Introduction: Functional Safety in the Automotive Industry
Electronic systems carry out many functions in modern automobiles, including driver assistance functions, vehicle dynamics control, and active/passive safety systems. The complexity of electronically-driven operations, especially safety functions, makes predicting safety performance extremely difficult. More action will be required, furthermore, to reduce the risks of systematic and random hardware failures as system complexity continues to increase.
ISO 26262 is a functional safety standard intended to be applied to the development of software for electrical and/or electronic (E/E) systems in automobiles. ISO 26262 is an adaptation of the broader IEC 61508 safety standard, which has been used to derive safety standards for the nuclear power, machinery, railway, and other industries. It is aimed at reducing risks associated with software for safety functions to a tolerable level by providing feasible requirements and processes.
In this paper, we provide background information on ISO 26262 and its goals. We also discuss some of the policy-related issues associated with developing embedded software that complies with ISO 26262. Finally, we describe how Parasoft can help automotive software development organizations achieve compliance with ISO 26262.
About ISO/DIS 26262
ISO/DIS 26262 is the adaptation of IEC 61508 to comply with needs specific to the application sector of E/E systems within road vehicles. ISO 26262 covers functional safety aspects of the entire development process (including such activities as requirements specification, design, implementation, integration, verification, validation, and configuration). The standard provides guidance on automotive safety lifecycle activities by specifying the following requirements:
- Functional safety management for automotive applications
- The concept phase for automotive applications
- Product development at the system level for automotive applications Software architectural design
- Product development at the hardware level for automotive applications Software unit
- Product development at the software level for automotive applications
- Production, operation, service and decommissioning
- Supporting processes: interfaces within distributed developments, safety management requirements, change and configuration management, verification, documentation, use of
software tools, qualification of software components, qualification of hardware
components, and proven-in-use argument.
- Automotive Safety Integrity Level (ASIL)-oriented and safety-oriented analyses
What ISO 26262 Does Not Cover
- Unique E/E systems in special purpose vehicles such as vehicles designed for drivers
- Hazards related to electric shock, fire, smoke, heat, radiation, toxicity, flammability,
reactivity, corrosion, release of energy and similar hazards, unless directly caused by
malfunctioning behavior of E/E safety-related systems
- Nominal performance of E/E systems
Specific Software Development Sections in ISO 26262
Part 6 of the standard specifically addresses product development at the software level.
Requirements for the following development activities are specified:
- Initialization of product development
- Specification of software safety requirements
- Software architectural design
- Unit design and implementation
- Unit testing
- Software integration and testing
- Verification of software safety requirements.
Methods defined by the ISO 26262 standard should be selected depending on the ASIL
(automotive safety integrity level); the higher the ASIL the more rigorous the methods.
Part 8, section 11, describes the software tool qualification process. Tools that automate software development activities and tasks can significantly help organizations efficiently and effectively meet ISO 26262 requirements...
To read more, download the complete ISO 26262 Software Compliance paper as a PDF.