News

Powering the Future: IEC 60880 Compliance in Nuclear Systems and Software Safety

Powering the Future: IEC 60880 Compliance in Nuclear Systems and Software Safety   Why the Nuclear Industry Can’t Afford Software Mistakes   In Nuclear Software, Trust Is Measured in Verification   In the control room of a nuclear plant, quiet confidence is built not on chance but on evidence. Every signal monitored and every line of code executed has a direct link to safety, reliability, and public trust.For decades, the nuclear and energy sectors have operated under one unwavering principle: there can be no margin for error.   Today, however, software, not steel, has become the true guardian of this principle. Reactors, turbines, and redundant control systems all rely on millions of lines of embedded C and C++ code, each of which is a potential point of failure. As regulations tighten and scrutiny deepens, the question is no longer “Can we automate this system?” but “How can we prove that it’s safe?”   That’s where engineered assurance tools like Cantata and QA-MISRA step in, bridging the gap between complex software design and demonstrable functional safety compliance in nuclear systems.   Testing What Matters Most with Cantata   Cantata does more than test code, it tests integrity.Purpose-built for unit and integration testing of embedded C and C++ software, Cantata automates test generation and execution directly at the source level. Each function, decision, and safety path can be verified against its expected behaviour, helping engineers satisfy IEC 60880, IEC 61508, and ISO 26262 standards.   Instead of treating testing as a late-stage hurdle, QA Systems empowers teams to embed verification within the development workflow. When a Cantata test passes, it validates not only the code but also the safety case behind it.   Key capabilities: - Automated unit and integration test generation - Rigorous code coverage analysis (statement, branch, MC/DC) - Full requirements traceability and auditable reporting - Independent TÜV certification for use in nuclear-grade applications   From Compliance in Nuclear Systems to Confidence with QA-MISRA   Compliance is non-negotiable in safety-classified software. Beyond functional correctness, every line of code must behave predictably under all conditions.QA-MISRA enforces MISRA C, MISRA C++, AUTOSAR C++14, and CERT C/C++ standards through automated static analysis, ensuring that unsafe constructs are detected and eliminated long before execution.   Key advantages: - Rapid static analysis across MISRA, AUTOSAR, CERT, and CWE rulesets - Near-zero false positives for syntactic rules - Certified by SGS TÜV for use in IEC 60880 environments - Detailed compliance reports, metrics, and visualisations - Seamless integration into Eclipse IDE and modern CI/CD pipelines With QA-MISRA, software quality becomes measurable, traceable, and certifiable — the foundation of safety-critical integrity.   A Unified Workflow for Functional Safety By combining QA-MISRA (for static analysis and coding-standard compliance) with Cantata (for dynamic testing and code coverage), engineering teams deliver a unified verification workflow that links coding-standard enforcement with automated test validation for full traceability, moving from reactive testing to proactive software assurance, where safety and reliability are built into design, not added at the end.   Specific Support for IEC 60880 Certification The IEC 60880 standard defines the functional safety requirements for software used in nuclear power-plant instrumentation and control systems. QA Systems’ tools provide certification-ready support tailored to these requirements.   Dedicated IEC 60880 toolkits include: - Qualification and certification evidence kits for both Cantata and QA-MISRA - Automated test suites and documentation for audit support - Sequential verification flow: static analysis first (QA-MISRA), then dynamic testing (Cantata) - Direct integration into safety lifecycle processes Both tools are independently certified and designed for the highest Safety Integrity Levels (SILs) demanded by nuclear and high-energy systems.   A Future Built on Proven Integrity As new-generation reactors, small modular systems, and hydrogen-based power emerge, the software controlling them must evolve, but never at the expense of safety.QA Systems provides a verified foundation of trust, giving regulators verifiable evidence, engineers confidence to innovate, and the public assurance that the systems powering their world are as safe as they are sophisticated. In a domain where milliseconds and microcodes separate stability from catastrophe, QA Systems ensures that trust is not a promise, it’s verified, certified, and proven line by line. For more information about QA-MISRA and Cantata, visit qa-systems.com. Author: Dylan Llewellyn   © 2025 QA Systems. Published by JORAL Technologies.

