n-bms, a novel ISO26262 compliant battery management system

Similar documents
Intelligent development tools Design methods and tools Functional safety

ASSESSMENT OF THE ISO STANDARD, ROAD VEHICLES FUNCTIONAL SAFETY

BATTERY MANAGEMENT THE HEART OF EFFICIENT BATTERIES BATTERY TECHNOLOGIES FOR ELECTRO 28 TH NOVEMBER 2013 MOBILITY AND SMART GRID PURPOSES

Impact of Safety Standards to Processes and Methodologies. Dr. Herbert Eichfeld

How to Upgrade SPICE-Compliant Processes for Functional Safety

ISO Introduction

Functional Safety with ISO Principles and Practice Dr. Christof Ebert, Dr. Arnulf Braatz Vector Consulting Services

TÜ V Rheinland Industrie Service

Safety Lifecycle illustrated with exemplified EPS

Dr. Brian Murray March 4, 2011

Safety and security related features in AUTOSAR

Clean and energy-efficient vehicles Advanced research and testing Battery systems

System Safety Process Applied to Automotive High Voltage Propulsion Systems

JEREMY SALINGER Innovation Program Manager Electrical & Control Systems Research Lab GM Global Research & Development

ISO Functional Safety Draft International Standard for Road Vehicles: Background, Status, and Overview

Controlling Risks Safety Lifecycle

Safe Automotive software architecture (SAFE) WP 6, WT Deliverable D Methods for Assessment Activity Architecture Model (AAM)

ISO 26262:2011 Functional Safety Assessment Report. Texas Instruments Richardson, TX USA. Project: TDA2X ADAS SoC. Customer:

Introduction of ISO/DIS (ISO 26262) Parts of ISO ASIL Levels Part 6 : Product Development Software Level

Batteries in HP notebooks

Building a Safety Case in Compliance with ISO for Fuel Level Estimation and Display System

WIND Power Technology: IMD Integrated Motor Drive

IAA Commercial Vehicles Battery Technology. September 29 th, 2010

Following are definitions for major parameters to consider when selecting a power line polarity protection diode for an automotive application.

with Electronic Assistant

codebeamer INTLAND SOFTWARE codebeamer Medical ALM Solution is built for IEC62304 compliance and provides a wealth of medical development knowledge

Version: 1.0 Latest Edition: Guideline

Flash Memory. For Automotive Applications. White Paper F-WP001

psens Pressure Measurement

Controlling Risks Risk Assessment

Developing software for Autonomous Vehicle Applications; a Look Into the Software Development Process

A System-safety process for by-wire automotive systems

ABB PSPS Erich Steinmann; Generator control-2013

PRODUCT INFORMATION. SICK LifeTime Services. LifeTime Services for Machines and Systems

Life Sciences Product Development Artifacts Survey Results

SOFTWARE SAFETY STANDARD

AXIS T81B22 DC 30W Midspan

Software: Driving Innovation for Engineered Products

Charging what can be more simple? SAE J1772

IEC Functional Safety Assessment. Project: K-TEK Corporation AT100, AT100S, AT200 Magnetostrictive Level Transmitter.

Kvaser Mini PCI Express User s Guide

S-series DC to DC Power Supply

Process modules Digital input PMI for 24 V DC inputs for 120 V AC inputs

Frequently Asked Questions

Safety Issues in Automotive Software

Hardware safety integrity Guideline

Reduce Medical Device Compliance Costs with Best Practices.

WHITEPAPER: SOFTWARE APPS AS MEDICAL DEVICES THE REGULATORY LANDSCAPE

Software: Driving Innovation for Engineered Products. Page

Fundamental Principles of Software Safety Assurance

Requirements Management

Medical Certification: Bringing genomic microcores to clinical use OI- VF- WP- 011

SAFETY MANUAL SIL Switch Amplifier

Managing Design Changes using Safety-Guided Design for a Safety Critical Automotive System

Functional Safety Hazard & Risk Analysis

Using the NI 17xx Smart Camera Direct Drive Lighting Controller

TL 9000 and TS16949 Comparison

Effective Application of Software Safety Techniques for Automotive Embedded Control Systems SAE TECHNICAL PAPER SERIES

Electronics & Electrification

An integrated approach to implement system engineering and safety engineering processes: SASHA Project

DEDICATED TO EMBEDDED SOLUTIONS

SAFETY MANUAL SIL SWITCH AMPLIFIER

Presentation Overview. Istwaan Knijff EMC & Safety themadag - 03 oktober Sensata Technologies Almelo. What about EMC?

