Impact of Safety Standards to Processes and Methodologies. Dr. Herbert Eichfeld

Similar documents
How to Upgrade SPICE-Compliant Processes for Functional Safety

ISO Functional Safety Draft International Standard for Road Vehicles: Background, Status, and Overview

ASSESSMENT OF THE ISO STANDARD, ROAD VEHICLES FUNCTIONAL SAFETY

Intelligent development tools Design methods and tools Functional safety

ISO Introduction

TÜ V Rheinland Industrie Service

Application Functional Safety IEC 61511

ISO 26262:2011 Functional Safety Assessment Report. Texas Instruments Richardson, TX USA. Project: TDA2X ADAS SoC. Customer:

Introduction of ISO/DIS (ISO 26262) Parts of ISO ASIL Levels Part 6 : Product Development Software Level

IEC Functional Safety Assessment. Project: K-TEK Corporation AT100, AT100S, AT200 Magnetostrictive Level Transmitter.

Safety and security related features in AUTOSAR

Software Production. Industrialized integration and validation of TargetLink models for series production

SOFTWARE VERIFICATION RESEARCH CENTRE SCHOOL OF INFORMATION TECHNOLOGY THE UNIVERSITY OF QUEENSLAND. Queensland 4072 Australia TECHNICAL REPORT

Reduce Medical Device Compliance Costs with Best Practices.

IEC Functional Safety Assessment. ASCO Numatics Scherpenzeel, The Netherlands

Requirements-driven Verification Methodology for Standards Compliance

How To Write Software

Frequently Asked Questions

Functional Safety with ISO Principles and Practice Dr. Christof Ebert, Dr. Arnulf Braatz Vector Consulting Services

Software Life Cycle Process - DO-178B

Fundamental Principles of Software Safety Assurance

Do AUTOSAR and functional safety rule each other out?

IEC Overview Report

Superseded by T MU AM PL v2.0

Efficient and Faster PLC Software Development Process for Automotive industry. Demetrio Cortese IVECO Embedded Software Design

Frequently Asked Questions

Dr. Brian Murray March 4, 2011

Safety Lifecycle illustrated with exemplified EPS

functional Safety UL Functional Safety Mark

Herstellerinitiative Software (OEM Initiative Software)

ISO 14001:2004 vs. ISO 14001:2015

Applying Integrated Risk Management Scenarios for Improving Enterprise Governance

ACHIEVING FUNCTIONAL SAFETY OF AUDI DYNAMIC STEERING USING A STRUCTURED DEVELOPMENT PROCESS

Terms of Reference for an IT Audit of

IBM Rational Rhapsody

Preparation for ISO OH&S Management Systems

Overview of Medical Device Design Controls in the US. By Nandini Murthy, MS, RAC

INTRODUCTION TO ISO 9001 REVISION - COMMITTEE DRAFT

Agile SW Siemens

Safety Issues in Automotive Software

Chapter 1. The ISO 9001:2000 Standard and Certification Process

A Business Analysis Perspective on Business Process Management

Reducing Steps to Achieve Safety Certification

ISO 9001 REVISION INTRODUCTION TO ISO 9001: 2015

Functional Safety Management of the development process of safety related programmable electronic systems at Jaquet Technology Group

asuresign Aero (NATEP Grant MA005)

Certification of a Scade 6 compiler

Achieving Functional Safety with Global Resources and Market Reach

Agile SW Siemens

Requirements Management

IIA Super Conference

Local Interconnect Network Training. Local Interconnect Network Training. Overview

Presentation Overview. Istwaan Knijff EMC & Safety themadag - 03 oktober Sensata Technologies Almelo. What about EMC?

CMMI: Specific Goals and Practices

Project Plan for <project name>

Elektrobit (EB) Automotive Consulting Manage challenging automotive software projects

IEC Functional Safety Assessment. United Electric Controls Watertown, MA USA

AS9100:2016 Transition Guide

JEREMY SALINGER Innovation Program Manager Electrical & Control Systems Research Lab GM Global Research & Development

Software Quality. Unit9. Software Quality Standards

An Overview of ISO/IEC family of Information Security Management System Standards

LESSONS LEARNED REPORT

Automotive SPICE & ISO/CD Their Mutual Relationship

Machineontwerp volgens IEC 62061

SAFE SOFTWARE FOR SPACE APPLICATIONS: BUILDING ON THE DO-178 EXPERIENCE. Cheryl A. Dorsey Digital Flight / Solutions cadorsey@df-solutions.

