When planning your vehicle development strategy, have you considered how you will address the safety requirements your machine must meet to move into production? Scrambling to meet these requirements can keep your vehicle stuck in development with expensive rework, instead of out on the road. Avoid this by understanding what you need to know about ISO 26262.
Before we get into ISO 26262, it’s important to first understand Automotive Safety Integrity Levels (ASIL). ASIL dictates the safety thresholds that apply to the development of functional safety of electrical and electronic (E/E) components for vehicles. In order to be considered road safe, vehicles intended for production must meeting or exceeding ASIL thresholds. While this may be new territory, it is critical to creating a safe machine and avoiding legal liability.
ASIL grades vehicle safety based on risk of hazard. Systems within the vehicle are awarded either a QM, A, B, C, or D ranking. “QM” is the lowest risk of hazard, and “D” the highest. With this type of ranking, ASIL defines what needs to be done in development of the associated systems in order to ensure that E/E systems are designed and tested with the appropriate levels of integrity.
The goal of these ASIL classifications is to ensure that there are no safety-related single points of failure (SPFs) in the electrical system of a vehicle.
This is important because it challenges engineers to consider events of malfunction, allowing them to address potential problems in development rather than discovering them in post-production which could result in the expensive rework, timeline delays, and safety risks to the end-users: the drivers.
If your intent is to contribute to putting a vehicle into production through designing any of the electronic systems, you should be considering the ISO26262 process. Failure to correctly meet these standards or perform an accurate hazard and risk assessment (HARA) could create liabilities for the manufacturer, who could be legally culpable in the event of an accident.
The ISO 26262 process can be complex and overwhelming. Although the standard has been around for over eight years, it is still relatively new for many companies and engineers and can be difficult to know how to apply it to the many unique applications and vehicle platforms. There are also special provisions for unique circumstances such as low volume production and commercial vehicles that are important to consider. New Eagle is experienced in applying the standard to a variety of different applications and powertrain control strategies.
When developing, it is key to have effective tools in order to help increase your team’s capability. Different tools may assist in the requirements traceability, efficiency of code authorship, fault tree analysis, and requirements based testing of the system. New Eagle offers an embedded model-based development tool (eMBD), Raptor-Dev, which significantly increases the efficiency of software development and can be used with associated Mathworks™ toolboxes to provide traceability back to the requirements. Additionally, New Eagle offers Raptor-Test to perform automated regression tests of the software and hardware together to make sure that the system meets the requirements during the final stages of development.
In order to correctly comply with ASILs and meet ISO 26262, safety should be at the center of your control system strategy. Selecting control engineers who are Automotive Functional Safety Engineers (AFSEs) or Professionals (AFSPs), to serve as project-leads, for example, can help your engineering teams get into the habit of repeatedly evaluating work to look for any errors, redundancies, and SPFs that could cause malfunctions in end-vehicles.
AFSEs have successfully completed rigorous training that covers the best safety practices in everything from hardware and software design to correct execution of HARAs. This assures that the engineers are safely developing control systems that meet or exceed ISO 26262 requirements.
If you’re concerned about meeting ASIL requirements and ISO 26262 because your team is not AFS certified, an engineering service consultant like New Eagle can help by augmenting your team. With the ability to assist with E/E system design, performing and documenting the necessary HARAs and confirming the safety of your vehicle, our engineers can help move your machine more quickly–and safely–into production.
