1、Railways Applications - Rolling stock applications - Software on Board Rolling StockBS EN 50657:2017BSI Standards PublicationWB11885_BSI_StandardCovs_2013_AW.indd 1 15/05/2013 15:06EUROPEAN STANDARD NORME EUROPENNE EUROPISCHE NORM EN 50657 August 2017 ICS 35.080; 35.240.60 English Version Railways A
2、pplications - Rolling stock applications - Software on Board Rolling Stock Applications ferroviaires - Applications du matriel roulant -Logiciels embarqus Bahnanwendungen - Anwendungen fr Schienenfahrzeuge - Software auf Schienenfahrzeugen This European Standard was approved by CENELEC on 2017-05-08
3、. CENELEC members are bound to comply with the CEN/CENELEC Internal Regulations which stipulate the conditions for giving this European Standard the status of a national standard without any alteration.Up-to-date lists and bibliographical references concerning such national standards may be obtained
4、 on application to the CEN-CENELEC Management Centre or to any CENELEC member. This European Standard exists in three official versions (English, French, German). A version in any other language made by translation under the responsibility of a CENELEC member into its own language and notified to th
5、e CEN-CENELEC Management Centre has the same status as the official versions. CENELEC members are the national electrotechnical committees of Austria, Belgium, Bulgaria, Croatia, Cyprus, the Czech Republic, Denmark, Estonia, Finland, Former Yugoslav Republic of Macedonia, France, Germany, Greece, Hu
6、ngary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, the Netherlands, Norway, Poland, Portugal, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and the United Kingdom. European Committee for Electrotechnical Standardization Comit Europen de Normalisation Elec
7、trotechnique Europisches Komitee fr Elektrotechnische Normung CEN-CENELEC Management Centre: Avenue Marnix 17, B-1000 Brussels 2017 CENELEC All rights of exploitation in any form and by any means reserved worldwide for CENELEC Members. Ref. No. EN 50657:2017 ENational forewordThis British Standard i
8、s the UK implementation of EN 50657:2017.The UK participation in its preparation was entrusted to Technical Committee GEL/9/2, Railway Electrotechnical Applications - Rolling stock.A list of organizations represented on this committee can be obtained on request to its secretary.This publication does
9、 not purport to include all the necessary provisions of a contract. Users are responsible for its correct application. The British Standards Institution 2017 Published by BSI Standards Limited 2017ISBN 978 0 580 92075 2ICS 35.240.60; 35.080Compliance with a British Standard cannot confer immunity fr
10、om legal obligations.This British Standard was published under the authority of the Standards Policy and Strategy Committee on 30 September 2017.Amendments/corrigenda issued since publicationDate Text affectedBRITISH STANDARDBS EN 50657:2017EUROPEAN STANDARD NORME EUROPENNE EUROPISCHE NORM EN 50657
11、August 2017 ICS 35.080; 35.240.60 English Version Railways Applications - Rolling stock applications - Software on Board Rolling Stock Applications ferroviaires - Applications du matriel roulant -Logiciels embarqus Bahnanwendungen - Anwendungen fr Schienenfahrzeuge - Software auf Schienenfahrzeugen
12、This European Standard was approved by CENELEC on 2017-05-08. CENELEC members are bound to comply with the CEN/CENELEC Internal Regulations which stipulate the conditions for giving this European Standard the status of a national standard without any alteration.Up-to-date lists and bibliographical r
13、eferences concerning such national standards may be obtained on application to the CEN-CENELEC Management Centre or to any CENELEC member. This European Standard exists in three official versions (English, French, German). A version in any other language made by translation under the responsibility
14、of a CENELEC member into its own language and notified to the CEN-CENELEC Management Centre has the same status as the official versions. CENELEC members are the national electrotechnical committees of Austria, Belgium, Bulgaria, Croatia, Cyprus, the Czech Republic, Denmark, Estonia, Finland, Former
15、 Yugoslav Republic of Macedonia, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, the Netherlands, Norway, Poland, Portugal, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and the United Kingdom. European Committee for Electrot
16、echnical Standardization Comit Europen de Normalisation Electrotechnique Europisches Komitee fr Elektrotechnische Normung CEN-CENELEC Management Centre: Avenue Marnix 17, B-1000 Brussels 2017 CENELEC All rights of exploitation in any form and by any means reserved worldwide for CENELEC Members. Ref.
