EURUSD
Your shopping cart is empty.
SIST

oSIST prEN 50126-4:2012

(Main)

Railway applications - The Specification and Demonstration of Reliability, Availability, Maintainability and Safety (RAMS) - Part 4: Functional Safety - Electrical/Electronic/Programmable electronic systems

Railway applications - The Specification and Demonstration of Reliability, Availability, Maintainability and Safety (RAMS) - Part 4: Functional Safety - Electrical/Electronic/Programmable electronic systems

Will supersede EN 50129:2003 * Full revision and re-organization of EN 50126 series needed to get a full set of standards covering the whole railway system * In hands of WG 14 * To be offered to IEC to revise IEC 62278 * D138/C125: Extension of the target date for vote approved to read 2013-03-31 * 2012-06-29 - Enquiry editing allocated to aclausse@cencenelec.eu

Bahnanwendungen - Spezifikation und Nachweis von Zuverlässigkeit, Verfügbarkeit, Instandhaltbarkeit und Sicherheit (RAMS) - Teil 4: Funktionale Sicherheit - Elektrische/Elektronische/Programmierbare elektronische Systeme

Applications ferroviaires - Spécification et démonstration de la fiabilité, de la disponibilité, de la maintenabilité et de la sécurité (FDMS) - Partie 4: Sécurité fonctionnelle - Systèmes électriques/électroniques/électroniques programmables

Železniške naprave - Specifikacija in prikaz zanesljivosti, razpoložljivosti, vzdrževalnosti in varnosti (RAMS) - 4. del: Funkcionalna varnost - Električno/Elektronsko/Programabilni elektronski sistemi

General Information

Status
Not Published
Public Enquiry End Date
30-Mar-2013
ICS
35.240.60 - IT applications in transport
45.020 - Railway engineering in general
Technical Committee
ŽEN - Electrical applications for railways
Current Stage
98 - Abandoned project (Adopted Project)
Start Date
11-Sep-2019
Due Date
16-Sep-2019
Completion Date
11-Sep-2019
Directive
2001/16/EC - Directive 2001/16/EC of the European Parliament and of the Council of 19 March 2001 on the interoperability of the trans-European conventional rail system
2008/57/EC - Directive 2008/57/EC of the European Parliament and of the Council of 17 June 2008 on the interoperability of the rail system within the Community (Recast)
96/48/EC - Interoperability of the trans-European high-speed rail system
Mandate
M/334 - Mandate for programming and standardisation addressed to CEN, CENELEC and ETSI in the field of the Interoperability of the trans-european conventional rail system
M/483 - Mandate for programming and standardisation addressed to the European standardisation bodies under directive 2008/57/EC in the field of the interoperability of the rail system within the European Union
Ref Project
prEN 50126-4 - Railway applications - The Specification and Demonstration of Reliability, Availability, Maintainability and Safety (RAMS) - Part 4: Functional Safety - Electrical/Electronic/Programmable electronic systems

Relations

Revised
SIST EN 50129:2003 - Railway applications - Communication, signalling and processing systems - Safety related electronic systems for signalling
Effective Date
07-Jun-2022
Revised
SIST EN 50129:2003 - Railway applications - Communication, signalling and processing systems - Safety related electronic systems for signalling
Effective Date
29-Mar-2013
oSIST prEN 50126-4:2013oSIST prEN 50126-4:2013
PreviousNext
Draft
oSIST prEN 50126-4:2013
English language
202 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day

Standards Content (Sample)


SLOVENSKI STANDARD
oSIST prEN 50126-4:2013
01-januar-2013
äHOH]QLãNHQDSUDYH6SHFLILNDFLMDLQSULND]]DQHVOMLYRVWLUD]SRORåOMLYRVWL
Y]GUåHYDOQRVWLLQYDUQRVWL 5$06 GHO)XQNFLRQDOQDYDUQRVW
(OHNWULþQR(OHNWURQVNR3URJUDPDELOQLHOHNWURQVNLVLVWHPL
Railway applications - The Specification and Demonstration of Reliability, Availability,
Maintainability and Safety (RAMS) - Part 4: Functional Safety -
Electrical/Electronic/Programmable electronic systems
Bahnanwendungen - Spezifikation und Nachweis von Zuverlässigkeit, Verfügbarkeit,
Instandhaltbarkeit und Sicherheit (RAMS) - Teil 4: Funktionale Sicherheit -
Elektrische/Elektronische/Programmierbare elektronische Systeme
Applications ferroviaires - Spécification et démonstration de la fiabilité, de la disponibilité,
de la maintenabilité et de la sécurité (FDMS) - Partie 4: Sécurité fonctionnelle -
Systèmes électriques/électroniques/électroniques programmables
Ta slovenski standard je istoveten z: prEN 50126-4:2012
ICS:
35.240.60 Uporabniške rešitve IT v IT applications in transport
transportu in trgovini and trade
45.020 Železniška tehnika na Railway engineering in
splošno general
oSIST prEN 50126-4:2013 en
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

oSIST prEN 50126-4:2013
oSIST prEN 50126-4:2013
DRAFT
EUROPEAN STANDARD
NORME EUROPÉENNE
October 2012
EUROPÄISCHE NORM
ICS Will supersede EN 50129:2003

English version
Railway applications -
The Specification and Demonstration of Reliability, Availability,
Maintainability and Safety (RAMS) -
Part 4: Functional Safety -
Electrical/Electronic/Programmable electronic systems

Applications ferroviaires -  Bahnanwendungen -
Spécification et démonstration de la fiabilité, de la Spezifikation und Nachweis von Zuverlässigkeit,
disponibilité, de la maintenabilité et de la sécurité Verfügbarkeit, Instandhaltbarkeit und Sicherheit
(FDMS) - (RAMS) -
Partie 4: Sécurité fonctionnelle - Teil 4: Funktionale Sicherheit -
Systèmes électriques/électroniques/électroniques Elektrische/Elektronische/Programmierbare
programmables elektronische Systeme

This draft European Standard is submitted to CENELEC members for CENELEC enquiry.
Deadline for CENELEC: 2013-03-29.

