- Latest available (Revised)
- Point in Time (30/05/2008)
- Original (As adopted by EU)
Commission Regulation (EC) No 482/2008 (repealed)Show full title
Commission Regulation (EC) No 482/2008 of 30 May 2008 establishing a software safety assurance system to be implemented by air navigation service providers and amending Annex II to Regulation (EC) No 2096/2005 (Text with EEA relevance) (repealed)
You are here:
- Regulations originating from the EU
- 2008 No. 482
- Whole Regulation without Annexes
What Version
Advanced Features
- Show Geographical Extent(e.g. England, Wales, Scotland and Northern Ireland)
- Show Timeline of Changes
More Resources
Revised version PDFs
- Revised 02/01/20200.44 MB
- Revised 07/11/20110.16 MB
Legislation originating from the EU
When the UK left the EU, legislation.gov.uk published EU legislation that had been published by the EU up to IP completion day (31 December 2020 11.00 p.m.). On legislation.gov.uk, these items of legislation are kept up-to-date with any amendments made by the UK since then.
This item of legislation originated from the EU
Legislation.gov.uk publishes the UK version. EUR-Lex publishes the EU version. The EU Exit Web Archive holds a snapshot of EUR-Lex’s version from IP completion day (31 December 2020 11.00 p.m.).
Changes over time for: Commission Regulation (EC) No 482/2008 (repealed) (without Annexes)
Version Superseded: 07/11/2011
Status:
Point in time view as at 30/05/2008.
Changes to legislation:
There are currently no known outstanding effects for the Commission Regulation (EC) No 482/2008 (repealed).
Changes to Legislation
Revised legislation carried on this site may not be fully up to date. At the current time any known changes or effects made by subsequent legislation have been applied to the text of the legislation you are viewing by the editorial team. Please see ‘Frequently Asked Questions’ for details regarding the timescales for which new effects are identified and recorded on this site.
Article 1U.K.Subject-matter and scope
1.This Regulation lays down the requirements for the definition and implementation of a software safety assurance system by air traffic service (ATS) providers, entities providing air traffic flow management (ATFM) and air space management (ASM) for general air traffic, and providers of communication, navigation and surveillance (CNS) services.
It identifies and adopts the mandatory provisions of the Eurocontrol Safety Regulatory Requirement — ESARR 6 — entitled ‘Software in ATM Systems’ issued on 6 November 2003.
2.This Regulation shall apply to the new software and to any changes to the software of the systems for ATS, ASM, ATFM, and CNS.
It shall not apply to the software of airborne constituents and to space-based equipment.
Article 2U.K.Definitions
For the purposes of this Regulation, the definitions in Article 2 of Regulation (EC) No 549/2004 shall apply.
The following definitions shall also apply:
1.
‘software’ means computer programmes and corresponding configuration data, including non-developmental software, but excluding electronic items, namely application specific integrated circuits, programmable gate arrays or solid-state logic controllers;
2.
‘configuration data’ means data that configures a generic software system to a particular instance of its use;
3.
‘non-developmental software’ means a software not developed for the current contract;
4.
‘safety assurance’ means all planned and systematic actions necessary to provide adequate confidence that a product, a service, an organisation or a functional system achieves acceptable or tolerable safety;
5.
‘organisation’ means either an ATS provider, a CNS provider or an entity providing ATFM or ASM;
6.
‘functional system’ means a combination of systems, procedures and human resources organised to perform a function within the context of ATM;
7.
‘risk’ means the combination of the overall probability, or frequency of occurrence of a harmful effect induced by a hazard and the severity of that effect;
8.
‘hazard’ means any condition, event, or circumstance which could induce an accident;
9.
‘new software’ means a software that has been ordered or for which binding contracts have been signed after the entry into force of this Regulation;
10.
‘safety objective’ means a qualitative or quantitative statement that defines the maximum frequency or probability at which a hazard can be expected to occur;
11.
‘safety requirement’ means a risk-mitigation means, defined from the risk-mitigation strategy that achieves a particular safety objective, including organisational, operational, procedural, functional, performance, and interoperability requirements or environment characteristics;
12.
‘cutover or hot swapping’ means the approach of replacing European air traffic management network (EATMN) system components or software while the system is operational;
13.
‘software safety requirement’ means a description of what is to be produced by the software given the inputs and constraints, and if met, ensures that EATMN software performs safely and according to operational need;
14.
‘EATMN software’ means software used in the EATMN systems referred to in Article 1;
15.
