analysis of the Safety Principles of the Architecture
- Critical code reading
- Safety analysis of code production lines
- Safety case
And are carried out in a variety of settings:
- Assistance to the industrial manufacturer
- Assistance to the organisation responsible for approval/certification
This support has been implemented in particular for critical systems (Safety Integrity Level 4):
- Railway signalling systems BKL TIVD
- Rolling stock safety IT MF2000
- Software for setting the parameters of computerised shunting stations
- Encoder software and extension
As an alternative to traditional methods, the CLEARSY consultants have developed a method of formal demonstration of operating principles applied in particular to protection and backup systems. This formal demonstration method allows on the one hand to guarantee the robustness of these systems under defined incidental and accidental hypotheses and on the other hand to offer a sure means of diagnosis of failures and their effects.
This formal demonstration complements the calculations, simulations and tests carried out elsewhere.
This formal method could be implemented in the context of
- The principles of fault detection, isolation and recovery (FDIR) of the satellite control system whose (non-spatialized) components are subject to the ionizing radiation of the space environment.
- Fault diagnosis of motor vehicle components based on the observable effects on the vehicle.