Professional Documents
Culture Documents
RF0015 Version 2 EN Compilée
RF0015 Version 2 EN Compilée
RF 0015
REFERENCE DOCUMENT
This document is the property of CERTIFIER. It may not be used, reproduced or disclosed without prior agreement.
Agence de Certification Ferroviaire - SIREN 411 047 285 - Code APE 9499Z
CERTIFER 1, Place de Boussu, BP70141, F-59416 ANZIN Cedex, France. Tel: +33 3 27 28 35 00 - Fax: +33 3 27 28 35 09
RF 0015
CERTIFER REFERENCE DOCUMENT Page 2 / 14
INDEX REFERENCE DOCUMENT FOR CERTIFICATION OF THE SAFETY INTEGRITY LEVEL
DATE
UPDATED: OF PRODUCTS AND SYSTEMS LIKELY TO BE USED IN GUIDED TRANSPORTS
SYSTEMS, ACCORDING TO EN50126, EN50128 AND EN50129 STANDARDS 09/12/14
2
College C: independents:
• François BARANOWSKI, IFSTTAR
This document is the property of CERTIFIER. It may not be used, reproduced or disclosed without prior agreement.
Agence de Certification Ferroviaire - SIREN 411 047 285 - Code APE 9499Z
CERTIFER 1, Place de Boussu, BP70141, F-59416 ANZIN Cedex, France. Tel: +33 3 27 28 35 00 - Fax: +33 3 27 28 35 09
RF 0015
CERTIFER REFERENCE DOCUMENT Page 3 / 14
INDEX REFERENCE DOCUMENT FOR CERTIFICATION OF THE SAFETY INTEGRITY LEVEL
DATE
UPDATED: OF PRODUCTS AND SYSTEMS LIKELY TO BE USED IN GUIDED TRANSPORTS
SYSTEMS, ACCORDING TO EN50126, EN50128 AND EN50129 STANDARDS 09/12/14
2
TABLE OF CONTENTS
Page
This document is the property of CERTIFIER. It may not be used, reproduced or disclosed without prior agreement.
Agence de Certification Ferroviaire - SIREN 411 047 285 - Code APE 9499Z
CERTIFER 1, Place de Boussu, BP70141, F-59416 ANZIN Cedex, France. Tel: +33 3 27 28 35 00 - Fax: +33 3 27 28 35 09
RF 0015
CERTIFER REFERENCE DOCUMENT Page 4 / 14
INDEX REFERENCE DOCUMENT FOR CERTIFICATION OF THE SAFETY INTEGRITY LEVEL
DATE
UPDATED: OF PRODUCTS AND SYSTEMS LIKELY TO BE USED IN GUIDED TRANSPORTS
SYSTEMS, ACCORDING TO EN50126, EN50128 AND EN50129 STANDARDS 09/12/14
2
In this document, the text “EN 45011 / ISO 17065” refers to the requirements of the EN 45011
standard, which must be replaced by those of the ISO/CEI 17065 standard by 15 September 2015
at the latest.
2. REFERENCE DOCUMENTS
For undated references, the last published version applies.
• NF EN 45011 Standard (1998) “General requirements for bodies operating product
certification systems”, supplemented by application guide EA-6/01,
• ISO/CEI 17065: 2012 Standard “Conformity assessment – Requirements for bodies
certifying products, processes and services”
• COFRAC document n°CPS-Ref-09 (ver 00 2010) – “Type certification by design examination
”,
• EN 50126 (1999) standard: Railway applications – The specification and demonstration of
Reliability, Availability, Maintainability and Safety (RAMS)
• EN 50128 (2001, 2011) standard: Railway applications – Communications, signalling and
processing systems – Software for railway control and protections systems.
• EN 50129 (2003) standard: Railway applications – Communication, signalling and
processing systems – Safety related electronic systems for signalling.
1
In this reference document, the term “product” refers to both hardware and software products.
This document is the property of CERTIFIER. It may not be used, reproduced or disclosed without prior agreement.
