Publicité
ISO 26262 introduction
ISO 26262 introduction
ISO 26262 introduction
ISO 26262 introduction
ISO 26262 introduction
ISO 26262 introduction
ISO 26262 introduction
ISO 26262 introduction
ISO 26262 introduction
ISO 26262 introduction
ISO 26262 introduction
ISO 26262 introduction
ISO 26262 introduction
ISO 26262 introduction
ISO 26262 introduction
ISO 26262 introduction
ISO 26262 introduction
ISO 26262 introduction
ISO 26262 introduction
ISO 26262 introduction
ISO 26262 introduction
ISO 26262 introduction
ISO 26262 introduction
ISO 26262 introduction
ISO 26262 introduction
ISO 26262 introduction
ISO 26262 introduction
ISO 26262 introduction
ISO 26262 introduction
ISO 26262 introduction
ISO 26262 introduction
ISO 26262 introduction
ISO 26262 introduction
ISO 26262 introduction
ISO 26262 introduction
ISO 26262 introduction
ISO 26262 introduction
ISO 26262 introduction
ISO 26262 introduction
ISO 26262 introduction
ISO 26262 introduction
ISO 26262 introduction
ISO 26262 introduction
ISO 26262 introduction
ISO 26262 introduction
ISO 26262 introduction
ISO 26262 introduction
ISO 26262 introduction
ISO 26262 introduction
ISO 26262 introduction
ISO 26262 introduction
ISO 26262 introduction
ISO 26262 introduction
ISO 26262 introduction
ISO 26262 introduction
ISO 26262 introduction
ISO 26262 introduction
ISO 26262 introduction
ISO 26262 introduction
ISO 26262 introduction
ISO 26262 introduction
ISO 26262 introduction

Check these out next

An integrative solution towards SOTIF and AV safety
An integrative solution towards SOTIF and AV safety
Bernhard Kaiser
Webinar presentation on AUTOSAR Multicore Systems
Webinar presentation on AUTOSAR Multicore Systems
KPIT
Automotive Software Basics
Automotive Software Basics
Medhat HUSSAIN
UDS: Vehicle Diagnostics in AUTOSAR Software Architecture
UDS: Vehicle Diagnostics in AUTOSAR Software Architecture
Embitel Technologies (I) PVT LTD
Multicore and AUTOSAR
Multicore and AUTOSAR
Hansang Lee
MISRA Safety Case Guidelines -
MISRA Safety Case Guidelines -
Automotive IQ
SEooC ISO 26262 | What is Safety Element Out of Context in Automotive Functio...
SEooC ISO 26262 | What is Safety Element Out of Context in Automotive Functio...
Embitel Technologies (I) PVT LTD
What is AUTOSAR MCAL? Learn about the software module architecture and device...
What is AUTOSAR MCAL? Learn about the software module architecture and device...
Embitel Technologies (I) PVT LTD
1 sur 62

ISO 26262 introduction

13 Aug 2013
Télécharger pour lire hors ligne
Industrie automobile
Technologie

Very brief Introduction to ISO 26262 given to Mando and Mobis during Infineon Tandem-visit

KoenLeekens
Publicité
Publicité
Publicité

Recommandé

ISO 26262: Automotive Functional SafetyISO 26262: Automotive Functional Safety
ISO 26262: Automotive Functional SafetyEmbitel Technologies (I) PVT LTD728 vues7 diapositives
20131216 cisec-standards-jp blanquart-jmastruc20131216 cisec-standards-jp blanquart-jmastruc
20131216 cisec-standards-jp blanquart-jmastrucCISEC3.1K vues50 diapositives
Iso26262 component reuse_webinarIso26262 component reuse_webinar
Iso26262 component reuse_webinarمحمدعبد الحى3.9K vues24 diapositives
Introduction to functional safetyIntroduction to functional safety
Introduction to functional safetyCefriel8.4K vues14 diapositives
Frequently Asked Question (FAQ's) on ISO 26262 Functional SafetyFrequently Asked Question (FAQ's) on ISO 26262 Functional Safety
Frequently Asked Question (FAQ's) on ISO 26262 Functional SafetyEmbitel Technologies (I) PVT LTD2K vues7 diapositives
HARA ISO 26262: What is HARA and Why is it Required?HARA ISO 26262: What is HARA and Why is it Required?
HARA ISO 26262: What is HARA and Why is it Required?Embitel Technologies (I) PVT LTD494 vues8 diapositives

Contenu connexe

Présentations pour vous(20)