It has been drawn up by CLC/TC 9X.

If this draft becomes a European Standard, CENELEC members are bound to comply with the CEN/CENELEC Internal Regulations
which stipulate the conditions for giving this European Standard the status of a national standard without any alteration.

This draft European Standard was established by CENELEC in three official versions (English, French, German). A version in any other
language made by translation under the responsibility of a CENELEC member into its own language and notified to the CEN-CENELEC
Management Centre has the same status as the official versions.

CENELEC members are the national electrotechnical committees of Austria, Belgium, Bulgaria, Croatia, Cyprus, the Czech Republic,
Denmark, Estonia, Finland, Former Yugoslav Republic of Macedonia, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia,
Lithuania, Luxembourg, Malta, the Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland,
Turkey and the United Kingdom.

Recipients of this draft are invited to submit, with their comments, notification of any relevant patent rights of which they are aware and to
provide supporting documentation.

Warning : This document is not a European Standard. It is distributed for review and comments. It is subject to change without notice
and shall not be referred to as a European Standard.

CENELEC
European Committee for Electrotechnical Standardization
Comité Européen de Normalisation Electrotechnique
Europäisches Komitee für Elektrotechnische Normung

Management Centre: Avenue Marnix 17, B - 1000 Brussels

© 2012 CENELEC - All rights of exploitation in any form and by any means reserved worldwide for CENELEC members.
Project: 21754 Ref. No. prEN 50126-4:2012 E

oSIST prEN 50126-4:2013
7001 Contents Page
7002 Foreword . 6
7003 Introduction . 8
7004 1 Scope . 9
7005 2 Normative references . 10
7006 3 Terms and definitions . 10
7007 4 Abbreviations. 11
7008 5 Overall Framework of the Part 4 . 13
7009 6 E/E/PE systems management and organisation . 15
7010 6.1 Lifecycle Issues and Documentation . 15
7011 6.2 Organisation, Roles and Responsibilities . 18
7012 6.3 Personnel Competence . 20
7013 7 E/E/PE systems assurance . 21
7014 7.1 Analysis . 21
7015 7.2 Testing . 23
7016 7.3 Verification. 24
7017 7.4 Validation. 26
7018 7.5 Independent Assessment. 29
7019 7.6 Quality Assurance . 31
7020 7.7 Safety Management . 33
7021 7.8 Configuration Management and Modification Control . 35
7022 7.9 Support Tools . 37
7023 8 E/E/PE system development: system aspects . 39
7024 8.1 Additional Requirements for E/E/PE Architecture . 39
7025 8.2 Integration and Validation . 45
7026 9 E/E/PE development: Generic hardware . 52
7027 9.1 Hardware Component Specification . 52
7028 9.2 Hardware Component Implementation . 54
7029 9.3 Hardware Component Validation . 55
7030 10 E/E/PE development: Configurable hardware . 56
7031 10.1 Requirements . 56
7032 11 E/E/PE systems operation and maintenance . 56
7033 11.1 Planning & Organisation . 56
7034 11.2 System Deployment . 58
7035 11.3 Operation and Maintenance including Performance Monitoring . 60
7036 11.4 Modification . 63
7037 Annex A (normative) Techniques/Measures . 64
7038 Annex B (normative) Electronic/Electrical Component failure modes . 77
7039 B.1 Introduction. 77
7040 B.2 General Procedure . 77
7041 B.3 Procedure for Integrated Circuits (including Microprocessors) . 77
7042 B.4 Procedure for Electronic/Electrical Components with Inherent Physical Properties . 78
7043 B.5 General Observations concerning Electronic/Electrical Component Failure Modes . 79

