CAP 670 Air Traffic Services Safety Requirements 1(77)

曝光台 注意防骗 网曝天猫店富美金盛家居专营店坑蒙拐骗欺诈消费者

d) For AEL 4, rigorous argument was used to ensure that failures in the environment will not result in failure to meet the software safety requirements.
e) For AEL 5, proof of correctness for the robustness attributes of the safety properties carried out.
7.4.3.4 Backing for Analysis of Robustness Arguments and evidence should be available which show that: a) Fault detection mechanisms used to detect failure are sufficient to detect a high
proportion of the failures. This proportion should be defined and justified. b) Modelling assumptions are applicable and take into account the hardware on which it will be implemented and any associated input-output devices.

7.4.4 Specific Requirements for Evidence of Reliability
Where feasible, software safety requirements should be stated in probabilistic terms involving time (i.e. that a given failure rate must not be exceeded), and testing or field service experience is to be used to obtain direct evidence of requirements satisfaction. For this evidence to be compelling a statistical confidence of at least 95% should be achieved.
It is expected that an appropriate form of direct evidence will be selected from the following table in order to demonstrate that the specified reliability properties have been satisfied.
Acceptable Sources of Evidence: Reliability (Choose 1 column only from the appropriate row) 
AEL 1  TESTING  FIELD SERVICE EXPERIENCE & Testing  ANALYSIS & Testing  ANALYSIS & Field Service Experience & Testing 
AEL 2  TESTING  FIELD SERVICE EXPERIENCE & Testing  ANALYSIS & Testing  ANALYSIS & Field Service Experience & Testing 
AEL 3  FIELD SERVICE EXPERIENCE & Testing  ANALYSIS & Testing  ANALYSIS & Testing & Field Service Experience 
AEL 4  ANALYSIS & Testing  ANALYSIS & Field Service Experience & Testing 
AEL 5  ANALYSIS & Field Service Experience & Testing 

7.4.4.1 Direct Evidence from Testing for Reliability Arguments and evidence should be available which show that: a) The demands placed on the software were representative of normal operation. b) The tests were sufficient to demonstrate that the reliability attribute of the
software safety requirement is met to a confidence of 95%.
7.4.4.2 Direct Evidence from Field Service Experience for Reliability
Arguments and evidence should be available which show that the failure rate for all safety related failures, observed in field service should not be greater than the allowed failure rates stated in the software safety requirements, to a 95% confidence level.

7.4.4.3 Direct Evidence from Analysis for Reliability
Arguments and evidence should be available which show that there is a low probability of residual faults in the software.
7.4.4.4 Backing Evidence from Analysis of Reliability Arguments and evidence should be available which show that: a) The fault density figures are credible when compared with other projects using a
similar development approach. b) Design and programming standards were in place to: i) Minimise the risk of residual errors remaining in the software (for example, from the use of constructs which are open to misinterpretation, are obscure in meaning, or may lead to programs which are difficult to analyse). ii) Ensure that the clarity and readability of the software design and code are
adequate, as appropriate to the design notations and languages used. c) The design and programming standards were adhered to. d) Mechanisms were in place to detect software faults at each stage of development. e) The fault-detection mechanisms were effective at each stage of development.

7.4.5 Specific Requirements for Evidence of Accuracy
It is expected that an appropriate form of direct evidence will be selected from the following table in order to demonstrate that the specified accuracy properties have been satisfied.
　
中国航空网 www.aero.cn
航空翻译 www.aviation.cn
本文链接地址：CAP 670 Air Traffic Services Safety Requirements 1(77)