A preview of the PDF is not available
The Agile Safety Case and DevOps for Railway Signalling systems
During the last years, there has been an increasing use of agile development methods when developing safety-critical systems, like railway signaling systems. These methods are introduced to shorten the time to market, to reduce costs and to facilitate updates of the software. Some of the manufacturers of safety-critical systems seems also to be ready for DevOps, Humble et al (2010) and Lwakatare et al (2016). The term DevOps stems from the combination of two processes – development and site operation. New technology has made it much simpler to monitor the operation of the trains and trackside signals continuously. The Agile Safety Case Approach, Myklebust and Stålhane (2018), could be an enabler for future DevOps processes. This paper discusses such a solution. It has become important to move towards a process with more frequent updates of the safety software due to: 1. minor differences for e.g. each site specific applications, 2. correction of bugs and errors, 3. reduction of the numbers of SRACs (Safety Related Application Conditions) 4. improved operational feedback 5. improvements due to technology improvements and 6. security issues (IEC FDIS 62443-4-1:2017 and IEC TR 62443-2-3:2015) including safe patching (IEC TR 63069) The Agile Safety Case forces the applicant to be specific about the quality and safety process together with technical safety aspects, enabling the certification process to be done in parallel with development and enabling the ISA (Independent Safety Assessor) and NoBo (Notified Body) to evaluate the current information at any time in the project.