oSIST prEN 50126-4:2013
- 3 - prEN 50126-4:2012
7044 B.6 Additional General Observations, concerning Electronic/Electrical Components with
7045 Inherent Physical Properties . 79
7046 B.7 Specific Observations concerning Electronic/Electrical Components with Inherent
7047 Physical Properties . 80
7048 Annex C (normative) Key Hardware/System Safety Roles and Responsibilities . 97
7049 Annex D (informative) Technical Recommendations for SIL3 and SIL4 functions . 110
7050  Introduction. 110
D.1
7051 D.2 Achievement of Physical Internal Independence . 110
7052 D.3 Achievement of Physical External Independence . 111
7053 D.4 Single-fault Detection . 112
7054 D.5 Multiple-fault Detection . 113
7055 Annex E (informative) Guidance on Programmable Devices . 117
7056  Introduction. 117
E.1
7057 E.2 Relation to EN 50126-5 . 118
7058 E.3 Pre-existing programmable devices . 133
7059 Annex F (normative) Previously Developed Hardware (PDH) and Commercial Off The Shelf
7060 Hardware (COTSH) . 134
7061 Annex G (informative) Structure of Hardware/Systems Safety Cases . 136
7062 G.1 Generic Product Safety Case Guidance for E/E/PE . 136
7063 G.2 Generic Application Safety Case Guidance for E/E/PE . 145
7064 G.3 Specific Application Safety Case Guidance for E/E/PE . 145
7065 G.4 Cross-Acceptance Safety Case Guidance for E/E/PE . 146
7066 G.4.1Cross-Acceptance Process . 146
7067 Annex H (informative) Bibliography of techniques . 149
7068 H.1 Introduction. 149
7069 H.2 Techniques . 161
7071 Figure 1 – Illustrative Development Lifecycle . 16
7072 Figure 2 – Illustrative Development and System Integration Lifecycle . 17
7073 Figure 3 – Independence and Combination of Roles versus Safety Integrity Levels . 19
7074 Figure 4 – Detection and negation of single faults . 42
7075 Figure B.1 – Example of a 4-terminal Resistor using a hybrid thick layer technique . 80
7076 Figure D.1 –Single-fault and Multiple-fault detection conditions . 114
7077 Figure G.2 – Structure of Technical Safety Report . 138
7079 Table 1 – Relation between Tool Class and applicable paragraphs of this subclause . 39
7080 Table A.1 – Lifecycle Issues and Documentation . 65
7081 Table A.2 – Safety Planning and Quality Assurance Activities . 66
7082 Table A.3 – System Requirements Specification . 67
7083 Table A.4 – Safety Organisation . 68
7084 Table A.5 – Architecture of System/Subsystem/Equipment . 69
7085 Table A.6 – Design Features . 70
7086 Table A.7 – Failure and Hazard Analysis Methods . 72
7087 Table A.8 – Design and Development of System/Sub-system/Item . 73
7088 Table A.9 – Design Phase Documentation . 73
7089 Table A.10 – Verification and Validation of the System and Product Design . 74

oSIST prEN 50126-4:2013
7090 Table A.11 – Application, Operation and Maintenance . 75
7091 Table A.12 – Functional Testing . 75
7092 Table A.13 – Performance Testing . 75
7093 Table A.14 – Hardware Safety Analysis . 76
7094 Table B.1 – Resistor and adjustable resistor (excluding 4-terminal resistor) . 85
7095 Table B.2 – 4 Terminal Resistors . 85
7096 Table B.3 – Capacitor and adjustable capacitor (excluding 4-terminal capacitor). 85
7097 Table B.4 – 4-Terminal Capacitors . 86
7098 Table B.5 – Electromagnetic Components-Inductor . 86
7099 Table B.6 – Electromagnetic Components-Transformer . 86
7100 Table B.7 – Electromagnetic Components-Transductor (saturable reactor or magnetic amplifier). 87
7101 Table B.8 – Electromagnetic Components-Relays . 88
7102 Table B.9 – Diodes- Normal diode (power, signal, switching) . 88
7103 Table B.10 – Diodes-Zener Diodes . 89
7104 Table B.11 – Transistors-Bipolar . 89
7105 Table B.12 – Transistors-Field Effect (FET) . 90
7106 Table B.13 – Silicon - controlled rectifier (SCR) (thyristor) . 91
7107 Table B.14 – Bidirectional thyristor (triac) . 91
7108 Table B.15 – Surge Suppressors - Voltage-dependent resistor (VDR) (varistor) . 92
7109 Table B.16 – Surge Suppressors-Protective Diode . 92
7110 Table B.17 – Surge Suppressors-Gas Discharge Arrester . 92
7111 Table B.18 – Surge Suppressors-Air Gap Arrester . 92
7112 Table B.19 – Opto-electronic Components-Photo Diode . 92
7113 Table B.20 – Opto-electronic Components-Photo Transistor . 93
7114 Table B.21 – Opto-electronic Components- Light-emitting diode (LED) . 93
7115 Table B.22 - Opto-electronic Components- Optocoupler and self-contained fibre-optic system. 93
7116 Table B.23 – Filters-Crystal . 93
7117 Table B.24 – Filters-Mechanical Resonator (turning fork/reed/pendulum) . 94
7118 Table B.25 – Interconnection Assemblies-Printed Circuit Board . 94
7119 Table B.26 – Interconnection Assemblies-Connector . 94
7120 Table B.27 – Interconnection Assemblies-Cable and Wire . 94
7121 Table B.28 – Interconnection Assemblies-Connection (soldered, welded, wrapped, crimped, clipped,
7122 screwed) . 95
7123 Table B.29 – Interconnection Assemblies – Fibreoptic Cable . 95
7124 Table B.30 – Interconnection Assemblies-Fibreoptic Connector . 95
7125 Table B.31 – Fuses . 95
7126 Table B.32 – Switches and Push/pull Buttons . 95
7127 Table B.33 – Lamps . 95
7128 Table B.34 – Batteries. 96
7129 Table B.35 – Transducers/sensors . 96
7130 (not including those with internal electronic circuitry) . 96
7131 Table B.36 – Integrated Circuits-Analogue Devices . 96
7132 Table B.37 – Integrated Circuits-Digital Devices . 96

