10 April 2012
Adapting to ever changing standards helps consultancy improve efficiency
Just a stone's throw away from the River Mersey, specialist consultancy LDRA provides automated analysis and testing tools for software applications – a service it has offered for nearly 40 years. In recent times, as well as asking for software verification tools, its engineering management customers are calling for clearer defined verification techniques. This increase in the need for traceability has forced LDRA to change the way in which it works.
It's crucial the consultancy's testing systems adhere to safety critical standards: customers include blue chip companies in the aerospace, defence, nuclear and automotive sectors – all markets in which lives depend. As a result, software must be robust and dependable – before and after implementation.
Traceability, in particular, is key. "Engineering managers need to know the requirements and definition from the top down to the lowest level test and product validation," said LDRA's sales director Jonathan Kelly. "From their perspective, everything needs to be clearer and LDRA can link this traceability all the way from design to testing code."
For Kelly, interaction is critical. "Engineering management is not just about top level reporting, all levels must be involved; not just to communicate, but also to have a concept. By establishing communication we get visibility. Engineering management is about knowing how a project is progressing while everyone in the chain knows their responsibilities."
Kelly is all for more stringent standards as they help create an ethos of best practice. "We need to have these methodologies in place," he said. "From our perspective – and with our expertise in analysing source code, developing tools and techniques for source control analysis and testing – it makes life easier. When people follow best practices, the quality of what they are doing is improved and all processes are simplified." It also means that requirements must be well designed, implemented correctly and that software is structured to achieve a more efficient testing and analysis phase. "Stringent standards have created a demand for tools that do software analysis, but which also provide a framework for engineering management to put into place defining requirements," observed Kelly. "LDRA, as a tool vendor, now extends its tools and solutions so that we now provide traceability from start to finish."
Adhering to tighter safety critical standards is a challenge that LDRA also addresses through a series of R&D programmes. This enables the firm's integrated tool suite to be applied to a diversity of legacy and modern programming languages and platforms.
Nevertheless, as tools, background software and electronic devices grow in size and complexity – resulting in a need for more rigid standards – this can leave many in the design community behind. "LDRA had a large number of visitors talking about certification at Embedded World," Kelly noted. "The community is increasing and people need to be trained. An important factor is lifecycle traceability, which means compaies know where they are in the process and can provide this information to a certifying authority or a customer. Our framework, tools and software enable us to manage what we're doing and, ultimately, provide safety, which is the most important thing."
As well as tools, LDRA provides step by step guidance for new users and training for customers' technical teams. Critical project requirements that relate to certification are addressed, such as management, planning, staff training, development, verification and production. While analysing certification and safety needs, the company also tries to ensure that individual and exacting aviation standards can be met at a fixed price – something unusual among certification services. "A fixed price is important so that a customer about to undertake a long term project is fully aware of the costs from the outset," pointed out Kelly.
The need to help customers develop certification ready products resulted in the company forming LDRA Certification Services (LCS). The subsidiary is backed up by a team that includes Federal Aviation Administration designated engineering representatives and safety engineering experts.
"LCS was set up to assist customers with compliance and certification and certainly has the experience to achieve this," Kelly said. "It was established from spending many years giving customers advice on certifying to standards. LCS is an amalgamation of LDRA and a group of certification standards experts, so we can guide our customers through the certification minefield. For a company that is new to certification, there's a lot to learn."
According to Kelly, the LCS team has the experience to guide certification applicants through a broad range of compliance processes and ensure that management level customers' certification efforts are accurate, complete and fully compliant.
LCS launched solutions specific to IEC61508 and ISO26262 at this year's Embedded World exhibition. IEC61508 governs a range of electronic safety equipment; from controlling life support systems in submarines to monitoring equipment performance in industrial plants. While the standard has always required risk assessment and safety analysis, a 2010 revision added bidirectional traceability, increasing the regulatory burden on project managers.
Misinterpreting the standard can result in compliance failure, resulting in over running costs and product delays. In the nuclear power industry, the failure of a programmable device such as a gamma ray spectrometer or pressure control monitor can result in serious physical injury.
"IEC61508 certification focuses on readiness for industrial safety equipment," noted Kelly. "Guidelines are process orientated, but there are some specifics with regard to verification and validation. These prescribe the types of activities that should be performed and depend on the safety and integrity level of the application that's being developed. That channels the engineering department down the route to what exactly they're going to do." LCS recommends techniques, including software module testing, static analysis, programming rules. "It's important to determine an appropriate set of guidelines and ensure that the software is compliant."
LCS has used the LDRA tool suite to provide the verification foundation to help third party vendors become compliant with the standard. The tool suite is designed to uncover software bugs in less time than if the code was searched manually, while evaluation of vendor tools can be easily substantiated. "It also manages and tracks all artefacts to achieve complete bidirectional traceability from requirements to model, code, test and verification, extending all the way down to object code and on target testing," Kelly said.
ISO26262 is a functional safety standard and a formal derivative of IEC61508, but is finely tuned for the automotive industry. The standard establishes four automotive safety integrity levels for the electric, electronic and programmable electronic subsystems and mandates design practices, compliance to programming standards like MISRA C and bidirectional traceability. "It adopts the concepts of safety integrity levels, where the beginning of a process is to consider safety implications such as hazard analysis and risk analysis," said Kelly. "LDRA actually helps set up standards, with company reps on these committees, such as MISRA C and C++ standards."
As tools, background software and electronics devices grow in size and complexity, new derivative standards are prescribing how software should be developed. LDRA believes it is setting the standard for achieving this in an appropriate way.