ISO 26262 Freedom from interference – What is that?
ISO 26262 Freedom from interference :
There are four essential measures in the development of safety-critical systems.
- Design of safe systems
- Measures to minimize random hardware errors
- Measures to minimize systematic hardware and software errors
- Organizational measures (management of functional safety)
Particularly in the design of safe systems, the principle of Freedom from interference is a powerful measure. What’s this? The following blog provides an answer to this question.
The following diagram illustrates the principle:
With the ISO 26262 Freedom from interference, it can be demonstrated that a (Sub-) system with a less critical ASIL level (in the diagram ASIL A) can not influence a system with a more critical ASIL (in the diagram ASIL C). The goal is to prevent that a system with a higher error rate (= ASIL A) drives a system in which a lower error rate (ASIL C) is required.
The design on the left shows that there is no way the ASIL A system could affect the ASIL C system. This means that the ASIL C system achieves the Freedom from Interference with respect to the ASIL A system.
In the system design, on the right, a data / control flow is present from the ASIL A to the ASIL C system. As a result, the ASIL C system does not achieve the Freedom from interference, at least without any further analysis. The ASIL C system can be influenced by the ASIL A system. In this case, further design or verification measures need to be taken in order to achieve the freedom from interference. For example, the ASIL C system could first check the correctness of the ASIL A system’s data. Taking into account this measure, the ASIL C component would achieve the Freedom from interference.
In both presentations the system design was developed by the ASIL decomposition of an ASIL D component. Therefore, the D is put into the parenthesis.
ISO 26262 makes “only” the statement that sufficient independence must be achieved. In the next blog you can read how this works in the actual project practice.
Related HEICON Blog posts
- Freedom from Interference – The practice in Industry!
- Functional Safety – What is it?
- ISO26262 Safety Case – Success factors: management and traceability!
Are you ready for a functional safety workshop, to identify improvement potentials in your development process? Send a mail to: info[at]heicon-ulm.de or call +49 (0) 7353 981 781.
I stopped reading when I saw “freedom of interference”. The correct term is “freedom from interference”. Can’t take you serious.
Thank you very much for the feedback. Of course, you are right. I corrected the term. I would be pleased, if you would continue reading now.
Herzlichen Dank für den hilfreichen Artikel! Prima Tipp.
Thank you for the article. But I am afraid that the terms are exchanged in this writeup. Freedom From Interference does not talk about ASIL levels and talks only about element independence, Cascading Failures and Common Cause Failures which could lead to a potential violation of Safety Goals. Based on the writeup the term “Freedom From Interference” could be quite misleading here because the context here is about interference due to ASIL elements as mentioned in 26262-9:2018 Section 6.2. This could be named as “Free from ASIL Interference”. Kindly correct if I am missing any point in my explanation.
Hello Bharath,
thank you for your comment and your view point.
I agree from a ISO26262 formal point of view. You created even a new term “Free from ASIL Interference”. This supports exactly my point. The problem I adressed in my blog is not even really considered and handled in the ISO26262 and I think thats a real problem and causes a lot of confusions in the practical project work.
Furthermore, in practice I do not see any difference between “Freedom of Interference” as you/ISO26262 defines it and my point. It is the same thing. Therefore I do not really want to change the wording in my blog.
Best regards
Martin