ACHIEVING FUNCTIONAL SAFETY OF AUDI DYNAMIC STEERING USING A STRUCTURED DEVELOPMENT PROCESS

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "ACHIEVING FUNCTIONAL SAFETY OF AUDI DYNAMIC STEERING USING A STRUCTURED DEVELOPMENT PROCESS"

Transcription

1 ACHIEVING FUNCTIONAL SAFETY OF AUDI DYNAMIC STEERING USING A STRUCTURED DEVELOPMENT PROCESS Dr Juergen Schuller* 1, Marnix Lannoije* 2, Dr Michael Sagefka* 3, Wolfgang Dick* 4, Dr Ralf Schwarz* 5 * 1 Audi AG, I/EF-25, Ingolstadt, Germany, phone: , * 2 Audi AG, I/EF-25, Ingolstadt, Germany, phone: , * 3 Audi AG, I/EF-25, Ingolstadt, Germany, phone: , * 4 Audi AG, I/EF-25, Ingolstadt, Germany, phone: , * 5 Audi AG, I/EF-25, Ingolstadt, Germany, phone: , Abstract: Audi dynamic steering is a safety relevant electronic steering system In order to achieve functional safety for this system a structured development process including all safety process aspects and several support processes have been defined and installed Furthermore, the compliance of the implemented processes with the defined processes is strictly monitored by the internal quality assurance Additionally, an external assessor is accompanying the product development in order to assure the functional safety of the product according to the requirements of international safety standards Besides the enforcement of the processes, the challenge in this project is the coordination and monitoring of three suppliers together with the quality assurance and the external assessor Copyright 2006 IFAC Keywords: safety, quality, processes, process models, requirements analysis, chassis control 1 FUNCTIONAL SAFETY Today the complexity and integration of electronic systems is continuously increasing in automotive applications, thus potentially increasing the risk for system failure or system malfunction The goal of functional safety is to prevent hazards generated by an unintended behaviour of a system, thus decreasing the risk of system malfunction to an acceptable level 1 For these safety relevant failures this acceptable risk level is called safety integrity level (SIL) In the only valid generic standard for functional safety (IEC 61508, 1998) four levels of safety integrity are defined, each being assigned a specific failure rate (failures per hour) The safety integrity level of a system is determined with a risk analysis and is a function of the degree of damage caused by the failure, the probability of occurrence and the controllability of the system failure The safety integrity measures which have to 1 This level is not an absolute number but depends on the system and on social standards The society usually accepts that technical systems fail at a certain (low) rate and cause damage without refusing to make use of the technique be implemented depend on the evaluated safety integrity level and are increasing with a higher SIL The safety integrity measures which are required in (IEC 61508, 1998) can be divided in 3 categories: functional safety management, development processes and product requirements for hardware and software architecture and safety integrity In this paper we will focus on the development processes In a letter to VdTÜV 2 (dated April 28, 2004), the VDA 3 stated that the generic standard for functional safety (IEC 61508, 1998) is not fully applicable for automotive industry, thus making it necessary to develop an application specific standard Until the availability of the automotive standard, the generic standard (IEC 61508, 1998) can be only partially applied for the development of safety relevant automotive systems This paper shows the adaptation of the normative process requirements to a safety relevant automotive system development 2 German Association of Technical Inspection Agencies 3 German Association of Automotive Industry 67

2 2 AUDI DYNAMIC STEERING 21 System functionality The principle of Audi dynamic steering is to superimpose an electronically controlled angle to the steering wheel angle in order to realise the following basic functionalities: increase steering comfort and vehicle handling at lower speeds by reducing the necessary steering wheel angle input of the driver and increase the driving safety at higher speeds by increasing the necessary steering wheel angle input of the driver, thus making the vehicle behaviour more tolerant to driver errors These basic functionalities can be realised with an algorithm called variable steering ratio, which is a characteristic diagram depending on steering wheel angle input and vehicle speed Additionally, the stabilisation of the vehicle is achieved with the same principle before the Electronic Stability Program (ESP) engages This leads to a much more comfortable stabilisation (sometimes unnoticed by the driver) without deceleration, thus increasing the active safety of the vehicle 22 Safety integrity A risk analysis has been performed using (Schwarz, 2005) The safety integrity level for all functionalities described in section 21 has been determined to ASIL D 4 Unfortunately, the automotive specific standard for functional safety (Jung, 2005) is not published yet 5 ; thus the requirements, which are associated with this safety integrity level, are not fully defined and not released Thus, we have to refer to valid standard requirements of (IEC 61508, 1998) using a mapping of the automotive integrity levels to the standard safety integrity levels (ASIL D is similar to SIL 3) Since it is sometimes difficult to apply the generic standard (IEC 61508, 1998) to automotive systems, Audi decided to make use of the know-how of TÜV 6 in order to interpret and adapt the normative requirements for this system development fig 1; the electronically controlled orifice (ECO) adapts the hydraulic flow depending on the steering velocity generated by the driver and the dynamic steering system The basic functionalities are deployed on the SCU, whereas the stabilisation functions are deployed on the ESP, called ESP-DSA Audi is responsible for the whole system, whereas the suppliers are responsible for their delivered subsystem: SCU and actuator: ZF Lenksysteme GmbH; ESP-DSA: Robert Bosch GmbH; LWS: Leopold Kostal GmbH steering wheel angle SMLS system boundary Fig 1 System architecture of Audi dynamic steering 3 STRUCTURED DEVELOPMENT PROCESS The first step to a structured development process is the definition of a suitable process model Several process models are known in literature (Eckrich, et al, 2002; Jung, and Woltereck, 2003; Reinelt, and Krautstrunk, 2005a) and used in practice Also, (IEC 61508, 1998) proposes a process model for the safety life cycle of a product which consists of roughly four phases: concept, realisation, production and decommissioning Here, we will focus on the realisation phase and discuss the defined process model 31 Process model hydraulic SCU ESP- DSA CAN servotronic steering wheel torque LWS actuator torsion active bar steering angle wheel ECO angle For the realisation phase the well-known V-model from software engineering (ISO/IEC 12207, 1995) has been adapted to this system development, see Fig 2 DF 1 DRS 1 DF 2 DF DF 3 4 ESP- Basis DRS 2 wheel speed sensors CAN Yaw rate sensors wheel torque 23 System Architecture Audi dynamic steering consists of the steering wheel angle sensor (LWS), the steering control unit (SCU), part of the ESP (ESP-DSA) and the actuator, see 4 FAKRA (Automotive Standard Committee in the German Institute for Standardisation) proposes 4 automotive safety integrity levels (ASIL), namely A, B, C and D, where D is the highest level 5 The final draft has been submitted to the ISO board but is not expected to become a standard before end of Technical Inspection Agency Fig 2 Process model for the system development 68

