Using STPA in Compliance with ISO 26262 for Developing a Safe Architecture for Fully Automated Vehicles
نویسندگان
چکیده
Safety has become of paramount importance in the development lifecycle of the modern automobile systems. However, the current automotive safety standard ISO 26262 does not specify clearly the methods for safety analysis. Different methods are recommended for this purpose. FTA (Fault Tree Analysis) and FMEA (Failure Mode and Effects Analysis) are used in the most recent ISO 26262 applications to identify component failures, errors and faults that lead to specific hazards (in the presence of faults). However, these methods are based on reliability theory, and they are not adequate to address new hazards caused by dysfunctional component interactions, software failure or human error. A holistic approach was developed called STPA (Systems-Theoretic Process Analysis) which addresses more types of hazards and treats safety as a dynamic control problem rather than an individual component failure. STPA also addresses types of hazardous causes in the absence of failure. Accordingly, there is a need for investigating hazard analysis techniques like STPA. In this paper, we present a concept on how to use STPA to extend the safety scope of ISO 26262 and support the Hazard Analysis and Risk Assessments (HARA) process. We applied the proposed concept to a current project of a fully automated vehicle at Continental. As a result, we identified 24 systemlevel accidents, 176 hazards, 27 unsafe control actions, and 129 unsafe scenarios. We conclude that STPA is an effective and efficient approach to derive detailed safety constraints. STPA can support the functional safety engineers to evaluate the architectural design of fully automated vehicles and build the functional safety concept.
منابع مشابه
Using STPA in an ISO 26262 Compliant Process
ISO 26262 is the de facto standard for automotive functional safety, and every automotive Original Equipment Manufacturer (OEM), as well as their major suppliers, are striving to ensure that their development processes are ISO 26262 compliant. ISO 26262 mandates both hazard analysis and risk assessment. Systems Theoretic Process Analysis (STPA) is a relatively new hazard analysis technique, tha...
متن کاملBuilding a Safety Case in Compliance with ISO 26262 for Fuel Level Estimation and Display System
Nowadays, road vehicles, including trucks, are characterized by an increased complexity due to a greater variety of software, and a greater number of sensors and actuators. As a consequence, there is an increased risk in terms of software or hardware failures that could lead to unacceptable hazards. Thus safety, more precisely functional safety, is a crucial property that must be ensured to avo...
متن کاملApplying Model Based Techniques for Early Safety Evaluation of an Automotive Architecture in Compliance with the ISO 26262 Standard
In 2011, the automotive industry introduced the application of a standardized process for functional safety-related development of automotive electronic products. The related international standard, ISO 26262 functional safety for road vehicles, has high demands on process documentation and analysis. Within an engineering context this challenges the tremendous increase of complexity for modern ...
متن کاملFrom Safety Requirements to Safety Monitors – Automatic Synthesis in Compliance with ISO 26262
The development of safety-critical electronic systems in the automotive domain is standardized by the ISO 26262 Road vehicles Functional safety. Depending on the concrete risk classification (Automotive Safety Integrity Level, ASIL for short), necessary safety requirements and activities are specified in order to achieve an acceptable residual risk of the system. In particular for the higher AS...
متن کاملA Cost-Effective Model-Based Approach for Developing ISO 26262 Compliant Automotive Safety Related Applications
Automotive manufacturers and their suppliers increasingly need to follow the objectives of ISO 26262 as it is now state-of-the art and as it is the case that an ever increasing number of active and passive safety systems are developed within cars. This has increased the need to define a safe system development process. This paper proposes a model-based approach including automatic and certified...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- CoRR
دوره abs/1703.03657 شماره
صفحات -
تاریخ انتشار 2017