![Show Menu](styles/mobile-menu.png)
![Page Background](./../common/page-substrates/page0247.jpg)
Functional Safety 2014
4
th
– 5
th
November 2014
Copyright © 2014 by Cenbee Bullock PFS Consulting Ltd
Page 11 of 14
The systematic capability for Application software should be designed, developed and verified against
the software safety lifecycle; i.e. the V-model in IEC61508-3 (see Fig 6). The requirements are different
according to the flexibility and complexity of the written language.
Fig. 6 Illustration of V-Model for Programmable Electronic System
Application Software consists of three different language types:
i.
Fixed programmable language (FPL) – no alteration is available in this programmable language;
changes are restricted to parameters of set point and alarm only; the software for the majority
of off-the-shelf smart transmitters is written in this type of language. The software is normally
verified and certified by the manufacturer’s engaged party; there is no mandatory
requirement to comply with the V-model.
ii.
Limited Variability Language (LVL) – this programmable language normally consists of pre-
defined application library functions that have been verified by a third party certifying body
or a subject qualified specialist. Limited changes may be available to specific functions only,
provided the supplier’s safety manual is followed (any additional functions should be verified
against IEC61508-3 to demonstrate the systematic capability). Software such as ladder logic
and function blocks are written in this language.
iii.
Full Variability Language (FVL) – this programmable language is more complex and provides
for a wide range of functionality and application. The software is normally written in C, C++,
and Pascal etc. The software should be verified using certified (utility) software tools and
checked by an independent assessor. All documentation including coding, developing and
testing must be traceable.