CFSE Exam Preparation: Section II-5

Section II-5:
Verification and Validation

 V-Model
 Verification
 Validation
 Responsibility
 Documentation

1
CFSE Exam Preparation: Section II-5

Terms
Validation
Activity of demonstrating, by tests, that the Safety-
Related System, before or after installation, meets the
Safety Requirements Specification.
Verification
Activity of demonstrating for each phase of the Safety
Lifecycle, by analysis and / or tests, that, for the
specific inputs, the deliverables meet the objectives
and requirements set for the specific phase.

2
CFSE Exam Preparation: Section II-5

V-Model
Product Maintenance User
Product Maintenance
Field Monitoring D
Field
Change Monitoring
Management
Requirements Change Management
V&V
Requirements
User Requirement Specification Use and Mis-Use Szenarios Validation
D
Requirement Specification
V&V Plan and Procedures
Validation User
V&V V&V Plan and Procedures Func ti Validation tests s) Automated Regression Tests
ons an enario Automated Regression Tests V&V
d limita re s c
tions (Failu

.
Iteration tion te
s ts
Documentation
Addit
ional
Valida Documentation
Architecture Additional functions and limitations
Guidelines for installation,
Architecture Guidelinesmaintenance
operation,
operation,
for installation,
and error maintenance
handling
D
Graphical Design Spec. Operation and exception handling instruc tions and error handling Doc
Graphical Pos it
(RT-SA,Design
UML) Spec. iv e-
D (RT-SA, UML) / Ne
Interface Spec. gativ
V&V Interface Spec. e-Te
s ts -
Static Erro
+ Dy r han
nam dling Integration Test
ic An
aly s
is
Integration Test
Int User
er Tests to show the correct
fac
eS Tests to show
interaction the correct
of functions D
pe interaction of functions
c. V&V

Detailed Design Unit / Interface Tests

Detailed Design Unit / Interface Tests
UML
UML
GUI
D D
GUI
Implementation
Implementation
D

Evolution over Prototypes

Requirements Tracking Defect Tracking; Configuration Management

3
CFSE Exam Preparation: Section II-5

Project Life Cycle – Initial Phase

Customer
Problem Statement
Scope
& P
LOPA
Require- h
ments a
s
e
Functional Safety Application
Requirements Spec. Requirements Scenarios
1

Library of proven
solutions

P
Project
Design
Updated h
Requirements
a
Cost and Project s
Schedule e

Configuration and Verification

2
Interface Spec. V&V

Validation and
4 Integration Test Spec
CFSE Exam Preparation: Section II-5

SIL versus Compliance Effort

SIL 1 SIL 2 SIL 3

FSM Low Low Medium

H/W 1oo1D 1oo1D 1oo1D

(Fault Control) > 60% > 90% > 99%

H/W Low Low Medium

(Error Avoidance)

S/W Structured Structured Semi-formal

(Error Avoidance) methods methods CASE Tool

5
CFSE Exam Preparation: Section II-5

V&V Plan and Report

 For each safety function under test or analysis:
 Specific reference to the allocated requirements (traceability);
 Description of how the requirements were verified
 List of the hazards which could possibly affect the function or be
affected by the function
 List of features in the environment on which safe operation
depends, including any operator or maintenance actions or any
assumptions underlying the safety analysis
 Description of the test and the expected result (passed / failed
criteria)
 Tools and equipment used, along with calibration data;
 Results of each test or analysis;
Traceability to objectives, requirements and criteria
 Discrepancies between expected and actual results.

6
CFSE Exam Preparation: Section II-5

Summary:
Verification and Validation

 V-Model
 Verification
 Validation
 Responsibility
 Documentation

7
CFSE Exam Preparation: Section II-5
Exercise 1
Verification and Validation
Two power supplies are used in a redundant configuration.
Assume one failure mode, lost power. Each power supply has a
failure rate of 0.0005 failures per year. Based on close physical
mounting and identical power supplies, a beta factor of 0.1 is
assigned.
What is the system unreliability for a two-year mission time?
Draw a fault tree for the system including common cause.