An integrative solution towards SOTIF and AV safetyAn integrative solution towards SOTIF and AV safety
An integrative solution towards SOTIF and AV safety
Bernhard Kaiser4.8K vues
Webinar presentation on AUTOSAR Multicore SystemsWebinar presentation on AUTOSAR Multicore Systems
Webinar presentation on AUTOSAR Multicore Systems
KPIT 5.9M vues
Automotive Software BasicsAutomotive Software Basics
Automotive Software Basics
Medhat HUSSAIN182 vues
UDS: Vehicle Diagnostics in AUTOSAR Software Architecture UDS: Vehicle Diagnostics in AUTOSAR Software Architecture
UDS: Vehicle Diagnostics in AUTOSAR Software Architecture
Embitel Technologies (I) PVT LTD2K vues
Multicore and AUTOSARMulticore and AUTOSAR
Multicore and AUTOSAR
Hansang Lee710 vues
MISRA Safety Case Guidelines - MISRA Safety Case Guidelines -
MISRA Safety Case Guidelines -
Automotive IQ6K vues
SEooC ISO 26262 | What is Safety Element Out of Context in Automotive Functio...SEooC ISO 26262 | What is Safety Element Out of Context in Automotive Functio...
SEooC ISO 26262 | What is Safety Element Out of Context in Automotive Functio...
Embitel Technologies (I) PVT LTD1.2K vues
What is AUTOSAR MCAL? Learn about the software module architecture and device...What is AUTOSAR MCAL? Learn about the software module architecture and device...
What is AUTOSAR MCAL? Learn about the software module architecture and device...
Embitel Technologies (I) PVT LTD3.6K vues
Automotive SPICE Level 3 and Beyond with codeBeamer ALMAutomotive SPICE Level 3 and Beyond with codeBeamer ALM
Automotive SPICE Level 3 and Beyond with codeBeamer ALM
Intland Software GmbH 2.6K vues
Best Practices in SIS DocumentationBest Practices in SIS Documentation
Best Practices in SIS Documentation
Emerson Exchange5.8K vues
What is AUTOSAR Communiation StackWhat is AUTOSAR Communiation Stack
What is AUTOSAR Communiation Stack
Embitel Technologies (I) PVT LTD7K vues
Adaptive AUTOSAR - The New AUTOSAR ArchitectureAdaptive AUTOSAR - The New AUTOSAR Architecture
Adaptive AUTOSAR - The New AUTOSAR Architecture
AdaCore3.4K vues
Understanding UNECE WP.29 regulations on cybersecurityUnderstanding UNECE WP.29 regulations on cybersecurity
Understanding UNECE WP.29 regulations on cybersecurity
Dominik Strube353 vues
Autosar fundamentalAutosar fundamental
Autosar fundamental
Omkar Rane1.1K vues
ECU Flashing: Flash Bootloaders that Facilitate ECU ReprogrammingECU Flashing: Flash Bootloaders that Facilitate ECU Reprogramming
ECU Flashing: Flash Bootloaders that Facilitate ECU Reprogramming
Embitel Technologies (I) PVT LTD334 vues
Adaptive cruise controlAdaptive cruise control
Adaptive cruise control
HarshdeepGautam304 vues
Autosar MCAL (Microcontroller Abstraction Layer)Autosar MCAL (Microcontroller Abstraction Layer)
Autosar MCAL (Microcontroller Abstraction Layer)
Embitel Technologies (I) PVT LTD2.8K vues
19 Jun 2018 - Hazard Analysis and Functional Safety Compliance 19 Jun 2018 - Hazard Analysis and Functional Safety Compliance
19 Jun 2018 - Hazard Analysis and Functional Safety Compliance
Intland Software GmbH 783 vues
Diagnostic in Adaptive AUTOSARDiagnostic in Adaptive AUTOSAR
Diagnostic in Adaptive AUTOSAR
Bernhard Wagner637 vues
Autosar Basics hand book_v1Autosar Basics hand book_v1
Autosar Basics hand book_v1
Keroles karam khalil7K vues

Similaire à ISO 26262 introduction(20)

