You are here: / FuSa_Automotive

ISO 26262 Confidence in the use of software tools – A feasible strategy!

ISO 26262 Confidence in the use of softwar tools: ISO 26262-8 in chapter 11 defines the requirements for software tools that are used in an ISO 26262 compliant software development process. In the practical usage of chapter 11 of ISO 26262-8 many questions often arise, which partly lead to very creative approaches regarding tool qualification.

The following article clarify open questions in this subject and provides answers to the following 3 questions:

  • Why does ISO 26262 require a proof of confidence in the tools used at all?
  • What are the requirements of ISO 26262?
  • How to deal with the ISO 26262 Confidence in the use of softwar tools topic?

Read more

/0 Comments/by

ISO 21448 – Safety of the Intended Functionality (SOTIF) Why is it required?

The ISO 21448 Safety of the Intended Functionality defines methods for failure resulting from the limitation of a functionality. ISO 26262 deals with concepts, procedures and measures for failures resulting from random hardware failures or systematic HW/SW failures.

Many experts see the SOTIF standard as a normative support for the realization of autonomous driving. This view is supported by statements in chapter 1 of the standard. There it is explicitly mentioned that ISO 21448 should not be applied to well-proven systems such as the airbag etc., but rather to innovative, new and complex functions such as ADAS.

The following article gives an overview of the contents of the standard and discusses in a critical way the point whether ISO 21448 and ISO 26262 really help to enable autonomous driving. Read more

/by

ISO 26262 Safety Case – Success factors: management and traceability!

The term Safety Case is used in the automotive industry and railway industry (EN50129). The following article focuses on the automotive industry. Project experience shows that the achievement of a proven functionally safe system is complex and extensive. This is particularly true if the development of a product is spread over several companies. I will discuss the key factors to achieve the safety case objectives named in ISO26262.

Read more

/by

ISO 26262 ASIL Decomposition – Pros and Cons!

ISO 26262 ASIL Decomposition: Part 9 of ISO26262 defines a scheme for dividing a requirement with a specific ASIL level into two requirements with lower ASIL levels.

In the following blog post I will address the question when the ASIL decomposition can be applied in practice and what are the advantages. At the same time, however, some practice is critically questioned in the projects regarding the ASIL decomposition. Read more

/by

ISO 26262 Freedom from interference – What is that?

ISO 26262 Freedom from interference :
There are four essential measures in the development of safety-critical systems.

  1. Design of safe systems
  2. Measures to minimize random hardware errors
  3. Measures to minimize systematic hardware and software errors
  4. Organizational measures (management of functional safety)

Particularly in the design of safe systems, the principle of Freedom from interference is a powerful measure. What’s this? The following blog provides an answer to this question. Read more

/4 Comments/by

ISO 26262 calibrateable Systems – Chance or Risk?

ISO 26262 calibrateable Systems are discussed in part 6 Annex C. This blog summarizes important requirements of the standard and shows practice-oriented challenges of software-configurable embedded systems.
The use of calibration data in configurable systems offers a lot of advantages. The functional behavior of the entire system can be adjusted by simple and rapid changes in the calibration data without having to change the source code itself. This enables the multiple re-use of source code. If it is well done, even the unit tests should be reusable, included the measurement of the structural Source Coverage. These are quite important advantages.
 Read more

/0 Comments/by

Fault Injection Test in ISO 26262 – Do you really need it?

Fault Injection Test: The ISO 26262 defines the fault injection test as a test method for the system integration and unit test level (ISO 26262-4 [System] Tables 5, 8, 10, 13, 15, 18; ISO 26262-5 [Hardware] Table 11; ISO 26262-6 [software] tables 10, 13).
This method has certainly a large part in the implementation of a possible error-free and therefore safe system. My focus in this blog is on an efficient implementation of this test method in practice. I will compare practices in the aerospace with those in the automotive industry.
Read more

/6 Comments/by

Reuse Scenarios in ISO 26262 (part 2)

Reuse Secenarios in ISO 26262 part 1 demonstrated the diversity of reuse scenarios. Now I want to concentrate on concrete measures, which are used to make the reuse of software successfully. Read more

/0 Comments/by

Reuse scenarios in ISO 26262 (part 1)

Why is the reuse of software, hardware, or complete electronic control units a central theme? Two essential aspects are to be considered: the development costs can be reduced significantly, i.e. reuse of components is very attractive in economic terms.
But also for security reasons, the reuse of components can offer significant benefits. A control unit, which is used already for years in the field and shows no safety relevant failure can be used with significantly reduced risk in comparison to a new development.
To be able use these benefits really, you must be aware of the various reuse scenarios. In a second step, you must identify the features of the discussed reuse scenario and take appropriate action. Read more

/0 Comments/by

Contact

HEICON Global Engineering GmbH
Dipl. Ing. (FH) Martin Heininger
Kreuzweg 22
88477 Schwendi

Phone: +49 7353 – 98 17 81
Mobile: +49 176 – 24 73 99 60

Email: info[at]heicon-ulm.de

IMPRINT  |  DATA PROTECTION