tirsdag den 2. september 2008

Competence of the Assessor?

Basically, the Assessor should have general knowledge of:

- Railway technology and
- Auditing techniques.


The task of the Assessor is to supervise - through audits and technical spot checks - that all involved parties are working jointly with the safety of the product.

The Assessor role only makes sense, if the other parties implement the recommendations of the Assessor. This will happen, if the Assessor is believed to have the needed capacity and independency.

There is also a "3'rd part" dimension in the work of the Assessor:

  1. If the Supplier ("1'st part") is pressed by the Operator ("2'nd part") on e.g. time of delivery, the Supplier might attempt to play down a safety failure and argue that this failure can easily be handled by e.g. the train driver, or
  2. Maybe the Operator overacts and claims a minor RAM failure as a major safety issue, but actually it covers an attempt from the Operator to get a better product than ordered, or
  3. Another situation can occur if both the "1'st part" and "2'nd part" reluctantly have been forced to use an Assessor by the Safety Authority. In this case, both 1'st and 2'nd part might play down any deviations and failures and produce airy documents to please the assessor
The Assessor must be able to see through these hidden agendas and rely on "judgement based on evidence" (from the definition of "assessment" in EN 50126). The "evidence" could be e.g. the gab between "the process experienced through audits" and "the process according to the Safety Plan of the Project".

Next chapter >> 6. Putting it all together

Focus on the Source (/TR 50129/)

In TR 50129, Draft 2006, chapter 7.1.2, is written the competence for an ISA:

"The assessor must prove as a minimum competence in the following fields:

- specific or relevant expertise in Railway Operation
- the technology of the system
- local requirements/rules for application
- the legal requirements and the recognised rules of the technology
- the necessary practical experience and the ability to provide an assessment report
- guarantee for independence and impartiality
- quality processes in development phase and safety management requirements
- knowledge of all related CENELEC standards"


1) TR 50129 is a "Guide". It states only recommendations and not mandatory requirements.

2) The Safety Authority in each country decides, who is allowed to call him- or her-self an ISA.

1 kommentar:

Anonym sagde ...

Hi i have some questions.

i) Is a Software Safety Assessor obligated to inspect code that is newly developed?

ii) Can he declare based on his audits on the safety techniques used by the software developer per IEC61508/EN50128 recommended/highly recommended for the allocated SIL, and the System Test results that all safety-related functional requirements are validated that the product (software) is compliant to the (SIL) process requirements and fit for intended purpose.

iii) My Independent Software Assessor informed me that as an assessor he only need to assess ( i.e ascertain) that the code has be reviewed by others -- i.e a peer reviewer from the developer's organisation has peer review/inspect the code that it complies to the developer's coding standards and rules.