Agence de Certification Ferroviaire - SIREN 411 047 285 - Code APE 9499Z
CERTIFER 1, Place de Boussu, BP70141, F-59416 ANZIN Cedex, France. Tel: +33 3 27 28 35 00 - Fax: +33 3 27 28 35 09
RF 0015
CERTIFER REFERENCE DOCUMENT Page 5 / 14
INDEX REFERENCE DOCUMENT FOR CERTIFICATION OF THE SAFETY INTEGRITY LEVEL
DATE
UPDATED: OF PRODUCTS AND SYSTEMS LIKELY TO BE USED IN GUIDED TRANSPORTS
SYSTEMS, ACCORDING TO EN50126, EN50128 AND EN50129 STANDARDS 09/12/14
2
These may be supplemented, when required, by other standards (the last published version
applies):
• EN 50121: Railway applications - Electromagnetic compatibility (various parts)
• EN 50125: Railway applications - Environmental conditions for equipment
• EN 50155: Railways Applications Electronic Equipment Used on Rolling Stock
• EN 50159: Railway applications - Communication, signalling and processing systems.
Safety-related communication in transmission systems.
• EN 61508: Functional safety of electrical/electronic/ programmable electronic
safety-related systems (various parts).
The safety integrity level of products and software is designated by the English acronym SIL,
(except under the EN50128:2001 Standard for software “Software safety integrity level”: English
acronym SSIL).
Manufacturer: entity responsible for demonstrating to the ISA that product or system being
assessed meets the required safety integrity level. They are responsible for organising the audits
required by the ISA and providing them with all necessary documents relating to the design,
manufacturing, installation, verification, testing, safety studies and use of the product or system.
This document is the property of CERTIFIER. It may not be used, reproduced or disclosed without prior agreement.
Agence de Certification Ferroviaire - SIREN 411 047 285 - Code APE 9499Z
CERTIFER 1, Place de Boussu, BP70141, F-59416 ANZIN Cedex, France. Tel: +33 3 27 28 35 00 - Fax: +33 3 27 28 35 09
RF 0015
CERTIFER REFERENCE DOCUMENT Page 6 / 14
INDEX REFERENCE DOCUMENT FOR CERTIFICATION OF THE SAFETY INTEGRITY LEVEL
DATE
UPDATED: OF PRODUCTS AND SYSTEMS LIKELY TO BE USED IN GUIDED TRANSPORTS
SYSTEMS, ACCORDING TO EN50126, EN50128 AND EN50129 STANDARDS 09/12/14
2
It is possible that the certification of the product or system also includes processes to be
assessed (e.g. processes such as parameterisation or downloading). These must be stipulated.
This document is the property of CERTIFIER. It may not be used, reproduced or disclosed without prior agreement.
Agence de Certification Ferroviaire - SIREN 411 047 285 - Code APE 9499Z
CERTIFER 1, Place de Boussu, BP70141, F-59416 ANZIN Cedex, France. Tel: +33 3 27 28 35 00 - Fax: +33 3 27 28 35 09
RF 0015
CERTIFER REFERENCE DOCUMENT Page 7 / 14
INDEX REFERENCE DOCUMENT FOR CERTIFICATION OF THE SAFETY INTEGRITY LEVEL
DATE
UPDATED: OF PRODUCTS AND SYSTEMS LIKELY TO BE USED IN GUIDED TRANSPORTS
SYSTEMS, ACCORDING TO EN50126, EN50128 AND EN50129 STANDARDS 09/12/14
2
And, if required:
• A list of attachments and appendixes
• The special provisions (language, sampling, confidentiality, staff safety,
distribution of tasks to partners, sub-contractors or contractors, …)
• Assumptions
• A schedule
The assessment plan may be updated as many times as necessary during performance of the
service.
This document is the property of CERTIFIER. It may not be used, reproduced or disclosed without prior agreement.
Agence de Certification Ferroviaire - SIREN 411 047 285 - Code APE 9499Z
CERTIFER 1, Place de Boussu, BP70141, F-59416 ANZIN Cedex, France. Tel: +33 3 27 28 35 00 - Fax: +33 3 27 28 35 09
RF 0015
CERTIFER REFERENCE DOCUMENT Page 8 / 14
INDEX REFERENCE DOCUMENT FOR CERTIFICATION OF THE SAFETY INTEGRITY LEVEL
DATE
UPDATED: OF PRODUCTS AND SYSTEMS LIKELY TO BE USED IN GUIDED TRANSPORTS
SYSTEMS, ACCORDING TO EN50126, EN50128 AND EN50129 STANDARDS 09/12/14
2
It is strongly recommended to commence and conduct the assessment in parallel with the
development cycle of the product or system.