17、 No. EN 50657:2017 EBS EN 50657:2017EN 50657:2017 (E) 2 Contents Page European foreword . 8 Introduction . 9 1 Scope . 12 2 Normative references . 13 3 Terms, definitions and abbreviations . 13 3.1 Terms and definitions . 13 3.2 Abbreviations 19 4 Objectives, conformance and software integrity level
18、s 20 5 Software management and organization 21 5.1 Organization, roles and responsibilities 21 5.1.1 Objective . 21 5.1.2 Requirements 21 5.2 Personnel competence . 25 5.2.1 Objectives . 25 5.2.2 Requirements 25 5.3 Lifecycle issues and documentation . 25 5.3.1 Objectives . 25 5.3.2 Requirements 25
19、6 Software assurance 28 6.1 Software testing 28 6.1.1 Objective . 28 6.1.2 Input documents . 28 6.1.3 Output documents . 28 6.1.4 Requirements 29 6.2 Software verification 29 6.2.1 Objective . 29 6.2.2 Input documents . 30 6.2.3 Output documents . 30 6.2.4 Requirements 30 6.3 Software validation 31
20、6.3.1 Objective . 31 6.3.2 Input documents . 31 6.3.3 Output documents . 31 6.3.4 Requirements 32 6.4 Software assessment . 33 6.4.1 Objective . 33 6.4.2 Input documents . 33 6.4.3 Output documents . 33 6.4.4 Requirements 33 6.5 Software quality assurance . 35 6.5.1 Objectives . 35 6.5.2 Input docum
21、ents . 35 6.5.3 Output documents . 35 6.5.4 Requirements 35 6.6 Modification and change control . 38 BS EN 50657:2017EN 50657:2017 (E) 3 6.6.1 Objectives . 38 6.6.2 Input documents . 38 6.6.3 Output documents . 38 6.6.4 Requirements 38 6.7 Support tools and languages 39 6.7.1 Objectives . 39 6.7.2 I
22、nput documents . 39 6.7.3 Output documents . 39 6.7.4 Requirements 39 7 Software development 42 7.1 Lifecycle and documentation for software 42 7.1.1 Objectives . 42 7.1.2 Requirements 42 7.2 Software requirements 42 7.2.1 Objectives . 42 7.2.2 Input documents . 42 7.2.3 Output documents . 43 7.2.4
23、Requirements 43 7.3 Architecture and Design 45 7.3.1 Objectives . 45 7.3.2 Input documents . 45 7.3.3 Output documents . 45 7.3.4 Requirements 46 7.4 Component design 52 7.4.1 Objectives . 52 7.4.2 Input documents . 52 7.4.3 Output documents . 52 7.4.4 Requirements 52 7.5 Component implementation an
24、d testing . 54 7.5.1 Objectives . 54 7.5.2 Input documents . 54 7.5.3 Output documents . 54 7.5.4 Requirements 54 7.6 Integration . 55 7.6.1 Objectives . 55 7.6.2 Input documents . 55 7.6.3 Output documents . 55 7.6.4 Requirements 56 7.7 Overall Software Testing / Final Validation . 57 7.7.1 Objecti
25、ves . 57 7.7.2 Input documents . 57 7.7.3 Output documents . 57 7.7.4 Requirements 58 7.8 Development of Software configured by application data . 59 7.8.1 Objective . 59 7.8.2 Requirements 59 8 Systems configured by application data: development of application data . 60 8.1 Objectives . 60 8.2 Inpu
26、t documents . 60 8.3 Output documents 61 8.4 Requirements . 61 8.4.1 Application Development Process 61 8.4.2 Application Requirements Specification 62 BS EN 50657:2017EN 50657:2017 (E) 4 8.4.3 Architecture and Design 62 8.4.4 Application Data Production 63 8.4.5 Application Integration and Testing
27、. 63 8.4.6 Application Validation and Assessment 64 8.4.7 Application preparation procedures and tools . 64 9 Software deployment and maintenance . 64 9.1 Software deployment 64 9.1.1 Objective . 64 9.1.2 Input documents . 64 9.1.3 Output documents . 64 9.1.4 Requirements 65 9.2 Software maintenance