‘requirements validity’ means the confirmation by examination and provision of objective evidence that the particular requirements for a specific use are as intended;
16.
‘achieved with independence’ means, for software verification process activities, that the verification process activities are performed by a person(s) other than the developer of the item being verified;
17.
‘software malfunction’ means the inability of a programme to perform a required function correctly;
18.
‘software failure’ means the inability of a programme to perform a required function;
19.
‘COTS’ means a commercial available application sold by vendors through public catalogue listings and not intended to be customised or enhanced;
20.
‘software components’ means a building block that can be fitted or connected together with other reusable blocks of software to combine and create a custom software application;
21.
‘independent software components’ means those software components which are not rendered inoperative by the same failure condition that causes the hazard;
22.
‘software timing performances’ means the time allowed for the software to respond to given inputs or to periodic events, and/or the performance of the software in terms of transactions or messages handled per unit time;
23.
‘software capacity’ means the ability of the software to handle a given amount of data flow;
24.
‘accuracy’ means the required precision of the computed results;
25.
‘software resource usage’ means the amount of resources within the computer system that can be used by the application software;
26.
‘software robustness’ means the behaviour of the software in the event of unexpected inputs, hardware faults and power supply interruptions, either in the computer system itself or in connected devices;
27.
‘overload tolerance’ means the behaviour of the system in the event of, and in particular its tolerance to, inputs occurring at a greater rate than expected during normal operation of the system;
28.
‘correct and complete EATMN software verification’ means all software safety requirements which correctly state what is required of the software component by the risk assessment and mitigation process and their implementation is demonstrated to the level required by the software assurance level;
29.
‘software life cycle data’ means the data that is produced during the software life cycle to plan, direct, explain, define, record, or provide evidence of activities; this data enables the software life cycle processes, system or equipment approval and post-approval modification of the software product;
30.
‘software life cycle’ means:
(a)
an ordered collection of processes determined by an organisation to be sufficient and adequate to produce a software product;
(b)
the period of the time that begins with the decision to produce or modify a software product and ends when the product is retired from service;
31.
‘system safety requirement’ means a safety requirement derived for a functional system.
Article 3U.K.General safety requirements
1.Whenever an organisation is required to implement a risk assessment and mitigation process in accordance with applicable Community or national law, it shall define and implement a software safety assurance system to deal specifically with EATMN software related aspects, including all on-line software operational changes, and in particular cutover or hot swapping.
2.The organisation shall ensure, as a minimum, that its software safety assurance system produces evidence and arguments that demonstrate the following:
(a)the software safety requirements correctly state what is required by the software, in order to meet safety objectives and requirements, as identified by the risk assessment and mitigation process;
(b)traceability is addressed in respect of all software safety requirements;
(c)the software implementation contains no functions which adversely affect safety;
(d)the EATMN software satisfies its requirements with a level of confidence which is consistent with the criticality of the software;
(e)assurances are provided confirming that the general safety requirements set out in points (a) to (d) are satisfied, and the arguments that demonstrate the required assurances are at all times derived from:
(i)
a known executable version of the software;
(ii)
a known range of configuration data;
(iii)
a known set of software products and descriptions, including specifications, that have been used in the production of that version.
3.The organisation shall make available the required assurances, to the national supervisory authority, demonstrating that the requirements provided for in paragraph 2 have been satisfied.
Article 4U.K.Requirements applying to the software safety assurance system
The organisation shall ensure, as a minimum, that the software safety assurance system:
1.
is documented, specifically as part of the overall risk assessment and mitigation documentation;
2.
allocates software assurance levels to all operational EATMN software in compliance with the requirements set out in Annex I;
3.
includes assurances of:
(a)
software safety requirements validity in compliance with the requirements set out in Annex II, Part A;
(b)
software verification in compliance with the requirements set out in Annex II, Part B;
(c)
software configuration management in compliance with the requirements set out in Annex II, Part C;
(d)
software safety requirements traceability in compliance with the requirements set out in Annex II, Part D;
4.
determines the rigour to which the assurances are established; the rigour must be defined for each software assurance level, and increase as the software increases in criticality; for that purpose:
(a)
the variation in rigour of the assurances per software assurance level must include the following criteria:
(i)
required to be achieved with independence;
(ii)
required to be achieved;
(iii)
not required;
(b)
the assurances corresponding to each software assurance level must give sufficient confidence that the EATMN software can be operated tolerably safely;
5.
uses feedback of EATMN software experience to confirm that the software safety assurance system and the assignment of assurance levels are appropriate. For that purpose, the effects from a software malfunction or failure reported according to the relevant requirements on reporting and assessment of safety occurrences shall be assessed in comparison with the effects identified for the system concerned as per the severity classification scheme established in Section 3.2.4 of Annex II to Regulation (EC) No 2096/2005.