Implementing an AS9100 Quality Management System

Safe Automotive software architecture (SAFE) WP 6, WT Deliverable D Methods for Assessment Activity Architecture Model (AAM)

CASS TEMPLATES FOR SOFTWARE REQUIREMENTS IN RELATION TO IEC PART 3 SAFETY FUNCTION ASSESSMENT Version 1.0 (5128)

Developing software for Autonomous Vehicle Applications; a Look Into the Software Development Process

Value Paper Author: Edgar C. Ramirez. Diverse redundancy used in SIS technology to achieve higher safety integrity

Release & Deployment Management

Model Based System Engineering (MBSE) For Accelerating Software Development Cycle

ISO/IEC/IEEE The New International Software Testing Standards

Requirements Traceability

Selection and use of the ISO 9000 family of standards

Navigating ISO 9001:2015

16) QUALITY MANAGEMENT SYSTEMS

V-Modell XT. Part 1: Fundamentals of the V-Modell

ISO/IEC Part 10 Safety Extension. Giuseppe Lami Istituto di Scienza e Tecnologie dell Informazione Consiglio Nezionale delle Ricerche Pisa

FUNCTIONAL SAFETY CERTIFICATE

Product Information Services for Embedded Software

ISO/TMB/JTCG N 359. N0359 JTCG FAQ to support Annex SL. Document type: Other committee document. Date of document:

The Fulfillment of AS 9100 Rev C Requirements by EnterpriseIQ

Software Engineering Compiled By: Roshani Ghimire Page 1

Food Safety. Management Systems. Scope of Accreditation

How To Manage Test Data Management At Sqs.Com

Topics. Relation System and Software Engineering Why (automotive) software engineering? Process models V-model Standards.

Functional Safety and Automotive SW - Engineering Introduction ISO Daimler

IRCA Briefing note ISO/IEC : 2011

Release and Deployment Management Software

Implementing an ISO 9001 Quality Management System

ELECTROTECHNIQUE IEC INTERNATIONALE INTERNATIONAL ELECTROTECHNICAL

How to handle data privacy issues in the car industry

VDA Structure Component Requirement Specification. Module I CRS Universal Requirements. <Title> <Number> Version 1.0

Changing data needs from a life cycle perspective in the context of ISO 55000

Safe-E. Safe-E Introduction. Coordination: Andreas ECKEL TTTech Computertechnik AG

Transcription:

Impact of Safety Standards to Processes and Methodologies Dr. Herbert Eichfeld

Impact to Processes, Methodologies, Products Processes + New/changed role descriptions (e.g. safety manager) + Assignments to competent persons + Enrichment of process with safety plan + Enrichment of document flow with new documents + Process tailoring wrt SIL / ASIL IEC 61508 / ISO 26262 Requirement Methodologies + Documentation & configuration mmgt (safety case) + Change management with safety label + Failure Modes, Effects and Diagnostic coverage Analysis + Common Cause Analysis + Requirement Traceability for safety requirements Products + Safety concept with safety product requirements + Safety manual as user manual + Element safety function: product architecture + Additional / changed IP on µc or power IC + Monitor software, watchdog IC, Page 2

Impact to processes and methodologies IEC 61508 and ISO 26262 require certain processes and methodologies to prevent systematic faults. ISO explicitely requires an audit of functional safety processes for ASIL B, C, D (see ISO 26262-2.6.4.6, Table 1). ISO proposes to check the safety management including the functional safety audit in frame of the functional safety assessment of the item (see ISO 26262-2 Annex E). 1. Setup a safety audit project to prepare your processes and methodologies according safety requirements. 2. Rollout it out for product development projects. 3. Pass the external safety audit. 4. Product assessments refer to safety audit for all process and methodology related requirements. Page 3