28、 66 9.2.1 Objective . 66 9.2.2 Input documents . 66 9.2.3 Output documents . 66 9.2.4 Requirements 67 Annex A (normative) Criteria for the Selection of Techniques and Measures 69 A.1 General . 69 A.2 Clauses tables 70 A.3 Detailed tables 77 Annex B (normative) Key software roles and responsibilities
29、 . 82 Annex C (informative) Documents Control Summary . 95 Annex D (informative) Bibliography of techniques 97 D.1 Artificial Intelligence Fault Correction 97 D.2 Analysable Programs 97 D.3 Avalanche/Stress Testing . 98 D.4 Boundary Value Analysis 98 D.5 Backward Recovery 99 D.6 Cause Consequence Di
30、agrams 99 D.7 Checklists . 99 D.8 Control Flow Analysis 100 D.9 Common Cause Failure Analysis . 100 D.10 Data Flow Analysis 100 D.11 Data Flow Diagrams . 101 D.12 Data Recording and Analysis 101 D.13 Decision Tables and Truth Tables 102 D.14 Defensive Programming . 102 D.15 Coding Standards and Styl
31、e Guide . 103 D.16 Diverse Programming . 104 D.17 Dynamic Reconfiguration 105 D.18 Equivalence Classes and Input Partition Testing 105 D.19 Error Detecting and Correcting Codes 106 D.20 Error Guessing 106 D.21 Error Seeding 106 D.22 Event Tree Analysis 107 D.23 Fagan Inspections. 107 BS EN 50657:201
32、7EN 50657:2017 (E) 5 D.24 Failure Assertion Programming 107 D.25 SEEA Software Error Effect Analysis . 108 D.26 Fault Detection and Diagnosis 108 D.27 Finite State Machines/State Transition Diagrams . 109 D.28 Formal Methods 110 D.28.1 General . 110 D.28.2 CSP Communicating Sequential Processes 110
33、D.28.3 CCS Calculus of Communicating Systems 111 D.28.4 HOL Higher Order Logic 111 D.28.5 LOTOS 111 D.28.6 OBJ . 111 D.28.7 Temporal logic 112 D.28.8 VDM Vienna Development Method 112 D.28.9 Z method . 113 D.28.10 B method . 113 D.28.11 Model Checking 114 D.29 Formal Proof . 114 D.30 Forward Recover
34、y . 114 D.31 Graceful Degradation 115 D.32 Impact Analysis . 115 D.33 Information Hiding / Encapsulation . 115 D.34 Interface Testing . 116 D.35 Language Subset 116 D.36 Memorizing Executed Cases 116 D.37 Metrics 117 D.38 Modular Approach . 117 D.39 Performance Modelling . 118 D.40 Performance Requi
35、rements 118 D.41 Probabilistic Testing 119 D.42 Process Simulation . 119 D.43 Prototyping / Animation . 120 D.44 Recovery Block . 120 D.45 Response Timing and Memory Constraints 120 D.46 Re-Try Fault Recovery Mechanisms. 120 D.47 Safety Bag 121 D.48 Software Configuration Management . 121 D.49 Stron
36、gly Typed Programming Languages 121 D.50 Structure Based Testing . 122 D.51 Structure Diagrams . 122 D.52 Structured Methodology 123 D.53 Structured Programming . 123 D.54 Suitable Programming languages . 124 D.55 Time Petri Nets . 125 D.56 Walkthroughs / Design Reviews . 125 D.57 Object Oriented Pr
37、ogramming 125 D.58 Traceability 126 BS EN 50657:2017EN 50657:2017 (E) 6 D.59 Metaprogramming . 126 D.60 Procedural programming 127 D.61 Clause intentionally left empty 127 D.62 Clause intentionally left empty 127 D.63 Clause intentionally left empty 127 D.64 Clause intentionally left empty 127 D.65
38、Data modelling 127 D.66 Control Flow Diagram/Control Flow Graph . 128 D.67 Sequence diagram 129 D.68 Tabular Specification Methods . 129 D.69 Application specific language 130 D.70 UML (Unified Modelling Language) 130 D.71 Domain specific languages . 131 D.72 Segregation . 131 Annex E (informative)
