There are many types of software certification, ISO-9000 is only one. See www.csa-usa.com for just one of several companies that do this kind of work (one of the smaller companies - I used to work for this one). Notice, too, that planning for safety during the design process is a big part of the overall picture; it's very difficult to patch safety and security into a fundamentally insecure system, as so many vendors attempt to do. And if the safety analysis is ongoing during development, rework to meet safety requirements is limited and certification follows quickly. No need to worry about the cert being delayed until the software is obsolete. While a cert often does take time to get, this time is often in parallel with the development. It's very rare for a cert to delay rollout if the developer is responsive to the cert team's inputs; with feedback about the design from the cert team, most serious defects get eliminated during the design phase. When incremental changes like a service pack or even a small upgrade are done, an incremental analysis can be done; the safety analysis would be modified according to the changes made, but much of it would still be totally valid. Again, the cert would follow quickly. In most cases, cert could be achieved before the official rollout. I think perhaps that the obvious fear of delays evident in so many of the posts here reflects simple unfamiliarity with the cert process...

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/47/9320#9320