Live Webinar Introduction to ISO 26262 for Functional
Live Webinar Introduction to ISO 26262 for Functional Safety Critical Projects Speaker-: Mr. Martin Heininger Leading technology company award by Deloitte in Fast 50 India 2012 program Embitel is rated as one of the top 21 innovators in India by NASSCOM Juror’s Distinction Award for Innovation in Manthan 2008 Nominated for Best UK Entrant in 2009 by UKTI An ISO 9001: 2008 certified company Confidential
About the Speaker § 15 years of industry experience and has worked as a Lead and Project Consultant for Functional Safety projects. § Functional Safety Seminars (IEC 61508, ISO 26262, RTCA DO 178 B) § Functional Safety Consulting § Functional Safety on Verification activities § Consulting on Strategic Technical Project Management Confidential
Contents § ISO 26262 Overview § ISO 26262 First Steps § ASIL Determination § ISO 26262 Life Cycle Work Products § Methods for Software Unit Implementation § Embitel-Heicon Collaboration 3 Confidential
ISO 26262 Overview § ISO 26262 is the adaption of IEC 61508 to comply with needs specific to road vehicles § Safety-related systems that include electrical and/or electronic (E/E) systems § Series production passenger cars (up to 3500 kg max. vehicle mass) § ISO 26262 addresses possible hazards caused by malfunctions behavior of E/E safety-related systems and their interactions § ISO 26262 does not apply to hazards related to electrical shock, fire, smoke, heat, radiation, toxicity, flammability, reactivity, corrosion etc. 4 Confidential
ISO 26262 Overview 5 Confidential
ISO 26262 First steps Specification and management of safety requirements Product development Concept Phase Hazard analysis and risk assessment Derive ASIL Level Specification of Safety Goals Specification of System safety requirements Hardware safety requirements Software safety requirements Architecture 6 Confidential
ASIL Determination Exposure E 0 to E 4 Severity S 0 to S 3 Controllability C 0 to C 3 ASIL A to D Class E 0 E 1 Incredible E 2 Very low probability E 3 Low probability E 4 Medium probability High probability (Probability of exposure regarding operational situations) C 0 C 1 Controllable in general Simply controllable Class C 2 Normally controllable C 3 Difficult to control or uncontrollable Class S 0 No injuries S 1 Light and moderate injuries S 2 Severe and life-threatining injuries (survival probable) S 3 Life-threatening injuries (survival uncertain), fatal injuries 7 Confidential
ASIL Determination Severity class S 1 S 2 S 3 Probability class C 1 Controllability class C 2 C 3 E 1 QM QM QM E 2 QM QM QM E 3 QM QM A E 4 QM A B E 1 QM QM QM E 2 QM QM A E 3 QM QM B E 4 A B C E 1 QM QM A E 2 QM A B E 3 A B C E 4 B C D ISO 26262 -3 Note: The class QM (Quality Management) denotes no requirement to comply with ISO 26262 8 Confidential
Content § § § ISO 26262 Overview ISO 26262 First Steps ASIL Determination ISO 26262 Life Cycle Work Products Methods for Software Unit Implementation Embitel-Heicon Collaboration 9 Confidential
ISO 26262 Work Products – Functional Safety Mngt. Functional Safety Management Work Products Hazard analysis and risk assessment ü Organizational-specific rules and processes for functional safety ü Evidence of competence ü Evidence of quality management ü Functional safety assessment plan ü Evidence of field monitoring ISO/FDIS 26262 -2 10 Confidential
ISO 26262 Work Products – Concept Phase Work Products Hazard analysis and risk assessment Concept Phase ü Impact Analysis (Development of new Product or Modification of existing Product) ü Hazard analysis and risk assessment ü Safety goals ü Functional safety concept (Requirements) ü Verification (Review) report ISO 26262 -3 11 Confidential
ISO 26262 Work Products – Production Work Products Production, Maintenance ü Safety-related content Hazard analysis and of risk theassessment production plan ü Safety-related content of the production control plan ü Control measure report ü Assessment report for capability of the production process ü Safety-related content of the maintenance plan ü Repair instructions ü Safety-related content of the information made available to the user ü Instructions regarding field observations ü Safety related content of the instructions for decommissioning ISO 26262 -7 12 Confidential
ISO 26262 Work Products – Supporting Fkt. Work Products – Config Managmt Product Development Work Products – Distributed Development ü ü ü Configuration Management Plan Supplier selection report Hazard analysis and Development interface agreement risk assessment Supplier’s project plan Safety assessment report Supply agreement Work Products - Documentation Process Work Products – Change Management ü ü ü Document management plan ü Documentation guideline requirements Change management plan Change request Impact analysis and change request plan Change report ISO 26262 -8 Work Products – Tool Qualification ü Software tool criteria evaluation report ü Software tool qualification report 13 Confidential
ASIL and safety-oriented analysis ISO 26262 Work Products – ASIL and safety oriented analysis Work Products Hazard analysis and risk assessment ü Update of the corresponding Documentation due to Requirements decomposition with respect to ASIL tailoring ü Analysis of dependent failures ü Safety analysis ISO 26262 -9 14 Confidential
Embedded System/Software Life Cycle Details see Slide 16 Details see Slide 17 15 Confidential
ISO 26262 Work Products – System Level 16 ISO 26262 -4 Confidential
ISO 26262 Work Products – Software Level 17 ISO 26262 -6 Confidential
Embedded System/Hardware Life Cycle Details see Slide 19 18 Confidential
ISO 26262 Work Products – Hardware Level 19 ISO 26262 -5 Confidential
Content § § § ISO 26262 Overview ISO 26262 First Steps ASIL Determination ISO 26262 Life Cycle Work Products Software Unit Implementation Methods Embitel-Heicon Collaboration 20 Confidential
Software Unit Implementation Methods ASIL A ASIL B ASIL C ASIL D One entry and one exit point in subprograms and functions ++ ++ No dynamic objects or variables, or else online test during their creation + ++ ++ ++ Initialization of variables ++ ++ No multiple use of variable names + ++ ++ ++ Avoid global variables or else justify their usage + + ++ ++ Limited use of pointers o + + ++ No implicit type conversions + ++ ++ ++ No hidden data flow or control flow + ++ ++ ++ No unconditional jumps ++ ++ No recursions + + ++ ++ 21 ISO 26262 -6 Confidential
HEICON Our Collaboration & Services ISO 26262 Consultancy Functional Safety Validation & Verification ISO 26262 Tool Qualifications Automotive Software & Hardware development 22 Confidential
Q&A
embitel – A Partner For You International Presence Please Send Additional queries to: e. seminar@embitel. com
- Slides: 24