From EN 50128 to EN 50716: The new Era of Railway Software Compliance

From EN 50128 to EN 50716: The New Era of Railway Software Compliance   The railway software compliance landscape has fundamentally shifted.   If your organization still works under EN 50128 or EN 50657, it’s time to adapt to EN 50716:2023, the new unified standard that governs all railway software development and verification activities. Replacing both EN 50128:2011 (control & signalling) and EN 50657:2017 (on-board rolling stock), EN 50716 establishes one comprehensive framework for the entire railway domain. Both predecessor standards were withdrawn in November 2023. While EN 50716 isn’t retrospective, all upgrades and maintenance activities initiated after its publication should align with its requirements In consequence, teams must balance maintaining legacy systems with developing new projects under tighter, better-defined compliance expectations.   Key Requirements That Redefine Railway Software Testing   Section 6.7Support Tools and Languages EN 50716 increases the emphasis on tool qualification and justification. Verification and validation tools must be classified as T1, T2, or T3 based on their potential to introduce undetected faults. T2 Tools (e.g. Cantata) support verification of executable code and therefore require documented justification when used for SW-SIL 1–4. Clause 6.7.4.2 states clearly: “The selection of the tools in classes T2 used for SIL 1 to SIL 4 and T3 used for SIL 1 to SIL 4 shall be justified.”   Table A.5Software Component Analysis and Testing At SW-SIL 4, dynamic testing with comprehensive coverage is mandatory. The table explicitly lists combinations of techniques that must be applied to achieve full confidence in safety-critical behaviour.   Section 6.5.4.14Traceability Traceability must extend from requirements to design, implementation, and all testing phases. Verification evidence should show complete bi-directional links between requirements, design artefacts, and executed tests.   Section 9.2Software Maintenance Regression testing is not optional. Requirements 9.2.4.8 and 9.2.4.10 demand documentation of test re-execution and reuse of updated tests during re-validation. Given that railway systems often operate for more than 20 years, this lifecycle view is essential. Cantata’s Certified Advantage Independently certified by SGS-TÜV GmbH, Cantata is officially recognised as: Class T2 tool meeting EN 50716 sub-clause 6.7 Qualified for use up to SW-SIL 4, the highest Safety Integrity Level Each version of Cantata undergoes independent assessment, with defined behaviour, documented constraints, and mitigation strategies for potential failure modes.   Certification vs Qualification: The Cost Reality Self-qualifying a T2 tool under 6.7.4.5 requires extensive documentation: validation records, tool manual versions, test cases, pass/fail results, and discrepancy analyses. This often translates into weeks of engineering effort per release. With pre-certified Cantata, justification is immediate: Independent TÜV certificate Tool Certification Kit supplied Zero qualification overhead Traceability and Regression. Assurance That Scales Cantata Trace enables full bi-directional requirements traceability: Import from Excel, DOORS, PTC Integrity, Polarion, or Visure Requirements ALM Link requirements directly to Cantata test cases and coverage data Export verification status back to your requirements management tool (RM) for audit readiness When auditors ask for evidence of “REQ-123”, teams can deliver linked test results, execution status, and coverage metrics in minutes, not days. Cantata Code Change Analysis automates regression impact detection: Identifies modified functions Maps affected tests Suggests updates and refactors scripts automatically Supports push-button re-execution through Cantata Makefiles This aligns directly with EN 50716 §9.2.4.8 requirements for test re-execution and artefact control. Why Cantata for EN 50716 Certification Confidence TÜV-certified tool for EN 50716 up to SW-SIL 4 Eliminates tool-qualification burden (§6.7.4.5) Each release is independently certified Complete Technical Coverage Supports all Table A.5 component-testing techniques Addresses Table A.6 integration requirements Meets Table A.21 coverage criteria Enables deep white-box verification Cantata Hybrid option for teams using GoogleTest/GoogleMock who need EN 50716 compliance Lifecycle Support CLI automation for modern DevOps workflows (including VSCode, Jenkins, GitLab CI/CD) Automated regression testing for 20+ year maintenance cycles Bi-directional traceability and audit evidence on demand The Risk Mitigation Reality Section 6.7 is unambiguous: verification tools can introduce latent defects, and their qualification status is critical to certification schedules. Using Cantata means: Tool justification in days, not months Certification body acceptance through SGS-TÜV credentials Straightforward audit defence: “We used an independently certified tool per 6.7.4.2.” Attempting self-qualification adds cost, risk, and schedule uncertainty to every project. As the industry moves from fragmented frameworks to unified assurance, EN 50716 marks a new era of integrated railway software compliance.   Conclusion EN 50716:2023 redefines what safety means in railway software. Tool certification, dynamic testing, traceability, and regression are no longer optional, they are the foundation of compliance. Manual verification simply cannot keep pace with the technical and administrative demands of SW-SIL 3 and 4 projects. With Cantata, engineering teams can bridge modern development practices with the rigorous assurance required by the new standard, achieving compliance without compromising productivity. For railway software teams navigating the EN 50716 transition, the question has shifted: it’s no longer whether to automate verification and validation; it’s whether you can meet certification deadlines without it. For more information about QA-MISRA and Cantata, visit qa-systems.com. Author: Praveen Melepurath   © 2025 QA Systems. Published by JORAL Technologies.