Homologation Directive for TT04 Vehicle Tracking Systems

Company presentation. ESS - 'Exterior Sound System' for Electric and Hybrid Vehicles

Supplier Quality Agreements

Software Production. Industrialized integration and validation of TargetLink models for series production

Failure Modes, Effects and Diagnostic Analysis

SAFETY MANUAL SIL SMART Transmitter Power Supply

Elektrobit (EB) Automotive Consulting Manage challenging automotive software projects

Achieving Functional Safety with Global Resources and Market Reach

Risk Management in IEC rd Edition. Presented by Alberto Paduanelli Medical Devices Lead Auditor, MHS-UK, TÜV SÜD Product Service

Aberdeen Drilling Consultants Presentation on Asset Integrity and The ADC TRAMS System

SAE J2990 HYBRID & EV FIRST AND SECOND RESPONDER RECOMMENDED PRACTICE OVERVIEW Todd Mackintosh - Task Force Chair

M-series FOUNDATION Fieldbus I/O

Selecting Sensors for Safety Instrumented Systems per IEC (ISA )

Agilent E363xA Series Programmable DC Power Supplies. Data Sheet

ACHIEVING FUNCTIONAL SAFETY OF AUDI DYNAMIC STEERING USING A STRUCTURED DEVELOPMENT PROCESS

Testing for the Unexpected: An Automated Method of Injecting Faults for Engine Management Development

X-Series Signal Analysis. Future-ready instruments Consistent measurement framework Broadest set of applications and software

SAFE HARBOR STATEMENT

A System-Safety Process For By-Wire Automotive Systems

Intland s Medical Template

Safety compliance. Energy management. System architecture advisory services. Diagnostics. Network topologies. Physical and functional partitioning

How To Write Software

IEC Overview Report

The Tesla Roadster battery pack is comprised of about 6800 of these cells, and the entire pack has a mass of about 450kg.

IBM Rational Rhapsody

we keep you ahead components, via integration and validation to charger infrastructure.

Independent Validation of Software Safety Requirements for System of Systems by S. Driskell, J. Murphy, J.B. Michael, M. Shing

Introduction into IEC Software life cycle for medical devices

Do AUTOSAR and functional safety rule each other out?

My first Hirschmann: The SPIDER family of switches.

functional Safety UL Functional Safety Mark

Design Verification The Case for Verification, Not Validation

A Risk Management Capability Model for use in Medical Device Companies

Procedure for Assessment of System and Software

University of Paderborn Software Engineering Group II-25. Dr. Holger Giese. University of Paderborn Software Engineering Group. External facilities

Change Impact analysis

Semiconductors enablers of future mobility concepts 4. Kompetenztreffen Elektromobilität, 22. Februar 2012, Cologn

Transcription:

EVS28 KINTEX, Korea, May 3-6, 2015 n-bms, a novel ISO26262 compliant battery management system Karl Vestin Lithium Balance A/S, Baldershøj 26C, 2635 Ishøj, Denmark, k.vestin@lithiumbalance.com

Lithium Balance, driving safety innovation LiTHIUM BALANCE provide: Innovative and cost effective Battery Management solutions Enabling our customers to reach or exceed their goals LiTHIUM BALANCE supply: High end battery management solutions Engineering and integration services Consultancy Winner of the Frost & Sullivan European Automotive Powertrain Innovation Award 2 best European green technology 2 nd best European green technology company in the Eurecan venture contest 2

Introduction I. The n-bms is fully featured next generation battery management system 1) Highly accurate measurements of cell voltages and temperatures 2) State-of-the-art algorithms for SOC/SOH 3) Automotive grade safety rated components 4) Open API for user software components 1. Flexible hardware and software architecture allows for rapid and safe vehicle integration 2. Off-the-shelf components that can quickly and efficiently be tailored to specific customer requirement 3. Developed in full compliance to ISO26262 4. Developed in close cooperation with major car manufacturers in Europe and North America 3

What is ISO26262? "Road vehicles Functional safety ISO26262: Standard in seven parts (not counting vocabulary, analysis chapter and guidelines) Covers all aspects of a product life cycle, for product idea to decommissioning Introduces the concept of automotive safety integrity level (ASIL) Provides partical instructions and guidelines for how to create safe and reliable E/E systems for road vehicles ISO26262 4

The ISO26262 work flow Concept phase Production and operation System development System verification Hardware development Software development Hardware verification Software verification 5

