Functional Safety ISO26262
-risk mitigation-
For illustrative purposes let us imagine the following scenario: company X launches onto the market without benefiting from an accountancy service, be it internal or external. One can genuinely expect that to be a short lived venture, as risk was overlooked.
ISO 26262 summarizes experience on software, hardware and system level.
Before diving into difficult topics as Random Fault, Common Failure Cause, Fault Tolerance and so on, let us keep in sight items such as:
• '' What is an Item?" , in ISO 26262 context, part 3;
• Let us consider an engineer creating an architecture for a DC-DC converter following a simple logic, he/she creates an architecture : housing, PCB, MCU, Power-Bridge, Transformer, screws. Here are some relevant questions: has the System Engineer mapped Functions to Forms? Have the system boundaries been defined underlining function representing requirements under safety context? On which use case the boundary diagram was defined, in order to create the corresponding test case ? Indeed, the more use cases the system has, the more boundary diagrams are required ( mapping functions to forms).
• Taking a look into ISO26262 architecture diagram, from a top level perspective, it is easy to deduct the necessity of System Functional Safety Engineer
Basic Functional Safety Services
​​
FMEA, FTA
Item Definition
Hazard Analysis and risk assessment
Technical safety concept
Hardware - Software - Interface (HSI) Requirements Definition
Safety Validation
Specification of HD safety requirements
Evaluation of the hardware architectural metrics
Evaluation of safety goal violation due to random hardware failures
Specification of software safety requirements
Software architecture design
Software unit verification
Software integration and verification
Analysis of dependent failures
Requirements decomposition with respect to ASIL tailoring
ECU Design's Pillars on supporting ISO 26262 implementation
​
-
Competencies and Skills Management:
Our engineers ( employees and contractors ) are certified on:
Functional Safety Engineering by TUV-SUD, IEC-61508 and ISO26262.
System Engineering by INCOSE (International Council on System Engineering).
members of IET and INCOSE.
In it's Process and Quality Management Systems (QMS), ECU Design has defined trainings aiming at competence increase, aiding integration of new employees. The areas are Functional Safety and System Engineering.
-
Process approach on System Level
The intersection between ISO 15288 & ISO 26262 ensures the best main steps on System Process Level, which ensure connections with Quality (IATF 16949), ensure connections for other safety standards such as ISO_PAS_21448 in particular on Concept Phase, and traceability from Solution Neutral to Concept, on new feature developed in particular on ADAS Systems.
-
Process approach on Software Level
​The intersection between ISO 12207 & ISO 26262 produces a roadmap at a Software Process Level, ensuring connections with Quality VDA 6.3 or higher (now, included in IATF 16949), Software integration in System, Capabilities improvement ASPICE ISO 15504 ( Software Process Improvement and Capabilities Determination) and defining rules on coding or Simulink Auto-coding tlc for embedded systems defined by MISRA ( Motor Industry Software Reliability Association ) for C, C++, AUTOSAR ( Automotive Open System Architecture) influence and implementation, and documentation, requirements traceability.
-
Tools Agreed
We use only ISO 26262 agreed ( certified, prove in used ) tools.
Documentation: UML / SysML or Simulink on SW documentatios
Simulation: UML/SysML Tool, Simulink or Both;
Requirements : ReqIF ( Requirements Interchange Format)