The Independent safety assessment must include:
- An assessment of the quality and safety management system of the entity
(manufacturer) in charge of the design, manufacturing, installation, verification,
testing, safety study and use of the product or system.
- An assessment of the quality and safety management system applied during the
project.
- An examination of the design of the product or system.
When an assessment only covers modifications to the product or system and, in order to make the
modifications, the manufacturer resubmits the organisation and processes audited and accepted
by the ISA during the previous stage, the ISA may decide that a new audit of the quality and safety
management system is not required.
This document is the property of CERTIFIER. It may not be used, reproduced or disclosed without prior agreement.
Agence de Certification Ferroviaire - SIREN 411 047 285 - Code APE 9499Z
CERTIFER 1, Place de Boussu, BP70141, F-59416 ANZIN Cedex, France. Tel: +33 3 27 28 35 00 - Fax: +33 3 27 28 35 09
RF 0015
CERTIFER REFERENCE DOCUMENT Page 9 / 14
INDEX REFERENCE DOCUMENT FOR CERTIFICATION OF THE SAFETY INTEGRITY LEVEL
DATE
UPDATED: OF PRODUCTS AND SYSTEMS LIKELY TO BE USED IN GUIDED TRANSPORTS
SYSTEMS, ACCORDING TO EN50126, EN50128 AND EN50129 STANDARDS 09/12/14
2
This document is the property of CERTIFIER. It may not be used, reproduced or disclosed without prior agreement.
Agence de Certification Ferroviaire - SIREN 411 047 285 - Code APE 9499Z
CERTIFER 1, Place de Boussu, BP70141, F-59416 ANZIN Cedex, France. Tel: +33 3 27 28 35 00 - Fax: +33 3 27 28 35 09
RF 0015
CERTIFER REFERENCE DOCUMENT Page 10 / 14
INDEX REFERENCE DOCUMENT FOR CERTIFICATION OF THE SAFETY INTEGRITY LEVEL
DATE
UPDATED: OF PRODUCTS AND SYSTEMS LIKELY TO BE USED IN GUIDED TRANSPORTS
SYSTEMS, ACCORDING TO EN50126, EN50128 AND EN50129 STANDARDS 09/12/14
2
This document is the property of CERTIFIER. It may not be used, reproduced or disclosed without prior agreement.
Agence de Certification Ferroviaire - SIREN 411 047 285 - Code APE 9499Z
CERTIFER 1, Place de Boussu, BP70141, F-59416 ANZIN Cedex, France. Tel: +33 3 27 28 35 00 - Fax: +33 3 27 28 35 09
RF 0015
CERTIFER REFERENCE DOCUMENT Page 11 / 14
INDEX REFERENCE DOCUMENT FOR CERTIFICATION OF THE SAFETY INTEGRITY LEVEL
DATE
UPDATED: OF PRODUCTS AND SYSTEMS LIKELY TO BE USED IN GUIDED TRANSPORTS
SYSTEMS, ACCORDING TO EN50126, EN50128 AND EN50129 STANDARDS 09/12/14
2
In terms of input data, the ISA will accept test reports (EMC, Environment…) produced by
laboratories, after making sure that all necessary tests have been performed based on the
intended use of the product or system. The ISA will make sure that the tests are properly
admissible. (Appendix 2).
The ISA will assess the safety case of the product or system. He will make sure that all risks
identified in the Hazard Log are covered, and that safety constraints relating to usage (integration,
operation or maintenance) are clearly defined.
This document is the property of CERTIFIER. It may not be used, reproduced or disclosed without prior agreement.
Agence de Certification Ferroviaire - SIREN 411 047 285 - Code APE 9499Z
CERTIFER 1, Place de Boussu, BP70141, F-59416 ANZIN Cedex, France. Tel: +33 3 27 28 35 00 - Fax: +33 3 27 28 35 09
RF 0015
CERTIFER REFERENCE DOCUMENT Page 12 / 14
INDEX REFERENCE DOCUMENT FOR CERTIFICATION OF THE SAFETY INTEGRITY LEVEL
DATE
UPDATED: OF PRODUCTS AND SYSTEMS LIKELY TO BE USED IN GUIDED TRANSPORTS
SYSTEMS, ACCORDING TO EN50126, EN50128 AND EN50129 STANDARDS 09/12/14
2
This document is the property of CERTIFIER. It may not be used, reproduced or disclosed without prior agreement.
