CAP 670 Air Traffic Services Safety Requirements 1(75)

曝光台 注意防骗 网曝天猫店富美金盛家居专营店坑蒙拐骗欺诈消费者

vii)The formal proofs or arguments submitted are logically correct. This may be shown either by manual inspection or by tool-based checking.
viii)Procedures or tools have been used to ensure that the analyses are carried out adequately.
ix) Any procedures and tools used to support analysis, analysis of testing and the analysis of field service experience have been verified and validated.
x) Any tools used to support analysis, maintain the integrity of the results and the operational software.
xi) Where analysis has been carried out on source code, the object code is a correct translation of that source code.
NOTE 1:Staff are deemed to be appropriately qualified and experienced if they understand the design notations, are experienced in using them, and understand the analysis approach, the required attributes and the system context.
NOTE 2:More than one notation may be used at any given design level.

7.4 Evidence for Requirements Satisfaction (by attribute)
This section offers guidance on assessing the behavioural attributes of a software safety requirement in addition to the generic guidance specified in sections 7.1 to 7.3.
7.4.1 Specific Requirements for Evidence of Functional Properties
It is expected that an appropriate form of direct evidence will be selected from the following table in order to demonstrate that the specified functional properties have been correctly implemented.
Acceptable Sources of Evidence: Functional Properties (Choose 1 column only from the appropriate row) 
AEL 1  TESTING  FIELD SERVICE EXPERIENCE & Testing  ANALYSIS & Testing 
AEL 2  TESTING  FIELD SERVICE EXPERIENCE & Testing  ANALYSIS & Testing 
AEL 3  ANALYSIS & Testing  ANALYSIS & Testing & Field Service Experience 
AEL 4  ANALYSIS & Testing  ANALYSIS & Testing & Field Service Experience 
AEL 5  ANALYSIS & Testing 

7.4.1.1 Direct Evidence of Analysis of Functional Properties
Arguments and evidence should be available that show:
a) The source code contains a correct implementation of the functional properties of the software safety requirement, either directly or by means of intermediate design notations or stages. This includes those functional properties that have been derived from non-functional software safety requirements.
b) All parameters and constants used in conjunction with the software system have been checked for correctness and internal consistency.

7.4.2 Specific Requirements for Evidence of Timing Properties
It is expected that an appropriate form of direct evidence will be selected from the following table in order to demonstrate that the specified timing properties have been satisfied.
Acceptable Sources of Evidence: Timing Properties (Choose 1 column only from the appropriate row) 
AEL 1  TESTING  TESTING & Field service experience  ANALYSIS & Testing 
AEL 2  TESTING  TESTING & Field service experience  ANALYSIS & Testing 
AEL 3  ANALYSIS & Testing  ANALYSIS & Testing & Field Service Experience 
AEL 4  ANALYSIS & Testing  ANALYSIS & Testing & Field Service Experience 
AEL 5  ANALYSIS & Testing 

7.4.2.1  Direct Evidence from Testing of Timing Properties
Arguments and evidence should be available which show that:
a) Specified response times for the software safety requirement have been met under minimum or no load conditions, normal and maximum planned load conditions.
b) Specified throughputs for the software safety requirement have been met under minimum or no load conditions, normal and maximum planned load conditions.

7.4.2.2  Backing Evidence of Testing of Timing Properties
　
中国航空网 www.aero.cn
航空翻译 www.aviation.cn
本文链接地址：CAP 670 Air Traffic Services Safety Requirements 1(75)