exida explains Blog

2012 - Good Progress for Cybersecurity and Functional Safety

I think it is wise for individuals to periodically review things. I like to do my professional review at the end of the year. 2012 was a good year.

Product Certification

Over 60 new products received functional safety or cybersecurity certification this year. Those products and more…

Read More...

Replace Before Failure

The solenoid valve manufacturer provides an FMEDA report that lists “useful life = 12 years.”  Useful life is a reliability engineering term that indicates a point in time when the failure rate of a device will begin increasing rather rapidly.  Why do we care about this time interval?  That…

Read More...

  • by John Yozallinas, CFSE
  • Thursday, December 06, 2012
  • Software

Spaces and Braces and Comments – Oh My!

What constitutes a good coding guideline?

Serious software development for functional safety requires a coding standard or coding guideline. Most organizations have one, but how do you know if it’s good?

You need to look beyond the boilerplate and physical code layout that are often defined in a coding…

Read More...

  • by Michael Medoff , CFSE, CISA
  • Thursday, November 29, 2012
  • Certification

Tool Qualification and Safety Standards

When building a product such as an anti-lock braking system for an automobile, or a railroad, or process control safety system, making sure that the product works as specified is a big part of functional safety. When it is time for the system to engage to prevent an accident,…

Read More...

Alarm Rationalization is “Going Green (field)”

With the growing adoption of the ISA-18.2 standard on alarm management, industry leaders are increasingly implementing alarm management best practices (such as alarm rationalization) during the upfront design, before they start up control systems for new, “Greenfield” installation. There are numerous benefits. You think alarm overload and nuisance alarms…

Read More...

  • by Dr. William Goble, CFSE
  • Thursday, November 15, 2012
  • Certification

Certification Accreditation

I am often asked “who says exida can certify a product?”  The best answer is of course “the marketplace.”  End user owner/operators ask for an exida certificate because they understand why technical competency is so important when evaluating design quality.  Then instrumentation manufacturers get an exida certificate because exida…

Read More...

  • by Dave Butler, CFSE
  • Tuesday, November 06, 2012
  • Software

IEC 61508 Compliant Module Testing: Part 4

Part 3 covered the design of tests, resulting in one or more Module Test Plans.  To execute a test plan, one would start with the test plan and a test results template (which could be a copy of the test plan as indicated previously), document the general test information…

Read More...

Industrial Control System Cyber Security – Legislation and Standards

There is a lot of concern around cyber security in Industrial Control Systems.  With new threats like Stuxnet and Flame, the perceived risk to critical infrastructure has increased dramatically.  There are increased calls for legislation and new methods for dealing with these threats.  The history of how we have…

Read More...

  • by Dave Butler, CFSE
  • Thursday, October 25, 2012
  • Software

IEC 61508 Compliant Module Testing: Part 3

The Test Plan

Assessment requires evidence that module tests are designed properly, run properly, and have been successfully run. Documented test results are also required.  In order to meet these requirements it is generally a good idea to document a test plan for each module.  Information that applies…

Read More...

  • by Dave Butler, CFSE
  • Friday, October 19, 2012
  • Software

IEC 61508 Compliant Module Testing: Part 2

Last week you learned about what exactly a module is, and examples of different types of modules. Now we will move on to interfaces, the need for module testing, and code coverage requirements.

An interface, such as the 3D printer’s communication interface, or the format of the 3D data…

Read More...

Pen Testing a Live Control System – Are You Mad?

A recent, disturbing trend I’ve seen in industrial control system (ICS) security is that, in response to concerns about the security of their ICS & SCADA systems, companies are performing penetration (pen) testing on operational systems.  Often times they request these services as one of the first steps in…

Read More...

  • by Dave Butler, CFSE
  • Friday, October 12, 2012
  • Software

IEC 61508 Compliant Module Testing: Part I

3D printers are cool!  I watched a TED talk this past year about them.  I know they have been around for over 30 years, but I still think they’re cool.  As I watched, I thought of the wheel for my dishwasher’s roll-out rack, which had…

Read More...

How to Decode an exida IEC 61508 Certificate: Part 2

Click here to read Part 1

Now that you know the step-by-step process of product certification, now let’s take a look at the actual information on the certificate. 

In the left panel (gray background) you will find an exida certification logo. …

Read More...

How to Decode an exida IEC 61508 Certificate: Part 1

So you downloaded a product certificate from the exida website and you are trying to understand the information documented in the certificate.  Also, you likely want to know what stands behind the certificate and what was involved in the certification of the product.
 
I’m not…

Read More...

  • by Michael Medoff , CFSE, CISA
  • Thursday, September 20, 2012
  • Certification

Component De-rating Without the Overhead

If you were going to build a bridge, you would want to make sure that it did not fall down if there were too many cars on the bridge.  One way that this is accomplished is to overdesign.  If the bridge is expected to hold at most 20,000 pounds,…

Read More...