当前位置:网站首页>ISO 26262 - 2 functional safety concept
ISO 26262 - 2 functional safety concept
2022-06-26 10:50:00 【Zaya. five hundred and ten】
Catalog
1、 Definition of related items
2、 Hazard analysis and risk assessment
forerunner
A term is used to explain :
FTTI: Fault tolerance time ;
FDTI: Fault detection interval ;
FHTI: Fault handling interval ;
FRTI: Fault response time interval ;
DTTI: Diagnostic test interval ;
EOTI: Emergency operation interval ;
EOTTI: Emergency operation fault tolerance interval .
Functional safety concept
1、 Definition of related items
① Related items yes System or Combination of systems , It is divided according to the functions of the whole vehicle ;
② What is clear in the definition is :
Ⅰ、 What do you do ? The goal of the project 、 Product function ;
Ⅱ、 Environmental conditions for product use , For example, it is installed in engine room, vehicle or other areas ( The installation area results in different heat resistance requirements of the product , Different models );
Ⅲ、 Meet the laws and regulations 、 technical standard ;
Ⅳ、 What are the components of the product ?
Ⅴ、 Relevant requirements for other participating systems or components ?
2、 Hazard analysis and risk assessment
① Purpose : distinguish Project Functional failure Caused by the harm ; For hazardous events classification ; Define security objectives Come on avoid Unacceptable risk ;
② harm analysis And risk assessment Is based on The definition of a project Conduct , project No Should be Including internal security mechanisms , Consider only basic functions ;
③ Method :
Ⅰ、 Hazard identification scenario analysis : distinguish Out of the possible harm , analysis All possible relevant Driving scenes ;
■ Identify the failure or unexpected behavior of relevant items first ( For example, there is no power steering 、 Too much power steering, etc ) Resulting vehicle hazards ;
■ Consider possible driving scenarios in combination with scenario analysis ( Analyze scenarios in multiple combinations );
Scenario analysis considerations 6 The main elements are as follows :
● Vehicle status : Speed up 、 brake 、 Steering, etc ;
● The type of road : Expressway 、 The national highway 、 Provincial highway 、 Country road 、 mountain path ;
● Road conditions : dry / Slippery / Ice and snow pavement , On / downhill slope , Tunnel, etc ;
● Environmental conditions : Snowy weather 、 night 、 heavy snow 、 Fog, etc ;
● traffic : Traffic jam 、 unobstructed 、 Traffic lights, etc ;
● Personnel situation : The driver 、 Passenger 、 Pedestrians on the road 、 People in other cars on the road, etc .
Scenario analysis 6 Large elements can be arranged and combined into driving scenes , For example, the national highway is accelerating in rainy days ....
■ Combine hazards and driving scenarios to get hazard events .
Ⅱ、 Hazard event rating : The severity of the hazardous event severity of failure(S)、 Exposure rate probability of exposure(E)、 Controllability controllability(C) Evaluate and grade ;
Ⅲ、ASIL grading : be based on S、E、C Parameter level , according to ASIL Matrix definition ASIL(automotive safety integrity level) Grade ,ASIL=S+E+C, Different under the same function ASIL The highest grade is selected ;
■ Failure rate λ Is characterized by : System failure + Random hardware failure ;
■ risk Risk:R=S*Pe*Pc*Pi, among ,S It's hazardous ,Pe Is the exposure rate , Probability of hazard occurrence ;Pc Controllability probability ,Pi yes ASIL indicators ,Pe*Pc*Pi Is the failure rate λ, So choose the right ASIL Grade is to choose the right Pi, Can reduce the Risk;
■S、E、C Definition :
S: It refers to the degree of injury to people ( Do not consider damage to objects ), People include drivers 、 Passenger 、 Pedestrians 、 Drivers of other vehicles 、 Passengers, etc ;
ISO26262 Reference rating of :
S0 | S1 | S2 | S3 |
| No harm , Unwanted ASIL | Mild and moderate injuries | Serious injury ( Can survive ) | Fatal injury , May not survive |
SAE J2980 Reference rating of :
| Collision type | Range | S0 | S1 | S2 | S3 |
| Touching | Minimum speed | >4~10km/h | >20~50km/h | >40~65km/h | |
| Maximum speed | <4~10km/h | <20~50km/h | ≤40~65km/h | ||
| Rear collision | Minimum speed | >4~10km/h | >20~50km/h | >40~60km/h | |
| Maximum speed | <4~10km/h | <20~50km/h | ≤40~60km/h | ||
| Side impact | Minimum speed | >2~10km/h | ≥8~30km/h | >16~40km/h | |
| Maximum speed | <2~3km/h | <8~30km/h | <16~40km/h | ||
| Pedestrian collision | Minimum speed | >0~17km/h | >8~24km/h | >15~32km/h | |
| Maximum speed | <8~24km/h | <15~32km/h |
Above for S The grading of is only for reference , It is necessary to calculate or simulate or test according to the vehicle model and hazard scenarios .