3 The process model is subdivided into 7 process steps, where 6 process steps are performed at Audi and the implementation step at the suppliers It has to be noted, that the implementation step itself can again be understood as a sub process model, eg again a V-model Each process step is described with its inputs and outputs, the necessary activities to achieve the required outputs and the responsibilities for each activity and output respectively Thus from this process model following project roles can be easily deduced: system developer, system architect, subsystem/component developer, subsystem/component tester, integration tester and system tester From the functional safety point of view a further role is needed: the safety manager His role is described in section 44 together with the support process safety management The allocation of these roles to certain project members is done in the document project manual, which is part of the output of the support process project management (not described in detail here) Furthermore, this process model defines the documentation structure consisting of the outputs of every process step 7 : system requirement specification, system architecture specification, subsystem/component specification, subsystem/component test specifications, integration test specification, reports and system test specification and reports requirement during the system test phase The responsibility for the formulation and analysis of the system requirements is assigned to the system developer and the safety manager Outputs: The system requirement specification (SRS) contains all system requirements including the safety requirements Adjacent process phases: As can be seen in Fig 2, the following process phase is the system architecture design, which needs the system requirement specification as input It is well known that the system test on the opposite side of the V-Model also requires the SRS for the system test specification in order to refer each system test to a system requirement 33 Development model The process model described before is the basis for the implemented development model, which describes the whole realisation phase until the start of production: it is an iterative model using scaled versions of the process model in each iteration phase, see figure 3 Basically, early in the development the left side of the V-Model (specification phase) is emphasized whereas during the later development the right side (testing phase) is emphasized This development model is the basis for the release management since at the end of each iteration phase an official product release (PR1 to PR4 in fig 3) is made This process model is the basis for all engineering activities but also for a number of supporting processes as will be shown later 32 Example: system requirements analysis In this chapter the first process step of the process model is described The requirement analysis is the most important step, where the costliest errors are made Inputs: The inputs for this process step are delivered from the concept phase, which is not described in this paper The outputs of the concept phase are defined as: system concept and risk analysis Activities: In this phase the system requirements have to be formulated The safety requirements are part of the system requirements and can be easily identified by the requirement keys described later A good example for the derivation of safety requirements from risk and criticality analysis is shown in (Reinelt, et al, 2005b) Every requirement has to be formulated precisely: it has to contain objective criteria, which allow verifying the fulfilment of the 7 The documents mentioned here are only subsets of the whole documentation Fig 3 Iterative development model for the realisation phase using the process model from fig 2 4 SUPPORT PROCESSES According to (ISO/IEC 12207, 1995) following support processes have been defined and implemented: project management, configuration management, problem and change management, supplier management and quality assurance Additionally, following support processes have been defined and implemented: requirement management, release management, test management, quality management and 69

4 safety management All support processes are more or less dependent on the defined process and development model, which means that all processes had to be adapted to the model in fig 2 In this paper we will focus on some important aspects of requirement management, release management, quality assurance and safety management 41 Requirement management The goal of requirement management is to enable the tracking of every requirement through the whole development cycle until the final validation Here again a concept from software engineering was used: the requirement keys Every requirement, which was formulated in specifications, has been tagged with a unique requirement key The structure of such a requirement key is quite simple, see fig 4 Fig 4 Notation of the requirement keys Examples of the resulting keys can be seen in fig 5 This notation makes it possible to build a hierarchy of requirements starting from system level going down to component level, see fig 5 Thus, every specification step of the process model in fig 2 contains one level of requirements system requirement specification system design specification subsystem requirement specification REQ_ADS_ÜBERL: convert the evaluated superposition steering angle in motor angle REQ_ADS_SCU_ÜBERL1FKT1: controlled power drive of the motor REQ_ADS_SCU_ÜBERL1FKT11: the superposition steering angle is evaluated with the partial superposition angles of REQ_ADS_SCU_ÜBERL1FKT19: a motor angular speed of is required REQ_ADS_SCU_FS2FKT1: control of the locking mechanism REQ_ADS_SCU_FS1FKT11: automatic monitoring of the locking mechanism is required in order to REQ_ADS_ESP-ADS_STABI3FKT1: output of superposition steering angle to SCU Fig 5 Hierarchical structure of the requirements Here it has to be emphasized that because of the hierarchical structure, the requirement keys can be also modelled and tracked in the Failure Mode and Effects Analysis (FMEA) Due to the graphical representation of functional networks in the FMEA it is immediately obvious, which component requirements are deduced from which system requirements The further tracking of the requirements during the implementation phase have to be guaranteed by the suppliers Since the notation for the requirements is different at each supplier (sometimes automatically generated keys by a tool), either a mapping table has to be used or the original requirement keys have to be included in the supplier requirements 42 Release management The goal of release management is to plan and to control the defined system release levels in order to assure the completion of the product until the last release at least 6 month before the start of production The basis of this support process is the development model from fig 3 Release Plan: This plan contains the definition of the contents of the four release steps on system level Since all specifications use the requirement key notation the release plan is based on these keys In addition the release plan contains the desired test coverage, the interface implementation, the hardware maturity and the product and process documentation for every release level Delivery Plan: The delivery plans are deduced from the release plan and contain the necessary deliveries of each subsystem supplier for the four system release steps Again the delivery plans contain the subsystem requirements and their desired implementation level In addition the delivery plans contain the desired test coverage and the product and process documentation, which has to be delivered by the suppliers Release Protocol: This protocol emerges from the comparison of the achieved product maturity with the release and delivery plans for every release step The evaluation of the product maturity is documented in detail in check lists for the system and every subsystem The evaluation results are summarized in the release protocol and judged in a release meeting by the whole project team The outcome of the meeting is a signed release protocol, where the result may be: released without restrictions (with respect to the regarded release step); released with discrepancies (without restrictions, but there may be faulty or missing documentation or some minor, known errors in the software etc); release with restrictions (usually, these are functional or safety restrictions, which have to be documented in the release protocol); not released (eg in case of too many restrictions) 43 Quality assurance (IEC 61508, 1998) requires an implemented quality management system as a basis for the functional safety management and the assessment of functional safety Thus, a project independent quality assurance has to be installed, which monitors the internal processes The instruments of quality assurance are: a quality assurance plan, defining the tasks, 70

