Which level and type of test coverage should at least be used for the components rated at Safety Integrity Level (SIL) 2?

A medical company has performed a safety criticality analysis using the IEC61508 standard. The software components to be developed have been categorized by Safety Integrity Level (SIL). Most components have been rated at SIL 1 or 2, and a few components at SIL 4.

After some discussions with the QA manager, the project has decided to adhere to the recommendations for test coverage provided by the IEC61508 standard.

Which level and type of test coverage should at least be used for the components rated at Safety Integrity Level (SIL) 2?
A . 100% statement coverage, 100% decision coverage and 100% multiple condition coverage
B . 100% statement coverage, 100% decision coverage and 100% MC/DC coverage
C . 100% statement coverage and 100% decision coverage
D . 100% statement coverage

View Answer

Answer: C

Explanation:

In the context of software testing, different safety integrity levels (SIL) require different levels of rigor in testing. According to the IEC61508 standard, for software components rated at SIL 2, achieving 100% statement coverage and 100% decision coverage is recommended. Statement coverage ensures that every line of code is executed at least once during testing, while decision coverage ensures that every decision in the code (e.g., every branch of an IF statement) is executed on both the true and false sides. These coverage criteria ensure a thorough testing of the software components to validate that they behave correctly in all circumstances. Multiple condition coverage and MC/DC coverage (Options A and B) are more rigorous and typically required for higher SIL levels, such as SIL 4.