Search Results

PICASSOS was a UK government funded programme to improve the ability of automotive supply chains to develop complex software-intensive systems with high safety assurance and at an acceptable cost. This was executed by a consortium of three universities and five companies including an automotive OEM and suppliers. Three major elements of the PICASSOS project were: use of automated model based verification technology utilising formal methods; application of this technology in the context of ISO 26262; and evaluation to measure the impact of this approach to inform key management decisions on the costs, benefits and risks of applying this technology on live projects. The project spanned system level design and software development. This was achieved by using a unified model based process incorporating SysML at the system level and using Simulink and Stateflow auto-coded into C at the software level.

The functional safety concept definition is the backbone of a project's safety process; poor choices made at this stage can have significant impact. A weak concept may result in over-engineering of systems; late re-work when missing safety requirements are eventually uncovered at advanced stages of the development process; disagreements within the supply chains regarding responsibility for safety mechanisms; or, of most concern, release of an unsafe product. Despite this importance, ISO 26262 states that the functional safety requirements are to be derived from the safety goals (top-level safety requirements) and only notes that safety analysis might be used to support this task, giving no further guidance on how this might be done. The automotive industry's typical time pressures mean that being able rapidly to produce an initial safety concept is critical if it is to influence the system architecture and procurement decisions.