0 z6 R3 J! v' S5 |* hStandard:% B+ }/ o; `6 P3 s- H& i6 }
IEC 61010-1:1990 ! y7 M5 B: N$ o+A1:1992+A2:1995 : a% M$ V) x% V5 Q; W! |! }Sub clause: ! u* F4 u5 C1 \7 c1.29 V) \3 B0 Z! q+ y
Sheet n. 2954 y' T" B0 ~+ P
Page 1(1)+ o7 s/ W- y2 O
Subject: 8 n: Q, I _6 Z/ P9 RObject6 f, h, p$ q. U' K& d* f: M
Key words:* J5 @* ~) u* Y0 |$ X
- Scope3 r. \+ N3 d) z0 O8 x
- Software Safety9 Q8 I. \: K) k" l8 B) `
Decision taken by6 D* n( F4 t$ `% ~& N1 R: ?
ETF3 and confirmed$ b* l; Z% T% ^4 K
by CTL at its 38th+ o; c6 e" d* H- ?. m% t5 J
meeting, in Toronto U) g, \) ? [6 }Question: . C r' M& I( c$ \If safety is dependent on Software, what criteria do laboratories employ to ensure 9 m0 I* @7 U2 n2 [5 I( ]/ m4 z, K7 Q& Ecompliance? ; z9 [, g4 T6 E* x. [Decision: x" n# A0 ?7 v1 I2 X0 j5 F
Software safety is not specifically addressed in IEC 61010-1 at present and therefore, there - s3 ~1 ?$ K& w( l. ` I: k% pare no specific guidelines for this work. A draft collateral standard is in preparation and also 4 f- v$ T1 N$ J9 n( J0 w# f2 iIEC 61508 deals with this topic.. z' ?/ r3 k8 ]9 y* @, Y
Generally, it is advised that devices should not be dependent on software alone for their / l' G: k3 X* q3 Q0 u" x0 Lsafety. There should be a separate independent means provided which acts to prevent a: n0 Q2 v8 E% j$ h- w2 h
dangerous condition arising.6 F- n5 |, T7 b* }- H1 F5 _
Explanation: 5 w3 A! W9 H, Z# b( z4 m ?: n0 R3 v! LExperience shows that the analysis of software systems to ensure their safe operation is very8 m: ?- o# |% V3 n% R
difficult and in practice, can only provide a measure of confidence. Additionally, the 3 W0 M/ H3 y* M1 H; M2 t# wmethods of performing the examination are not widely agreed upon and therefore, subject to # D! i- b0 v! ^4 m& s4 [ Pdoubt. In these circumstances, it is preferred to adopt safety limit methods known from6 t1 T3 M% W5 I& j8 g \
experience to be effective.( F' z- j; ^) ^" K! V* q
V4 O+ a. r$ j7 N5 M- |% x5 l
[attach]76254[/attach]1 F7 P2 d0 t% w
DSH 295