Appendix E: ASPICE-Safety Standard Mapping

This appendix provides cross-reference tables between ASPICE processes and major safety standards. Use these mappings when planning how to satisfy both ASPICE capability requirements and safety-standard compliance simultaneously.

ISO 26262 (Automotive) Mapping

ASPICE Process ISO 26262 Clause Section Work Products ASIL Impact
SYS.2 Part 3 Clause 5 3-5.4.1 Item Definition, HARA All ASILs
SYS.3 Part 4 Clause 6 4-6.4.1 System Architecture, Safety Plan ASIL-B/C/D
SWE.1 Part 6 Clause 5 6-5.4.1 Software Safety Requirements ASIL-B/C/D
SWE.2 Part 6 Clause 6 6-6.4.1 SW Architectural Design ASIL-B/C/D
SWE.3 Part 6 Clause 7 6-7.4.1 Source Code, Unit Design All ASILs
SWE.4 Part 6 Clause 8 6-8.4.1 Unit Test Specification 100% coverage ASIL-D
SWE.5 Part 6 Clause 9 6-9.4.1 Integration Test Report ASIL-C/D
SWE.6 Part 6 Clause 10 6-10.4.1 SW Qualification Test Report All ASILs
SUP.1 Part 8 Clause 4.4 8-4.4.1 QA Plan, Audit Reports ASIL-C/D
SUP.2 Part 8 Clause 4.6 8-4.6.1 Review Reports All ASILs
SUP.8 Part 8 Clause 4.3 8-4.3.1 Configuration Management All ASILs
MAN.3 Part 5 Clause 4 5-4.4.1 Project Plan All ASILs
MAN.5 Part 7 Clause 4 7-4.4.1 Safety Plan, Risk Register ASIL-B/C/D

Key Requirement: ASPICE CL2 and ISO 26262 compliance are required for automotive OEMs.

Cross-Certification Note: ISO 26262 certification can support IEC 61508 claims for automotive-derived industrial systems, as ISO 26262 is an adaptation of IEC 61508 for road vehicles.

IEC 61508 (Industrial) Mapping

ASPICE Process IEC 61508 Part Section Work Products SIL Impact
SYS.2 Part 7 Clause 5 7.5.2.1 Safety Requirements Spec SIL 2/3/4
SYS.3 Part 7 Clause 6 7.6.2.1 Architecture Design, FTA/FMEA SIL 3/4
SWE.1 Part 7 Clause 9.4 7.9.4.1 SW Safety Requirements SIL 2/3/4
SWE.2 Part 7 Clause 9.4 7.9.4.3 SW Architecture Design SIL 2/3/4
SWE.3 Part 7 Clause 9.4 7.9.4.5 Source Code (IEC 61131-3) All SILs
SWE.4 Part 7 Clause 9.4 7.9.4.7 Unit Tests, MC/DC coverage SIL 3: 100%
SUP.1 Part 7 Clause 13 7.13.2.1 Assessment Reports SIL 3/4
SUP.2 Part 7 Clause 9.4 7.9.4.8 Verification Report All SILs
SUP.8 Part 7 Clause 10 7.10.2.1 CM Plan, Baselines All SILs
MAN.5 Part 7 Clause 4 7.4.2.1 Safety Management Plan SIL 2/3/4

Key Requirement: TÜV/TÜV Rheinland certification is required for SIL 3/4 systems.

Related Standards: IEC 61511 (process industries) and IEC 62443 (industrial cybersecurity) share common SIL concepts and may require combined compliance for integrated systems.

IEC 62304 (Medical) Mapping

ASPICE Process IEC 62304 Clause Section Work Products Class Impact
SWE.1 Clause 5.2 5.2.1-5.2.6 Software Requirements Spec Class A/B/C
SWE.2 Clause 5.3 5.3.1-5.3.6 SW Architecture Document Class B/C
SWE.3 Clause 5.4 5.4.1-5.4.4 Detailed Design, Source Code Class C
SWE.4 Clause 5.5 5.5.1-5.5.5 Unit Test Reports Class C: 100%
SWE.5 Clause 5.6 5.6.1-5.6.8 Integration Test Reports Class B/C
SWE.6 Clause 5.7 5.7.1-5.7.5 System Test Reports All Classes
SUP.8 Clause 5.1.9 5.1.9a-5.1.9e Configuration Items Class B/C
SUP.9 Clause 9 9.1-9.8 Problem Reports, CAPA All Classes
MAN.5 Clause 7 7.1-7.4 Risk Management File (per ISO 14971) All Classes

Additional Requirements:

  • SOUP (Software of Unknown Provenance) management per Clause 8.1.2
  • FDA 510(k) or PMA submission (USA)
  • EU MDR 2017/745 compliance (European Union)

Cross-Certification Note: Organizations with ISO 26262 or IEC 61508 experience can leverage similar processes for IEC 62304 compliance, as those standards share common lifecycle and verification concepts.