oSIST prEN 50126-4:2013
- 5 - prEN 50126-4:2012
7133 Table B.38 – Integrated Circuits-Microprocessors . 96
7134 Table C.1 – Hardware/System Requirements Manager Role Specification . 97
7135 Table C.2 – Hardware/System Designer Role Specification . 98
7136 Table C.3 – Hardware/System Implementer Role Specification . 99
7137 Table C.4 – Hardware/System Tester Role Specification . 100
7138 Table C.5 – Hardware/System Verifier Role Specification . 101
7139 Table C.6 – Hardware/System Integrator Role Specification . 102
7140 Table C.7 – Hardware/System Validator Role Specification . 103
7141 Table C.8 – Hardware/System Assessor Role Specification . 104
7142 Table C.9 – Hardware/System Project Manager Role Specification . 105
7143 Table C.10 – Hardware/System Configuration Manager Role Specification . 106
7144 Table C.11 – Hardware/System Maintenance Manager Role Specification . 107
7145 Table C.12 – Hardware/System Operations Manager Role Specification . 108
7146 Table C.13 – Hardware/System Safety Manager Role Specification . 109
7147 Table D.1 - Measures to detect faults in integrated circuits by means of periodic on-line testing . 115
7148 Table E.1 – Design (including all activities pre-synthesis) . 122
7149 Table E.2 – Synthesis . 123
7150 Table E.3 – Placement, Routing . 124
7151 Table E.4 – Description for techniques/measures from Design. 125
7152 Table E.5 – Description for techniques/ measures from Synthesis . 129
7153 Table E.6 – Description for techniques/ measures from Placement, Routing and Layout Generation . 131
7154 Table H.1 – Properties of techniques . 152
oSIST prEN 50126-4:2013
7157 Foreword
7158 This document [prEN 50126-4:2012] has been prepared by CLC/TC 9X "Electrical and electronic
7159 applications for railways".
7160 This document is currently submitted to the Enquiry.
7161 EN 50126 "Railway applications – The specification and demonstration of Reliability, Availability,
7162 Maintainability and Safety (RAMS)" consists of the following parts:
7163 – Part 1: Generic RAMS process;
7164 – Part 2: Systems approach to safety;
7165 – Part 4: Functional safety – Electrical/Electronic/Programmable electronic systems;
7166 – Part 5: Functional safety – Software.
7167 This new edition of EN 50126 (all parts) will supersede EN 50126-1:1999, CLC/TR 50126-2:2007,
7168 CLC/TR 50126-3:2008, EN 50128:2011 and EN 50129:2003.
7169 This part of EN 50126 covers the functional safety for E/E/PE. It is mainly based on EN 50129:2003.
7170 This part of EN 50126 will supersede EN 50129:2003.
7171 This document has been prepared under a mandate given to CENELEC by the European Commission
7172 and the European Free Trade Association, and supports essential requirements of EU Directive(s).

oSIST prEN 50126-4:2013
- 7 - prEN 50126-4:2012
oSIST prEN 50126-4:2013
7174 Introduction
7175 EN 50126-1:1999 was produced to introduce the application of a systematic RAMS management process
7176 in the railway sector. For safety related electronic systems for signalling EN 50128:2011 and
7177 EN 50129:2003 were produced. Through the application of these standards and the experiences gained
7178 over the last years, the need for revision and restructuring became apparent with a need to deliver a
7179 systematic and coherent approach to RAMS applicable to all the railway application fields Signalling,
7180 Rolling Stock and Electric power supply for Railways (Fixed Installations).
7181 The revision work improved the coherency and consistency of the standards, the concept of safety
7182 management and the practical usage of EN 50126, and took into consideration the existing and related
7183 Technical Reports as well.
7184 This European Standard provides railway duty holders and the railway suppliers, throughout the
7185 European Union, with a process which will enable the implementation of a consistent approach to the
7186 management of reliability, availability, maintainability and safety, denoted by the acronym RAMS.
7187 Processes for the specification and demonstration of RAMS requirements are cornerstones of this
7188 standard. This European Standard promotes a common understanding and approach to the management
7189 of RAMS.
7190 EN 50126 is the railway sector specific application of IEC 61508. Meeting the requirements in this
7191 European Standard is sufficient to ensure that additional compliance to IEC 61508 does not need to be
7192 evaluated.
7193 With regard to safety, EN 50126-1 provides a Safety Management Process which is supported by
7194 guidance and methods described in EN 50126-2.
7195 EN 50126-1 and EN 50126-2 are independent from the technology used. EN 50126-4 and EN 50126-5
7196 provide guidance specific to safety related E/E/PE technology of railway applications. Their application is
7197 determined through the application of the general RAMS process of EN 50126-1 and through the
7198 outcome of the safety related methods described in EN 50126-2. As far as safety is concerned, EN 50126
7199 takes the perspective of functional safety. This does not exclude other aspects of safety. However, these
7200 are not the focus.
7201 The aims set for revision of the EN 50126 standard required a better understanding of the systems
7202 approach and improved methods for applying the safety management process described in EN 50126-1.
7203 EN 50126-2 provides this guidance.
7204 The application of this standard should be adapted to the specific requirements of the system under
7205 consideration.
7206 This European Standard can be applied systematically by the railway duty holders and railway suppliers,
7207 throughout all phases of the life cycle of a railway application, to develop railway specific RAMS
7208 requirements and to achieve compliance with these requirements. The systems-level approach
7209 developed by this European Standard facilitates assessment of the RAMS interactions between elements
7210 of railway applications even if they are of complex nature.
7211 This European Standard promotes co-operation between the stakeholders of Railways in the
7212 achievement of an optimal combination of RAMS and cost for railway applications. Adoption of this
7213 European Standard will support the principles of the European Single Market and facilitate European
7214 railway inter-operability.
7215 The process defined by this European Standard assumes that railway duty holders and railway suppliers
7216 have business-level policies addressing Quality, Performance and Safety. The approach defined in this
7217 standard is consistent with the application of quality management requirements contained within the
7218 ISO 9000 series of International standards.