5 a quality assurance project schedule, planning the activities and resources, a quality monitoring plan, documenting the results of quality checks at certain milestones (before the release steps) and numerous check lists generating the quality check results for every work product and process in the quality monitoring plan The results of quality assurance are summarized, judged in the project team and documented in the release protocol for every release step Depending on the relevance of the discrepancies adequate measures have to be initiated in order to reach the defined quality level These measures are documented in an action plan which has to be fulfilled until the next quality check In addition, the independent quality assurance of the suppliers is supervised by the Audi quality assurance 8 The instruments are basically the same as mentioned above The quality monitoring plans are issued together with the suppliers before the delivery steps and are part of the product and process documentation, which is delivered by the suppliers for every release step In case of discrepancies necessary measures are documented in an action plan, which has to be fulfilled by the supplier until the next delivery Furthermore, the software processes of the suppliers are assessed by Audi quality assurance according to (ISO/IEC 12207, 1995) 44 Safety management The goal of safety management is to support the product development process with respect to safety aspects All safety management activities 9 are summarized in the project safety plan, whereas the product safety activities are integrated in the development process documents described in section 31 (IEC 61508, 1998) also requires an independent assessment of functional safety, where the level of independency is a function of the safety integrity level For this system development an external assessor is required; this assessment is also part of the safety management process and is described in the safety plan The responsibility for the whole safety management is assigned to the project safety manager, who has to conduct the following activities: formulate all safety management activities in the safety plan, coordinate all internal and external safety activities 8 This activity is more part of the support process supplier management but is mentioned in this context because the external assessor of functional safety relies on these quality check results 9 Here all project specific activities are meant, whereas the project independent safety activities are described in the functional safety management system, which is not described in this paper organize the external assessment and provide all information for the external assessor Additionally, the safety manager is responsible for product safety activities during development: conduct a system risk analysis, formulate safety and safety integrity requirements in the system requirement specification, coordinate all safety analyses like FMEA, FTA, and FMEDA etc, monitor the completion of all measures defined in FMEA, supervise the fulfilment of safety requirements by component and system tests, communicate all safety requirements to the suppliers and assess changes in product requirements or implementation during development with respect to their safety relevance 5 CONCLUSION The intention of this paper is to give an overview about the processes and methods which have been defined and implemented for the development of Audi dynamic steering in order to achieve functional safety for the system It turned out that with pragmatic, sometimes simple methods a lot of the process requirements of (IEC 61508, 1998) can be achieved, eg: requirements management (with req keys) leads to the mandatory traceability; release management leads to planning reliability and commitment; safety management guarantees the coordination of all safety activities at Audi and the suppliers Especially release management lead to accelerated implementation of all support and development processes because every release step reveals shortcomings of product or process transparently First successes of the structured development process can be acclaimed: the safety concept of the stabilisation subsystem had to be redesigned due to safety integrity requirements; two product release steps have been accomplished successfully; the system and subsystems safety concepts have been assessed through external assessor and proved their feasibility and potential to meet all functional safety requirements It could be shown that the requirements for achieving functional safety are not a burden but are very helpful and lead to more efficient development and to higher product quality and safety 71

6 REFERENCES Eckrich, M, M Pischinger, M Krenn, R Bartz and P Munnix (2002) Aktivlenkung Anforderungen an Sicherheitstechnik und Entwicklungsprozess In: 11 Aachener Kolloqium Fahrzeugund Motorentechnik 2002 (Wallentowitz, H (Ed)), p IKA, Aachen IEC (1998) Functional safety of E/E/PE safety-related systems IEC, Genève ISO/IEC (1995) Information Technology Software Life-Cycle Processes ISO, Genève Jung, C and M Woltereck (2003) Funktionssicherheitskonzept für verteilte Entwicklung sicherheitsrelevanter Systeme In: VDI-Bericht 1789: Elektronik im Kraftfahrzeug VDI, Baden-Baden Jung, C (2005): Stand des ISO-Standards zur Funktionalen Sicherheit für die Automobilindustrie In: Safetronic 2005 Sichere Software und Hardware im Automobil TÜV, München Reinelt, W and A Krautstrunk (2005a) Safety process for development of electronic steering systems SAE technical paper Reinelt, W, W Klier and G Reimann (2005b) Systemsicherheit des Active Front Steering Automobiltechnik, 1/2005 p Schwarz, J (2005): Risikoanalyse Verfahrensbeschreibung (Entwurf) FAKRA, Frankfurt 72

Safety Lifecycle for Automotive Control Systems

Safety Lifecycle for Automotive Control Systems Safety Lifecycle for Automotive Control Systems Introduction Dipl. Ing. (FH) Melanie Cossy, MSc STZ Softwaretechnik Im Gaugenmaier 20 73730 Esslingen Germany melanie.cossy@stz-softwaretechnik.de www.stz-softwaretechnik.de

More information

ASSESSMENT OF THE ISO 26262 STANDARD, ROAD VEHICLES FUNCTIONAL SAFETY

ASSESSMENT OF THE ISO 26262 STANDARD, ROAD VEHICLES FUNCTIONAL SAFETY ASSESSMENT OF THE ISO 26262 STANDARD, ROAD VEHICLES FUNCTIONAL SAFETY Dr. Qi Van Eikema Hommes SAE 2012 Government/Industry Meeting January 25, 2012 1 Outline ISO 26262 Overview Scope of the Assessment

More information

TÜ V Rheinland Industrie Service

TÜ V Rheinland Industrie Service TÜ V Rheinland Industrie Service Business Area: Automation / Functional Safety Contact Minsung Lee +82-2-860-9969 mailto : minsung.lee@kor.tuv.com Sales Account Manager for Functional Safety Fax +82-2-860-9862

More information

ELECTROTECHNIQUE IEC INTERNATIONALE 61508-3 INTERNATIONAL ELECTROTECHNICAL

ELECTROTECHNIQUE IEC INTERNATIONALE 61508-3 INTERNATIONAL ELECTROTECHNICAL 61508-3 ª IEC: 1997 1 Version 12.0 05/12/97 COMMISSION CEI ELECTROTECHNIQUE IEC INTERNATIONALE 61508-3 INTERNATIONAL ELECTROTECHNICAL COMMISSION Functional safety of electrical/electronic/ programmable

More information

How to Upgrade SPICE-Compliant Processes for Functional Safety

How to Upgrade SPICE-Compliant Processes for Functional Safety How to Upgrade SPICE-Compliant Processes for Functional Safety Dr. Erwin Petry KUGLER MAAG CIE GmbH Leibnizstraße 11 70806 Kornwestheim Germany Mobile: +49 173 67 87 337 Tel: +49 7154-1796-222 Fax: +49

More information

ISO 26262: Functional Safety in Automotive Industry Modular training course

ISO 26262: Functional Safety in Automotive Industry Modular training course ISO 26262: Functional Safety in Automotive Industry Modular training course The goal of this modular training course is to introduce the students into functional safety in the automotive industry. The

