Since its creation in 2001, CLEARSY is a major player in the industrial use of formal methods to improve the functional safety of systems and critical software. Based on its 25 years of experience, CLEARSY has designed the CLEARSY Safety Platform: a certified single-board composite failsafe computer (per EN50129 definition). 



Thanks to this innovation, the end-user can now focus only on designing his custom business system/application, saving the complexity and costs associated with the design and certification of processor safety software layers. According to existing use-cases, the CLEARSY Safety Platform allows a reduction of up to 80% of the design cost and certification effort, leading to a shorter time to market for the solution based on the CLEARSY Safety Platform. 

The CLEARSY Safety Platform facilitates the development of SIL3 and SIL4 applications and is already certified against EN50126, EN50129, and EN50128 with a SIL4 level by CERTIFER (French Independent Safety Assessor).

The CLEARSY Safety Platform is a comprehensive and consistent set of hardware, software, and tools easing the development of SIL4 systems. As the vital computer board is already certified, the end-user only needs to focus on the design of its own business application and system.

CLEARSY Safety Platform is made of:

• A single board vital computer (SIL4) bundled on a credit card sized printed circuit board. External interfaces and peripherals have to be designed on a dedicated motherboard accordingly to customer requirements. CLEARSY offers support and services to design his/her custom motherboard.



• A software library that includes all the safety principles required to reach a SIL4 execution level. This library is in charge of performing all the vital built-in health tests. This software library is formally proven with the B formal method.

• A fully integrated toolchain (running on a docker or within a virtual machine) allows building directly the final binary. Thanks to this setup, all the configuration and installation steps related to the tools’ ecosystem are completely avoided.

Integration

The CLEARSY Safety Platform is ready to use industrial solution for anyone who wants to build a custom SIL3/4 device at a limited cost and with managed risks. To effectively use the CLEARSY Safety Platform it is simply needed to:

• design a motherboard with all the required hardware interface with your custom application environment

• write and validate your custom vital and non-vital software

• check that your design meets the Safety Related Application Conditions (SRACs) of the CLEARSY Safety Platform (SCACs are conditions of use included in the certificate).

• Then you are done: the CLEARSY Safety Platform ensures the SIL4 processing. A global safety case of the function ensured by your custom SIL3/4 device must be made and approved by the Independent Safety Assessor).
  

Depending on customers’ expertise, CLEARSY can provide support for all or part of each of these design and validation activities. 

Moreover, it is very important to note that you do not need to address all the complex questions of safety-critical computational architecture like (non-exhaustive list):

• does my program memory is healthy or corrupted?
• does my RAM is corrupted? 
• does my compilation is correct or not? 
• does my time counter is accurate or not?
• ... 

All these sensitive items are already addressed and compliant with the CENELEC standard as established by the SIL4 certificate of the CLEARSY SAFETY Platform (type certificate n°9954/0262 from CERTIFER).

• So the global safety case will integer all these points already supported by this certificate, which represents the major part of the global cost development. 
  

Reference

• 
  
• The architecture of the CLEARSY Safety Platform has already been successfully used within several projects running in revenue services:
• 
  
• 1^st design for platform screen door operation in monorail 
  Sao Paulo line 15 (Generic product certificate CERTIFER #8891/200-1 27th February 2017 SIL4)
• 
  
• Product fitted for Stockholm City Line platform screen door 
  operation (System certificate BUREAU VERITAS 
  #63937413 3rd March 2017 SIL3)
• 
  
• CBTC Remote Input/output module (confidential customer) (Generic product certificate BUREAU VERITAS #7092509 23rd July 2019 SIL4 and AREMA compliant, asserted by TÜV)
• 
  

CBTC Remote Input/output module (Generic product certificate BUREAU VERITAS #7092509 23rd July 2019 SIL4 and AREMA compliant, asserted by TÜV)

Download this article in PDF

Read more articles

More Articles

Related to Clearsy