oSIST prEN 50126-4:2013
- 9 - prEN 50126-4:2012
7219 1 Scope
7220 This part of EN 50126
7221 • is intended to apply to all safety-related electronic (E/E/PE) railway systems/sub-system/hardware.
7222 However, the hazard analysis and risk assessment processes defined in EN 50126-1 and in this part
7223 are necessary for all railway systems/sub-systems/hardware, in order to identify any safety
7224 requirements. The relevant methods are provided by EN 50126-2. If analysis reveals that no safety
7225 requirements exist (i.e.: that the situation is non-safety-related), and provided the conclusion is not
7226 revised as a consequence of later changes, this part of EN 50126 ceases to be applicable;
7227 • is applicable to safety-related electronic systems (including sub-systems and hardware) for railway
7228 applications;
7229 • is primarily applicable to systems/sub-systems/hardware which have been specifically designed and
7230 manufactured for railway applications. It should also be applied, as far as reasonably practicable, to
7231 general-purpose or industrial hardware (e.g.: power supplies, modems, etc.), which is procured for
7232 use as part of a safety-related railway system. As a minimum, evidence shall be provided in such
7233 cases to demonstrate:
7234 - either that the hardware is not relied on for safety,
7235 - or that the hardware can be relied on for those functions which relate to safety;
7236 • applies
7237 - to the specification, architecture, design, construction, implementation, integration,
7238 manufacturing, installation, acceptance, operation, maintenance and modification/extension
7239 phases of the system /subsystem and hardware, and also to individual sub-systems and
7240 hardware within the overall system as determined by the process in EN 50126-1 and supported
7241 by the methods in EN 50126-2.
7242 - to generic sub-systems and hardware (both application-independent and those intended for a
7243 particular class of application), and also to systems/sub-systems/hardware for specific
7244 applications;
7245 • addresses railway specifics;
7246 • does not define
7247 - RAMS targets, quantities, requirements or solutions for specific railway applications
7248 - rules or processes pertaining to the certification of railway products against the requirements of
7249 this standard
7250 - an approval process by the safety authority;
7251 • does not specify requirements for ensuring system security.
7252 This part of EN 50126 is applicable
7253 • to the specification and demonstration of safety for all railway applications and at all levels of such an
7254 application, as appropriate, from complete railway systems to major systems and to individual and
7255 combined sub-systems and hardware components within these major systems, including those
7256 containing software; in particular:
7257 - to new systems
7258 - to new systems integrated into existing systems in operation prior to the creation of this standard,
7259 although it is not generally applicable to other aspects of the existing system;
7260 - for modifications of existing systems in operation prior to the creation of this standard, although it
7261 is not generally applicable to other aspects of the existing system.
7262 - at all relevant phases of the life cycle of an application;
7263 - for use by railway duty holders, railway suppliers, assessors and safety authorities.