More information

Controlling Risks Safety Lifecycle

Controlling Risks Safety Lifecycle Controlling Risks Safety Lifecycle Objective Introduce the concept of a safety lifecycle and the applicability and context in safety systems. Lifecycle Management A risk based management plan for a system

More information

Testing of safety-critical software some principles

Testing of safety-critical software some principles 1(60) Testing of safety-critical software some principles Emerging Trends in Software Testing: autumn 2012 Matti Vuori, Tampere University of Technology 27.11.2012 Contents 1/4 Topics of this lecture 6

More information

Safety Lifecycle illustrated with exemplified EPS

Safety Lifecycle illustrated with exemplified EPS September 2012 Freescale, the Freescale logo, AltiVec, C-5, CodeTEST, CodeWarrior, ColdFire, ColdFire+, C-Ware, the Energy Efficient Solutions logo, Kinetis, mobilegt, PowerQUICC, Processor Expert, QorIQ,

More information

ISO 26262 Functional Safety Draft International Standard for Road Vehicles: Background, Status, and Overview

ISO 26262 Functional Safety Draft International Standard for Road Vehicles: Background, Status, and Overview ISO 26262 Functional Safety Draft International Standard for Road Vehicles: Background, Status, and Overview Barbara J. Czerny, Joseph D Ambrosio, Rami Debouk, General Motors Research and Development Kelly

More information

Software development for safetyrelated automotive systems the MISRA guidelines and ISO 26262

Software development for safetyrelated automotive systems the MISRA guidelines and ISO 26262 Software development for safetyrelated automotive systems the MISRA guidelines and ISO 26262 Dr David Ward General Manager Functional Safety MIRA Ltd 2010 Agenda Motivations and challenges for system safety

More information

Hardware safety integrity Guideline

Hardware safety integrity Guideline Hardware safety integrity Comments on this report are gratefully received by Johan Hedberg at SP Swedish National Testing and Research Institute mailto:johan.hedberg@sp.se Quoting of this report is allowed

More information

Executive Summary Functional Safety in accordance with ISO ZVEI UG2 ad hoc working group, "Functional Safety in accordance with ISO 26262"

Executive Summary Functional Safety in accordance with ISO ZVEI UG2 ad hoc working group, Functional Safety in accordance with ISO 26262 Executive Summary Functional Safety in accordance with ISO 26262 ZVEI UG2 ad hoc working group, "Functional Safety in accordance with ISO 26262" Electronic Components and Systems (ECS) Division Impressum

More information

Introduction of ISO/DIS 26262 (ISO 26262) Parts of ISO 26262 ASIL Levels Part 6 : Product Development Software Level

Introduction of ISO/DIS 26262 (ISO 26262) Parts of ISO 26262 ASIL Levels Part 6 : Product Development Software Level ISO 26262 the Emerging Automotive Safety Standard Agenda Introduction of ISO/DIS 26262 (ISO 26262) Parts of ISO 26262 ASIL Levels Part 4 : Product Development System Level Part 6 : Product Development

More information

Impact of Safety Standards to Processes and Methodologies. Dr. Herbert Eichfeld

Impact of Safety Standards to Processes and Methodologies. Dr. Herbert Eichfeld Impact of Safety Standards to Processes and Methodologies Dr. Herbert Eichfeld Impact to Processes, Methodologies, Products Processes + New/changed role descriptions (e.g. safety manager) + Assignments

More information

TÜV Rheinland Energy GmbH

TÜV Rheinland Energy GmbH Report No. V 467.01/15 Rev. 01 Examination of Suitability Solenoid Valves of Types 52, 54 and 67 as Redundant Supply and Exhaust Assemblies for Use in Defined Performance Level acc. EN ISO 13849-1:2008

More information

Version: 1.0 Latest Edition: 2006-08-24. Guideline

Version: 1.0 Latest Edition: 2006-08-24. Guideline Management of Comments on this report are gratefully received by Johan Hedberg at SP Swedish National Testing and Research Institute mailto:johan.hedberg@sp.se Quoting of this report is allowed but please

More information

An integrated approach to implement system engineering and safety engineering processes: SASHA Project

An integrated approach to implement system engineering and safety engineering processes: SASHA Project An integrated approach to implement system engineering and safety engineering processes: SASHA Project Hycham Aboutaleb 1,2, Mohamed Bouali 1, Morayo Adedjouma 3, Emilia Suomalainen 1 1 Knowledge Inside,

More information

IEC 61508 Overview Report

IEC 61508 Overview Report IEC 61508 Overview Report A Summary of the IEC 61508 Standard for Functional Safety of Electrical/Electronic/Programmable Electronic Safety-Related Systems exida Sellersville, PA 18960, USA +1-215-453-1720

More information

DEDICATED TO SOLUTIONS. Automotive System and Software Development

DEDICATED TO SOLUTIONS. Automotive System and Software Development DEDICATED TO SOLUTIONS Automotive System and Software Development ... PERFORMANCE ADVANTAGE BY KNOW-HOW AND INNOVATION ESG Partnership System Competence Progress For five decades, ESG has been one of the

More information

Functional Safety Management: As Easy As (SIL) 1, 2, 3

Functional Safety Management: As Easy As (SIL) 1, 2, 3 Functional Safety Management: As Easy As (SIL) 1, 2, 3 Abstract This paper outlines the need for planning in functional safety management. Recent events such as the Montara blowout and the Deepwater Horizon

More information

Selecting Sensors for Safety Instrumented Systems per IEC 61511 (ISA 84.00.01 2004)

Selecting Sensors for Safety Instrumented Systems per IEC 61511 (ISA 84.00.01 2004) Selecting Sensors for Safety Instrumented Systems per IEC 61511 (ISA 84.00.01 2004) Dale Perry Worldwide Pressure Marketing Manager Emerson Process Management Rosemount Division Chanhassen, MN 55317 USA

More information

Safety Requirements Specification Guideline

Safety Requirements Specification Guideline Safety Requirements Specification Comments on this report are gratefully received by Johan Hedberg at SP Swedish National Testing and Research Institute mailto:johan.hedberg@sp.se -1- Summary Safety Requirement

More information

Functional Safety and Automotive SW - Engineering Introduction ISO 26262 @ Daimler

Functional Safety and Automotive SW - Engineering Introduction ISO 26262 @ Daimler Functional Safety and Automotive SW - Engineering Introduction ISO 26262 @ Daimler Dr. Juergen Schwarz Senior Manager Functional Safety & E/E - Processes WOCS 2012 September 27, 2012, Tokyo, Japan Overview

More information

PREEvision. Model-based Electric/Electronic Development. from Architecture Design to Series-Production Readiness ENGLISH. Distr. Systems.