8
CFSE Exam Preparation: Section II-5
Exercise 2
Verification and Validation
Derive a reliability block diagram for the system described below:
+
Power
Supply -
Failure Modes and Effects Analysis
1 2 3 4 5 6 7 8 9
Name Code Function Mode Cause Effect Criticality  Remarks
Switch SW1 control lamp short contact weld none none 1E-06
open contact corrosion open circuit FAIL 5E-07 system failure
Switch SW2 control lamp short contact weld none none 1E-06
open Contact corrosion open circuit FAIL 5E-07 system failure
Lamp L1 provide light open power surge open circuit FAIL 3E-06 system failure
Power Supply PS1 provide elec. Current open overload no power FAIL 7E-06 system failure

9
CFSE Exam Preparation: Section II-5
Exercise 3
Verification and Validation

Solve the RBD from problem 2 using the given failure rates for
system reliability for a one-year time interval. Assume constant
failure rates.

10
CFSE Exam Preparation: Section II-5
Exercise 4
Verification and Validation
How would one best describe the difference between
verification and validation, as defined in IEC 61508
and IEC 61511.

11
CFSE Exam Preparation: Section II-5
Exercise 5
Verification and Validation
Consider the documentation that must be generated according to
the safety life cycle. List the attributes of a successful
documentation control scheme.

12
CFSE Exam Preparation: Section II-5
Exercise 1 (Key)
Verification and Validation
Two power supplies are used in a redundant configuration.
Assume one failure mode, lost power. Each power supply has a
failure rate of 0.0005 failures per year. Based on close physical
mounting and identical power supplies, a beta factor of 0.1 is
assigned.
What is the system unreliability for a two-year mission time?
Draw a fault tree for the system including common cause.

13
CFSE Exam Preparation: Section II-5
Exercise 1 (Key)
Verification and Validation
0.000010979
Power Supply
system failure

0.000000979

Power Supply A Power Supply B Common Cause

fails fails Power Supply

0.00099 0.00099 0.00001

14
CFSE Exam Preparation: Section II-5
Exercise 1 (Key)
Verification and Validation

First, the normal failure rates versus the common cause failure rates
are determined.
N = (1-) *  = 0.000495 failures/year.
CC =  *  = 0.000005 failures/year.
The probability of a single power supply failure (unreliability) = 1 – e^(-
0.000495*2) = 0.00099.
The probability of a common cause power supply failure = 1–
e^(-0.000005 * 2) = 0.00001.
The probability of power supply A AND power supply B failure =
0.00099 * 0.00099 = 0.000000979.
The probability of this OR a common cause failure is approximately
0.000010979.
15
CFSE Exam Preparation: Section II-5
Exercise 2 (Key)
Verification and Validation
Derive a reliability block diagram for the system described below:
+
Power
Supply -
Failure Modes and Effects Analysis
1 2 3 4 5 6 7 8 9
Name Code Function Mode Cause Effect Criticality  Remarks
Switch SW1 control lamp short contact weld none none 1E-06
open contact corrosion open circuit FAIL 5E-07 system failure
Switch SW2 control lamp short contact weld none none 1E-06
open Contact corrosion open circuit FAIL 5E-07 system failure
Lamp L1 provide light open power surge open circuit FAIL 3E-06 system failure
Power Supply PS1 provide elec. Current open overload no power FAIL 7E-06 system failure

The FMEA says to ignore short circuit failures of the switch. That
leaves four elements in series for the RBD; SW1, SW2, L1 and
PS1.
SW1 SW2 L1 PS1
16
CFSE Exam Preparation: Section II-5
Exercise 3 (Key)
Verification and Validation

Solve the RBD from problem 2 using the given failure rates for
system reliability for a one-year time interval. Assume constant
failure rates.

Reliability for Block 1, SW1 is 0.9956.

Reliability for Block 2, SW2 is 0.9956.
Reliability for Block 3, L1 is 0.9741.
Reliability for Block 4, PS1 is 0.9405.
Reliability for the system is R1 * R2 * R3 * R4 = 0.908.

17
CFSE Exam Preparation: Section II-5
Exercise 4 (Key)
Verification and Validation
How would one best describe the difference between
verification and validation, as defined in IEC 61508
and IEC 61511.
Validation: Activity of demonstrating, by tests, that the Safety-
Related System, before or after installation, meets the Safety
Requirements Specification.
Verification: Activity of demonstrating for each phase of the
Safety Lifecycle, by analysis and / or tests, that, for the
specific inputs, the deliverables meet the objectives and
requirements set for the specific phase.

18
CFSE Exam Preparation: Section II-5
Exercise 5 (Key)
Verification and Validation
Consider the documentation that must be generated according to
the safety life cycle. List the attributes of a successful
documentation control scheme.

Version Number Titles

Approval "Signature“ Table of Contents
Review "Signature“ Scope statement
Easy to Understand Accurate and concise
Accessible Suit intended purpose
Must be consistently used
Means to allow a search for relevant information

19