Search Results

The automotive world is getting ready to embrace the automated driving (AD). It is necessary to guarantee system safety of the AD application, which includes both “classic” functional safety according to ISO 26262 and specific areas like Safety of the Intended Functionality (SotIF) and others. However, safety remains safety, that is, absence of unreasonable risk. All safety activities, therefore, need to have their source in a Hazard Analysis and Risk Assessment (HARA), encompassing all relevant aspects, including operational situations, description of functionality and other parameter, Already from the description it is clear that a HARA for an AD is going to be a complex task. However, automotive engineering is used to management of complexity via task breakdown, equivalence classes and impact analyses. Those well-trusted methods were applied to an AD HARA.

Two methods are allowed in ISO 26262-5 for hardware analysis of random hardware failures. The 1st method is called “Evaluation of Probabilistic Metric for random Hardware Failures”. The 2nd method is called “Evaluation of each cause of safety goal violation”. Advantages of the 2nd method during development of ASIL D Generation 3 Electric Power Steering are presented in this paper. A reliability analysis is one of the important prerequisite for the hardware analysis and this paper shows the best practice for hardware part failure rate estimation using industry standards such as IEC TR 62380. The equally important focus is on a diagnostic coverage of each safety mechanism with respect to residual faults and with respect to relevant dual/latent point faults because any safety design can either benefit from low failure rates or from high diagnostic coverage of safety mechanism to mitigate faults. FMEA is highly recommended by ISO 26262-5 as a part of hardware analysis.