I read an interesting discussion about ASIL decomposition. He questioned that when ASIL C is decomposed, why ASIL B(C)+ASIL B(C) is missing.
[Picture 1. ASIL decomposition. Reference 1]
To explain this, let me refer to a paper, “Understanding the Use, Misuse and Abuse of Safety Integrity Levels”.
There is a move from the belief that a system can be either safe or unsafe, i.e. that safety is a binary attribute, to the acceptance that there is a continuum between absolute safety and certain catastrophe and that this continuum is a scale of risk.
In this sense, SIL is a result of artificial separations between absolute safety and certain catastrophe.
reference 3: picture
There are many standards which adapts SIL concept and their SIL decomposition concepts are similar. So I’d like to explain with IEC 61508 which is a mother standard of functional safety. Because it defines SILs with a ranged safety levels, which concept is needed to explain.
[Picture 2. Target level of safety for SILs. reference 2]
For a product that has SIL3, probability of failure mode shall be between 1.0e-4 to 1.0e-3 on continuous mode(low demand rate).
If we assume that the product has two sub-systems, which has no common cause or dependent failure between them, we can decompose target level of safety into two pieces.
5.0E-4 = 5.0E-1 * 1.0E-3
SIL(5.0E-4) = SIL(5.0E-1) + SIL(1.0E-3)
SIL C = SIL A + SIL B
In this sense, generalization rules are defined in the standards.
Then, why ISO26262 doesn’t have a safety target concept? In fact it has, but not in the system level. But similar rules defined in proven in use part, hw component qualification part, and hw development process part. Not in system part and software part, because there is no reliable reliability model in software, and system consists of software.
Why ASIL C(B)+ASIL C(B) is missing for decomposition of ASIL C ? Because composition of decomposed safety level is not equal to original one.
Reference 1. Linked-in community (ISO 26262 Functional Safety)
Reference 2. http://www.dataweek.co.za/43184n