Reference

Document Name Terms Clause Subclause

EN 50128 : 2011 Application Development Process 8.4.1 8.4.1.1

EN 50128 : 2011 8.4.1.2

EN 50128 : 2011 8.4.1.3

EN 50128 : 2011 8.4.1.4

EN 50128 : 2011 8.4.1.5

EN 50128 : 2011 8.4.1.6

EN 50128 : 2011 8.4.1.7

EN 50128 : 2011 8.4.1.8

EN 50128 : 2011 8.4.1.9

EN 50128 : 2011 8.4.1.10

EN 50128 : 2011 8.4.1.11

EN 50128 : 2011 8.4.1.12

EN 50128 : 2011 8.4.1.13

EN 50128 : 2011 8.4.1.14

EN 50128 : 2011 Application Requirements Specification 8.4.2 8.4.2.1

EN 50128 : 2011 8.4.2.2

EN 50128 : 2011 8.4.2.3

EN 50128 : 2011 8.4.2.4

EN 50128 : 2011 8.4.2.5

EN 50128 : 2011 Architecture and Design 8.4.3

EN 50128 : 2011 Application Data/Algorithms Production 8.4.4 8.4.4.1

EN 50128 : 2011 8.4.4.2

EN 50128 : 2011 8.4.4.3

EN 50128 : 2011 8.4.4.4

EN 50128 : 2011 8.4.4.5

EN 50128 : 2011 8.4.4.6

EN 50128 : 2011 8.4.4.7

EN 50128 : 2011 8.4.4.8

EN 50128 : 2011 Application Integration and Testing 8.4.5 8.4.5.1

Acceptance

EN 50128 : 2011 8.4.5.2

EN 50128 : 2011 8.4.5.3

EN 50128 : 2011 8.4.5.4

EN 50128 : 2011 8.4.5.5

EN 50128 : 2011 Application Validation and Assessment 8.4.6

EN 50128 : 2011 Application preparation procedures and 8.4.7 8.4.7.1

tools

EN 50128 : 2011 8.4.7.2

EN 50128 : 2011 8.4.7.3

EN 50128 : 2011 8.4.7.4

EN 50128 : 2011 8.4.7.5

EN 50128 : 2011 8.4.7.6

EN 50128 : 2011 Development of Generic Software 8.4.8 8.4.8.1

 Development of Generic Software 8.4.8

EN 50128 : 2011 8.4.8.2

EN 50128 : 2011 8.4.8.3

EN 50128 : 2011 8.4.8.4

EN 50128 : 2011 8.4.8.5

EN 50128 : 2011 8.4.8.6

EN 50128 : 2011 8.4.8.7

EN 50128 : 2011 8.4.8.8

 Detail Requirement Description

An Application Preparation Plan shall be written, under the responsibility of the Requirements
Manager or Designer, on the basis of the input documents from 8.2.
An Application Preparation Plan shall be produced in order to define and detail the application
development process, including all the activities, deliverables and roles in charge of them. It can be
produced either for each specific application or for a class of specific applications, i.e. for a generic
application.

The Application Preparation Plan shall define a documentation structure for the application
preparation process.

The Application Preparation Plan shall choose techniques and measures from Table A.11. The selected
combination shall be justified as a set satisfying 4.8 and 4.9.
The Application Preparation Plan shall specify the procedures and application tools (with their
classification based on 6.7) to be used in the application development process.
The Application Preparation Plan shall include verification and validation activities to ensure that the
application data/algorithms are complete, correct and compatible with each other and with the generic
application, and to provide evidence that the application conditions of the generic application are met.
These verification and validation activities and evidence can be replaced by verification and validation
performed on the tools that produce the application data/algorithms. The results are gathered together
in the Application Preparation Verification Report and the Application Test Report.

The Application Preparation Plan shall include verification and validation activities to ensure that the
application tools and the generic software are compatible with each other and with the specific
application, and to provide evidence that their application conditions are met

A risk analysis shall be carried out covering the application development process, including the
application tools and procedures, in order to validate the Application Preparation Plan and to meet the
required software safety integrity level. The Application Preparation Plan shall include the risk analysis.