oSIST prEN 50126-4:2013
7264 Application of EN 50126-4 follows from SIL allocation to system/subsystem/hardware through applying
7265 the processes described in EN50126-1 and methods described by EN 50126-2. Given the relative
7266 maturity of most electrical systems, this part of EN 50126 is largely applicable to Electronic and
7267 Programmable Electronic sub-systems, systems and hardware.
7268 NOTE Guidance on the applicability is given in the requirements of this standard.
7269 Existing systems compliant with any version of former EN 50126, EN 50128 or EN 50129 shall not be
7270 subject of reconsideration and are considered as compliant with this standard.
7271 Railway applications mean Command, Control & Signalling, Rolling Stock and Fixed Installations for
7272 Railways (e.g. Electric Power Supply).
7273 2 Normative references
7274 The following documents, in whole or in part, are normatively referenced in this document and are
7275 indispensable for its application. For dated references, only the edition cited applies. For undated
7276 references, the latest edition of the referenced document (including any amendments) applies.
7277 prEN 50126-1:2012, Railway applications – The Specification and Demonstration of Reliability,
7278 Availability, Maintainability and Safety (RAMS) – Part 1: Generic RAMS process
7279 EN 50121 (all parts), Railway applications – Electromagnetic compatibility
7280 EN 50124 (all parts), Railway applications – Insulation coordination
7281 EN 50125 (all parts), Railway applications – Environmental conditions for equipment
7282 EN 50155, Railway applications – Electronic equipment used on rolling stock
7283 EN 50159, Railway applications – Communication, signalling and processing systems – Safety-related
7284 communication in transmission systems
7285 ISO 9001, Quality management systems – Requirements
7286 ISO/IEC GUIDE 51, Safety aspects – Guidelines for their inclusion in standards
7287 3 Terms and definitions
7288 For the purposes of this document, the terms and definitions given in prEN 50126-1:2012 and the
7289 following apply:
7290 3.1
7291 change control board
7292 entity that supervises and authorises change throughout the life cycle
7293 3.2
7294 hardware component
7295 hardware component is a constituent part of a sub-system which has well-defined interfaces and
7296 behaviour with respect to the system/sub-system architecture and design and fulfils the following criteria:
7297 a) an electrical/electronic component or assembly delivering a specific function;
7298 b) it covers a specific subset of sub-system requirements;
7299 c) it is clearly identified and has an independent version inside the configuration management system
7300 or is a part of a collection of components (e. g. subsystems) which have an independent version
7301 3.3
7302 maintenance manager
7303 entity responsible for implementation and upkeep of maintenance procedures and standards ensuring
7304 safe and reliable performance of the system.
7305 3.4
7306 release note
7307 documented record of all application and maintenance conditions for safe operation, across life cycle
7308 phases
oSIST prEN 50126-4:2013
- 11 - prEN 50126-4:2012
7309 3.5
7310 safety manager
7311 entity that is responsible for the correct accomplishment of the safety management
7312 4 Abbreviations
7313 For the purposes of this document, the following abbreviations apply.
7314 4.1 ASR: assessor
7315 4.2 BPA: Bent Pin Analysis
7316 4.3 CA: Contingency Analysis
7317 4.4 CCD: Cause Consequence Diagrams
7318 4.5 CCF: Common Cause Failures
7319 4.6 CCFA: Common Cause Failure Analysis
7320 4.7 CFMA: Cable Failure Matrix Analysis
7321 4.8 ClD: Class Diagram
7322 4.9 CoD: Component Diagram
7323 4.10 COTSH Commercial off the Shelf Hardware
7324 4.11 CPLD : Complex Programmable Logic Device
7325 4.12 CPU: Central Processing Unit
7326 4.13 CT: Certified Tool / Certified Translator
7327 4.14 DA: Design Analysis
7328 4.15 DC: Direct Current
7329 4.16 DES: Designer
7330 4.17 DIA: Design Interface Analysis
7331 4.18 DRC: Design Rule Check
7332 4.19 DSL: Domain Specific Language
7333 4.20 EAM: Error Avoiding Method
7334 4.21 EPLD : Erasable Programmable Logic Device
7335 4.22 ESD: Electrostatic Discharge
7336 4.23 ETA: Event Tree Analysis
7337 4.24 ETBA: Energy Trace and Barrier Analysis
7338 4.25 FET: Transistors-Field Effect
7339 4.26 FI: Fagan Inspection
7340 4.27 FPGA: Field-programmable Gate Array
7341 4.28 FT: Fault Tree
7342 4.29 GD: Graceful Degradation

oSIST prEN 50126-4:2013
7343 4.30 HAZOP: Hazard and Operability Study
7344 4.31 HOL: Higher Order Logic
7345 4.32 HW: Hardware
7346 4.33 IC: Integrated Circuit
7347 4.34 ID: Identifier
7348 4.35 IMP: implementer
7349 4.36 INT: integrator
7350 4.37 LCA: Logic Cell Array
7351 4.38 LED: Light-emitting Diode
7352 4.39 LRU: Line Replaceable Unit
7353 4.40 MBT: Model Based Testing
7354 4.41 MCS: Monte-Carlo Simulation
7355 4.42 O&SHA: Operating and Support Hazard Analysis
7356 4.43 ORR: Operational Readiness Review
7357 4.44 PAL: Programmable Array Logic
7358 4.45 PD: Programmable Device
7359 4.46 PDH Previously Developed Hardware
7360 4.47 PHA: Preliminary Hazard Analysis
7361 4.48 PHL: Preliminary Hazard List
7362 4.49 PJM: project manager
7363 4.50 PLA: Programmable Logic Array
7364 4.51 PLD : Programmable Logic Device
7365 4.52 RBD: Reliability Block Diagram
7366 4.53 RCA: Root Cause Analysis
7367 4.54 RPN: Risk Priority Number
7368 4.55 RQM: requirements manager
7369 4.56 SB: Safety Bag
7370 4.57 SCA: Sneak Circuit Analysis
7371 4.58 SCD: State Chart Diagram
7372 4.59 SCR: Silicon-controlled Rectifier
7373 4.60 SeD: Sequence Diagram
7374 4.61 SoPC: System on Programmable Chip
7375 4.62 SRAC: Safety Related Application Conditions