The cost of implementing ISO26262 I. The implementation of ISO26262 does take considerable effort. Some factors that reduce the initial effort; 1. The existance of a strong QA system within the organization 2. The existance of a strong safety culture within the organization 3. Utilization of tools and templates, such as; 1) MediniAnalyze by IKV++ (http://www.ikv.de) 2) The JasPar project (https://www.jaspar.jp/english/) II. The safety mechanisms and redundancies that the implementation of ISO26262 leads to also increase the cost of the finalized product. Some factors that reduce the cost price increase; 1. Utilization of integrated circuits to reduce component count and cost 2. Clever use of the decomposition rules to maximize hardware utilization 3. Relocation of all non-safety functions to other subsystems 6

The benefits of implementing ISO26262 I. More reliable product -> Less exposure to warranty claims II. Safer product -> Less exposure to safety incidents III. Full traceability from safety goals to hardware components simplifies maintainance IV. Capability to communicate objectively verifiable statements about product safety to customers and suppliers 7

Safety Element out of Context I. ISO26262 take a hollistic vehicle level view on functional safety. This means that all hazard and asociated ASIL s are derived on vehicle level II. This poses a problem for manufacturers of standard components that ideally should be usable in a wide range of vehicles III. Luckily ISO26262 also contains the solution to this problem The automotive industry develops generic elements for different applications and for different customers. These generic elements can be developed independently by different organizations. In such cases, assumptions are made about the requirements and the design, including the safety requirements that are allocated to the element by higher design levels and on the design external to the element. ISO26262:8-9.1 8

Tailoring of safety activities I. Concept phase 1. Assumed Item Definition 2. Assumed Hazard Analysis and Risk Assessment 3. Assumed Safety Goals II. System design phase 1. All assumed dependencies and allocated functions on other systems III. Hardware and software development 1. No tailoring, full application of standard IV. System verification 1. All item level integration and verification activities post-poned V. Production and operation 1. Assumptions made on item level specified 9

Item definition Elements of the item States of the item External interfaces of the item Failure modes of the item 10

Hazard analysis and risk assessment Operating conditions Hazards Hazardous events Severity, Exposure, Controllability ASIL 11

Requirement break-down Independency Safety goal Functional safety requirements Decomposition 12

Artifacts generated Hazard analysis and risk assessment Number Operating conditions 13 Hazards 7 Hazardous events 13*7=91 Safety goals 5 Requirement break-down Number Safety goals 5 Functional safety requirements 35 Technical safety requirements 122 Hardware safety requirements 210 Software safety requirements 165 13

Safety analysis Failure mode effect analysis (FMEA) Fault tree analysis (FTA) 14

The result 15

n-bms safety features and benefits Cell voltage monitoring ±1.2mV <100ms update rate ASIL C(D) Temperature monitoring ±2Cº <100ms update rate ASIL C(D) Current monitoring Depends on Hall effect sensor, typical ±2% <10ms update rate ASIL C(D) Isolation fault monitoring 500 Ω/V ASIL A All hardware and software engineered according to ISO26262 ASIL C level Prevent battery accidents Prevent expensive product recalls Reduce warranty exposure 16

n-bms reliability features and benefits Automotive grade safety rated hardware components Temperature range Operational -40⁰C to 85⁰C Storage -40⁰C to 105⁰C EMC: SAE J1113, CISPR 25, IEC EN 61000, ISO 11451, ISO 11452, ISO 7637 ESD: SAE J1113, ISO10605, IEC EN 61000 Vibration: IEC EN 60068 Reduced warranty exposure Near 100% up-time Enhanced battery reliability 17

n-bms performance features and benefits State-of-the-art algorithms for estimation of; State of Charge (SOC) State of Health (SOH) Remaining Useful Life (RUL) Power capability Three isolated CAN bus interfaces CANOpen UDS/OBD-II J1939 Application programming interface (API) to support customer specific algorithms and software functions Improved driver experience Simple, robust and reliable system integration Tailor made battery management system, but with the reliability offered by using standard hardware and software 18

Thank you for you attention Questions are welcome; now or later at our stand. Alternatively please feel free to contact me directly to discuss battery management, functional safety or electric vehicles in general. Project funded by Energiteknologisk Udviklings- og Demonstrationsprogram, EUDP Karl Vestin, CTO Lithium Balance A/S since 2008 k.vestin@lithiumbalance.com +45 4133 4651 19

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information