IEC 62061 introductionIEC 62061 introduction
IEC 62061 introduction
KoenLeekens6.5K vues
Functional integrity certification exidaFunctional integrity certification exida
Functional integrity certification exida
KoenLeekens2K vues
ISO 26262 Unit Testing | Functional Safety in Automotive ISO 26262 Unit Testing | Functional Safety in Automotive
ISO 26262 Unit Testing | Functional Safety in Automotive
Embitel Technologies (I) PVT LTD393 vues
IEC 61511 introduction IEC 61511 introduction
IEC 61511 introduction
KoenLeekens10.2K vues
Requirements of ISO 26262Requirements of ISO 26262
Requirements of ISO 26262
Torben Haagh163 vues
Automotive Functional Safety ISO 26262 Training Bootcamp : Tonex TrainingAutomotive Functional Safety ISO 26262 Training Bootcamp : Tonex Training
Automotive Functional Safety ISO 26262 Training Bootcamp : Tonex Training
Bryan Len359 vues
Automotive functional safety iso 26262 training bootcamp 2019Automotive functional safety iso 26262 training bootcamp 2019
Automotive functional safety iso 26262 training bootcamp 2019
Tonex354 vues
ISO-26262-Webinar.pptxISO-26262-Webinar.pptx
ISO-26262-Webinar.pptx
Karthika Keshav19 vues
Automotive Functional Safety ISO 26262 Training Bootcamp - Tonex TrainingAutomotive Functional Safety ISO 26262 Training Bootcamp - Tonex Training
Automotive Functional Safety ISO 26262 Training Bootcamp - Tonex Training
Bryan Len365 vues
S4xJapan Closing KeynoteS4xJapan Closing Keynote
S4xJapan Closing Keynote
Digital Bond1.1K vues
ISO 26262 Training: Automotive SafetyISO 26262 Training: Automotive Safety
ISO 26262 Training: Automotive Safety
Tonex179 vues
GSS Infosoft Pvt LtdGSS Infosoft Pvt Ltd
GSS Infosoft Pvt Ltd
becoder286 vues
Complying with New Functional Safety StandardsComplying with New Functional Safety Standards
Complying with New Functional Safety Standards
Design World1.4K vues
Cisco on Cisco. Defining the NG Cloud & Data Center ServicesCisco on Cisco. Defining the NG Cloud & Data Center Services
Cisco on Cisco. Defining the NG Cloud & Data Center Services
Cisco Russia 966 vues
PS19 SQA PresentationPS19 SQA Presentation
PS19 SQA Presentation
Huzaifa Saadat459 vues
Good-Ark company profileGood-Ark company profile
Good-Ark company profile
David Chen381 vues
Automotive safety, automotive systems standard, automotive safety management ...Automotive safety, automotive systems standard, automotive safety management ...
Automotive safety, automotive systems standard, automotive safety management ...
Bryan Len523 vues
Requirements of ISO 26262Requirements of ISO 26262
Requirements of ISO 26262
Torben Haagh2K vues
J-Squared Technology Inc. J-Squared Technology Inc.
J-Squared Technology Inc.
TonyKaradimas96 vues
AI (EDGE) Camera Solution: OEM Tier 1 supplierAI (EDGE) Camera Solution: OEM Tier 1 supplier
AI (EDGE) Camera Solution: OEM Tier 1 supplier
Shawn Lee34 vues
Publicité

Dernier(20)

Motivation.pptxMotivation.pptx
Motivation.pptx
YxGaming11 vue
goingto-230223230046-21272b70.pptxgoingto-230223230046-21272b70.pptx
goingto-230223230046-21272b70.pptx
KatherineMadrid61 vue
Slides_3.pdfSlides_3.pdf
Slides_3.pdf
mojtabasedighi1 vue
ASTM A754_A 754M__06.pdfASTM A754_A 754M__06.pdf
ASTM A754_A 754M__06.pdf
RaghunandanaSubbanna12 vues
assessment tools.pptxassessment tools.pptx
assessment tools.pptx
kasHifAliBhangar1 vue
Auto Parts Fyler – CarQuest – AutoBarn.ca Auto Parts Fyler – CarQuest – AutoBarn.ca
Auto Parts Fyler – CarQuest – AutoBarn.ca
AutoBarn Auto Parts - CarQuest4 vues
urea injector citroenurea injector citroen
urea injector citroen
Xenons4U2 vues
Okinawa-Hand-book.pdfOkinawa-Hand-book.pdf
Okinawa-Hand-book.pdf
mayank30081 vue
Auto Parts Fyler – CarQuest – PetesPaint.caAuto Parts Fyler – CarQuest – PetesPaint.ca
Auto Parts Fyler – CarQuest – PetesPaint.ca
Petes Paint & Auto Parts3 vues
conn_tissue_fibres_types_em1_VV_2018.pptconn_tissue_fibres_types_em1_VV_2018.ppt
conn_tissue_fibres_types_em1_VV_2018.ppt
bnvj1 vue
harsh ppt.pptxharsh ppt.pptx
harsh ppt.pptx
BuntyRajput110 vue
Com Auto Trans 2023Com Auto Trans 2023
Com Auto Trans 2023
Stanisław Buczacki33 vues
115 Light Presentation Template By MyFreePPT.pptx115 Light Presentation Template By MyFreePPT.pptx
115 Light Presentation Template By MyFreePPT.pptx
Zaki4471202 vues
Mauritius.pptMauritius.ppt
Mauritius.ppt
ssuser4742b73 vues
Car shippingCar shipping
Car shipping
AutoMovers12 vues
Renault Twizy Owner's Manual.pdfRenault Twizy Owner's Manual.pdf
Renault Twizy Owner's Manual.pdf
RiccardoAzzopardi0 vue
Davco.pptDavco.ppt
Davco.ppt
JuanPuentes261 vue
chapter 3.pdfchapter 3.pdf
chapter 3.pdf
DanhBiVn31 vue
Employment in media industry (1).pptxEmployment in media industry (1).pptx
Employment in media industry (1).pptx
MollyBrown863 vues
Vehicle shippingVehicle shipping
Vehicle shipping
AutoMovers12 vues