PREEvision. Model-based Electric/Electronic Development. from Architecture Design to Series-Production Readiness ENGLISH. Distr. Systems. Development Distr. Systems Model-based Electric/Electronic Development from Architecture Design to Series-Production Readiness ENGLISH 2 Model-based Electric/Electronic Development from Architecture Design

More information

Software Production. Industrialized integration and validation of TargetLink models for series production

Software Production. Industrialized integration and validation of TargetLink models for series production PAGE 24 EB AUTOMOTIVE Industrialized integration and validation of TargetLink models for series production Continuous Software Production The complexity of software systems in vehicles is increasing at

More information

Design of automatic testing tool for railway signalling systems software safety assessment

Design of automatic testing tool for railway signalling systems software safety assessment Risk Analysis VI 513 Design of automatic testing tool for railway signalling systems software safety assessment J.-G. Hwang 1, H.-J. Jo 1 & H.-S. Kim 2 1 Train Control Research Team, Korea Railroad Research

More information

ISO 26262 Introduction

ISO 26262 Introduction ISO 26262 Introduction Prof. Christian Madritsch 2012 Table of Contents Structure of ISO 26262 Management of Functional Safety Product Development System Level Product Development Hardware Level Product

More information

Elektrobit (EB) Automotive Consulting Manage challenging automotive software projects

Elektrobit (EB) Automotive Consulting Manage challenging automotive software projects www.elektrobit.com Elektrobit (EB) Automotive Consulting Manage challenging automotive software projects EB Automotive Consulting Manage challenging automotive software projects The automotive industry

More information

A System-safety process for by-wire automotive systems

A System-safety process for by-wire automotive systems A System-safety process for by-wire automotive systems Steer-by-wire and other by-wire systems (as defined in this article) offer many passive and active safety advantages. To help ensure these advantages

More information

Herstellerinitiative Software (OEM Initiative Software)

Herstellerinitiative Software (OEM Initiative Software) Herstellerinitiative Software (OEM Initiative Software) Dr. Michael Daginnus Volkswagen AG Wolfsburg Dr. Dieter Marx Porsche AG Weissach Dr. Ralf Belschner Daimler AG Sindelfingen Kai Barbehön BMW AG München

More information

SOFTWARE DEVELOPMENT STANDARD FOR SPACECRAFT

SOFTWARE DEVELOPMENT STANDARD FOR SPACECRAFT SOFTWARE DEVELOPMENT STANDARD FOR SPACECRAFT Mar 31, 2014 Japan Aerospace Exploration Agency This is an English translation of JERG-2-610. Whenever there is anything ambiguous in this document, the original

More information

The Role of CM in Agile Development of Safety-Critical Software

The Role of CM in Agile Development of Safety-Critical Software The Role of CM in Agile Development of Safety-Critical Software Tor Stålhane1, Thor Myklebust 2 1 Norwegian University of Science and Technology, N-7491, Trondheim, Norway 2 SINTEF ICT, Strindveien 2,

More information

of traffic accidents from the GIDAS database until 5 seconds before the first collision. This includes parameters to describe the environment data,

of traffic accidents from the GIDAS database until 5 seconds before the first collision. This includes parameters to describe the environment data, STANDARDIZED PRE-CRASH-SCENARIOS SCENARIOS IN DIGITAL FORMAT ON THE BASIS OF THE VUFO SIMULATION Dipl.-Math. A. Schubert*, Dipl.-Ing. (FH), M. Eng. C. Erbsmehl*, Dr.-Ing. L. Hannawald* *Verkehrsunfallforschung

More information

IEC 61508 Functional Safety Assessment. Project: K-TEK Corporation AT100, AT100S, AT200 Magnetostrictive Level Transmitter.

IEC 61508 Functional Safety Assessment. Project: K-TEK Corporation AT100, AT100S, AT200 Magnetostrictive Level Transmitter. 61508 SIL 3 CAPABLE IEC 61508 Functional Safety Assessment Project: K-TEK Corporation AT100, AT100S, AT200 Magnetostrictive Level Transmitter Customer: K-TEK Corporation Prairieville, LA USA Contract No.:

More information

Using Fault Trees to Analyze Safety-Instrumented Systems

Using Fault Trees to Analyze Safety-Instrumented Systems Using Fault Trees to Analyze Safety-Instrumented Systems Joseph R. Belland Isograph, Inc., Irvine, USA Abstract: Safety-instrumented systems are protection functions frequently seen in automotive, chemical

More information

Foredragfor Den Norske Dataforening, den 08.10.2003

Foredragfor Den Norske Dataforening, den 08.10.2003 Foredragfor Den Norske Dataforening, den 08.10.2003 CMM, CMMI and ISO 15504 (SPICE) Bruk av modenhetsmodeller under programmvareutvikling, er det nøkkelen til suskess? Malte Foegen, Jürgen Richter IT Maturity

More information

Intelligent development tools Design methods and tools Functional safety

Intelligent development tools Design methods and tools Functional safety Intelligent development tools Design methods and tools Functional safety Flanders DRIVE Index: Flanders DRIVE 1 Importance of functional safety 2 Functional safety for mechatronic systems 4 Global functional

More information

Design and Function of ZF Vane Pumps

Design and Function of ZF Vane Pumps and Function of ZF Vane Pumps 8 7 4 10 The construction principle of the ZF vane pumps is based on a pumping element which is usually in a light-alloy housing (1) and consists basically of a shaft (2),

More information

-Blue Print- The Quality Approach towards IT Service Management

-Blue Print- The Quality Approach towards IT Service Management -Blue Print- The Quality Approach towards IT Service Management The Qualification and Certification Program in IT Service Management according to ISO/IEC 20000 TÜV SÜD Akademie GmbH Certification Body

More information

Application Functional Safety IEC 61511

Application Functional Safety IEC 61511 Application Functional Safety IEC 61511 Introduction Functional safety must be an integral part of the project execution if we shall succeed to make safe application program We can t test and audit safety

More information

Part I. Introduction

Part I. Introduction Part I. Introduction In the development of modern vehicles, the infotainment system [54] belongs to the innovative area. In comparison to the conventional areas such as the motor, body construction and

More information

Functional Safety Management of the development process of safety related programmable electronic systems at Jaquet Technology Group

Functional Safety Management of the development process of safety related programmable electronic systems at Jaquet Technology Group Functional Safety Management of the development process of safety related programmable electronic systems at Jaquet Technology Group Document type: Certification Report Client: Jaquet Technology Group

More information

University of Paderborn Software Engineering Group II-25. Dr. Holger Giese. University of Paderborn Software Engineering Group. External facilities

University of Paderborn Software Engineering Group II-25. Dr. Holger Giese. University of Paderborn Software Engineering Group. External facilities II.2 Life Cycle and Safety Safety Life Cycle: The necessary activities involving safety-related systems, occurring during a period of time that starts at the concept phase of a project and finishes when

