[trustable-software] Segregation of Duties
trustable at panic.fluff.org
trustable at panic.fluff.org
Tue Apr 4 06:24:45 UTC 2017
On Mon, 3 Apr 2017, José Miguel Faria wrote:
> They are.
>
> In DO-178B/C several objectives (the exact number depends on the assurance
> level) must be achieved with independence.
>
> Independence is defined in the Glossary as:
>
> *"Independence ÿÿ Separation of responsibilities which ensures the
> accomplishment of objective evaluation. (1) For software verification
> process activities, independence is achieved when the verification activity
> is performed by a person(s) other than the developer of the item being
> verified, and a tool(s) may be used to achieve equivalence to the human
> verification activity. (2) For the software quality assurance process,
> independence also includes the authority to ensure corrective action."*
>
> For Railway, independence is also required; below a screenshot from EN50128.
>
> Likewise for other domains. Independence is not only good engineering
> practice; domain specific standards require for it.
>
From the Railway example, is there any rules which state that for example
the person who implements one feature can't review another feature and the
one who reviews the first feature can't implement a different feature ?
[My experience says this is the norm]
The point I'm looking for is whether roles are permanent or just per
iteration of the tasks ?
--
========================================================================
Edmund J. Sutcliffe Thoughtful Solutions; Creatively
<edmunds at panic.fluff.org> Implemented and Communicated
<http://panic.fluff.org> +44 (0) 7976 938841
More information about the trustable-software
mailing list