当前位置：网站首页>ISO 26262 - 2 functional safety concept

Ⅱ、 Environmental conditions for product use , For example, it is installed in engine room, vehicle or other areas （ The installation area results in different heat resistance requirements of the product , Different models ）;

Ⅲ、 Meet the laws and regulations 、 technical standard ;

Ⅳ、 What are the components of the product ？

Ⅴ、 Relevant requirements for other participating systems or components ？

2、 Hazard analysis and risk assessment

① Purpose ： distinguish Project Functional failure Caused by the harm ; For hazardous events classification ; Define security objectives Come on avoid Unacceptable risk ;

② harm analysis And risk assessment Is based on The definition of a project Conduct , project No Should be Including internal security mechanisms , Consider only basic functions ;

③ Method ：

Ⅰ、 Hazard identification scenario analysis ： distinguish Out of the possible harm , analysis All possible relevant Driving scenes ;

■ Identify the failure or unexpected behavior of relevant items first （ For example, there is no power steering 、 Too much power steering, etc ） Resulting vehicle hazards ;

■ Consider possible driving scenarios in combination with scenario analysis （ Analyze scenarios in multiple combinations ）;

Scenario analysis considerations 6 The main elements are as follows ：

● Vehicle status ： Speed up 、 brake 、 Steering, etc ;

● The type of road ： Expressway 、 The national highway 、 Provincial highway 、 Country road 、 mountain path ;

● Road conditions ： dry / Slippery / Ice and snow pavement , On / downhill slope , Tunnel, etc ;

● Environmental conditions ： Snowy weather 、 night 、 heavy snow 、 Fog, etc ;

● traffic ： Traffic jam 、 unobstructed 、 Traffic lights, etc ;

● Personnel situation ： The driver 、 Passenger 、 Pedestrians on the road 、 People in other cars on the road, etc .

Scenario analysis 6 Large elements can be arranged and combined into driving scenes , For example, the national highway is accelerating in rainy days ....

■ Combine hazards and driving scenarios to get hazard events .

Ⅱ、 Hazard event rating ： The severity of the hazardous event severity of failure（S）、 Exposure rate probability of exposure（E）、 Controllability controllability（C） Evaluate and grade ;

Ⅲ、ASIL grading ： be based on S、E、C Parameter level , according to ASIL Matrix definition ASIL（automotive safety integrity level） Grade ,ASIL=S+E+C, Different under the same function ASIL The highest grade is selected ;

■ Failure rate λ Is characterized by ： System failure + Random hardware failure ;

■ risk Risk：R=S*Pe*Pc*Pi, among ,S It's hazardous ,Pe Is the exposure rate , Probability of hazard occurrence ;Pc Controllability probability ,Pi yes ASIL indicators ,Pe*Pc*Pi Is the failure rate λ, So choose the right ASIL Grade is to choose the right Pi, Can reduce the Risk;

■S、E、C Definition ：

S： It refers to the degree of injury to people （ Do not consider damage to objects ）, People include drivers 、 Passenger 、 Pedestrians 、 Drivers of other vehicles 、 Passengers, etc ;

ISO26262 Reference rating of ：

S0	S1	S2	S3
No harm , Unwanted ASIL	Mild and moderate injuries	Serious injury （ Can survive ）	Fatal injury , May not survive

SAE J2980 Reference rating of ：

Collision type	Range	S0	S1	S2	S3
Touching	Minimum speed		＞4~10km/h	＞20~50km/h	＞40~65km/h
Touching	Maximum speed	＜4~10km/h	＜20~50km/h	≤40~65km/h
Rear collision	Minimum speed		＞4~10km/h	＞20~50km/h	＞40~60km/h
Rear collision	Maximum speed	＜4~10km/h	＜20~50km/h	≤40~60km/h
Side impact	Minimum speed		＞2~10km/h	≥8~30km/h	＞16~40km/h
Side impact	Maximum speed	＜2~3km/h	＜8~30km/h	＜16~40km/h
Pedestrian collision	Minimum speed		＞0~17km/h	＞8~24km/h	＞15~32km/h
Pedestrian collision	Maximum speed		＜8~24km/h	＜15~32km/h

Above for S The grading of is only for reference , It is necessary to calculate or simulate or test according to the vehicle model and hazard scenarios .

E： The proportion of driving scenarios analyzed in all scenarios ;

ISO 26262 Reference rating of ： If failure occurs , In any scene , People can perceive , use “ Time range d” Methods , If failure occurs , People can't perceive, they can only perceive under certain circumstances , Then use “ frequency range f” Methods ：

Time range d

＜1% Average running time

1%~10% Average running time

＞10% Average running time

The elapsed time

Hours / year

＜0.4h/ year

0.4≤x＜4h/ year

4≤x≤40h/ year

＞40h/ year

frequency range f

Most drivers are less than once a year

Most drivers have it several times a year

Generally, the driver has one or more accidents in a month

The average happens almost every time you drive

Basic driving cycle

Number / year

＜1 Time / year

1≤x＜10 Time / year

10≤x≤100 Time / year

＞100 Time / year

C： The degree of control that can be achieved by avoiding hazardous events , Depending on the traffic participants in the risk ：

● The possibility and ability to perceive hazards Cs（sense）;

● The ability to determine appropriate controls Cd（decide）;

● Ability to complete appropriate controls Ca（act）;

among ,Ca Depending on ：

● Control ability of traffic participants Cap;

● The controlled capability of the vehicle Cav.

P(C)=P(Cs)*P(Cd)*P(Cap)*P(Cav), According to this formula C Level of .