More information

Software in safety critical systems

Software in safety critical systems Software in safety critical systems Software safety requirements Software safety integrity Budapest University of Technology and Economics Department of Measurement and Information Systems Definitions

More information

Non-committal VDA recommendation regarding standards The Verband der Automobilindustrie (Automotive Industry Association - VDA) proposes that its memb

Non-committal VDA recommendation regarding standards The Verband der Automobilindustrie (Automotive Industry Association - VDA) proposes that its memb Verband der Automobilindustrie Quality Management in the Automobile Industry Joint Quality Management in the Supply Chain Product creation, product manufacture and product delivery Minimizing risks in

More information

V-Modell XT. Part 1: Fundamentals of the V-Modell

V-Modell XT. Part 1: Fundamentals of the V-Modell V-Modell XT Part 1: Fundamentals of the V-Modell THE V-MODELL XT IS PROTECTED BY COPYRIGHT. BUNDESREPUBLIK DEUTSCHLAND 2004. ALL RIGHTS RESERVED. COPYRIGHT RESERVED BUNDESREPUBLIK DEUTSCHLAND 2004.THE

More information

Safety compliance. Energy management. System architecture advisory services. Diagnostics. Network topologies. Physical and functional partitioning

Safety compliance. Energy management. System architecture advisory services. Diagnostics. Network topologies. Physical and functional partitioning Energy management Network topologies Physical and functional partitioning Safety compliance Diagnostics System architecture advisory services www.continental-corporation.com Why system architecture? 2

More information

A new system architecture for cooperative traffic centres - the sim TD field trial

A new system architecture for cooperative traffic centres - the sim TD field trial 19th ITS World Congress, Vienna, Austria, 22/26 October 2012 EU-00081 A new system architecture for cooperative traffic centres - the sim TD field trial Dr. Dirk Hübner 1, Dipl.-Ing. Gerd Riegelhuth 2

More information

What is Automotive Software Engineering? What is Automotive Software Engineering? What is Automotive Software Engineering?

What is Automotive Software Engineering? What is Automotive Software Engineering? What is Automotive Software Engineering? Process models: Capability Maturity Model Integration (CMMI) Software Process Improvement and Capability Determination (SPICE) V-Model Standards: MISRA-C standard AUTOSAR Configuration management Product

More information

Process Safety Architecture System Neutral Solution Comparison

Process Safety Architecture System Neutral Solution Comparison 499 A publication of CHEMICAL ENGINEERING TRANSACTIONS VOL. 48, 2016 Guest Editors: Eddy de Rademaeker, Peter Schmelzer Copyright 2016, AIDIC Servizi S.r.l., ISBN 978-88-95608-39-6; ISSN 2283-9216 The

More information

CHASSIS - 4WD SYSTEM. Realizes stable start-off and acceleration performance

CHASSIS - 4WD SYSTEM. Realizes stable start-off and acceleration performance CH-66 CHASSIS - 4WD SYSTEM 4WD SYSTEM DESCRIPTION The 4WD system of the 06 RAV4 uses an active torque control 4WD system. It is a compact, lightweight, and high performance 4WD system that optimally controls

More information

n-bms, a novel ISO26262 compliant battery management system

n-bms, a novel ISO26262 compliant battery management system EVS28 KINTEX, Korea, May 3-6, 2015 n-bms, a novel ISO26262 compliant battery management system Karl Vestin Lithium Balance A/S, Baldershøj 26C, 2635 Ishøj, Denmark, k.vestin@lithiumbalance.com Lithium

More information

LIN A real Plug 'n' Play Bus System?

LIN A real Plug 'n' Play Bus System? LIN A real Plug 'n' Play Bus System? Standardized application functions enable the possibility for flexible, fast and cost effective LIN developments. Therefore Plug n Play will also be possible for automotive

More information

Is your current safety system compliant to today's safety standard?

Is your current safety system compliant to today's safety standard? Is your current safety system compliant to today's safety standard? Abstract It is estimated that about 66% of the Programmable Electronic Systems (PES) running in the process industry were installed before

More information

(Refer Slide Time: 01:52)

(Refer Slide Time: 01:52) Software Engineering Prof. N. L. Sarda Computer Science & Engineering Indian Institute of Technology, Bombay Lecture - 2 Introduction to Software Engineering Challenges, Process Models etc (Part 2) This

More information

Functional Safety with ISO 26262 Principles and Practice Dr. Christof Ebert, Dr. Arnulf Braatz Vector Consulting Services

Functional Safety with ISO 26262 Principles and Practice Dr. Christof Ebert, Dr. Arnulf Braatz Vector Consulting Services Functional Safety with ISO 26262 Principles and Practice Dr. Christof Ebert, Dr. Arnulf Braatz Vector Consulting Services Welcome to the Webinar Functional Safety with ISO 26262 Webinar Part 1, Principles

More information

Factory Acceptance Testing Guideline

Factory Acceptance Testing Guideline Factory Acceptance Testing Comments on this report are gratefully received by Johan Hedberg at SP Swedish National Testing and Research Institute mailto:johan.hedberg@sp.se -1- Summary According to the

More information

Compliance ow - managing the compliance of dynamic and complex processes

Compliance ow - managing the compliance of dynamic and complex processes Loughborough University Institutional Repository Compliance ow - managing the compliance of dynamic and complex processes This item was submitted to Loughborough University's Institutional Repository by

More information

Functional Safety. Presented by Christian Dirmeier and Gerald Kupel from TÜV SÜD

Functional Safety. Presented by Christian Dirmeier and Gerald Kupel from TÜV SÜD Functional Safety Presented by Christian Dirmeier and Gerald Kupel from in numbers: Growing from strength to strength 1 One-stop technical solution provider 150 years of experience 800 locations worldwide

More information

A System-Safety Process For By-Wire Automotive Systems

A System-Safety Process For By-Wire Automotive Systems SAE TECHNICAL PAPER SERIES 2000-01-1056 A System-Safety Process For By-Wire Automotive Systems Sanket Amberkar, Joseph G. D Ambrosio and Brian T. Murray Delphi Automotive Systems Joseph Wysocki HRL Laboratories

More information

W09 - Safety Risk Assessments

W09 - Safety Risk Assessments W09 - Safety Risk Assessments Determining Machine Safety Performance Levels and Safety Integrity Levels Mike Duta & Derek Jones November 2012 Rev 5058-CO900C Copyright 2012 Rockwell Automation, Inc. All