ISO 26262 introduction

  1. Copyright exida LLC ® 2000-2012 Singapore +65 6222 5160 Shanghai +86 21 5171 7250 Hong Kong +852 2633 7727 Germany +49 89 4900 0547 USA +1 215 453 1720 Switzerland +41 22 364 14 34 Canada +1 403 475 1943 United Kingdom +44 2476 456 195 Netherlands +31 318 414 505 Australia / NZL +64 3 472 7707 Mexico +52 55 5611 9858 South Africa +27 31 267 1564 exida Contacts ISO 26262 Introduction Singapore, 17 October 2012 Koen Leekens
  2. Copyright exida LLC ® 2000-2012 On the Agenda ISO 26262 and the Challenges exida Expertise
  3. Copyright exida LLC ® 2000-2012 Safety is Only as Strong as its Weakest Link exida
  4. Copyright exida LLC ® 2000-2012 Electronics??? Once upon a time…
  5. Copyright exida LLC ® 2000-2012 Many years later… Anti-Blocking System Electronic Stability Program Lane Departure Warning Steering Lock Reverse Sensors Backup Camera Adaptive Cruise Control Tire Pressure Monitoring Deflation Detection System Traction Control System Infrared Night Vision Adaptive Headlights Emergency Brake Assistance Corner Brake Control Pre-Crash System Automatic Steering AirbagAutomatic Gearbox ControlAutomated Parking SystemAutomatic Collision Notification Traffic Sign Recognition
  6. Copyright exida LLC ® 2000-2012 Some Fatality Numbers Fatalities decreasing too Slow in Europe Fatalities stable but too High in US
  7. Copyright exida LLC ® 2000-2012 Many years later… Anti-Blocking System Electronic Stability Program Lane Departure Warning Steering Lock Reverse Sensors Backup Camera Adaptive Cruise Control Tire Pressure Monitoring Deflation Detection System Traction Control System Infrared Night Vision Adaptive Headlights Emergency Brake Assistance Corner Brake Control Pre-Crash System Automatic Steering AirbagAutomatic Gearbox ControlAutomated Parking SystemAutomatic Collision Notification Traffic Sign Recognition “Actively” function to achieve Safe State
  8. Copyright exida LLC ® 2000-2012 What is…? Functional Safety ISO 26262: Absence of unreasonable risk due to hazards caused by malfunctioning behavior of E/E systems IEC 61508: Part of the overall safety related to the equipment under control (EUC) that depends on the correct functioning of the safety-related system
  9. Copyright exida LLC ® 2000-2012 Why Functional Safety Standards? BECAUSE…
  10. Copyright exida LLC ® 2000-2012 Why Functional Safety? BECAUSE… ELECTRONICS CAN FAIL !!! Are you Able to Provide the EVIDENCE that Risks have been Minimized?
  11. Copyright exida LLC ® 2000-2012 Which Standard to Follow? IEC 61508 Functional Safety for E/E/PES Safety Related Systems
  12. Copyright exida LLC ® 2000-2012 ISO 26262 Adaptation of IEC 61508 IEC 61508 Functional Safety for E/E/PES Safety Related Systems Why not ideal for Automotive Industry ?
  13. Copyright exida LLC ® 2000-2012 Basic Standard for Functional Safety IEC 61508 Functional Safety for E/E/PES Safety Related Systems Generic “High Level” Standard Roots in Process Industry Assumes One Company does Everything Not Designed for the Distributed Development Why not Ideal for Automotive Industry ?
  14. Copyright exida LLC ® 2000-2012 ISO 26262 Adaptation of IEC 61508 IEC 61508 Functional Safety for E/E/PES Safety Related Systems IEC 61513 Nuclear IEC 61511 Process Industry ISO 26262 Road Vehicles IEC 62061 Machinery ISO 13849-1 Machine Safety ISO 25119 Tractors… ISO 26262 is “State of the Art” For Automotive Developed with OEM
  15. Copyright exida LLC ® 2000-2012 How E/E Systems Fail? Random Failures: “Usually a permanent or transient failure due to a system component loss of functionality – hardware related Systematic Failures: “Usually due to a design fault, wrong specification, not fit for purpose , error in software program, ...
  16. Copyright exida LLC ® 2000-2012 Technical Safety MeasuresProcess – Methods - Organization ISO 26262 Principles ISO 26262 Functional Safety Principles Avoidance of Faults Control of Failures Avoid Systematic Faults Control of Systematic Failures Control of Random Failures In OperationBefore Delivery
  17. Copyright exida LLC ® 2000-2012 Technical Safety MeasuresProcess – Methods - Organization ISO 26262 Principles ISO 26262 Functional Safety Principles Avoidance of Faults Control of Failures Avoid Systematic Faults Control of Systematic Failures Control of Random Failures In OperationBefore Delivery Implement Correctly Detect and React
  18. Copyright exida LLC ® 2000-2012 Driver Controllability (and Usability) Other Technologies External Measures Back to appropriate lifecycle phase Planning of Production 7.4 Planning of Operation, Service and Decom. 7.5 Product Development System 4 Hard- ware 5 Soft- ware 6 Release for SOP4.11 Concept of Functional Safety 3.7 Production7.4 Operation, Service and Decommissioning 7.5 conceptphaseproductdevelopmentafterSOP Management of Functional Safety2.4 – 2.6 Supporting Processes8.4 – 8.15 Functional Safety Concept 3.8 Hazard Analysis and Risk Assessment 3.7 Initiation of Safety Life Cycle 3.6 Item definition3.5 ISO 26262 follows a Safety LifeCycle Risk Based Approach
  19. Copyright exida LLC ® 2000-2012 > 100 Work Products Work Products Exida Templates
  20. Copyright exida LLC ® 2000-2012 ISO 26262 Structure
  21. Copyright exida LLC ® 2000-2012 ISO 26262 Structure Vocabulary
  22. Copyright exida LLC ® 2000-2012 Vocabulary is important English is not English – English – American - KorEnglish – GerEnglish – Singlish… English is not ISO/IEC – Validation – Verification – Confirmation – Fault – Failure – Error Different Standard – Different Terminology – Safety Requirement in ISO 26262 vs IEC 61511
  23. Copyright exida LLC ® 2000-2012 ISO 26262 Structure Functional Safety Management
  24. Copyright exida LLC ® 2000-2012 Overall Requirements for the Organization – Specific Organizational Rules – Competence – Quality Requirements for Phases – Roles and Responsibilities – Functional Safety Plan – Progression – Safety Case – Confirmation Measures Management of Functional Safety Plan – Coordinate - Track
