(30-06-2010, 05:52 PM)PJW Wrote: What is "interesting" is that the wording which I was querying (and Peter seems to be supporting me) re the different types of Safety Cases in Part A seems to be taken directly from the Yellow Book 18.3.6. Hmmm.......
I'll try to get some more clarity!
I have now obtained the views of another Safety Case professional (who would prefer that I didn't reveal their identity). Compare and contrast.....
The answers are pure generic textbook.
I would expect to see the description focus on the purpose and elements of an interlocking safety case not just a safety case in general.
For example
Generic Product Safety Cases (GPSC) will give the safety justifications related to a system or equipment independent of an application. GPSCs will be required for each hardware, software and interface element of the interlocking product. The GPSCs will form the safety baseline for the safety case build-up.
A Generic Application Safety Case (GASC) is the key document required for the general use of a new interlocking. This should provide the safety justifications for any changes made to the core products, as well as justifying the application and configuration of each item.
A GASC should cover interface hazard analysis, functional hazard analysis, data preparation process analysis, software regression analysis and safety validation.
An interlocking GASC should address critical aspects of the adaptation including the following areas:
* The specification, review and approval of the required signalling principles.
* Compliance of the interlocking with relevant standards.
* The approach to verification and validation of the interlocking principles, including the necessary competences of the staff involved.
* The design, review and approval of the interface circuits that connect to lineside equipment.
The Specific Application Safety Case (SASC) will reference a number of supporting Generic Product and Generic Application Safety Cases for the main constituents. It will also demonstrate that the overall specific application design and configuration is safe, that the defined data preparation processes have been followed, and that adequate testing has been carried out.
The key issue for the cross acceptance safety case is whether there is sufficient evidence of operation of the interlocking in its proposed configuration and build state in a similar environment, where the "environment" needs to relate to the signalling, and to an extent operational, principles.
PJW