Agence de Certification Ferroviaire - SIREN 411 047 285 - Code APE 9499Z
CERTIFER 1, Place de Boussu, BP70141, F-59416 ANZIN Cedex, France. Tel: +33 3 27 28 35 00 - Fax: +33 3 27 28 35 09
RF 0015
CERTIFER REFERENCE DOCUMENT Page 13 / 14
INDEX REFERENCE DOCUMENT FOR CERTIFICATION OF THE SAFETY INTEGRITY LEVEL
DATE
UPDATED: OF PRODUCTS AND SYSTEMS LIKELY TO BE USED IN GUIDED TRANSPORTS
SYSTEMS, ACCORDING TO EN50126, EN50128 AND EN50129 STANDARDS 09/12/14
2
- When the assessment uses results obtained from other assessment missions, the
assessment report will include a summary of the assessment results for each of
these reports
- The conclusions of audits of safety and quality management systems, as well as any
discrepancies found during the audits and their statuses (corrective actions in
progress, closed reservations…)
- The list of hardware and software components assessed, their versions, and the SIL
(or SSIL) achieved (specification of the “THR” is also recommended), as well as the
conclusions of the assessment for each of the components;
- The conclusions of the assessment of the product or system, its version, the SIL
achieved (specification of the “THR” is also recommended)
- The list of exported safety constraints, or a reference to the safety case when listed
therein.
Note: The assessment report must mention all discrepancies detected and
other open points, or refer to observation and question sheets and non-
conformity sheets, if any.
• Conclusions.
- On the progress of the service (tasks performed, in progress, pending).
- On the conformity (or lack of conformity) of the product or system. When
non-conformities are remaining, the report must specify the extent of
additional assessments required.
The EN50128 standard does not require that a software safety case be produced. Subsequently,
the ISA will not always have a safety case for the assessment of the exported use and safety
constraints. Furthermore, the behaviour of a piece of software will largely depend on the
hardware on which it is executed.
The ISA must include the following in their report or refer to a document:
- the list of exported safety constraints
- the hardware which can be used to execute the software
This document is the property of CERTIFIER. It may not be used, reproduced or disclosed without prior agreement.
Agence de Certification Ferroviaire - SIREN 411 047 285 - Code APE 9499Z
CERTIFER 1, Place de Boussu, BP70141, F-59416 ANZIN Cedex, France. Tel: +33 3 27 28 35 00 - Fax: +33 3 27 28 35 09
RF 0015
CERTIFER REFERENCE DOCUMENT Page 14 / 14
INDEX REFERENCE DOCUMENT FOR CERTIFICATION OF THE SAFETY INTEGRITY LEVEL
DATE
UPDATED: OF PRODUCTS AND SYSTEMS LIKELY TO BE USED IN GUIDED TRANSPORTS
SYSTEMS, ACCORDING TO EN50126, EN50128 AND EN50129 STANDARDS 09/12/14
2
4.8. Certificates
The text of the certificate stipulates that it in no way presumes the mass production of the
“type” certified, and that it only applies to the design of the product (referred to) and the
resulting descriptive dossier.
The term of validity of the certificate and the certificate surveillance procedure are specified in
the procedures used by the certification body.
4.9. Appeals
The certification body will make its appeals procedures available to the requesting party.
In particular, the notification of rejection of a certificate must describe the appeal procedures
against this decision.
4.10. Use of the certification body’s mark
Type certification does not allow for the marking of products, packaging, notices or guarantee
certificates, or the inclusion of the CERTIFER’s logo on any medium.
However, the holder may refer to the certificate in conformity and suitability for use
declarations, as well as in letters, technical files, commercial tenders etc. They must then
communicate:
- either the entirety of the information appearing on the certificate (including the list
of its appendixes)
- either the entirety of the information appearing on the certificate and its
Appendixes
so as to avoid any confusion about the scope of certification.
In order to refer to certification on advertising literature specific to the product (brochures,
leaflets, advertising materials, audiovisual media, websites etc.), the holder must have been
previously authorised to use a logo created by the certification body. The latter will send the
logo and its conditions of use to the applicant.
4.11. Operations after certification
The certification body will apply the procedures for the surveillance, maintenance and renewal
established in compliance with EN 45011 / ISO 17065.
This document is the property of CERTIFIER. It may not be used, reproduced or disclosed without prior agreement.