  25. Copyright exida LLC ® 2000-2012 4 Functional Safety Management .................................................................................8 4.2 Project Organization................................................................................................... 8 4.3 Roles and Role Descriptions ...................................................................................... 9 4.5 Team Competence....................................................................................................14 5 Safety Life Cycle......................................................................................................16 5.2 Scheduling of the safety lifecycle activities................................................................21 5.3 Concept Phase..........................................................................................................21 5.4 Product development on system level .......................................................................26 5.4.1 Initiation of System Product Development ......................................................26 5.4.2 Specification of Technical Safety Requirements .............................................28 5.4.3 System Design ...............................................................................................30 5.4.4 Item Integration and Testing ...........................................................................33 5.4.5 Safety Validation.............................................................................................34 5.4.6 Functional Safety Assessment........................................................................36 5.4.7 Release for Production ...................................................................................36 5.5 Product development HW level .................................................................................38 5.5.1 Initiation of HW product development .............................................................38 5.5.2 Specification of HW safety requirements ........................................................39 5.5.3 HW design......................................................................................................41 5.5.4 HW architectural metrics.................................................................................43 5.5.5 Evaluation of safety goal violation due to random HW faults...........................44 5.5.6 HW integration and testing..............................................................................45 5.6 Product development SW level .................................................................................46 5.6.1 Initiation of SW product development .............................................................46 5.6.2 Specification of SW safety requirements.........................................................49 5.6.3 SW Architecture design ..................................................................................51 5.6.4 SW Unit design and implementation...............................................................55 5.6.5 SW Unit testing...............................................................................................57 5.6.6 SW integration and testing..............................................................................58 5.6.7 Verification of SW safety requirements ...........................................................59 6 Production and Operation ........................................................................................61 7 Supporting Processes..............................................................................................66 7.1 Interfaces within distributed development..................................................................66 7.2 Specification and management of safety requirements .............................................69 7.3 Configuration management .......................................................................................70 7.4 Change management................................................................................................70 5.4.3 System Design ...............................................................................................30 5.4.4 Item Integration and Testing ...........................................................................33 5.4.5 Safety Validation.............................................................................................34 5.4.6 Functional Safety Assessment........................................................................36 5.4.7 Release for Production ...................................................................................36 5.5 Product development HW level .................................................................................38 5.5.1 Initiation of HW product development .............................................................38 5.5.2 Specification of HW safety requirements ........................................................39 5.5.3 HW design......................................................................................................41 5.5.4 HW architectural metrics.................................................................................43 5.5.5 Evaluation of safety goal violation due to random HW faults...........................44 5.5.6 HW integration and testing..............................................................................45 5.6 Product development SW level .................................................................................46 5.6.1 Initiation of SW product development .............................................................46 5.6.2 Specification of SW safety requirements.........................................................49 5.6.3 SW Architecture design ..................................................................................51 5.6.4 SW Unit design and implementation...............................................................55 5.6.5 SW Unit testing...............................................................................................57 