Reputation:
Differences Between R and HR in SIL# Norms
SIL norms define different rules that must be applied to code (i.e. : cyclomatic complexity, etc.)
These rules are defined by "NA - Non Applicable", "R - Recommended" and "HR - Higly Recommended".
I understand this appreciation is up to the people that define the software.
How constrained am I to follow the "R" rules from the "HR" rules ? Are the first one recommended and the second mandatory ?
Upvotes: 1
Views: 249
Answers (2)
Reputation: 1468
IEC 61508-3:2010, Annex A gives the following definitions:
HR: "the technicque or measure is highly recommended for this safety integrity level. If this technicque or measure is not used then the rationale behind not using it should be detailed with reference to Annex C during the safety planning and agreed with the assessor."
R: "the technique or measure is recommended for this safety integrity level as a lower recommendation to a HR recommendation." (sic!)
--: "the technique or measure has no recommendation for or against being used."
- NR: "the technique or measure is positively not recommended for this safety integrity level. If this technique or measure is used then the rationale behind using it should be detailed with reference to Annex C during the safety planning and agreed with the assessor."
The assessor is the representative of the certification authority, so it is really about convincing the certifier.
As far as I know, in theory there is no absolutely mandatory or forbidden rating, but it is quite easy to overload oneself with extra measures necessary to make some untypical, unrecommended strategy convince the certifier, that "HR" is quite close to "mandatory" and "NR" is quite close to "forbidden".
"R" is not as close to "mandatory", but often it is enough to show the certifier that a concept is made that takes into account the detail tables - and to take responsibility (!) that this concept is implementing a reasonable substitute for the "more typical" measure which has not been applied.
Upvotes: 0
Reputation: 1086
It is not clearly defined in the standards, so it is subject to interpretation by the certification authority. There are also variations in interpretation between standards (e.g. IEC 61508 vs EN 50128)
Most auditors would consider HR mandatory without some documented justification.
R is generally considered optional, but you generally need to select some of those options. (As opposed to optional meaning "can be ignored")
Upvotes: 1
Related Questions
- Where, if anywhere, are the dangers of non-standard evaluation documented?
- Want to clarify my understanding on R-type instruction
- Standard evaluation and non-standard evaluation in R
- Technical error of measurment function R
- Rf_error and Rf_warning definitions
- Confused with r-values and l-values
- Warnings on R code
- what are l-value and r-value expression?
- Need some help on r-value concept
- What is the difference between r-value references and l-value references? (CodeGen)