25.10 Release of AbsInt Tools for Safety-Critical Software Development

 All tools =========== - The AbsInt Linux tools require now RHEL 9 or compatible and ship a Dockerfile creating   a compatible Rocky Linux 9 container to facilitate deployment in containerized environments    aiT, TimingProfiler, StackAnalyzer, TimeWeaver ================================================== - NEW: aiT for TI TMS320F28386D/4D/8D - NEW: aiT for ATSAME51J18/19/20A - NEW: aiT for TMS570LC4357 rev B - Improved Project/Workspace Diff-Viewer, Sections View and Symbols View - Enhanced analysis setup capabilities enable users to create new analysis projects   more efficiently    Astrée, RuleChecker ====================== - NEW: Delta analysis displays summary of differences between project revisions   by tables and charts, and classifies alarms as new/old. - NEW: Astrée supports sound analysis of bounded recursions - Enhanced safety manual by DO-356A and ISO 21434 verification goal coverage - Enhanced VS-Code plugin (LSP server) by "single translation unit" mode,   enabling faster rule checking - Improved rule coverage of CERT C/C++ and CWE    CompCert ============ - NEW: CompCert for TriCore (1.6.x) - Improved optimizations for arithmetic runtime library functions - Generation of position-independent executables (PIE) and position-independent code   (PIC) for AArch64, RISC-V and x86-64.    Plugins ========= - AbsInt toolbox for TargetLink supports "diff" mode as default alarm comment mode

CMSIS Debugger: KEIL MDK V6 User Based License

The CMSIS Debugger is a next generation, standards based debugging solution designed to integrate seamlessly into modern embedded development workflows. Built on the trusted CMSIS (Cortex Microcontroller Software Interface Standard) ecosystem, it delivers powerful debugging, trace and analysis capabilities for Arm Cortex-M based devices.   👉 You can find the CMSIS Debugger extension directly in the VS Code Extensions Marketplace, or download it from this link: CMSIS Debugger Extension   ·  Seamless Integration: CMSIS Debugger plugs directly into popular IDEs like Keil MDK, VS Code, and other CMSIS-based workflows. Start debugging without the hassle of extra setup.   ·         Single & Multi-core Support: Offers robust debugging for both single-core and complex multi-core processor systems.   ·         RTOS Awareness: Native support for FreeRTOS, RTX, ThreadX, and Zephyr ensures visibility into tasks, threads, and real-time performance.   ·         Wide Adapter Compatibility: Works with a broad range of debug adapters including ULINK, MCULink, NuLink, J-Link, and ST-Link.   ·         Unified Workflow: Works closely with the CMSIS Toolbox and CMSIS Pack system, simplifying device configuration, board selection, and debug initialization.   ·         Advanced Debug Features: Provides real-time trace, easy code stepping, and comprehensive register/memory inspection across thousands of supported microcontrollers.   ·         Open-Source & Extensible: Fully open-source, it can be combined with other VS Code debug extensions (e.g., Linux application debugging) and extended for domain specific use cases.   ·         Automation & CI/CD Ready: Combined with Arm Virtual Hardware (AVH), CMSIS Debugger enables cloud-based workflows, automated testing, and DevOps pipelines without requiring physical hardware.   The CMSIS Debugger empowers developers to accelerate embedded software development with a flexible, standardized, and powerful debug experience. Whether in early prototyping, safety critical validation, or large-scale CI/CD environments, it ensures consistent results and faster time to market.       To purchase, KEIL MDK V6 Essential User Based License 1 Year & KEIL MDK V6 Professional User Based License 1 Year   By: Hrutik Champaneri  