oSIST prEN 50126-4:2013
- 13 - prEN 50126-4:2012
7376 4.63 SSA: System Safety Analysis
7377 4.64 STA: Static Timing Analysis
7378 4.65 SW: Software
7379 4.66 TL: Temporal Logic
7380 4.67 TO: Test Oracle
7381 4.68 TPN: Time Petri Nets
7382 4.69 TST: tester
7383 4.70 UML: Unified Modelling Language
7384 4.71 VAL: validator
7385 4.72 VDR: Voltage-dependent Resistor
7386 4.73 VER: verifier
7387 4.74 VHDL: Verilog Hardware Description Language
7388 4.75 WDR: Walkthrough / Design Review
7390 5 Overall Framework of the Part 4
7391 This part of the EN 50126 suite of standards addresses the application of the safety life cycle to electronic
7392 hardware and integrated systems comprising electrical, electronic and programmable electronic hardware
7393 and software. The principal purpose of this suite of standards is to support the design, development,
7394 production and operation of acceptably safe products, systems and processes aimed at railway
7395 applications. In this spirit, the approval, acceptance or certification constitute a secondary potential
7396 benefit arising from compliance with this suite of standards. EN 50126-4 and EN 50126-5 of the standard
7397 suite address technology specific safety requirements and are complementary to the requirements and
7398 the framework developed in EN 50126-1 and EN 50126-2 which shall also be complied with. The
7399 standard addresses the management, organisation and overall electronic systems assurance including
7400 the safety requirements applicable to generic and configurable hardware. The system aspects of
7401 electronic system development are also addressed together with the requirements for manufacturing,
7402 deployment, operation and maintenance.
7403 The overall scope of this standard includes electrical, electronic and programmable electronic hardware
7404 with fixed embedded logic, configurable hardware, integrated electronic systems comprising hardware
7405 and software and electronic sub-systems with fixed or configurable logic.
7406 A part from hardware, sub-systems and integrated systems, this standard places requirements for
7407 management, organisation and the competency of the people who assume various roles in the safety life
7408 cycle of electronic hardware and systems. This is in recognition of the major impact of the organisational
7409 and competency aspects on the overall reduction of the systematic errors which are otherwise likely to
7410 remain embedded in the design and production of electronic hardware and systems.
7411 The overall structure of this standard addresses key safety life cycle requirements in the design,
7412 development, deployment and maintenance of electrical, electronic and programmable electronic
7413 systems and hardware. Where appropriate, the structure in this standard is aligned with the software
7414 standard in EN 50126-5 to provide a familiar and systematic approach across the related disciplines.
7415 Clauses 6 and 7 of this standard set out the common requirements for life cycle phases defined in
7416 Clauses 8-11. The chapters are structured to state the objectives, inputs, requirements and the outputs
7417 pertinent to each phase of the life cycle.

oSIST prEN 50126-4:2013
7418 Clause 6 sets out the generic management and organisational requirements pertinent to electronic
7419 systems addressing documentation, roles, requisite competencies, responsibilities of key personnel and
7420 the required independence between the roles.
7421 Clause 7 sets out the generic system assurance requirements addressing hardware, software and
7422 hardware/software integration aspects including quality management, safety management, configuration
7423 and change management and support tools.
7424 Clause 8 sets out the system aspects addressing requirements for system architecture, implementation,
7425 integration, manufacturing, installation and commissioning and final acceptance.
7426 Clause 9 sets out the requirements for the development of generic electronic
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

This May Also Interest You

SIST
SIST-TP CLC/TR 50542-2:2025(Main)
Railway applications - Driver's cab Train Display Controller (TDC) - Part 2: Display systems FIS
CLC/TR 50542-2:2025

The scope of this document is the definition of the functional interface between TDC and DMIs.
[Figure 1]
The DMIs are those defined and considered in CLC/TR 50542 1:2025.
The TDC is defined in CLC/TR 50542 1:2025.
NOTE 1   The conversion of physical signals into numerical representation is out of scope.
NOTE 2   The term DMI is used in this clause as synonym for display.

  • Technical report
    12 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST-TP CLC/TR 50542-1:2025(Main)
Railway applications - Driver's cab train display controller (TDC) - Part 1: General architecture
CLC/TR 50542-1:2025

In accordance with the ERTMS/ETCS specifications (mainly Subset 026 and ERA_ERTMS_015560 document), UIC 612 leaflet, EN 50126 (series), EN 16186 (series) and EN 61375 (series) requirements, this Technical Report describes the Train Display System (TDS) in the driver’s cab which comprises the Train Display Controller (TDC) and the following six interfaces:
-   Interface with Command Control Display (CCD),
-   Interface with Train Radio Display (TRD),
-   Interface with Electronic Timetable Display (ETD),
-   Interface with Technical and Diagnostic Display (TDD),
-   Interface with ETCS Onboard systems and the interfaced STMs, which is excluded from the scope of this document,
-   Interface with Other Onboard Systems.
[Figure 1]
NOTE   Dotted lines are not described by this document.
The scope of this document is to define the functional architecture around the (TDC).
This document excludes the following items:
-   Communication protocols (e.g. EN 61375 series);
-   Ergonomic aspects;
-   Interface with ETCS Onboard systems and the interfaced STMs;
-   Train functions;
-   GSM-R EIRENE functions;
-   Use of the displays as terminals for maintenance purpose.

  • Technical report
    19 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN 50716:2024(Main)
Railway Applications - Requirements for software development
EN 50716:2023

1.1 This document specifies the process and technical requirements for the development of software for programmable electronic systems for use in:
- control, command for signalling applications,
- applications on-board of rolling stock.
This document is not intended to be applied in the area of electric traction power supply (fixed installations) or for power supply and control of conventional applications, e.g. station power supply for offices, shops. These applications are typically covered by standards for energy distribution and/or non-railway sectors and/or local legal frameworks.
1.2 This document is applicable exclusively to software and the interaction between software and the system of which it is part.
1.3 Intentionally left blank
1.4 This document applies to software as per subclause 1.1 of this document used in railway systems, including:
- application programming,
- operating systems,
- support tools,
- firmware.
Application programming comprises high level programming, low level programming and special purpose programming (for example: programmable logic controller ladder logic).
1.5 This document also addresses the use of pre-existing software (as defined in 3.1.16) and tools. Such software can be used if the specific requirements in 7.3.4.7 and 6.5.4.16 on pre-existing software and for tools in 6.7 are fulfilled.
1.6 Intentionally left blank
1.7 This document considers that modern application design often makes use of software that is suitable as a basis for various applications. Such software is then configured by application data for producing the executable software for the application.
1.8 Intentionally left blank
1.9 This document is not intended to be retrospective. It therefore applies primarily to new developments and only applies in its entirety to existing systems if these are subjected to major modifications. For minor changes, only 9.2 applies. However, application of this document during upgrades and maintenance of existing software is advisable.
1.10 For the development of User Programmable Integrated Circuits (e.g. field programmable gate arrays (FPGA) and complex programmable logic devices (CPLD)) guidance is provided in EN 50129:2018 Annex F for safety related functions and in EN 50155:2017 for non-safety related functions. Software running on softcore processors of User Programmable Integrated Circuits is within the scope of this document.