5.6.6 SW integration and testing..............................................................................58 5.6.7 Verification of SW safety requirements ...........................................................59 6 Production and Operation ........................................................................................61 7 Supporting Processes..............................................................................................66 7.1 Interfaces within distributed development..................................................................66 7.2 Specification and management of safety requirements .............................................69 7.3 Configuration management .......................................................................................70 7.4 Change management................................................................................................70 7.5 Verification ................................................................................................................72 7.7 Qualification of SW tools ...........................................................................................75 7.11 Safety Case ..............................................................................................................79 8 Cross Reference between Project Documentation and ISO 26262 Work Products.81 11 Annex A: Status of the Team Competence..............................................................84 Functional Safety Plan Exida Template
  26. Copyright exida LLC ® 2000-2012 Management of Functional Safety Safety Case A clear, comprehensive and defensible argument that a system is acceptably safe to operate in a particular context. (Tim Kelly / Rob Weawer University of York)
  27. Copyright exida LLC ® 2000-2012 ISO 26262 Structure Concept
  28. Copyright exida LLC ® 2000-2012 Concept Phase OEM Defines Item > ESCL Initiation of Safety Lifecycle Hazard Analyses and Risk Assessment Functional Safety Concept Prevent use by unauthorized person by mechanical lock
  29. Copyright exida LLC ® 2000-2012 Concept Phase OEM Defines Item > ESCL Initiation of Safety Lifecycle > New Hazard Analyses and Risk Assessment Functional Safety Concept Integration Test Configuration Control Regression testing Modifications Version Control Problem Analysis Change Control BoardChange Control Board Change Request Decide on lifecycle re-entry point New release Productization Modified product - hardware & software User documentation incl. changed product safety properties Associated development & test doc. Release history Safety Alert Recall Documents yellow: new green: update existing Legend Safety Case Database entries yellow: new green: update existing Problem Report Functional Enhancement Request Update Regression Test Suite Modification Proposal Safety Criticality Affected Modules Stop System Test Module Test Update Safety Case & Probability Model Impact Analysis Exida Modification Process
  30. Copyright exida LLC ® 2000-2012 Concept Phase OEM Defines Item > ESCL Initiation of safety Lifecycle > New Hazard Analyses and Risk Assessment Functional Safety Concept What Can Go Wrong? > Steering locks when driving
  31. Copyright exida LLC ® 2000-2012 Concept Phase OEM Defines Item > ESCL Initiation of safety Lifecycle > New Hazard Analyses and Risk Assessment Functional Safety Concept SG No. HRA Reg Safety Goal ASIL Safe State SG1 ESCL_001 Unintended locking of ESCL while vehicle is moving shall be avoided ? Unlocked ESCL SAFETY GOAL Avoid a Dangerous Situation
  32. Copyright exida LLC ® 2000-2012 Concept Phase OEM Defines Item > ESCL Initiation of safety Lifecycle > New Hazard Analyses and Risk Assessment Functional Safety Concept How “Risky” is that? > Need ASILD
  33. Copyright exida LLC ® 2000-2012 Consequence – Likelihood Moderation Always with OEM
  34. Copyright exida LLC ® 2000-2012 Concept Phase Functionality to meet SAFETY GOAL… OEM Defines Item > ESCL Initiation of safety Lifecycle > New Hazard Analyses and Risk Assessment > ASILD Functional Safety Concept
  35. Copyright exida LLC ® 2000-2012 Concept Phase ASIL D Vehicle Speed Server ASIL D SG1 ASIL D Steering Column Lock Vehicle speed ASIL D Lock Sequence ASIL D Unlock Steering Column when Vehicle is moving OEM Defines Item > ESCL Initiation of safety Lifecycle > New Hazard Analyses and Risk Assessment > ASILD Functional Safety Concept
  36. Copyright exida LLC ® 2000-2012 ISO 26262 Structure System Level Development
  37. Copyright exida LLC ® 2000-2012 Objectives TSC and System-Design – Requirements allocation – Specification of Safety Measures – Integration – Validation Functional Safety Concept Technical Safety Concept System Design HW Design SW Design Concept Phase Product Development Product Development System Level INTEGRITY
  38. Copyright exida LLC ® 2000-2012 Product Development System Level
  39. Copyright exida LLC ® 2000-2012 ISO 26262 Structure HSI
  40. Copyright exida LLC ® 2000-2012 ISO 26262 Structure HW Level Development
  41. Copyright exida LLC ® 2000-2012 Product Development Hardware Level ASIL B ASIL C ASIL D Single point faults metric ≥ 90 % + ≥ 97 % ++ ≥ 99 % ++ Latent faults metric ≥ 60 % + ≥ 80 % + ≥ 90 % ++ 5.8 Architectural ASIL Random hardware failure target values D < 10-8 h-1 C < 10-7 h-1 B < 10-7 h-1 5.9 Random
  42. Copyright exida LLC ® 2000-2012 Dual Core versus 2 µC Solution Optimized Vehicle + Safety Features AURIX covers Random HW Fault issues Focus Mainly on Application ALU RAM Reg ALU RAM Reg I/O Flash Voter I/O I/O I/O I/O I/O µC1 µC2 2x SW Development, Communication, Testing, PCB Space, Justification, Supply voltage,
  43. Copyright exida LLC ® 2000-2012 ISO 26262 Structure SW Level Development
  44. Copyright exida LLC ® 2000-2012 Product Development Software Level System Validation Software Validation Test Verification during Design Test E/E System-Design Software Safety Requirements E/E System Integration Software Architecture and Design Software Implementation Software Unit Test Software Integration and Test Software Safety Validation TestPhases DesignPhasesVerification during Design Verification during Design ScopeofPart6 ScopeofPart6 ScopeofPart4 ScopeofPart4
