Safety and Security Management
Basically, there are two safety aspects: safety and security. Safety refers to the protection of humans and the environment from wrong operations or functions of potentially dangerous machines. Security means the protection of the machine from humans.
Standards conformity in safety and RAM management
In context with the safety management one must also consider RAM management. RAM is an abbreviation of the terms reliability, availability and maintainability. Our safety and RAM experts will develop a safety and RAM process in cooperation with you. This process would meet your standards and integrate and implement the individual safety and RAM activities into the respective phases of a project
We have extensive experience in applying established safety and RAM methods and techniques, including for example
- Failure modes and effects analysis (FMEA)
- Failure modes, effects and criticality analysis (FMECA)
- Fault tree analysis (FTA)
- Hazard Identification (HAZID)
- Hazard and Operability (HAZOP)
We select the safety and RAM processes suitable for your needs and implement them in line with the specific requirements during the development. In this way we ensure that safety and RAM become an integral part of your software development process. To us it does not matter whether your development process is based the waterfall model, the V model or an agile development approach (e.g. SCRUM). We are familiar with all of them.
Safety incorporating security
Opening up communications networks, such as interlockings, which so far have been physically sealed off, to use open networks for user friendliness and increased flexibility (e.g. remote maintenance of installations) can lead to opening gateways for cyberattacks. This can lead to a reduced availability, the cancellation of functional security as well as performance-related problems of the safety system. At certitudo GmbH we support you in the protection of your safety system also against security attacks. We will show you how sometimes competing safety and security measures can be combined with each other at an optimal level so that your system remains safe as well as secure. We do this by supporting you in drawing up a safety management plan which incorporates the necessary security aspects, implementing security management, carry out the defined safety and security activities with you and draw up the safety case for your safety system with you considering the results of the security activities carried out.
„Security aspects of using COTS and open source software components for critical systems“, an article we have published, describes as an example our services. We hope you enjoy reading it.
Software FMEA
Failure modes and effects analysis (FMEA) is not limited in its application to the analysis and evaluation of system and hardware failures, but can also be applied to software components. In this case it is more a question of considering the failure or maloperation of the functionality of a software component than the failure of the software itself. certitudo GmbH is in a position to introduce you to an approach, which would enable you to analyse your software components for any maloperation and evaluate the effects, so that your software becomes more fail-safe and more robust in its performance.
Safety in development
Safety is not merely a pure management task, i.e. checking and monitoring adherence to safety relevant activities in the design, in development and in testing, but also an activity which must be carried out during design, in development and in testing. This means making the respective employees aware and training them regarding the required and necessary safety relevant activities. Only this awareness and training will ensure that safety relevant activities are implemented correctly and your system is safe. certitudo GmbH with its extensive experience in development and testing can train your employees to apply this know-how so that they will think and act “safety” right from the start.
Reference Project
As part of the technical renewal of the route network of Hungarian Railway MAV a Hungarian company was contracted to develop an MMI (Men Machine Interface) for the operation of an electronic interlocking by an Austrian manufacturer. For this project, certitudo GmbH was tasked to build a safety management for the SIL 2 component for this MMI in line with the European Railway Standards EN 50126 and EN 50129 and introduce this at the Hungarian company. After a few months of support the complete safety management was successfully handed over to the Hungarian company der MMI.