According to IEC 61508:2010 a part with claims of compliance to IEC 61508 is a compliant item. But what do you call a standard product that has no claims of compliance to IEC 61508.
Figure 1 - extract from IEC 61508:2010
So, does that mean that an item developed to ADI’s standard development process is a “non-compliant item”? This seems a bit unwieldy.
Note – item is a generic term sometimes used to represent any component, element, or sub-system.
You can’t really describe it as a SIL 0 item or more properly an item suitable for use in an item with SIL 0 requirements since you can always build a safety system using standard components and therefore it is as useful to implement a “SIL 0” safety function as a SIL 3 safety function.
I have already used the term “standard component” twice in this blog to represent a standard item not developed to an IEC 61508 compliant development process and with no claims of IEC 61508 compliance. Perhaps this is the best term to use but it lacks universal understanding and people could ask “what standard are you talking about”. Typically, such “standard components” will be developed to an ISO 9001 compliant development process as a minimum but that isn’t really the standard to which we are referring. It's more referring to the fact that it is the normal everyday bog-standard development process. For integrated circuits at least this bog-standard development process is well recognized as being good.
Figure 2 - An excerpt from IEC 61508-2:2010
Our automotive colleagues might term this a QM (quality managed) part (part seems a more natural term than item while discussing ISO 26262).
Figure 3 - Extract from ISO 26262-3:2018
I have also seen the term “ASIL ready” used in automotive circles to represent an item that was not developed to an ISO 26262 compliant process but does come with extra information to help design it into a system with ISO 26262 requirements. But does having that information now make such components compliant items if using IEC 61508 terminology?
Setting the search for a good term wider. A widely used term is COTS (commercial off the shelf). This is especially prevalent in avionics functional safety where the relevant standard is DO254.
Figure 4 - An extract from DO254
The same term is used in the avionics software functional safety standard DO178C.
Figure 5 - An extract from DO178C
Another somewhat similar term used for software is SOUP (software of unknown provenance). However, this is not a great acronym in terms of today’s discussion as we might know the provenance of the software even if it wasn’t developed to any particular safety standard.
Figure 6 - Definition of SOUP from the medical software standard IEC 62304
A variation on SOUP is to call it the software of unknown pedigree/provenance and neither better matches the idea of COTS.
When I googled the terms “SOUP COTS” I came across another term, OTSS (off-the-shelf software) which I had never heard of. I believe the shorter term, OTS, is also used.
Looping back to IEC 61508 we have two relevant terms for hardware. The first is the idea of “mass-produced” for integrated circuits. I repeat the IEC 61508-2:2010 extract which shows it again below.
Figure 7 - an extract from IEC 61508-2:2010
The second term is items that can benefit from a claim of “Field experience”. This gives the minimum requirements for using “standard components” in a safety system according to IEC 61508.
Figure 8 - an extract from IEC 61508-7:2010
Looking forward, to the first draft of IEC 61508 revision 3, due out sometime after 2027, there will be the idea of class 0 semiconductors. This effectively replaces the term mass-produced described above.
Also in IEC 61508, we have the idea of a pre-existing software element that is relevant to the discussion.
Figure 9 - an excerpt from IEC 61508-7:2010
Having said all of the above my favorite term for an item with no claims of compliance with IEC 61508 is “standard product”.For IC(integrated circuits) “mass-produced” is a close second but since the term will be derogated in revision 3 of IEC 61508 and doesn’t include new integrated circuits, that have not shipped in volume, the term is not enough even for IC.
In a future blog in this series, I must look at the implications of using “standard products” in a design according to IEC 61508.
Also, another blog for the future is how to treat elements developed to some safety standard, just not the one you are using today e.g., an item developed to IEC 61508, being used in a system being developed to ISO 26262 or visa-versa. There is no shortage of blog topics on functional safety. This is number 86 in this series and the list of available topics keeps growing.
For a full set of “standard products” please visit www.analog.com
For the full series of blogs in this series see here.
For a series of mini-blogs (really just LinkedIn posts using the hashtag #functionalsafetytom) see here.