Global Sources
EE Times-Asia
Stay in touch with EE Times Asia
EE Times-Asia > Embedded

Examining ISO 26262 from a developer's viewpoint

Posted: 01 Dec 2014 ?? ?Print Version ?Bookmark and Share

Keywords:Advanced Driver Assistance Systems? ADAS? ISO 26262? Automotive Safety Integrity Level? ASIL?

On 31st August 1869 the scientist Mary Ward was travelling through Parsonstown, Ireland when she was thrown from the car in which she was riding and got crushed under its wheels. She was the first person to be killed in an automobile accident. Her death was, in large part, attributable to driver error and even today, 145 years later, approximately 90% of deaths on the roads can be so attributed. Advanced Driver Assistance Systems (ADAS) and autonomous vehicles promise to mitigate the effects of driver error and, in so doing, reduce the likelihood of death and injury.

The car in which Mary was travelling in 1869 is not reported to have had software-controlled systems, but today an often-quoted comparison states that a modern airliner contains about 7 million lines of software code, whereas a modern car contains 20 million. In the past much of the car's software has been related to non-safety-critical applications such as infotainment, but increasingly, ADAS and cars with semi-autonomous capabilities are making use of software in applications that directly affect safety.

ISO published the ISO 26262 standard in 2011/2012. This standard recommends tools, techniques, and methodologies for developing such systems and affects many departments within an organisation producing software for cars. This article provides an introduction to the standard from the point of view of the system designer and implementer and is based on QNX Software System's recent experience certifying its operating system to ISO 26262.

ISO 26262 at a glance
There is an old joke about someone asking the way to a destination and being told "well, if I wanted to go there, I wouldn't start from here". This quandary also applies to ISO 26262, which is based on the IEC 61508 standard, Functional Safety of Electrical/Electronic/Programmable Electronic Safety-related Systems. The linkage between the two standards is beyond the scope of this article, but any reader who wants a deep understanding of ISO 26262 should first study IEC 61508.

ISO 26262 applies the techniques of IEC 61508 to electrical and electronic systems that provide functional safety in production passenger cars lighter than 3500kg. It does not apply to trucks, buses, special-purpose vehicles, or cars adapted in some way (e.g., for disabled drivers).

"Functional safety" is a key concept: safety can be provided in a system in several ways, and functional safety describes an architecture where the safety component has to continue functioning to maintain the overall safety of the system. The component may have to function continuously or only on demand, but the safety of the system relies on it functioning when required. So a headrest that prevents whiplash injury certainly provides safety, but not functional safety.

ISO 26262 itself comes in 10 parts that cover the various phases of development: concept, system-level, hardware development, software development, and production.

Automotive Safety Integrity Levels
No system is completely safe: 100% safety is not assured even if the car never moves. ISO 26262 recognises this by associating an Automotive Safety Integrity Level (ASIL) with each system and recommending more stringent procedures for the higher ASILs.

The key analysis for any safety-critical development is the Hazard and Risk Analysis; it determines the safety requirementsthe mitigations identified against each riskand the residual risks. The residual risks will then determine the ASIL. Part 3 of ISO 26262 outlines some ways in which hazards and risks may be determined, but does not refer to IEC 61882, Hazard and operability studies, even though IEC 61508 does so.

1???2???3???4???5?Next Page?Last Page

Article Comments - Examining ISO 26262 from a developer...
*? You can enter [0] more charecters.
*Verify code:


Visit Asia Webinars to learn about the latest in technology and get practical design tips.

Back to Top