  • Standard
    125 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN 50668:2021(Main)
Railway applications - Signalling and control systems for non UGTMS Urban Rail systems
EN 50668:2019

This document specifies minimum functional requirements for urban rail signalling and control systems
-   which operate on line of sight or using automatic interlock signalling with intermittent train control,
-   not covered by the existing UGTMS standard EN 62290 series,
-   not forming a part of an urban traffic control system but possibly interfaced with such systems.
The document is restricted to minimum functional requirements which allow users to define more specific requirements based on the given framework of the system requirements at top level. This document is not applicable to command and control systems for urban rail using continuous data transmission and continuous supervision of train movements by train protection profile (already covered by the EN 62290 series).

  • Standard
    29 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN 50128:2011/A2:2020(Amendment)
Railway applications - Communication, signalling and processing systems - Software for railway control and protection systems
EN 50128:2011/A2:2020

Unchanged with respect to the current edition EN 50128:2011.
Scope of the amendment:
- Alignment with EN 50126-1:2017, EN 50126-2:2017 and EN 50129:2018 together with minor corrections

  • Amendment
    14 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN 50159:2010/A1:2020(Amendment)
Railway applications - Communication, signalling and processing systems - Safety-related communication in transmission systems
EN 50159:2010/A1:2020

2021: CLC legacy converted by DCLab NISOSTS

  • Amendment
    4 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN 50128:2011/A1:2020(Amendment)
Railway applications - Communication, signalling and processing systems - Software for railway control and protection systems
EN 50128:2011/A1:2020

2021: CLC legacy converted by DCLab NISOSTS

  • Amendment
    4 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN 50129:2019/AC:2019(Corrigendum)
Railway applications - Communication, signalling and processing systems - Safety related electronic systems for signalling
EN 50129:2018/AC:2019-04

CCMC - reference corrected.

  • Corrigendum
    1 page
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST-TP CLC/TR 50542-1:2019(Main)
Railway applications - Driver's cab train display controller (TDC) - Part 1: General architecture
CLC/TR 50542-1:2018

In accordance with the ERTMS/ETCS specifications, Subset 121, UIC 612 leaflet, ERA_ERTMS_015560 document, EN 50126 and EN 61375 series requirements, this Technical Report describes the Train Display System (TDS) in the driver’s cab, and the link between the TDS/TDC and some of its interfaces (Blue box and blue links only):
[figure]
Figure 1 - Functional architecture
The scope of this document is to define the functional architecture around the TDC.
This Technical Report excludes the following items:
-   Communication protocols (e.g. EN 61375 series);
-   Ergonomic aspects;
-   Interface with ETCS (Subset 121);
-   Train functions;
-   GSM-R EIRENE functions;
-   Use of the displays as terminals for maintenance purpose.

  • Technical report
    20 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN 50129:2019(Main)
Railway applications - Communication, signalling and processing systems - Safety related electronic systems for signalling
EN 50129:2018

This document is applicable to safety-related electronic systems (including subsystems and equipment) for railway signalling applications.
This document applies to generic systems (i.e. generic products or systems defining a class of applications), as well as to systems for specific applications.
The scope of this document, and its relationship with other CENELEC standards, are shown in Figure 1.
This document is applicable only to the functional safety of systems. It is not intended to deal with other aspects of safety such as the occupational health and safety of personnel. While functional safety of systems clearly can have an impact on the safety of personnel, there are other aspects of system design which can also affect occupational health and safety and which are not covered by this document.
This document applies to all the phases of the life cycle of a safety-related electronic system, focusing in particular on phases from 5 (architecture and apportionment of system requirements) to 10 (system acceptance) as defined in EN 50126-1:2017.
Requirements for systems which are not related to safety are outside the scope of this document.
This document is not applicable to existing systems, subsystems or equipment which had already been accepted prior to the creation of this document. However, so far as reasonably practicable, it should be applied to modifications and extensions to existing systems, subsystems and equipment.
This document is primarily applicable to systems, subsystems or equipment which have been specifically designed and manufactured for railway signalling applications. It should also be applied, so far as reasonably practicable, to general-purpose or industrial equipment (e.g. power supplies, display screens or other commercial off the shelf items), which is procured for use as part of a safety-related electronic system. As a minimum, evidence should be provided in such cases (more information is given in 6.2) to demonstrate either
- that the equipment is not relied on for safety, or
- that the equipment can be relied on for those functions which relate to safety.
This document is aimed at railway duty holders, railway suppliers, and assessors as well as at safety authorities, although it does not define an approval process to be applied by the safety authorities.

  • Standard
    154 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Standard
    157 pages
    French language
    sale 10% off
    e-Library read for
    1 day