More information

Safe, superior and comfortable driving - Market needs and solutions

Safe, superior and comfortable driving - Market needs and solutions 3 rd Conference Active Safety through Driver Assistance Safe, superior and comfortable driving - Market needs and solutions Dr. Werner Struth - President, 1 Global trends Legislation Safety legislation

More information

Development of High Resolution Sensor Element MPS40S and Dual Track Magnetic Encoder for Rotational Speed and Position Measurement

Development of High Resolution Sensor Element MPS40S and Dual Track Magnetic Encoder for Rotational Speed and Position Measurement NTN TECHNICAL REVIEW No.75 2007 Technical Article Development of High Resolution Sensor Element MPS40S and Dual Track Magnetic Encoder for Rotational Speed and Position Measurement Pascal DESBIOLLES Achim

More information

Physical to Functional Mapping with Mindmap Software

Physical to Functional Mapping with Mindmap Software 2006-01-3493 Physical to Functional Mapping with Mindmap Software Copyright 2006 SAE International Michael R Sevcovic International Truck and Engine Corporation ABSTRACT This paper describes how mind mapping

More information

Software Engineering Prof. N.L. Sarda Computer Science & Engineering Indian Institute of Technology, Bombay Lecture-4 Overview of Phases (Part - II)

Software Engineering Prof. N.L. Sarda Computer Science & Engineering Indian Institute of Technology, Bombay Lecture-4 Overview of Phases (Part - II) Software Engineering Prof. N.L. Sarda Computer Science & Engineering Indian Institute of Technology, Bombay Lecture-4 Overview of Phases (Part - II) We studied the problem definition phase, with which

More information

Software Development for Multiple OEMs Using Tool Configured Middleware for CAN Communication

Software Development for Multiple OEMs Using Tool Configured Middleware for CAN Communication 01PC-422 Software Development for Multiple OEMs Using Tool Configured Middleware for CAN Communication Pascal Jost IAS, University of Stuttgart, Germany Stephan Hoffmann Vector CANtech Inc., USA Copyright

More information

Achieving Functional Safety with Global Resources and Market Reach

Achieving Functional Safety with Global Resources and Market Reach Achieving Functional Safety with Global Resources and Market Reach 0A 0B Burner management systems Combustion controls Electric vehicle components (on-board, off board) Electrosensitive equipment Elevator

More information

Use Case Design for AdaptIVe

Use Case Design for AdaptIVe M. Koch, A. Butz & J. Schlichter (Hrsg.): Mensch und Computer 2014 Workshopband, München: Oldenbourg Wissenschaftsverlag, 2014, S. 199-204. Use Case Design for AdaptIVe Stefan Wolter 1, Johann Kelsch 2

More information

ISO and its relation to systems engineering

ISO and its relation to systems engineering ISO 26262 and its relation to systems engineering Dr David Ward Head of Functional Safety Automotive safety Safety has long been a significant attribute of automotive products The traditional automotive

More information

THEME Competence Matrix - Electrical Engineering/Electronics with Partial competences/ Learning outcomes

THEME Competence Matrix - Electrical Engineering/Electronics with Partial competences/ Learning outcomes COMPETENCE AREAS STEPS OF COMPETENCE DEVELOPMENT 1. Preparing, planning, mounting and installing electrical for buildings and industrial applications He/She is able to prepare and carry out simple electrical

More information

ISO FMEA Concepts + Polarion Template

ISO FMEA Concepts + Polarion Template ISO 26262 + FMEA Concepts + Polarion Template Timothy.stroebele@polarion.com Manager PSO Agenda ISO 26262 Concepts Polarion goes ISO 26262 Polarion FMEA Q&A Session Next Steps ISO 26262 Functional Safety

More information

Requirements-driven Verification Methodology for Standards Compliance

Requirements-driven Verification Methodology for Standards Compliance Requirements-driven Verification Methodology for Standards Compliance Serrie-justine Chapman (TVS) serrie@testandverification.com Mike Bartley (TVS) mike@testandverification.com Darren Galpin (Infineon)

More information

Introduction CHAPTER 1

Introduction CHAPTER 1 CHAPTER 1 Introduction Ever since the development of the first integrated circuits in the late 1950s the complexity of such devices doubled every 20 months. A development which has been anticipated by

More information

Qualifying Software Tools According to ISO 26262

Qualifying Software Tools According to ISO 26262 Qualifying Software Tools According to ISO 26262 Mirko Conrad 1, Patrick Munier 2, Frank Rauch 3 1 The MathWorks, Inc., Natick, MA, USA mirko.conrad@mathworks.com 2 The MathWorks, SAS, Grenoble, France

More information

Safety Integrated. SIMATIC Safety Matrix. The Management Tool for all Phases of the Safety Lifecycle. Brochure September 2010. Answers for industry.

Safety Integrated. SIMATIC Safety Matrix. The Management Tool for all Phases of the Safety Lifecycle. Brochure September 2010. Answers for industry. SIMATIC Safety Matrix The Management Tool for all Phases of the Safety Lifecycle Brochure September 2010 Safety Integrated Answers for industry. Functional safety and Safety Lifecycle Management Hazard

More information

Modularisation and functional safety in mechanical and plant engineering

Modularisation and functional safety in mechanical and plant engineering Modularisation and functional safety in mechanical and plant engineering Wideburg Solutions Ever since our founding in May 2011, our primary objective has been to transfer successful concepts and methods

More information

Lecture Slides for Managing and Leading Software Projects. Chapter 1: Introduction

Lecture Slides for Managing and Leading Software Projects. Chapter 1: Introduction Lecture Slides for Managing and Leading Software Projects Chapter 1: Introduction developed by Richard E. (Dick) Fairley, Ph.D. to accompany the text Managing and Leading Software Projects published by

More information

Crucial Role of ICT for the Reinvention of the Car

Crucial Role of ICT for the Reinvention of the Car Joint EC / EPoSS / ERTRAC Expert Workshop 2011 Electric Vehicle System Integration and Architecture Crucial Role of ICT for the Reinvention of the Car Karl-Josef Kuhn Siemens Corporate Research and Technologies

More information

IBM Rational systems and software solutions for the medical device industry

IBM Rational systems and software solutions for the medical device industry IBM Software August 2011 IBM Rational systems and software solutions for the medical device industry Improve processes, manage IEC 61508 and IEC 62304 standards, develop quality products Highlights Manage

More information

Software Product Quality Practices Quality Measurement and Evaluation using TL9000 and ISO/IEC 9126

Software Product Quality Practices Quality Measurement and Evaluation using TL9000 and ISO/IEC 9126 Software Practices Measurement and Evaluation using TL9000 and ISO/IEC 9126 Witold Suryn 1, Alain Abran 2, Pierre Bourque 3, Claude Laporte 4 Department of Electrical Engineering, École de Technologie

