HOME   Cart(0)   Quotation   About-Us Tax PDFs Standard-List Powered by Google www.ChineseStandard.net Database: 189759 (1 Sep 2024)

GB/T 41295.3-2022 PDF in English


GB/T 41295.3-2022 (GB/T41295.3-2022, GBT 41295.3-2022, GBT41295.3-2022)
Standard IDContents [version]USDSTEP2[PDF] delivered inName of Chinese StandardStatus
GB/T 41295.3-2022English230 Add to Cart 0-9 seconds. Auto-delivery. Application guide of functional safety - Part 3: Testing and verification Valid
Standards related to: GB/T 41295.3-2022
PDF Preview

GB/T 41295.3-2022: PDF in English (GBT 41295.3-2022)

GB/T 41295.3-2022 NATIONAL STANDARD OF THE PEOPLE’S REPUBLIC OF CHINA ICS 25.040 CCS N 10 Application guide of functional safety - Part 3: Testing and verification ISSUED ON: MARCH 09, 2022 IMPLEMENTED ON: OCTOBER 01, 2022 Issued by: State Administration for Market Regulation; Standardization Administration of the People’s Republic of China. Table of Contents Foreword ... 3  Introduction ... 4  1 Scope ... 5  2 Normative references ... 5  3 Terms and definitions... 5  4 Abbreviations ... 6  5 General ... 7  6 Hardware testing ... 9  7 Software testing ... 9  8 Integration testing... 11  9 Fault injection test ... 13  10 Validation testing ... 16  References ... 19  Application guide of functional safety - Part 3: Testing and verification 1 Scope This document specifies the testing and verification of functional safety systems, including hardware, software, integration and system-level tests that perform safety- related functions. This document applies to the functional safety system development stage, manufacturing stage, system integration stage, commissioning stage or field validation stage. Testing activities include internal testing and external testing of the team for functional safety system research and development. 2 Normative references The following documents, in whole or in part, are normatively referenced in this document and are indispensable for its application. For dated references, only the version corresponding to that date is applicable to this document; for undated references, the latest version (including all amendments) is applicable to this document. GB/T 20438.4-2017, Functional safety of electrical/electronic/programmable electronic safety-related systems - Part 4: Definitions and abbreviations IEC 61326-3-1, Electrical equipment for measurement, control and laboratory use - EMC requirements - Part 3-1: Immunity requirements for safety-related systems and for equipment intended to perform safety-related functions (functional safety) - General industrial applications IEC 61326-3-2, Electrical equipment for measurement, control and laboratory use - EMC requirements - Part 3-2: Immunity requirements for safety-related systems and for equipment intended to perform safety-related functions (functional safety) - Industrial applications with specified electromagnetic environment 3 Terms and definitions Terms and definitions determined by GB/T 20438.4-2017, and the following ones are applicable to this document. 3.1 functional safety system A system that performs safety-related functions, has functional safety-related characteristics, and satisfies a specific Safety Integrity Level (SIL). Note: The system here is a generalized concept that includes different levels, such as safety components, safety equipment or safety control systems. In an actual industrial process, the functional safety system may be a transmitter, a relay, a safety programmable controller or a safety instrumented system. [Source: GB/T 41295.1-2022, 3.6] 3.2 team for functional safety system research and development The liability subject for the design and development of functional safety systems. Note: Including functional safety system hardware developers, software developers, verification testers, functional safety managers, etc. [Source: GB/T 41295.2-2022, 3.2] 3.3 fault injection test A test method that artificially generates a failure mode in a functional safety system and verifies whether the response of the system in the failure state meets the safety requirements. [Source: GB/T 41295.2-2022, 3.4] 4 Abbreviations The following abbreviations apply to this document. EMC: Electromagnetic Compatibility FMEA: Failure Mode and Effect Analysis FMEDA: Failure Mode, Effect and Diagnostic Analysis HDL: Hardware Description Language MC/DC: Modified Condition/Decision Coverage SIL: Safety Integrity Level b) unexpected modifications or unexpected changes to embedded programs and applications; c) unexpected modification in the storage and exchange process of application data; d) unacceptable deviation in the accuracy of the analog input/output interface; e) response time of the communication process exceeding the allowable limit; f) scan cycle and response time within the component/system exceeding the allowable limits; g) clock error; h) cannot be initialized or reset normally; i) components/systems cannot be switched between different operating modes, such as "initialization", "normal operation", "failure", etc. 5.8 If an appropriate performance criterion has been defined in the relevant product standard, the performance criterion should be adopted. 6 Hardware testing 6.1 The hardware testing can be carried out by members of the hardware R&D team for functional safety system, and the personnel who perform the test should be different from the R&D personnel of this part of the hardware. 