DO-178C (Aerospace) Mapping

ASPICE Process DO-178C Objective Work Products DAL Impact
SWE.1 A-3 (High-level requirements) Software Requirements Data DAL A/B/C
SWE.2 A-4 (Software architecture) Design Description DAL A/B/C
SWE.3 A-5 (Low-level requirements) Source Code All DALs
SWE.4 A-7 (Testing) Test Procedures, Results MC/DC for DAL A
SUP.2 A-6 (Reviews) Review Records DAL A/B
SUP.8 A-10 (CM) Configuration Index All DALs
MAN.3 A-1 (Planning) Plan for SW Aspects of Certification DAL A/B/C

Key Requirement: FAA/EASA certification for airborne software.

Coverage Requirements by Safety Level

ISO 26262 (Automotive)

ASIL Statement Branch MC/DC Rationale
ASIL-A 100% 100% - Recommended
ASIL-B 100% 100% - Highly recommended
ASIL-C 100% 100% Recommended Safety functions
ASIL-D 100% 100% Required All code

IEC 61508 (Industrial)

SIL Statement Branch MC/DC Path Coverage
SIL 1 100% - - -
SIL 2 100% 100% - -
SIL 3 100% 100% Required Recommended
SIL 4 100% 100% Required Required

IEC 62304 (Medical)

Class Statement Branch Notes
Class A - - No injury risk
Class B 100% - Non-serious injury
Class C 100% 100% Death or serious injury

Tool Qualification Requirements

ISO 26262 Tool Confidence Levels

TCL Criteria Example Tools Qualification
TCL1 Low impact on safety Doxygen, Git None required
TCL2 Medium impact cppcheck, Google Test Validation required
TCL3 High impact Polyspace, VectorCAST Full qualification

Qualification Methods: 1a (Proven in use), 1b (Assessment), 1c (Development)

IEC 61508 Tool Classes

Class Description Examples Qualification
T1 Generates outputs Compiler, Code generator Validated per 7-4.4.3
T2 No safety output Editor, Version control Validation not required
T3 Automated test Static analyzers Validation recommended

Coding Standards by Domain

Domain Primary Standard Secondary ASPICE Mapping
Automotive MISRA C:2012 AUTOSAR C++14 SWE.3 BP3
Industrial MISRA C:2012 IEC 61131-3 (PLC) SWE.3 BP3
Medical MISRA C:2012 FDA Guidance SWE.3 BP3
Aerospace MISRA C:2012 DO-178C objectives SWE.3 BP3

Common Rules:

  • All required MISRA C:2012 rules (143 rules)
  • Selected advisory rules (project-specific)
  • CERT C secure coding standard

Traceability Requirements

ISO 26262

From To Method ASPICE
Stakeholder needs System requirements Manual + AI (70%) SYS.2 BP5
System requirements SW requirements Automated (DOORS) SWE.1 BP5
SW requirements Source code @implements tag SWE.3 BP5
Source code Unit tests @verifies tag SWE.4 BP4
SW requirements System tests Test matrix SWE.6 BP4

Bidirectional Traceability: Required for ASIL-B/C/D

IEC 62304

From To Tool Class
Risk controls SW requirements DOORS/Jama B/C
SW requirements Design Manual/DOORS C
Design Source code Doxygen tags C
Source code Tests Google Test C

FDA Expectation: Complete traceability for Class C devices

Assessment/Certification Bodies

Standard Certifier Scope Cost Range
ISO 26262 TÜV SÜD, TÜV Rheinland Product assessment €50k-200k
IEC 61508 TÜV, Exida Product certification €80k-300k
IEC 62304 FDA, Notified Bodies Regulatory approval $100k-500k
DO-178C FAA, EASA Software certification $200k-1M+

Timeline: 6-18 months for initial certification

Previous
Appendix D: AI Tool Comparison Matrix
Next
Appendix F: Checklist Library