Agence de Certification Ferroviaire - SIREN 411 047 285 - Code APE 9499Z
CERTIFER 1, Place de Boussu, BP70141, F-59416 ANZIN Cedex, France. Tel: +33 3 27 28 35 00 - Fax: +33 3 27 28 35 09
RECOMMENDATION FOR USE RFU 2-000-16
CO-ORDINATION BETWEEN NOTIFIED BODIES
Issue: 02
DIRECTIVES 96/48/EC AND 2001/16/EC ON THE
Date: 01-04-2006
INTEROPERABILITY OF THE TRANS-EUROPEAN HIGH-SPEED
Page 1 of 3
AND CONVENTIONAL RAILWAY SYSTEMS
TITLE
CROSS ACCEPTANCE OF SAFETY CASE ASSESSMENTS
ORIGINATORS SUBJECT RELATED TO
CERTIFER / KEMA RAIL TRANSPORT CCS SUBSYSTEM CERTIFICATION
CERTIFICATION NOTIFIED BODY
DESCRIPTION AND BACKGROUND EXPLANATION
Scope
The scope of this proposal is limited to the conformity assessment procedure in the
framework of the Directive 96/48 and of the TSI Control, Command and Signalling. It is
not applicable to other TSI or Directives.
Abbreviation
IC : Interoperability Constituent
ISA : Independent Safety Assessor
NoBo : Notified Body
TSI EC96/48: Technical Specification for Interoperability of Control, Command and
Signalling of September 2002 (Directive 96/48).
Introduction
An ISA can be involved during IC or Sub-System conformity assessment.
According to the TSI:
- TSI § 6.1.1 conformity and suitability for use assessment procedure and
- TSI § 6.2.1 control command subsystem:
“The independent assessment in the safety acceptance and approval process as
described in Annex A, index 1 may be accepted by the notified body, without it being
repeated”.
Hence, Safety, which is an essential requirement, may be assessed by an ISA which is
not necessarily a Notified Body.
Note that the scope of ISA assessment can be an IC, a subsystem, or a part of an IC
or a subsystem such as an electronic board, software, or a sensor.
Therefore, it is important that an ISA involved in a Directive 96/48 conformity
assessment procedure, meets minimum criteria to give confidence to the NoBo
accepting the ISA results, and those accepting the ISA results in a cross acceptance
situation.
RFU PROPOSAL
Criteria for ISA Acceptance
The minimum criteria of independence, competence and quality for the acceptance of
the ISA results consist of the following three elements that are further explained below
This memorandum summarises the CERTIFER requirements for guaranteeing that test results are obtained
under conditions guaranteeing their validity.
These requirements are derived from legislation, European standards and the NBRAIL RFU:
- SAM X 001/ SAM X 009
- ISO 17020
- ISO 17025
- RFU-STR22
CERTIFER must ensure that the criteria listed below are complied with when:
- tests results are supplied by the client.
- tests are performed on behalf of CERTIFER and under their responsibility
- tests are performed by CERTIFER
If conformity with the requirements listed below is, in the opinion of CERTIFER, insufficiently demonstrated in
the documents provided by the client, “open points” must be created in the questions and remarks follow-up
sheet : in the form of questions and/or requests for additional information.
Depending on the answers and new proofs provided by the client, the reservation can be closed or converted
to a discrepancy in the final report.
For tests in the fire/smoke domain, EN ISO/CEI 17025 accreditation is mandatory for the fire/smoke fields, as
well as the participation with success in the CERTIFER inter-laboratory campaigns.
CERTIFER may perform tests, provided that they fall within the normal activities of CERTIFER given its area of
certification.
28/10/2014 page 1 of 3
1 Acceptance criteria for tests results
1.1 Criteria 1: the quality management system of the test body
a) EN ISO/CEI 17025 accredited tests laboratory or body covering the tests under consideration:
The quality management system is acceptable. The tests report must meet criteria 2 above.
b) EN ISO/CEI 17025 accredited tests laboratory or body not covering the tests under consideration:
Acceptance of the report presenting the tests results is subordinate to the results of an audit of the
execution of the test, focused on the specific application, the particular techniques and the
implementation conditions of the test. The reference document for the audit is the EN ISO/CEI 17025
standard (See SAM X 009).
c1) case of tests intended to measure the physical characteristics of a product or system
Acceptance of the report presenting the tests results is subordinate to the results of an audit of the
execution of the test, in regards to its compliance with the additional requirements of the EN ISO/CEI
17025 standard compared to the requirements of ISO 9001:
- effective implementation of the quality management system in the test domain in question
- verification of the additional requirements of the EN ISO/CEI 17025 standard compared to the
requirements of ISO 9001 (this can be based on the SAM X009 audit outline).