  45. Copyright exida LLC ® 2000-2012 ISO 26262 Structure Production Operation
  46. Copyright exida LLC ® 2000-2012 ISO 26262 Structure Supporting Processes
  47. Copyright exida LLC ® 2000-2012 Interfaces within Distributed Developments (DIA) Specification and Management of Requirements Configuration Management Change Management Verification Documentation Confidence of Use in SW Tools Qualification of HW/SW Components Proven in Use Arguments Supporting Processes Other Parts reference “Supporting Processes”
  48. Copyright exida LLC ® 2000-2012 ISO 26262 Structure Safety Analyses
  49. Copyright exida LLC ® 2000-2012 Safety Analyses Decomposition ASIL Tailoring Criteria for Coexistence Dependent Failure Analysis Safety Analyses
  50. Copyright exida LLC ® 2000-2012 H&R FMEA SWCA FMEA FMEDA HAZAN FTA SCA H&R: Hazard & Risk SCA: System Criticality FTA: Fault Tree FMEA: Failure Mode Effect FMEDA: FMEA with Diagnostics SWCA: SW-Criticality HAZAN: Hazard Analysis Where are Safety Analyses in ISO?
  51. Copyright exida LLC ® 2000-2012 SafetyCaseDB Requirements and Safety Case Management and ISO 26262 knowledgebase SILCal FMEDA Component FMEA with integrated Failure Mode Database SILCap Safety Criticality Analysis, System FMEA and S/W-HAZOP exida Tools for Automotive Tool-Based Design Support
  52. Copyright exida LLC ® 2000-2012 ISO 26262 Structure Guideline
  53. Copyright exida LLC ® 2000-2012 ISO 26262: If you did it well… You are Able to Show: – Completeness:  Everything accounted for  Requirements under Control  Everything tested – pass  Used the toolsets – Traceability:  Structured Process Model  Documents linked  Evidence for Everything  Understandable for external – Consistency  This is visible for external auditor even when project members have left – Documentation:  All activities planned  Execution documented in SC  Inspected - Archived  For a life-time (15year?)
  54. Copyright exida LLC ® 2000-2012 ISO 26262: If you did it well… You are Able to Show: – Completeness:  Everything accounted for  Requirements under Control  Everything tested – pass  Used the toolsets – Traceability:  Structured Process Model  Documents linked  Evidence for Everything  Understandable for external – Consistency  This is visible for external auditor even when project members have left – Documentation:  All activities planned  Execution documented in SC  Inspected - Archived  For a life-time (15year?) A clear, comprehensive and defensible argument that a system is acceptably safe to operate in a particular context. (Tim Kelly / Rob Weawer University of York)
  55. Copyright exida LLC ® 2000-2012 On the Agenda ISO 26262 and the Challenges exida Expertise
  56. Copyright exida LLC ® 2000-2012 Who we are Founded in 1999 by experts from Manufacturers, End Users, Engineering Companies and TÜV SÜD Today: LARGEST Functional Safety and Cyber Security consultancy and certification body worldwide “Provide independent services and tools to help customers comply to any industry standards for Functional Safety, Cyber Security and Alarm Management” Rainer Faller Former Head of TÜV Product Services Chairman German IEC 61508 Intervener ISO 26262 / IEC 61508 Co-Authored IEC 61508 parts Author of several Safety Publications Dr. William Goble Former Director Moore Industries Developed FMEDA Technique (PhD) Author of several Safety Books Author of several Reliability Books
  57. Copyright exida LLC ® 2000-2012 What we do EXIDA SCOPE Functional Safety Cyber Security Alarm Management SERVICES Tools Training Consultancy Certification Reference Materials INDUSTRIES Process Industry Automotive Machine Industry Power Industry Rail End Users Equipment Manufacturer Car Manufacturer System Integrators CUSTOMERS Reliability
  58. Copyright exida LLC ® 2000-2012 Services Automotive Customers (extract) Tools IC‘s
  59. Copyright exida LLC ® 2000-2012 exida Development Support Services Setting up Functional Safety Management / Act as FSM Coordinator Safety System Development and Design support – Requirements Management & Engineering (SafetyCaseDB + Doors® incl. Setup) – Safety Concept development and documentation (also pre-existing systems) – Tool based Safety Criticality Analysis (SILCap) – Hardware design support  Tool based FMEA and Quantitative FMEDA – Software design support  UML design  Tool based Software HAZOP/FMEA (SILCap) Tool based Safety Case development – IEC/ISO knowledgebase – Document templates per development phase: FSM plan, SRS, Safety concept, Test plans Tool-based Safety Verification of Automotive Applications
  60. Copyright exida LLC ® 2000-2012 exida Certification S.A. – Clean separation from the exida Consulting business – English language based assessment and certification system – International alternative to TÜV Open exida Certification Scheme – IEC 61508 and ISO 26262 compliant using exida Safety Case methodology (SafetyCaseDB) and audits – Assessment Process and Requirements Publicly available exida Certifications
  61. Copyright exida LLC ® 2000-2012 Safety and Standards Advisor – Questions, advice – Interpretation of standards Moderator and Participant – FMEDA, Dependent Failure Analysis – Software analysis – Project Bottlenecks Participant (joint activities) – Write development documents and procedures – Help with test specification, FIT, safety validation Be your “Lawyer” vs. the Assessment Body – Argue your safety case – Manage all activities with the assessor exida Certification S.A. – the Assessment Body One or more Roles exida is Part of your Team
  62. Copyright exida LLC ® 2000-2012 Steering (Active Front Steering, Electronic Power Steering) Gearbox Driver assistance (e.g. ACC, ESP) Body control H2 Clean-Energy Battery monitoring Software platforms (AUTOSAR, communication, hardware drivers, self-tests) Safety IC Assessment support (µC, system chips) Automotive Projects (extract)