E: The proportion of driving scenarios analyzed in all scenarios ;
ISO 26262 Reference rating of : If failure occurs , In any scene , People can perceive , use “ Time range d” Methods , If failure occurs , People can't perceive, they can only perceive under certain circumstances , Then use “ frequency range f” Methods :
| E0 | E1 | E2 | E3 | E4 | |
| Time range d | - | - | <1% Average running time | 1%~10% Average running time | >10% Average running time |
The elapsed time Hours / year | / | <0.4h/ year | 0.4≤x<4h/ year | 4≤x≤40h/ year | >40h/ year |
| E0 | E1 | E2 | E3 | E4 | |
| frequency range f | - | Most drivers are less than once a year | Most drivers have it several times a year | Generally, the driver has one or more accidents in a month | The average happens almost every time you drive |
Basic driving cycle Number / year | / | <1 Time / year | 1≤x<10 Time / year | 10≤x≤100 Time / year | >100 Time / year |
C: The degree of control that can be achieved by avoiding hazardous events , Depending on the traffic participants in the risk :
● The possibility and ability to perceive hazards Cs(sense);
● The ability to determine appropriate controls Cd(decide);
● Ability to complete appropriate controls Ca(act);
among ,Ca Depending on :
● Control ability of traffic participants Cap;
● The controlled capability of the vehicle Cav.
P(C)=P(Cs)*P(Cd)*P(Cap)*P(Cav), According to this formula C Level of .
C The evaluation method of :
step 1:FTTI(fault tolerant time interval Fault tolerance time ) decompose ;
step 2:FTTI test :HMT;
step 3: Get the vehicle reaction time t2;
step 4: Obtain the mechanical operation time t1;
step 5: Get control time tap;
step 6: Get the perception time ts;
step 7:P(Cs) assessment ( Look up the table ).
ISO 26262 Reference rating of :
| C0 | C1 | C2 | C3 |
| Usually controllable | Simple and controllable | Normally controllable | Difficult or uncontrollable |
| Usually, it can be controlled | 99% And above drivers or participants can usually avoid a specific injury | 90% And more drivers or traffic participants can avoid a specific injury | lower than 90% Of drivers or traffic participants can avoid a particular injury |
| The radio is silent | The parking lot starts and stalls | When braking at low speed ,ABS Don't work | Drive at high speed , The brake fails when braking |
Be careful : The scenario needs to be as comprehensive as possible , But not all scenarios and hazards are analyzed in combination , Instead, analyze the combination that may lead to hazardous events and may be the most serious .