39、Changes in this European Standard compared to EN 50128:2011 133 Annex ZZ (informative) Relationship between this European Standard and the Essential Requirements of EU Directive 2008/57/EC . 139 Bibliography 140 Figures Figure 1 Illustrative Software Route Map 11 Figure 2 Illustration of the preferr
40、ed organizational structure 22 Figure 3 Illustrative Development Lifecycle 1 . 27 Figure 4 Illustrative Development Lifecycle 2 . 28 Tables Table 1 Relation between tool class and applicable numbered entries . 42 Table A.1 Lifecycle Issues and Documentation (5.3) 70 Table A.2 Software Requirements S
41、pecification (7.2) 72 Table A.3 Software Architecture (7.3). 73 Table A.4 Software Design and Implementation (7.3 and 7.4) . 74 Table A.5 Verification and Testing (6.2, 7.3 and 7.4). 75 Table A.6 Integration (7.6) . 75 Table A.7 Overall Software Testing (6.2 and 7.7) 75 Table A.8 Software Analysis T
42、echniques (6.3) 76 Table A.9 Software Quality Assurance (6.5) 76 Table A.10 Software Maintenance (9.2) 76 Table A.11 Data Preparation Techniques (8.4) 77 Table A.12 Coding Standards . 77 Table A.13 Dynamic Analysis and Testing 78 Table A.14 Functional/Black Box Test . 78 Table A.15 Intentionally lef
43、t empty . 78 BS EN 50657:2017EN 50657:2017 (E) 7 Table A.16 Intentionally left empty . 78 Table A.17 Modelling . 79 Table A.18 Performance Testing 79 Table A.19 Static Analysis . 79 Table A.20 Components 80 Table A.21 Test Coverage for Code 80 Table A.22 Object Oriented Software Architecture . 81 Ta
44、ble A.23 Object Oriented Detailed Design . 81 Table B.1 Requirements Manager Role Specification 83 Table B.2 Designer Role Specification. 84 Table B.3 Implementer Role Specification 85 Table B.4 Tester Role Specification . 86 Table B.5 Verifier Role Specification 87 Table B.6 Integrator Role Specifi
45、cation . 88 Table B.7 Validator Role Specification. 89 Table B.8 Assessor Role Specification 91 Table B.9 Project Manager Role Specification 93 Table B.10 Configuration Manager Role Specification 94 Table C.1 Documents Control Summary . 95 Table E.1 Correspondence between this European Standard and
46、EN 50128:2011 . 133 Table ZZ.1 Correspondence between this European Standard, the TSI “Locomotives and Passenger Rolling Stock” (REGULATION (EU) No 1302/2014 of 18 November 2014) and Directive 2008/57/EC . 139 BS EN 50657:2017EN 50657:2017 (E) 8 European foreword This document (EN 50657:2017) has be
47、en prepared by CLC/SC 9XB, “Electrical, electronic and electromechanical material on board rolling stock, including associated software”. The following dates are fixed: latest date by which this document has to be implemented at national level by publication of an identical national standard or by e
48、ndorsement (dop) 2018-05-08 latest date by which the national standards conflicting with this document have to be withdrawn (dow) 2020-05-08 Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. CENELEC shall not be held responsible for
49、 identifying any or all such patent rights. This document has been prepared under a mandate given to CENELEC by the European Commission and the European Free Trade Association, and supports essential requirements of EU Directive(s). For the relationship with EU Directive(s) see informative Annex ZZ, which is an integral part of this document. This document adapts EN 50128:2011 (prepared by CLC/SC 9XA “Communication, signalling and processing systems”) for the application in