after ISO 26262 – does safety improved ?


Most of all persons who involved in a production related FuSa project in the automotive will know and, their opinion for this question might be same.

An author of a paper – “Effective management of functional safety for ISO 26262 standard” gives us an insight why they are hard to execute FuSa in the Automotive Domain.

I rather recommend you to read this paper regarding this topic. It is really well written.

Sponsored Post Learn from the experts: Create a successful blog with our brand new courseThe WordPress.com Blog

WordPress.com is excited to announce our newest offering: a course just for beginning bloggers where you’ll learn everything you need to know about blogging from the most trusted experts in the industry. We have helped millions of blogs get up and running, we know what works, and we want you to to know everything we know. This course provides all the fundamental skills and inspiration you need to get your blog started, an interactive community forum, and content updated annually.

(GRVA-06-02r4e) Uniform provisions Concerning the Approval of ALKS


Regulations on the Automated Lane Keeping Systems (ALKS) feature appear to be under discussion. There seems to be some difference from the regulation so far. In this document, evaluation by third-party organizations seems to be considered through the type certification procedure. There are statements in the Clause 7 of Annex D that Audit or Assessments are required by Auditor or Assessor with knowledge of ISO 26262, SOTIF and Cyber ​​Security.

I heard that a standardization trend in the Cyber ​​Security area presents a closer requirement to regulation. But looking at this document, it looks that FuSa and SOTIF are likely to follow a similar trend on topics related to ALKS.

As this policy is not yet decided, it may be considered to be quick, but we can prospect Audit/Assessment by 3rd party, which has been slightly loosened by the OEM, may be strengthened in the future.

On the regulatory side, there is some preparation, and on the side of defense, it seems to try hard to standardize through ISO standard activities and try to perform according to the standard as an approach of standard conformity.

This is an interesting change that was not found in functional safety in the past.

Click to access GRVA-06-02r4e.pdf

(paper comment) Analysis of Safety of The Intended Use(SOTIF)


This paper was published at the time of ISO/PAS 21448. I have never seen anything about ISO/PAS 21448. It is only known that the ongoing ISO 21448 will replace it. Looking at this paper, it seems that the earliest SOTIF focused on vehicle level safety. The ongoing ISO 21448 seems to cover not only the vehicle level, but also the entire lifecycle of FuSa’s systems, hw and sw. (That’s because the standard hasn’t been finalized yet, and I think it will be better later.)

When I first read the CD version of SOTIF, there were so many things that I didn’t understand and the relationship between FuSa and SOTIF wasn’t exactly understood. So it is dim to know that the concept of SOTIF is needed to achieve safety, but it was not clear. (I think it will be because it is still a CD version.)

However, after reading this paper, I came to understand the direction that SOTIF aims to pursue. Also, the concept of known/unknown and hazardous/non-hazardous models, which were newly introduced in SOTIF, couldn’t understand why the concept was introduced and how such a conceptual model could be practically used. For example, it was like this. Testing something in the Known domain is easy to understand, but what does it mean to test something in the Unknown domain? If you already have a test scenario, isn’t it supposed to be already known? What on earth does unknown mean?

Setting a validation target seems to use a statistical approach, but how can a quantitative figure be derived?

Of course, I am still not clearly understanding everything about SOTIF, but I am still studying. And what I realized now may be misunderstanding by’misunderstanding’, so my thoughts may change over time.

This paper contains examples of quantifying validation targets with the statistical approach mentioned above, and some explanations on how the concepts of known/unknown and hazardous/not hazardous apply.

Personally, I think the above two confusing concepts have been materialized through this paper. Of course, I’m still not sure how validation targets can be applied at the lower level, not at the vehicle level. It is expected that the standard will be more specific or practical examples will come from other papers.

It is worth reading this article to understand SOTIF. I think it will not be too difficult to understand

https://downloads.regulations.gov/NHTSA-2019-0036-0022/attachment_2.pdf

ISO26262, SOTIF, Autonomous Vehicle, Robot