Search Results

Safety-related systems in road vehicles are subject to hazard analysis as part of developing their safety requirements. Automotive hazard analysis leads to a requirement for target risk reduction in the system to be developed, usually expressed as a safety integrity level, SIL, or ASIL. During risk analysis, credit can be taken for risk reduction from facilities outside the system of interest, or from architectural decisions to distribute the required risk reduction to sub-elements of the system. Up to now, such concepts have been presented in standards without any justification. The different approaches in the standards are discussed, and a scheme for more rigorously defining the allocation of safety integrity requirements across different elements of a system is proposed.

This paper provides an overview of the new MISRA publication, Guidelines for Safety Analysis of Vehicle-Based Programmable Systems. It describes a process which needs to be incorporated into a company's or organization's management structure so they can manage safety effectively. The MISRA Safety Process comprises two principal phases: Preliminary Safety Analysis and Detailed Safety Analysis. The former identifies what needs to be done; the latter demonstrates that it has been done correctly.

MISRA (The Motor Industry Software Reliability Association) develops practical guidance to assist the developers of safety-related systems in the automotive industry and other sectors in implementing safe and reliable systems. This paper presents a short overview of MISRA's ongoing activities, with particular emphasis on guidance being produced in two areas: process measures for safety-related systems engineering, and product measures for safety-related systems development. Subsequent papers in the session give more details on these activities.

With the increasing dependence on advanced electronic systems to control the functionality of road vehicles, the consideration of functional system safety as part of the design and implementation process for these systems is growing in importance. An important part of such a process is to undertake a hazard analysis. Emerging standards and guidelines, such as ISO 26262 and MISRA Safety Analysis, contain a requirement to perform preliminary hazard analysis in order to identify unwanted events (typically at the vehicle level) that can result from technological causes, and to set safety requirements for the system under development to mitigate the risk associated with those events. In this paper, a generic approach to automotive hazard analysis is described. The method is based upon a generalized model of the causal chain that leads from a low-level fault in an electronic system through to the potential for an unwanted event at the vehicle level.

As the discipline of Functional Safety spreads from its traditional industries such as process and aviation to the automotive sector, this paper - based on the MISRA Safety Analysis Guidelines - describes how a functional safety lifecycle can be applied in a way which is both appropriate for automotive systems and aligned with international standards such as IEC 61508.

The introduction of drive-by-wire systems into modern vehicles has generated new challenges for the designers of embedded systems. These systems, based primarily on microcontrollers, need to achieve very high levels of reliability and availability, but also have to satisfy the strict cost and packaging constraints of the automotive industry. Advances in VLSI technology have allowed the development of single-chip systems, but have also increased the rate of intermittent and transient faults that come as a result of the continuous shrinkage of the CMOS process feature size. This paper presents a low-cost, fault-tolerant system-on-chip architecture suitable for drive-by-wire and other safety-related applications, based on a triple-modular-redundancy configuration at the processor execution pipeline level.

This paper describes the use of electrical design analysis software to automate electrical design analysis techniques such as failure mode and effects analysis and sneak circuit analysis. It illustrates the type of reports that an automated electrical analysis can produce and compares them with those produced by an engineer unaided. The main advantage of the electrical design analysis software is that it significantly reduces the amount of effort needed to complete a competent design analysis report. This makes it possible to perform design analysis much earlier in the design process, at a stage where it is still relatively cost-effective to resolve problems.

MIRA is involved in a number of activities which are aimed at integrating electromagnetic modeling techniques into established CAD and CAE strategies used by automotive manufacturers and component suppliers for vehicle design. This paper describes the objectives of the work, the major activities and the progress to date. It includes a review of user requirements identified during earlier work, the results of the validation activities being undertaken and the progress with developing a strategy for integration of electromagnetic modeling into vehicle design processes. The results of a preliminary study into the use of high-performance computing are also reported.

In recent years the number of electronic systems fitted to road vehicles worldwide has increased, with further growth forecast. Many such systems are appearing in safety-critical or safety-related applications. An objective assessment of the integrity of the systems is necessary to ensure that the safety of the driver, occupants and other road users will not be compromised. Certain disciplines associated with reliability, namely environmental validation, failure mode and effects analysis and software verification and validation are examined. The need for a coordinated approach to system integrity is discussed, and the development of European standards and guidelines described.