• Video
  • 17-May-2012 03:46 EDT

Automotive Functional Safety Standard ISO 26262 and the Current Challenges


Purchase Required to View Video

Short Preview Below

The ISO 26262, titled "Road vehicles - Functional safety," is a Functional Safety standard that gives a guidance to reduce the risks to tolerable level by providing feasible requirements and processes. This standard is an adaptation of the Functional Safety standard IEC 61508 for Automotive Electrical/Electronic and programmable electronic Systems. The standard covers the development of safety-related electrical, electronic and programmable electronics systems in the road vehicles. It will have a significant impact on the way such systems are designed, developed, integrated and validated for safety. Functional safety of embedded systems has become an integral part in automotive engineering activities due to the recently released safety standard ISO 26262. One main challenge is to perform development activities compliant to the standard and provide the respective documentation. Traceability between requirements from a standard, as well as project-specific process and product artifacts throughout the entire development cycle allows compliance assessment to support qualification and certification. The author would like to share the challenges faced through her experience gained in the field with examples from various automotive tier-1 suppliers. The challenges I would like to address are the following: -The resource planning and the cost for the entire functional safety activity -The documentation requirements Maintenance of the same with right traceability -One of the major challenges is the derivation of safety goals with right ASIL level. Hazard Risk analysis (HARA) forms the basis of the entire functional safety activity. The HARA determines the safety goals for the system and the same becomes the basis for deriving functional safety requirements followed by Technical safety requirements which gets translated into HW/SW Design -The ASIL assignment is dependent on the three factors severity, exposure and controllability. Unless we have adequate data and experience the ambiguity exists on the assignment. -Functional safety activity distribution between the OEMs and Suppliers. OEMs have several suppliers and the supplier in turn outsources certain items to sub suppliers. In this process percolating the functional safety requirement derived at the highest level to the supplier items level is to be systemized. I do see the challenges in ownership. -The depth of details to go in the Functional safety requirement and Technical safety requirement documents -Under ASIL decomposition assigning ASILs on decomposition to the respective architectural elements. -It is mandatory to comply the quantitative assessment for HW and obtaining failure rate for all the components used in a system becomes a challenge. Especially we are completely dependent on the failure rate given by the vendor on ASICs and other custom made components. -Proof of avoidance of common failure and cascading failures in the Software level and thus prove the freedom from interference between lower and higher ASIL elements. -Assigning the Diagnostic coverage for the safety mechanisms provided taking the guidance from Appendix D part 5. We always get to a situation where we are not able to map within the list provided. Then one needs to have their own scale which would result in ambiguity.

Chitra Thyagarajan

Purchase to View
HTML for Linking to Page
Page URL
Rate It
1.0 Avg. Rating
1 votes

View More Video

ISO 26262 is the actual standard for Functional Safety of automotive E/E (Electric/Electronic) systems. One of the challenges in the application of the standard is the distribution of safety related activities among the participants in the supply chain. In this paper, the concept of a Safety Element out of Context (SEooC) development will be analyzed showing its current problematic aspects and difficulties in implementing such an approach in a concrete typical automotive development flow with different participants (e.g. from OEM, tier 1 to semiconductor supplier) in the supply chain. The discussed aspects focus on the functional safety requirements of generic hardware and software development across the supply chain where the final integration of the developed element is not known at design time and therefore an assumption based mechanism shall be used.
As automakers spend more on developing self-driving cars, they're also devoting attention on what to do with the data that those high-tech devices generate. In this episode of SAE Eye on Engineering, Editor-In-Chief Lindsay Brooke looks at options for selling vehicle data. SAE Eye on Engineering also airs Monday mornings on WJR 760 AM Detroit's Paul W. Smith Show. Access archived episodes of SAE Eye on Engineering.
GM has taken a lesson from Tesla's Autopilot driver engagement problems and its new Super Cruise driving system will be different. In this episode of SAE Eye on Engineering, Editor-in-Chief Lindsay Brooke looks at GM's Super Cruise eye tracking. SAE Eye on Engineering also airs Monday mornings on WJR 760 AM Detroit's Paul W. Smith Show. Access archived episodes of SAE Eye on Engineering.
Multicore processor are well established in classical and tablet personal computers for some year. Such processors use more then one central core for computation and allow to integrate more computational power with smaller costs. However more than 90% of all processors worldwide are not placed in classical IT but are empedded in bigger systems like in modern vehicles or airplanes. Such systems face a very high demand in terms of safety, security an reliability which hinders the use of multicores in such systems. The funded project ARAMiS faces these demands and has the goal to enable the usability of multicore systems in the domains automotive and avionics, as well as later also railway. ARAMiS is the basis for higher traffic safety, traffic efficiency and comfort.

Related Items