Article 5U.K.Requirements applying to changes to software and to specific software
1.For any changes to the software or for specific types of software such as COTS, non-developmental software or previously used software for which some of the requirements of Article 3(2)(d) or (e) or of Article 4(2), (3), (4) or (5) cannot be applied, the organisation shall ensure that the software safety assurance system provides, through other means chosen and agreed with the national supervisory authority, the same level of confidence as the relevant software assurance level whenever defined.
Those means must give sufficient confidence that the software meets the safety objectives and requirements, as identified by the safety risk assessment and mitigation process.
2.In the assessment of the means referred to in paragraph 1, the national supervisory authority may use a recognised organisation or a notified body.
Article 6U.K.Amendment to Regulation (EC) No 2096/2005
In Annex II to Regulation (EC) No 2096/2005, the following section is added:
‘3.2.5Section 5
Software safety assurance system
Within the operation of the safety management system, a provider of air traffic services shall implement a software safety assurance system in accordance with Commission Regulation (EC) No 482/2008 of 30 May 2008 establishing a software safety assurance system to be implemented by air navigation service providers and amending Annex II to Regulation (EC) No 2096/2005(1).’
Article 7U.K.Entry into force
This Regulation shall enter into force on the 20th day following that of its publication in the Official Journal of the European Union.
It shall apply from 1 January 2009 to the new software of EATMN systems referred to in Article 1(2), first subparagraph.
It shall apply from 1 July 2010 to any changes to the software of EATMN systems referred to in Article 1(2), first subparagraph, in operation by that date.
This Regulation shall be binding in its entirety and directly applicable in all Member States.
Done at Brussels, 30 May 2008.
For the Commission
Antonio Tajani
Member of the Commission
Options/Help
Print Options
PrintThe Whole Regulation
PrintThe Regulation without Annexes
Legislation is available in different versions:
Latest Available (revised):The latest available updated version of the legislation incorporating changes made by subsequent legislation and applied by our editorial team. Changes we have not yet applied to the text, can be found in the ‘Changes to Legislation’ area.
Original (As adopted by EU): The original version of the legislation as it stood when it was first adopted in the EU. No changes have been applied to the text.
Point in Time: This becomes available after navigating to view revised legislation as it stood at a certain point in time via Advanced Features > Show Timeline of Changes or via a point in time advanced search.
See additional information alongside the content
Geographical Extent: Indicates the geographical area that this provision applies to. For further information see ‘Frequently Asked Questions’.
Show Timeline of Changes: See how this legislation has or could change over time. Turning this feature on will show extra navigation options to go to these specific points in time. Return to the latest available version by using the controls above in the What Version box.
Opening Options
Different options to open legislation in order to view more content on screen at once
More Resources
Access essential accompanying documents and information for this legislation item from this tab. Dependent on the legislation item being viewed this may include:
- the original print PDF of the as adopted version that was used for the EU Official Journal
- lists of changes made by and/or affecting this legislation item
- all formats of all associated documents
- correction slips
- links to related legislation and further information resources
Timeline of Changes
This timeline shows the different versions taken from EUR-Lex before exit day and during the implementation period as well as any subsequent versions created after the implementation period as a result of changes made by UK legislation.
The dates for the EU versions are taken from the document dates on EUR-Lex and may not always coincide with when the changes came into force for the document.
For any versions created after the implementation period as a result of changes made by UK legislation the date will coincide with the earliest date on which the change (e.g an insertion, a repeal or a substitution) that was applied came into force. For further information see our guide to revised legislation on Understanding Legislation.
More Resources
Use this menu to access essential accompanying documents and information for this legislation item. Dependent on the legislation item being viewed this may include:
- the original print PDF of the as adopted version that was used for the print copy
- correction slips
Click 'View More' or select 'More Resources' tab for additional information including:
- lists of changes made by and/or affecting this legislation item
- confers power and blanket amendment details
- all formats of all associated documents
- links to related legislation and further information resources
All content is available under the Open Government Licence v3.0 except where otherwise stated. This site additionally contains content derived from EUR-Lex, reused under the terms of the Commission Decision 2011/833/EU on the reuse of documents from the EU institutions. For more information see the EUR-Lex public statement on re-use.