The Application Preparation Plan shall specify the requirements for the independence between staff
carrying out verification, validation and preparation tasks according to 5.1.
The Application Preparation Plan shall define a tool class for any hardware or software tools used in the
application preparation lifecycle.
Where possible, the Application Preparation Plan shall call for notations for specifying requirements and
design which are familiar to applications engineers. Where new notations are introduced, the necessary
user documentation shall be provided, as well as training where appropriate.

An Application Data/Algorithms Verification Report shall be written, under the responsibility of the
Verifier, on the basis of the input documents from 8.2.
Once the Application Preparation Plan has been established, verification shall address
a) that the Application Preparation Plan meets the general requirements for readability and traceability in
5.3.2.7 to 5.3.2.10 and in 6.5.4.14 to 6.5.4.17 as well as the specific requirements in 8.4.1.2 to 8.4.1.11,
b) the internal consistency of the Application Preparation Plan.

The implementation of the Application Preparation Plan shall be verified and validated for each specific
application.
An Application Requirements Specification shall be written, under the responsibility of the
Requirements Manager, on the basis of the input documents from 8.2.
The requirements for the specific application shall include the requirements which are specific to the
installation under consideration (e.g. track layout, signal locations, speed limits for a signalling system), as
well as a recap or reference to the application conditions of the generic software and the application
tools, and the standards with which the application shall comply (e.g. signalling principles for a signalling
system).

The requirements related to the application data and algorithms processed by the generic software of
the system shall be specified at this stage.
An Application Data/Algorithms Verification Report shall be written, under the responsibility of the
Verifier, on the basis of the input documents from 8.2.
Once the Application Requirements Specification has been established, verification shall address
a) that the Application Requirements Specification meets the general requirements for readability and
traceability in 5.3.2.7 to 5.3.2.10 and in 6.5.4.14 to 6.5.4.17 as well as the specific requirements in 8.4.2.2
to 8.4.2.3,
b) the internal consistency of the Application Requirements Specification.
The results shall be recorded in an Application Data/Algorithms Verification Report.

The quantity and type of the generic hardware and software components to be used in the specific
application shall be specified. The location of components, application data and algorithms in the specific
application architecture shall be defined. The application data and algorithms processed by the generic
software shall be designed at this stage

The application development process shall include the production and compilation of the source code of
the generic and specific data/algorithms, as well as verification and testing activities related to this
production. The use of diagrammatic languages is recommended for producing the source code of
application algorithms. Refer to the Table A.16.

An Application Test Report shall be written, under the responsibility of the Tester, on the basis of the
input documents from 8.2
The Application Test Report shall document the correct and complete execution of the tests defined in
Application Test Specification.
The Application Preparation Verification Report shall
a) document every activity performed to ensure correctness and completeness of data/algorithm and
their coherency with application principles and specific application architecture,
b) evaluate compatibility of data/algorithms with generic application.

An Application Test Specification shall be written, under the responsibility of the Tester, on the basis of
the input documents from 8.2

The Application Test Specification shall specify tests to be carried out at intermediate or final stage of
data/algorithms preparation, in order to ensure
a) coherency and completeness of data/algorithms with respect to application principles,
b) coherency and completeness of data/algorithms with respect to specific application architecture.

An Application Data/Algorithms Verification Report shall be written, under the responsibility of the
Verifier, on the basis of the input documents from 8.2.
Once the Application Test Specification has been established, verification shall address
a) that the Application Test Specification meets the general requirements for readability and traceability
in 5.3.2.7 to 5.3.2.10 and in 6.5.4.14 to 6.5.4.17 as well as the specific requirements in 8.4.4.6,
b) the internal consistency of the Application Test Specification.

For some systems the application data/algorithms can be integrated with the generic hardware and
software for a factory test before installation on the target system. This may not be necessary where a
sufficient degree of confidence can be obtained by other means. The application shall then be installed
on the target system, and integration tests within the complete installation shall be carried out. Finally
the target system shall be commissioned as a fully operational system, and a final acceptance process of
the target system in the complete installation shall be carried out. The Application Test Report shall
document the
correct and complete execution of tests defined in the Application Test Specification. The Application
Preparation Verification Report shall check the completeness and correctness of tests performed on the
complete installation.

An Application Test Specification shall be written, under the responsibility of the Tester, on the basis of
the input documents from 8.2.

