C5.1 - Towards Technology-Independent Software Requirements in Legal Metrology
- Event
- 22. GMA/ITG-Fachtagung Sensoren und Messsysteme 2024
2024-06-11 - 2024-06-12
Nürnberg - Band
- Vorträge
- Chapter
- C5 - Sicherheit, Betriebssicherheit
- Author(s)
- M. Esche, M. Nischwitz, F. Salwiczek - Physikalisch-Technische Bundesanstalt, Berlin, P. Eekhout - Dutch Authority for Digital Infrastructure,Groningen (Netherlands)
- Pages
- 273 - 279
- DOI
- 10.5162/sensoren2024/C5.1
- ISBN
- 978-3-910600-01-0
- Price
- free
Abstract
Current practice for software examination of measuring instruments subject to legal control is based on requirements for physically separable instrument components. This approach has resulted in frequent updates to harmonized software requirement documents in recent years, while simultaneously putting serious strain on resources at standards setting bodies, such as the European Cooperation in Legal Metrology WELMEC. With the aim of establishing a future-proof method for software examination that does not restrict the use of new technologies and requires fewer revisions, an asset-based approach for software requirements is presented. This approach is based on a previously established risk assessment method based on ISO 27005 and ISO 18045 vulnerability analysis. With the help of several practical examples the applicability and fitness for purpose of the new approach is investigated and compared with the current component-based method for software examination. Based on this comparison, suggestions for further improvement of the method are derived.