More information

Created by: Austin Davis Neel Iyer Darcie Jones Sascha Schwarz

Created by: Austin Davis Neel Iyer Darcie Jones Sascha Schwarz EMGT 587 Systems Engineering Created by: Austin Davis Neel Iyer Darcie Jones Sascha Schwarz Table of Contents Introduction... 3 Operational Scenarios... 4 1. User sets and cancels cruise control:... 4

More information

TL 9000 and TS16949 Comparison

TL 9000 and TS16949 Comparison TL 9000 and TS16949 Comparison www.questforum.org Copyright QuEST Forum 2007 1 Purpose This summary is intended to give those familiar with TS16949 requirements a general sense of the additional requirements

More information

Safety. Rapid response complete control OSPE electrohydraulic steering units. powersolutions.danfoss.com. compliance

Safety. Rapid response complete control OSPE electrohydraulic steering units. powersolutions.danfoss.com. compliance Rapid response complete control OSPE electrohydraulic steering units Safety compliance ensures that your next steering system meets the latest standards powersolutions.danfoss.com Meeting the demands of

More information

Public trainings, In-house seminars, webinars Personal qualification on ISO 26262

Public trainings, In-house seminars, webinars Personal qualification on ISO 26262 AFSP AFSE FUNCTIONAL SAFETY AUTOMOTIVE TRAINING AND PERSONAL QUALIFICATION Public trainings, In-house seminars, webinars Personal qualification on ISO 26262 THE SGS GROUP SGS-TÜV GmbH THE EXPERTS is the

More information

Dr. Brian Murray March 4, 2011

Dr. Brian Murray March 4, 2011 Event that could lead to an accident GM Autonomy HAZARD 1 Q=6e-7 Event that could lead to a hazard Control to prevent HAZARDOUS EVENT 1 HAZARDOUS EVENT 1 HAZARD CONTROL 1 r=6e-008 Q=0.0006 Q=0.001 Q=0.001

More information

Software Engineering Reference Framework

Software Engineering Reference Framework Software Engineering Reference Framework Michel Chaudron, Jan Friso Groote, Kees van Hee, Kees Hemerik, Lou Somers, Tom Verhoeff. Department of Mathematics and Computer Science Eindhoven University of

More information

Frequently Asked Questions

Frequently Asked Questions Frequently Asked Questions The exida Certification Program Functional Safety (SIL) Cyber-Security V2 R3 June 14, 2012 exida Sellersville, PA 18960, USA, +1-215-453-1720 Munich, Germany, +49 89 4900 0547

More information

Machine Safety. Functional Safety & Implementation of the Machinery Directive 2006/42/EC

Machine Safety. Functional Safety & Implementation of the Machinery Directive 2006/42/EC Machine Safety Functional Safety & Implementation of the Machinery Directive 2006/42/EC Functional Safety & Implementation of the Machinery Directive 2006/42/EC 1 2 Functional Safety & Implementation of

More information

Reduce Medical Device Compliance Costs with Best Practices. mark.pitchford@ldra.com

Reduce Medical Device Compliance Costs with Best Practices. mark.pitchford@ldra.com Reduce Medical Device Compliance Costs with Best Practices mark.pitchford@ldra.com 1 Agenda Medical Software Certification How new is Critical Software Certification? What do we need to do? What Best Practises

More information

WG 4 Benchmark paper. Standardization and Certification

WG 4 Benchmark paper. Standardization and Certification WG 4 Benchmark paper Standardization and Certification Benchmark paper on the main requirements for the development of electromobility on a European and international scale Working Group 4 Standardization

More information

Logic solver application software and operator interface

Logic solver application software and operator interface Logic solver application software and operator interface By RJ Perry, Control Systems Consultant Correctly implemented and structured functional logic, together with operator interface displays, can improve

More information

Information Technology Security Evaluation Criteria. ITSEC Joint Interpretation Library (ITSEC JIL)

Information Technology Security Evaluation Criteria. ITSEC Joint Interpretation Library (ITSEC JIL) S Information Technology Security Evaluation Criteria ITSEC Joint Interpretation Library (ITSEC JIL) Version 2.0 November 1998 This document is paginated from i to vi and from 1 to 65 ITSEC Joint Interpretation

More information

Functional Safety. Presented by Matthias Ramold and Stewart Robinson from TÜV SÜD. 07/05/2014 Functional Safety

Functional Safety. Presented by Matthias Ramold and Stewart Robinson from TÜV SÜD. 07/05/2014 Functional Safety Functional Safety Presented by Matthias Ramold and Stewart Robinson from 07/05/2014 Functional Safety Your Presenters Matthias Ramold Team leader Safety components for Rail in Germany Many years experience

More information

An Implementation Roadmap

An Implementation Roadmap An Implementation Roadmap The 2nd Abu Dhabi IT s Forum P J Corum, CSQA, CSTE, ITSM Managing Director Quality Assurance Institute Middle East and Africa Dubai, UAE Quality Assurance Institute Middle East

More information

2005-01-0785. Effective Application of Software Safety Techniques for Automotive Embedded Control Systems SAE TECHNICAL PAPER SERIES

2005-01-0785. Effective Application of Software Safety Techniques for Automotive Embedded Control Systems SAE TECHNICAL PAPER SERIES 2005-01-0785 SAE TECHNICAL PAPER SERIES Effective Application of Software Safety Techniques for Automotive Embedded Control Systems Barbara J. Czerny, Joseph G. D Ambrosio, Brian T. Murray and Padma Sundaram

More information

SIL in de praktijk (Functional Safety) 23.04.2015 - Antwerpen. 61508 Compliance of Actuators and Life Cycle Considerations. SAMSON AG Dr.

SIL in de praktijk (Functional Safety) 23.04.2015 - Antwerpen. 61508 Compliance of Actuators and Life Cycle Considerations. SAMSON AG Dr. SIL in de praktijk (Functional Safety) 23.04.2015 - Antwerpen SAMSON AG Dr. Thomas Karte 61508 Compliance of Actuators and Life Cycle Considerations 2015-04-23 SAMSON AG Dr. Karte - 61508 Compliance of

More information

Abstraction levels of embedded systems

Abstraction levels of embedded systems Abstraction levels of embedded systems Peter Braun and Martin Rappl Lehrstuhl für Software & Systems Engineering Prof. Broy Technische Universität München, Arcisstraße 2, D-80333 München, Germany Tel.:

More information

Safety and security related features in AUTOSAR

Safety and security related features in AUTOSAR Safety and security related features in Dr. Stefan Bunzel Spokesperson (Continental) Co-Authors: S. Fürst, Dr. J. Wagenhuber (BMW), Dr. F. Stappert (Continental) Automotive - Safety & Security 2010 22

More information