6.2 Consider planning hardware testing cases based on hardware detailed design. 6.3 If digital application-specific integrated circuits are used, the following tests need to be considered: a) module-level functional testing, such as: using (V)HDL test platform; b) top-level functional testing; c) functional testing of embedded environments; d) test through the simulation of gate-level netlist, including timing sequence, reference model, etc. 7 Software testing 7.1 Software testing can be carried out by members of the software R&D team for functional safety system, and the personnel who perform the testing need to be different from the R&D personnel of this part of the software. d) To verify whether the allowable online maintenance procedures, such as module replacement, operate as designed; e) To verify the correctness of the secure communication design. 9.5 Consider the following process for the flow of fault injection test: a) Collect required input materials, including detailed design of software and hardware, failure analysis report of software and hardware, etc.; b) Design fault injection test cases and form fault injection test plans; c) Prepare the fault injection system under test, test environment and test equipment, to check the function and performance of the system under test (see the performance criteria in Chapter 5) to ensure that there is no abnormality in the system before the test; d) Perform the fault injection test, and record the test time, phenomenon, personnel and other information; if a problem is found during the test, perform the design modification, and then return to the third step to restart the test. Whether completed tests need to be repeated depends on the impact of the design modification; e) Prepare a fault injection report. 9.6 Consider the following when determining fault injection test points: a) where the determination of the failure effect is not clear in the failure analysis, including the determination of whether safety or danger can be diagnosed; b) where the failure rate of the failure mode is relatively large; c) all diagnostic measures used for fault disclosure when the system is running; d) dedicated complex devices (such as analog-to-digital conversion chips) for specific functions; e) diagnostic measures implemented by software for the internal of some complex devices; f) fault diagnostic measures in the safety communication process. Note: Due to the large number of components/modules in the functional safety system, it is generally unrealistic to simulate the failure modes of all components/modules. It is necessary to screen out representative test points. By fault injection at representative test points, it can be demonstrated whether the diagnostic capabilities of this part of the signal chain are actually working. c) For systems above SIL2, carry out extended functional tests, that is, to test whether components/systems can enter or maintain a safe state when accidents other than those described in the safety requirements occur, or in extreme cases; d) According to the application of the functional safety system, black-box testing, worst-case testing and statistical testing should be carried out (specific descriptions are in accordance with Table 3). 10.3 For functional tests under environmental conditions (type tests), the following should be considered: a) The test items can demonstrate that the application environmental conditions defined in the safety requirements are met; b) Meet the type test in the application standard or product standard of the specific functional safety system field [such as the safety programmable logic controller meets the test requirements in IEC 61131 (all parts)], typically including climate test, mechanical test; c) Carry out type test through a third-party testing laboratory that complies with GB/T 27025-2019 accreditation rules. 10.4 For functional safety systems, it’s necessary to consider enhanced electromagnetic compatibility testing (EMC), including: a) Compared with conventional systems, functional safety systems need to be considered for enhanced electromagnetic compatibility tests. These tests are based on national or industry-mandated considerations with an appropriate increase in intensity, such as the time and number of tests, etc.; b) Use IEC 61000-1-2:2016 as a methodological guide for ensuring functional safety against electromagnetic phenomena; c) For systems that are not specifically stipulated for the functional safety EMC test content in international standards or national standards, the level strength of the electromagnetic compatibility test follows the relevant content of IEC 61326-3-1 and IEC 61326-3-2; d) For systems that have special provisions for functional safety EMC test content in international standards or national standards, the level strength of the electromagnetic compatibility test can be implemented in accordance with the requirements of these product or field standards [for example, programmable controllers shall conform to IEC 61131 (all part)]; e) Carry out the EMC test through a third-party testing laboratory that complies with the GB/T 27025-2019 accreditation rules and has the EMC standard test ......
 
Source: Above contents are excerpted from the PDF -- translated/reviewed by: www.chinesestandard.net / Wayne Zheng et al.