2. Certification scope¶

The core library shall be suitable to be used in safety applications according to following safety standards up to the specified safety level:

Safety Standard	Safety Level
IEC 61508:2010	SIL 2

The core library is evaluated as an “assessment of non-compliant development” (according to Route 3S of IEC 61508:2010 section 7.4.2.12). This assessment targets a full compliance statement to the standards above, as far as it is applicable for a Software Safety Element out of Context.

2.1. Certified version¶

The certified version of the core library is 1.93.0.

2.2. Certified targets¶

The core library is certified for all compilation targets Ferrocene rustc is qualified for. See Compilation targets overview for a full list.

2.3. Certified subset¶

The certification does not cover the entirety of the core library, but instead a subset. This is to reduce the effort of the certification.

The subset included in the safety certification is defined and documented in the Safety Manual.

2.3.1. Systematic capabilities¶

All public functions of the certified subset are considered “software safety functions” and are going to be certified for all safety standards up to the safety level specified. That means our customers can use all of those functions for use cases up to the highest safety level specified. Since we consider all of them safety relevant we do not consider independence.

The systematic capability of these functions is based on:

The requirements and the documented completeness of these requirements and their implementation in the code and tests
The absence of any undocumented and untested code in the safety certification scope
The required test coverage
The adherence of the code within the safety scope to the Coding Guidelines