4.4 Installation
4.4.1 Equipment and its associated cabling should be installed in accordance with an appropriate code of practice to minimize electro magnetic interference between the equipment concerned and other equipment on board.
4.5 Cables
4.5.1 Cables used for data communication should be of adequate mechanical strength, should be suitably supported and also protected from mechanical damage.
4.6 Data communication
4.6.1 The data communication link should be continuously self-checking, for detecting failures on the link itself and data communication failure on nodes and should give an alarm in the event of an abnormal condition.
4.6.2 When the same data communication link is used for two or more essential functions, this link should be redundant. Redundant data communication links should be routed with as much separation as practical.
4.6.3 Switching between redundant links should not disturb data communication or continuous operation of functions.
4.6.4 To ensure that data can be exchanged between various systems, standardized interfaces should be used.
4.7 Failure to safety
4.7.1 In the event of a failure of a computer-based system, that system should automatically revert to the least hazardous condition.
4.7.2 The failure and restarting of computer-based systems should not cause processes to enter undefined or critical states.
4.7.3 Control, alarm and safety functions should be arranged such that a single failure will not affect more than one of these functions.
4.8 Integration of Systems
4.8.1 Operation with an integrated system should be at least as effective as it would be with individual, stand-alone equipment. Where multifunction displays and controls are used they should be duplicated and interchangeable.
4.8.2 Failure of one part (individual module, equipment or subsystem) of the integrated system should not affect the functionality of other parts, except for those functions directly dependent upon information from the defective part.
