Home

ISO 26262

Due to the increasing complexity of modern E/E systems in the automotive industry, the functional safety is now a key issue that every system provider has to face. A first standard, IEC 61508, has been issued at the end of the 90s to address safety analysis and to propose guidelines to make the development and the safety assessment more homogeneous between system providers. One of the main drawback of this standard is that it is not specific to an industry, and therefore is not easily applied to the automotive industry.

ISO 26262 is a new functional safety standard, based on IEC 61508, adapted for the automotive industry. The activities that are covered correspond to today's system designers needs, with safety assessment rules, expected activities and evidence for both software and hardware and general considerations about quality improvements.

What is ISO 26262?

The problem behind functional safety assessment is to know when safety-related E/E-system is reasonably managed and analyzed in order to avoid malfunctions. Obviously this depends on the system, some being more critical (e.g. braking system, engine control, ...) than others (e.g. entertainment systems).

ISO 26262 defines several Automotive Safety Integrity Levels (ASILs), derived by doing hazard analysis and risk assessment for each function of the system. There are four possible levels (A,B,C or D) to specify the requirements of this standard and safety measures, D representing the most critical level and A the least critical level.

Once the ASIL is determined, the standard give guidance for processes, activities, methods, etc... so that the effort is adapted to the safety level. This prevent spending too much time on a non-critical function, while focusing the activity on the most critical ones.

ISO 26262 and legacy procedures

Most companies have developed their own safety assessment procedures and processes over the years, based on their experience, their specificity and their needs. However, with the application of the ISO 26262, these companies (maybe yours is in this category) will have to update (or write) their plans to match the expectations of the OEMs in terms of evidence and wording.

In most cases the existing procedures have only to be adapted to new standard. This is advantageous in that the people in place are already trained, and only an update is required. However this requires a good knowledge of the new standard as well as an understanding of the problems specific to each domain.

pulse-AR has a good knowledge of ISO 26262 and based on its experience a very deep understanding of the problems that each company face. pulse-AR can help you update your procedure or put new ones in place that match the ISO 26262, and train the people in your company to the new standard.

Please contact us if you are in such a case, so that we can define a strategy adapted to your needs.

ISO 26262 and AUTOSAR

AUTOSAR does not cover system safety. Beginning with release 4, the standard proposes all the technical information required to prove the ISO 26262 compliance for users of Basic Software, but it does not provide procedures or activities that address the safety problem by itself.

When defining procedures and activities around AUTOSAR, it is very important to take the functional safety into account, if possible, as soon as possible. This requires a good knowledge of both AUTOSAR and ISO 26262, which is the case of pulse-AR.

Here are some cases in which pulse-AR can provide assistance:

  • To assess the compliance of an existing process to AUTOSAR and ISO 26262
  • To help updating or to put in place the processes to match the level expected by ISO 26262
  • To help defining the ASIL level for the functions of a system, by providing guidelines and analysis of the failure cases

Please contact us so that we can define together the best strategy to adopt in your particular case.

Theme provided by Danetsoft under GPL license from Danang Probo Sayekti