- particulars techniques, methods, the competence of technical staff and the implementation
conditions for the test requested.
c2) case of tests intended to validate the compliance with the functional requirements of a product or
system
Acceptance of the report presenting the results of tests is subordinate to:
-the opinion of CERTIFER about the tests Plan (particularly presenting the test strategy and test tools)
-an opinion on the specifications of functional tests.
d1) case of tests intended to measure the physical characteristics of a product or system
Acceptance of the report presenting the test results is subordinate to the results of an audit of the
execution of the test, in regards to its compliance with the requirements of EN ISO/CEI 17025.
d2) case of tests intended to validate the compliance with the functional requirements of a product or
system
Acceptance of the report presenting the results of tests is subordinate to:
-an audit of the execution of the test in regards to its compliance with the requirements of the
ISO9001 standard.
-An opinion of CERTIFER about the Tests Plan (particularly presenting the test strategy and test tools)
-an opinion on the specifications of functional tests.
1.2 Criteria 2: Minimum content of the test report (or other admissible document)
To be admissible, the test report must include the following elements at the least:
28/10/2014 page 2 of 3
requirement Objective
1 a unique identification and, on each page, an indication Make sure that nothing has been removed or
indicating that the page is recognised as being part of the added
document, as well as a clear indication of the end of the
document.
2 the name and address of the entity performing the tests Make sure that the person responsible for the test
results is identified
3 description of (or reference to) the method Make sure that the method is relevant
4 The unambiguous description and identification of the object Make sure that the sample tested is representative
submitted to the test of the product being assessed
5 accurate identification of equipment, software and simulators Make sure that the tests are reproducible, and,
used where applicable, that the calibration proofs match
the devices used (or can be found)
6 the results of the test with the measurement units if required Make sure that the results demonstrate the
product compliance with the requirements
7 information relating to the specific conditions of the test, such Make sure that no test condition is likely to
as the ambient conditions, when they are likely to influence invalidate the results
the result
b) case for tests intended to validate the compliance with the functional requirements of a product or
system
requirement Objective
8 accurate identification of the functional specifications and of Make sure that the expected functional behaviour
the functional tests specifications of the product is clearly identified
9 Any other information required by the EN50126, EN50129, Make sure of the compliance with the
EN50128 standards (test coverage report, list of known requirements of the EN50126, EN50129 and
discrepancies and the impact these discrepancies may have EN50128 standards.
on usage...)
28/10/2014 page 3 of 3
Appendix 3 of CERTIFER reference document RF0015 version 2
Examples
Abbreviations used:
FR: fast reading
CR: critical reading
SR: sample reading
NE: not Examined
X: the method is used whatever the safety integrity level of the product;
X1: the method is used when the safety integrity level is SIL1;
X2: the method is used when the safety integrity level is SIL2;
X3: the method is used when the safety integrity level is SIL3;
X4: the method is used when the safety integrity level is SIL4;
Document to be examined NE FR SR CR
Quality Manual X (if X (if not
ISO9001) ISO9001)
Process and instruction sheets X X (if not
(if ISO9001)
ISO9001)
Management Plan X
Quality plan X
Safety plan X
Quality registration documents (minutes X
review, anomaly sheets, modification
sheets...)
Page 1 of 3
Document to be examined NE FR SR CR
Hardware integration tests specifications X
Hardware integration tests results X
Hardware validation tests specifications X
Hardware validation tests results X
Document to be examined NE FR SR CR
Quality Manual X (if X (if not
ISO9001) ISO9001)
Process and instruction sheets X X (if not
(if ISO9001) ISO9001)
Management Plan X
Quality plan X
Safety plan X
Quality registration documents (minutes X
review, anomaly sheets, modification
sheets...)
Page 2 of 3
Document to be examined NE FR SR CR
Hardware Architecture and safety principle X1,X2 X3,X4
Hardware integration tests specifications X1,X2 X3,X4
Hardware integration tests results X1,X2 X3,X4
Hardware validation tests specifications X1,X2 X3,X4
Hardware validation tests results X1,X2 X3,X4
Tests results in working environment (EMC, X
vibration, temperature…)
Page 3 of 3