New Arm Product Updates Available

The following products have been updated: Product Code Product Version MDK000 Keil MDK (Keil Licensing) r5p42-01rel0 - MDK001 Keil MDK (FlexNet) r5p42-01rel0 -

New Arm Product Updates Available

The following products have been updated:   Product Code Product Version DEVST-GLD0 Development Studio UBL Gold r25p0-00rel0 This release of Arm Development Studio includes the next-generation Arm Toolchain for Embedded Professional (ATfEP) in addition to Arm Compiler for Embedded 6 (AC6). Please be aware that consequently Development Studio installation time has significantly increased on Windows. For convenience of Windows users, we provide two installation packages, one that incudes ATfEP and one that does not include ATfEP. We are working to reduce the Windows installation time in future releases. DEVST-GLDF Development Studio UBL Gold FUSA r25p0-00rel0 This release of Arm Development Studio includes the next-generation Arm Toolchain for Embedded Professional (ATfEP) in addition to Arm Compiler for Embedded 6 (AC6). Please be aware that consequently Development Studio installation time has significantly increased on Windows. For convenience of Windows users, we provide two installation packages, one that incudes ATfEP and one that does not include ATfEP. We are working to reduce the Windows installation time in future releases. DS000B Arm Development Studio r25p0-00rel0 This release of Arm Development Studio includes the next-generation Arm Toolchain for Embedded Professional (ATfEP) in addition to Arm Compiler for Embedded 6 (AC6). Please be aware that consequently Development Studio installation time has significantly increased on Windows. For convenience of Windows users, we provide two installation packages, one that incudes ATfEP and one that does not include ATfEP. We are working to reduce the Windows installation time in future releases.

Product Update: Release 25.04

Optimized decoding Improved graphs, stats, and search All-new widget for trace-based guessing of DLL addresses Improved DWARF handling Improved CSV export Improved character encoding in all editors WCET analysis for TMS320F28377D New GUI for qualification runs 8 additional Qualification Support Kits Generic models now uniformly used by TimingProfiler for all targets Support for RHEL 7 is now deprecated SEE MORE DETAILS HERE

Optimize Your RTOS Projects with Tracealyzer – Now with 40% Off Year Two

Percepio Tracealyzer supports you from development to deployment — and beyond. Get 40% off the second year when you purchase a 2-year subscription. Plus, enjoy a free 45-minute onboarding session to hit the ground running. Offer valid for a limited time — message us to learn more!     If you have any questions please email Alice Campbell Email: alice.campbell@joraltechnologies.com Phone: 613-215-3252

JORAL Technologies is in South America

Exciting News for JORAL Technologies Customers!We are now an authorized distributor for ARM KEIL in the following countries:   Argentina, Brazil, Canada, Chile, Colombia, Ecuador, Mexico, Paraguay, Peru, United States, Uruguay, and Venezuela.   If you have any questions or need assistance, please don’t hesitate to contact our Sales team.   Alice Campbell Email: alice.campbell@joraltechnologies.com Phone:613-218-8425   Robert Campbell Email: robert.campbell@joraltechnologies.com Phone:613-218-8425