Notes de l'éditeur

  1. Who is Koen? &gt; Disclaimer Process Industry
  2. What is my objective for today:Overview and background of ISO26262 &gt; main challengesShow that exida can help overcome challenges and can help to implement the ISO 26262 requirements efficiently&gt; help fill gap with processes&gt; use templates&gt; fill contents upto 10%...We try to leverage knowledge of OEM – TIER-1 – Tier-n &gt; help to get up to speed fast and prevent going wrong direction.E.g. very often we find that our customers have the process documents but the details are missing …or vice versa details are there but the overview and traceability is missing.Processes, and Technical and Management have to be done
  3. For the past 15 years, I have been using this slide.Meaning is obvious…Special challenge for automotive…there are many many many links in the chain. ISO 26262 will guide to overcome this challenge…Lets go back in history…
  4. Safety is controlled with mechanical/hydraulical steering and pedals. Very robust.Steering, Brakes, mirrors, lights … I remember installing the seatbelts in my fathers car…
  5. In recent years, not only have the various in-vehicle functions grown in number and complexity; they are also more often being distributed throughout the vehicle. On the one hand, this trend was enabled by significant growth in computing power of the processors used, and on the other by the larger bandwidth available in networking. Manfred Broy of the InstitutfürInformatik, TechnischeUniversitätMünchen provides some illustrative figures[4]: a premium car currently contains “more than ten million lines” of code, covering “[m]ore than 2000” functions; software and electronics together account for “[u]p to 40% of the production costs of a car”. In addition, the number of cars is increasing – time to market getting shorter…It has become a challenge to produce quantities of electronics with the right quality (safety). Need to make sure that new functions do not introduce new hazards…
  6. The Drivers are the weak elements.Electronics reduce the risk from Driver inefficiency but might introduce product liability. No CEO wants to be called to the US to discuss safety issues.The functional safety is delivered with the car yet FS is hidden…Burden of Proof: Evidence required to show that electronics are safe to be used. Ensure that the risk is as low as reasonably practical. Ensure that no new hazards are introduced.Public awarenessGovernmental focus on lowering road fatalities  Driver assistanceElectronics transfer Risk from Driver to Product  Product Liability Environmental Requirements introduce new hazards  eSteering, eDriveComfort Functions might require Safety  ESP, ACC, PowertrainNew technologies to reduce production/maintenance cost (reduce hydraulics)
  7. Explain what is risk…
  8. Specification error
  9. Avoidance = Manage Safety over a lifecycle…Item description upto decommissioningWrite correct SW – Test etc…Use competent peoplePlan – Execute – Verify - DocumentControl = if bug escapes during develop…show that it is most likely detected in runtime. ASIL is the measure of the required risk reduction or the measure of the fault avoidance and failure control we have implemented.(ASIL C/ASILD &gt; Diverse software design: Systematic failures must be covered by detection… e.g. program sequence monitoring)
  10. Avoidance = Manage Safety over a lifecycle…Item description upto decommissioningWrite correct SW – Test etc…Use competent peoplePlan – co-ordinate - DocumentControl = if bug escapes during develop…show that it is most likely detected in runtime. ASIL is the measure of the required risk reduction or the measure of the fault avoidance and failure control we have implemented.(ASIL C/ASILD &gt; Diverse software design: Systematic failures must be covered by detection… e.g. program sequence monitoring)
  11. Lifecycle model:Starts with Idea of OEM…Ends with decommissioning the carWhat happens if one step is not performed?e.g. hazard and risk analysis&gt; do not notice need for Safetye.g. airbag requires trained personnel &gt; connect to laptop and have all airbag deployed. Special command to deploy all airbags since 20 years….great.
  12. Fault Abnormal condition that can cause an element or an item to fail “Adjudged cause”Error Discrepancy between a computed, observed or measured value or condition and the true, specified, or theoretically correct value orCondition “Corrupted state”Failure Termination of the ability of an element or an item to perform a function as required “Termination of correctservice at output interface”
  13. If used – add OEM etc..
Publicité