This paper was published at the time of ISO/PAS 21448. I have never seen anything about ISO/PAS 21448. It is only known that the ongoing ISO 21448 will replace it. Looking at this paper, it seems that the earliest SOTIF focused on vehicle level safety. The ongoing ISO 21448 seems to cover not only the vehicle level, but also the entire lifecycle of FuSa’s systems, hw and sw. (That’s because the standard hasn’t been finalized yet, and I think it will be better later.)
When I first read the CD version of SOTIF, there were so many things that I didn’t understand and the relationship between FuSa and SOTIF wasn’t exactly understood. So it is dim to know that the concept of SOTIF is needed to achieve safety, but it was not clear. (I think it will be because it is still a CD version.)
However, after reading this paper, I came to understand the direction that SOTIF aims to pursue. Also, the concept of known/unknown and hazardous/non-hazardous models, which were newly introduced in SOTIF, couldn’t understand why the concept was introduced and how such a conceptual model could be practically used. For example, it was like this. Testing something in the Known domain is easy to understand, but what does it mean to test something in the Unknown domain? If you already have a test scenario, isn’t it supposed to be already known? What on earth does unknown mean?
Setting a validation target seems to use a statistical approach, but how can a quantitative figure be derived?
Of course, I am still not clearly understanding everything about SOTIF, but I am still studying. And what I realized now may be misunderstanding by’misunderstanding’, so my thoughts may change over time.
This paper contains examples of quantifying validation targets with the statistical approach mentioned above, and some explanations on how the concepts of known/unknown and hazardous/not hazardous apply.
Personally, I think the above two confusing concepts have been materialized through this paper. Of course, I’m still not sure how validation targets can be applied at the lower level, not at the vehicle level. It is expected that the standard will be more specific or practical examples will come from other papers.
It is worth reading this article to understand SOTIF. I think it will not be too difficult to understand