Search Results

Given the fast changing market demands, the growing complexity of features, the shorter time to market, and the design/development constraints, the need for efficient and effective verification and validation methods are becoming critical for vehicle manufacturers and suppliers. One such example is fault-tree analysis. While fault-tree analysis is an important hazard analysis/verification activity, the current process of translating design details (e.g., system level and software level) is manual. Current experience indicates that fault tree analysis involves both creative deductive thinking and more mechanical steps, which typically involve instantiating gates and events in fault trees following fixed patterns. Specifically for software fault tree analysis, a number of the development steps typically involve instantiating fixed patterns of gates and events based upon the structure of the code. In this work, we investigate a methodology to translate software programs to fault trees.

The auto industry has had decades of experience with designing safe vehicles. The introduction of highly integrated features brings new challenges that require innovative adaptations of existing safety methodologies and perhaps even some completely new concepts. In this paper, we describe some of the new challenges that will be faced by all OEMs and suppliers. We also describe a set of generic top-level potential hazards that can be used as a starting point for the Preliminary Hazard Analysis (PHA) of a vehicle software-intensive motion control system. Based on our experience with the safety analysis of a system of this kind, we describe some general categories of hazard causes that are considered for software-intensive systems and can be used systematically in developing the PHA.