The Application Test Specification shall specify tests to be carried out to ensure
a) correct integration of data/algorithms on generic hardware and software, if needed,
b) correct integration of data/algorithms with complete installation.
An Application Data/Algorithms Verification Report shall be written, under the responsibility of the
Verifier, on the basis of the input documents from 8.2
Once the Application Test Specification has been established, verification shall address that the
Application Test Specification meets the specific requirements in 8.4.5.3.
Validation and assessment activities shall audit the performance of each stage of the life-cycle.

For each new type of system configured by application data/algorithms, specific procedures and tools
shall be developed to allow the application development process specified in 8.4.1 to be applied to
installations of the new system. Development of these tools shall be carried out in accordance with this
European Standard in parallel with the generic software and hardware for the system. The verification,
validation and assessment activities shall ensure that the data preparation tools and the generic software
are compatible.

Any compilation process shall be validated and assessed. It shall be noted that specialised compilers are
usually necessary for the data and algorithm conversion
All application data/algorithms and associated documentation for each specific application shall be
subject to the software deployment requirements as specified in 9.1.
All application data/algorithms and associated documentation shall be subject to the software
maintenance requirements specified in 9.2.
All application data/algorithms and associated documentation shall be placed under configuration
management according to the requirements specified in 6.5 and 6.7. The configuration management of
application data/algorithms can be separate from the generic software part.

The Application Verification Report demonstrate the coverage and enforcement of the application
conditions of the generic software and application tools
Development of the generic software, which supports the execution of application data/algorithms, shall
comply with the requirements in 7.1 to 7.7 of this European Standard. The following additional
requirements shall also be observed.
The types or classes of function which can be configured by application data/algorithms in each system
and subsystem shall be identified in the Software Requirements Specification documents of the generic
software. The safety integrity level allocated to functions will determine the standards to be applied to
the subsequent development of the application data/ algorithms for all installations of the system.

During the design of the generic software the detailed interfaces between the generic software and the
application data/algorithms shall be specified, unless this has already been specified at an earlier phase
of the lifecycle, for example as a result of a requirement to use an existing application-specific language.

A rigid separation between the generic software and the application data/algorithms shall be
enforced, i.e. it shall be possible to recompile and update either the generic software or the application
data/algorithms without needing to update the other, unless there has been a change to the defined
interface between the generic software and the application data/algorithms. Likewise, the applications
specific data/algorithms shall be separated from the application-generic data/algorithms.

The change control procedures shall ensure that any amendment to the generic software may only be
installed after it has been established that either the revised software is compatible with the original
application data/algorithms or the application data/algorithms have been revised.

Care shall be taken in the verification process and validation test phase of the generic software in order
to assure that all relevant combinations of data and algorithms are considered.

The generic software shall be designed to detect corrupted application data/algorithms where this is
feasible.

The designers shall publish the Release Note of the generic software and application tools by the Overall
Software Testing/Final Validation phase of the generic software and application tools. The contents of
these documents shall be subject to verification and validation activities. The following topics shall be
addressed in the document “Application conditions of the generic software and application tools”:
1) references to the user manuals of the generic software and application tools;
2) any constraints on the application data/algorithms e.g. imposed architecture or coding rules to meet
the safety integrity levels.
 Documentation
Category
Input
1) Software Requirements Specification of generic
software
2) Software Architecture Specification of generic
Application Preparation Plan software
3) Application conditions of the generic software and
application tools
4) User manuals of the generic software and application
tools
Application Preparation Plan

Application Preparation Plan

Application Preparation Plan

Application Preparation Plan

Application Preparation Plan

Application Preparation Plan

Application Preparation Plan

Application Preparation Plan

Application Preparation Plan

Application Data/Algorithms Verification Report.

Application Data/Algorithms Verification Report.

Application Test Report

Application Test Specification.

Application Data/Algorithms Verification Report.

Application Test Specification.

Application Data/Algorithms Verification Report

Documentation Impementation Reference
Output Document Name
1) Application Preparation Plan
2) Application Requirements Specification
3) Application Architecture and Design
4) Application Test Specification
5) Application Test Report
6) Application Preparation Verification Report
7) Source Code of Application Data/Algorithms
8) Application Data/Algorithms Verification Report
pementation Reference V&V
Remark/ Status
Tagging V&V Method used V&V Reference
V&V
V&V Result V&V Result Reference