SOTIF - A New Challenge for Functional Testing
- PDF / 1,599,345 Bytes
- 5 Pages / 595.276 x 790.866 pts Page_size
- 40 Downloads / 267 Views
SOTIF – A New Challenge for Functional Testing For electrical, electronic and programmable electronic control systems and automated vehicles up to SAE level 4, the impact of functionality on safety must be understood early. To understand the safety of the intended functionality and the associated tests, a standardized procedure is required. Volkswagen and ESE present a systematic approach that includes evaluation strategies and a process.
INTENTION
More and more control units in modern cars have an influence on road safety. Recent incidents show that safety even becomes a more challenging topic in the development of safety-relevant applications in road vehicles, since highly automated vehicles increase the automotive systems’ complexity significantly. The ISO 26262 [1] process standard for functional safety is the answer to safetyrelated product development. However, ISO 26262 mainly specifies requirements
56
for processes (for example for risk iden tification and risk reduction, a product development to minimize the impact of human faults) and recommends several methods of analysis, for example Failure Mode and Effects Analysis (FMEA) [2] or Fault Tree Analysis (FTA) [3], based on the safety goal defined in the Automotive Safety Integrity Level (ASIL). Since ISO 26262 only addresses random and systematic errors, there is no consideration of the extent to which the possible event space in the field is completely recorded and described, especially for
© metamorworks | Getty Images | iStock
AUTHORS
Dr. Alexander Börger ist Process Manager for compliance at the Volkswagen AG in Wolfsburg (Germany).
Dr. René S. Hosse is Lead Assessor and Safety Consultant for Automotive Systems at the ESE Engineering and Software Development GmbH in Braunschweig (Germany).
Dr. Stefan von der Decken is Manager for Safety and Standards and Assessor for Automotive Systems – Components and Systems at ESE in Braunschweig (Germany).
automated driving functions. There are many driving scenarios which require a deep understanding of intended functionality to ensure safety. Safety of the Intended Functionality (SOTIF) [4] defines a process for a standardized analysis of safety for intended functionality before the product development according to ISO 26262 starts and thus addresses the topic of the complete description of the functionality. The intended functionality needs to be evaluated in all relevant driving scenarios. The evaluation method is testing on the function level – here called functional testing. The aim of this contribution is to introduce the proposed SOTIF standardized process and the SOTIF activities. THEORY OF SOTIF ACTIVITIES
In order to provide a coherent definition for SOTIF activities, it is necessary to have a profound theoretical framework. Since this article focuses on automotive systems, it is useful to provide a definition of what a function and functionality in automotive systems are, as ISO 26262 does not give a specific definition for the term functionality. The following specifications are therefore ma
Data Loading...