C The evaluation method of ：

step 1：FTTI（fault tolerant time interval Fault tolerance time ） decompose ;

step 2：FTTI test ：HMT;

step 3： Get the vehicle reaction time t2;

step 4： Obtain the mechanical operation time t1;

step 5： Get control time tap;

step 6： Get the perception time ts;

step 7：P(Cs) assessment （ Look up the table ）.

ISO 26262 Reference rating of ：

C0	C1	C2	C3
Usually controllable	Simple and controllable	Normally controllable	Difficult or uncontrollable
Usually, it can be controlled	99% And above drivers or participants can usually avoid a specific injury	90% And more drivers or traffic participants can avoid a specific injury	lower than 90% Of drivers or traffic participants can avoid a particular injury
The radio is silent	The parking lot starts and stalls	When braking at low speed ,ABS Don't work	Drive at high speed , The brake fails when braking

Be careful ： The scenario needs to be as comprehensive as possible , But not all scenarios and hazards are analyzed in combination , Instead, analyze the combination that may lead to hazardous events and may be the most serious .

■ASIL grading ：

QM： No special requirements , Meet the quality standard ;

ASIL It is divided into ：A/B/C/D,4 Level ,D For the highest ;

ASIL matrix ：

● formula ：7A 8B 9C 10D, among , The numbers represent S、E、C The sum of the numbers in , such as C1、E3、S3, Namely 1+3+3=7, Corresponding ASIL Namely A, Add up ＜7, It is QM;

		C1	C2	C3
S1	E1	QM	QM	QM
	E2	QM	QM	QM
	E3	QM	QM	A
	E4	QM	A	B
S2	E1	QM	QM	QM
	E2	QM	QM	A
	E3	QM	A	B
	E4	A	B	C
S3	E1	QM	QM	A
	E2	QM	A	B
	E3	A	B	C
	E4	B	C	D

■ Hazard analysis and ASIL Grade template ：

Chinese Translation ：

Hazard identification

function

Failure behavior

Vehicle level hazards

hypothesis

Hazard details

Potential accident scenarios - Consider the worst-case potential accident

ASIL assessment

A comment or note （ If applicable ）

explain

ASIL

Steering hazard #2

Steering assist

Oversteer assist

Unexpected lateral movement of the vehicle , Unexpected yaw

nothing

The steering system provides more steering assistance than the design objective , The steering system feels lighter than usual when the response is consistent with the direction required by the driver

During freeway lane changing at higher speeds , Additional assistance may cause the driver to overshoot the steering , Before the driver can control the situation , The vehicle may deviate from the expected path / Lane and collide with oncoming vehicles or adjacent vehicles or roadside objects

High speed vehicle collision or collision with objects

Daily exposure to urban roads , An irregular highway

Simple and controllable

This hazard only applies to the steering assist control function , Depending on the vehicle and calibration and the magnitude of the control interference ,ASIL It could be lower

Ⅳ、 Define security objectives （safety goal）： According to the results of hazard analysis and risk assessment , Identify and describe the safety objectives of the project （ Non technical language ）;

■ Security objectives are the highest level of security requirements ;

■ Use functional languages , Non technical language ：

for example ： Vehicle in motion , The steering column of the steering system cannot be locked （ This is functional language , Don't write that the vehicle is in motion , The steering control relay outputs continuously , This is the technical language ）.

Ⅴ、 verification ： Confirm the integrity of risk analysis results 、 Correctness and consistency of project definition documents .

3、 Security concept

Establish the concept of functional safety ：

■ Functional safety The concept is based on safety objectives , From various security objectives Export functional security requirements , Consider the basic architecture of the system ;

■ The security requirements Assigned to Of the initial architecture of the system Each unit Or assigned to external risk reduction initiatives ;

■ Security requirements want Inherit Of safety objectives ASIL Grade .

————————————————————————

Reference material ：

Functional safety time parameter - You know

原网站

版权声明
本文为[Zaya. five hundred and ten]所创，转载请带上原文链接，感谢
https://yzsam.com/2022/177/202206260949191379.html

当前位置：网站首页>ISO 26262 - 2 functional safety concept

ISO 26262 - 2 functional safety concept

forerunner

Functional safety concept

1、 Definition of related items

2、 Hazard analysis and risk assessment

3、 Security concept

边栏推荐

猜你喜欢

随机推荐

		C1	C2	C3
S1	E1	QM	QM	QM
	E2	QM	QM	QM
	E3	QM	QM	A
	E4	QM	A	B
S2	E1	QM	QM	QM
	E2	QM	QM	A
	E3	QM	A	B
	E4	A	B	C
S3	E1	QM	QM	A
	E2	QM	A	B
	E3	A	B	C
	E4	B	C	D

		C1	C2	C3
S1	E1	QM	QM	QM
	E2	QM	QM	QM
	E3	QM	QM	A
	E4	QM	A	B
S2	E1	QM	QM	QM
	E2	QM	QM	A
	E3	QM	A	B
	E4	A	B	C
S3	E1	QM	QM	A
	E2	QM	A	B
	E3	A	B	C
	E4	B	C	D

		C1	C2	C3
S1	E1	QM	QM	QM
	E2	QM	QM	QM
	E3	QM	QM	A
	E4	QM	A	B
S2	E1	QM	QM	QM
	E2	QM	QM	A
	E3	QM	A	B
	E4	A	B	C
S3	E1	QM	QM	A
	E2	QM	A	B
	E3	A	B	C
	E4	B	C	D