■ASIL grading :
QM: No special requirements , Meet the quality standard ;
ASIL It is divided into :A/B/C/D,4 Level ,D For the highest ;
ASIL matrix :
● formula :7A 8B 9C 10D, among , The numbers represent S、E、C The sum of the numbers in , such as C1、E3、S3, Namely 1+3+3=7, Corresponding ASIL Namely A, Add up <7, It is QM;
| C1 | C2 | C3 | ||
| S1 | E1 | QM | QM | QM |
| E2 | QM | QM | QM | |
| E3 | QM | QM | A | |
| E4 | QM | A | B | |
| S2 | E1 | QM | QM | QM |
| E2 | QM | QM | A | |
| E3 | QM | A | B | |
| E4 | A | B | C | |
| S3 | E1 | QM | QM | A |
| E2 | QM | A | B | |
| E3 | A | B | C | |
| E4 | B | C | D |
■ Hazard analysis and ASIL Grade template :
Chinese Translation :
| Hazard identification | function | Failure behavior | Vehicle level hazards | hypothesis | Hazard details | Potential accident scenarios - Consider the worst-case potential accident | ASIL assessment | A comment or note ( If applicable ) | ||||||
| S | explain | E | explain | C | explain | ASIL | ||||||||
| Steering hazard #2 | Steering assist | Oversteer assist | Unexpected lateral movement of the vehicle , Unexpected yaw | nothing | The steering system provides more steering assistance than the design objective , The steering system feels lighter than usual when the response is consistent with the direction required by the driver | During freeway lane changing at higher speeds , Additional assistance may cause the driver to overshoot the steering , Before the driver can control the situation , The vehicle may deviate from the expected path / Lane and collide with oncoming vehicles or adjacent vehicles or roadside objects | 3 | High speed vehicle collision or collision with objects | 4 | Daily exposure to urban roads , An irregular highway | 1 | Simple and controllable | B | This hazard only applies to the steering assist control function , Depending on the vehicle and calibration and the magnitude of the control interference ,ASIL It could be lower |
Ⅳ、 Define security objectives (safety goal): According to the results of hazard analysis and risk assessment , Identify and describe the safety objectives of the project ( Non technical language );
■ Security objectives are the highest level of security requirements ;
■ Use functional languages , Non technical language :
for example : Vehicle in motion , The steering column of the steering system cannot be locked ( This is functional language , Don't write that the vehicle is in motion , The steering control relay outputs continuously , This is the technical language ).
Ⅴ、 verification : Confirm the integrity of risk analysis results 、 Correctness and consistency of project definition documents .
3、 Security concept
Establish the concept of functional safety :
■ Functional safety The concept is based on safety objectives , From various security objectives Export functional security requirements , Consider the basic architecture of the system ;
■ The security requirements Assigned to Of the initial architecture of the system Each unit Or assigned to external risk reduction initiatives ;
■ Security requirements want Inherit Of safety objectives ASIL Grade .
————————————————————————
Reference material :
边栏推荐
- Grain Mall - High Availability Cluster
- Progressive Web 应用程序PWA是应用程序开发的未来
- AIX basic operation record
- MySQL第十次作业-视图
- MySQL第七次作业-更新数据
- Is it safe to use flush mobile phones to speculate in stocks? How to fry stocks with flush
- Idea remote debugger
- Expand and collapse too high div
- Global and Chinese market of amateur football helmets 2022-2028: Research Report on technology, participants, trends, market size and share
- MySQL第八次作业
猜你喜欢
开发者,微服务架构到底是什么?
Alibaba cloud OSS - object storage service (tool)
携程机票 App KMM 跨端 KV 存储库 MMKV-Kotlin | 开源
SSH, SCP command appears permission denied, please try again solution
Enter a positive integer with no more than 5 digits, and output the last digit in reverse order
SwiftUI 开发经验之为离线优先的应用程序设计数据层
Getting started with postman
Redis knowledge mind map
MySQL 8th job
Easyexcel - Excel read / write tool
随机推荐
Moore vote, leetcode169, leetcode229
Enter a positive integer with no more than 5 digits, and output the last digit in reverse order
24 个必须掌握的数据库面试问题!
Common interview questions of binary tree
Easyexcel - Excel read / write tool
搜索引擎高级搜索方法记录
SQL Server 基础介绍整理
小笔记-简单但够用系列_KVM快速入门
MySQL第十次作业-视图
Flutter and native communication (Part 1)
SSH, SCP command appears permission denied, please try again solution
Tape library simple record 1
最牛X的CMDB系统
ceph运维常用指令
Swiftui development experience: data layer of application design for offline priority
Easyx-----c语言实现2048
量化投资学习——经典书籍介绍
Global and Chinese market of aluminum sunshade systems 2022-2028: Research Report on technology, participants, trends, market size and share
磁带库简单记录1
MySQL Chapter 4 Summary