Example of a Safety audit project (1 of 2) I1 Scope of process audit (draft) Selection of stakeholders Stakeholder requirements Methodologies to + cope with 2 standards + avoid overengineering for < SIL3, < ASIL D Selection of lead customers Selection of auditor Interface to other process adaptations Align on Tier1 - Tier 2 process interface Align scope of audit I2 Scope of process audit I3 Project setup, Contract with auditor Page 4

Example of a Safety audit project (2 of 2) Gap analysis Company process vs standards I4 1. Internal review I5 Improvement plan to close gaps 1. Audit by auditor Enrich improvement plan by + audit findings + changes in standards Implement Improvements CR against ISO 26262 till 08.12.09 Rollout to Projects 2. Internal review I6 2. Audit by auditor: Compliant! I7 Rollout release Page 5

Example: Scope of process audit ISO part ISO topic Scope Arguments 26262-1 Vocabulary No No work product defined 26262-2 Management of functional safety 26262-6 26262-7 26262-8 26262-9 26262-10 Product dev: software level Production & operation Supporting processes ASIL- & safetyoriented analysis Guideline on ISO 26262 Yes * Yes * Yes * Yes * Yes * No All companies in the automotive safety market have to do it. 26262-3 Concept phase No OEM & Tier1 topic 26262-4 Product dev.: system level 26262-5 Product dev.: hardware level No Yes * Tier1 & OEM topic Tier1 (board) & Tier2 (µc) Tier1 (appl. SW) & Tier 2 (FW, drivers, monitors,..) OEM (car), Tier1 (ECU), Tier2 (µc) All companies affected. All companies affected. Informative overview * equivalent contents of IEC 61508 in scope as well. Page 6

Example: How to cope with 2 standards Differences ISO 26262 IEC 61508 Evaluation Information structure FSM structure FSM in one part: ISO 26262-2 1. Overall FSM 2. During development 3. After release for production FSM in IEC 61508-1.6 and other parts ISO structure does not exist but most ISO requirements covered Risk not to find all relevant IEC information ISO structure clearer no contradiction to IEC found Concepts Safety culture Does not exist ISO asks for more Terminology Safety plan, Safety case, Item, Work product, Confirmation measure Roles 1. Organization, 2. PJM, 3. Safety Mgr Terms not defined but content implicitely available 1. Organization, 2. Responsible persons ISO more precise ISO more detailled Result: ISO 26262 covers IEC 61508 for FSM. Page 7

Example: How to avoid overengineering Non-safety projects shall not be affected Today s process for automotive projects fulfills ASIL A & B. For ASIL C & D, enrichments of today s process necessary. Apply tailoring possibilities, the standards offer along the safety integrity levels. On FSM, ISO 26262 offers one tailoring possibility, the certification plan according 26262-2 Annex D, Table D.1: ASIL # of obligatory certification measures D, C 14 (including B and A) B 9 (including A) A 4 Which SIL or ASIL levels are relevant for company? Page 8

Impact to methodologies: Example on Requirement Traceability (1 of 2) Database Delta SIL PRD ITS RTR FMEA UM SAR Legacy Product Requirements SoW Safety Manual DocFlow / project 1 3 7 9 milestones Page 9

Requirement Traceability (2 of 2) Database Reqtify Delta SIL PRD ITS RTR Legacy Product Requirements tagged documents FMEA SoW UM Safety Manual SAR DocFlow / project 1 3 7 9 milestones Page 10

Requirement Tag The image shows a tagged requirement within a Word document. [req ] and [/req] are the open and closing tags. id is the this requirement identifier. parent is the link to an upper requirement, following the V- model. The text between the tags is the requirement description. The text format is not mandatory (parsing is ASCII based), but helps to differentiate. Page 11

Coverage Tag The image shows a tagged test case within a Word document. [cover ] and [/cover] are the open and closing tags. refid is the identifier of the requirement which is covered. The text between the tags is the test case name and description. The text format is not mandatory (parsing is ASCII based), but helps to differentiate. Page 12

Summary High safety integrity levels (SIL 3, ASIL C/D) require additional measures for products and for processes & methodologies. Assumption: A company having delivered automotive quality successfully since many years, should have all measures in place, to comply with low safety integrity levels (ASIL A/B, SIL 1, SIL 2). Page 13

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information