iso 26262 changes in revision 2018 - asqf...2016/06/19 · revision of iso 26262:2018 was released...
TRANSCRIPT
ISO 26262Changes in Revision 2018
ASQF-Forum
06.06.2019
Klaus Lamm
Method Park Consulting GmbH
© Method Park
ISO 26262 Revision 2018
▪ Introduction
▪ Further Norms in Context
▪ Main changes in Edition 2
▪ Structure of ISO 26262:2018
▪ ISO 26262:2018 Part 1-12
ISO26262:2018 2/31
© Method Park
ISO 26262 Revision 2018
▪ Introduction
▪ Further Norms in Context
▪ Main changes in Edition 2
▪ Structure of ISO 26262:2018
▪ ISO 26262:2018 Part 1-12
ISO26262:2018 – Introduction 3/31
© Method Park
▪ ISO 26262 is the international Standard for Functional Safety forRoad Vehicles
▪ Revision of ISO 26262:2018 was released in December 2018
▪ Version 2 contains some strutural and content changes
▪ Revision is now also valid
▪ for motorcycles (Part 12)
▪ für trucks, busses, trailers (higher 3,5t)
▪ Revision 2 contains now a guideline for semiconductors (Part 11)
Introduction
ISO26262:2018 – Introduction 4/31
© Method Park
ISO 26262 Revision 2018
▪ Introduction
▪ Further Norms in Context
▪ Main changes in Edition 2
▪ Structure of ISO 26262:2018
▪ ISO 26262:2018 Part 1-12
ISO26262:2018 – Further Norms in Context 5/31
© Method Park
Norms in context
▪ ISO 26262: Road vehicles — Functional safety
▪ 2nd Revision released in 12/2018
▪ ISO 21434: Road vehicles – Cybersecurity engineering
▪ Draft (CD) exists; Release planned for 11/2020
▪ ISO 21448: Road vehicles – Safety of the intendedFunctionality (SOTIF)
▪ PAS (Public Available Specification) publication in 01/2019
▪ 1st Revision planned for 2022
▪ standard for automated driving systems
▪ ISO 15288: Systems- and Software-Engineering
▪ Last Revision in 2015
ISO26262:2018 – Further Norms in Context 6/31
© Method Park
ISO 26262 Revision 2018
▪ Introduction
▪ Further Norms in Context
▪ Main changes in Edition 2
▪ Structure of ISO 26262:2018
▪ ISO 26262:2018 Part 1-12
ISO26262:2018 – Main changes in Revision 2 7/31
© Method Park
The Revision 2018 includes the following main changes
▪ Requirements for trucks, buses, trailers and semi-trailers (several parts)
▪ Extension of the vocabulary (Part 1)
▪ More detailed objectives (all parts)
▪ Objective oriented confirmation measures (all parts)
▪ Management of safety anomalies (Part 2)
▪ References to cyber security (Part 2)
▪ Updated target values for hardware architecture metrics (Part 5)
Main Changes (I)
ISO26262:2018 – Main changes in Revision 2 8/31
© Method Park
Additionally the following changes were included
▪ Guidance on model based development and software safety analysis (Part 6)
▪ Evaluation of hardware elements (Part 5)
▪ Additional guidance on dependent failure analysis (Part 9)
▪ Guidance on fault tolerance (Part 10), safety-related special characteristics (Part 10), and software tools (Part 8)
▪ Guidance for semiconductors (Part 11)
▪ Requirements for motorcycles (Part 12)
▪ General restructuring of all parts for improved clarity (All Parts)
Main Changes (II)
ISO26262:2018 – Main changes in Revision 2 9/31
© Method Park
ISO 26262 Revision 2018
▪ Introduction
▪ Further Norms in Context
▪ Main changes in Edition 2
▪ Structure of ISO 26262:2018
▪ ISO 26262:2018 Part 1-12
ISO26262:2018 – Structure of ISO 26262:2018 10/31
© Method Park
Structure
ISO26262:2018 – Structure of ISO 26262:2018 11/31
© Method Park
ISO 26262 Revision 2018
▪ Introduction
▪ Further Norms in Context
▪ Main changes in Edition 2
▪ Structure of ISO 26262:2018
▪ ISO 26262:2018 Part 1-12
ISO26262:2018 – ISO 26262:2018 Part 1-12 12/31
© Method Park
Part 1: Vocabulary - Excerpt
▪ Chapter Normative References included(General Description of References)
▪ Term body builder equipment included
▪ machine, body, or cargo carrier installed on the T&B base vehicle
▪ Term semi-trailer included
▪ trailer that is designed to be towed by means of a kingpin coupled to a tractor that imposes a substantial vertical load on the towing vehicle
▪ Term remanufacturing included
▪ dismantling and retrofitting a Truck and Bus vehicle with new or restored parts after a period of service according to the original specifications
ISO26262:2018 – Part 1: Vocabulary 13/31
© Method Park
Part 1: Vocabulary - Excerpt
▪ Term safety anomaly included
▪ conditions that deviate from expectations and that can lead to harm
▪ EXAMPLE Deviation can be on requirements, specifications, design documents, user documents, standards, or on experience
▪ Term safety element out of context (SEooC) included
▪ safety-related element which is not developed in the contextof a specific item
▪ Example: A generic wiper system with assumed safety requirements to be integrated in different OEM systems
▪ Term fault detection time interval (FDTI) included
▪ time-span from the occurrence of a fault to its detection
ISO26262:2018 – Part 1: Vocabulary 14/31
© Method Park
Part 2: Annex – Cyber Security
▪ Annex E: Guidance on potential interaction of functional safety with cybersecurity added
▪ Potential interaction (examples)
▪ plans and milestones for cybersecurity activities shall be planned in order to consider dependencies
▪ cybersecurity threats shall be analyzed as a hazard form a functional safety perspective
▪ determine potential impacts of cybersecurity attacks in order to define safety goals or safety concepts.
ISO26262:2018 – Part 2: Management of functional safety 15/31
© Method Park
Part 4: Prod. dev. at the system level
ISO26262:2018 – Part 4: Product development at the system level 16/31
New Example of product development at system level
▪ Technical safety requirements changed to Technical safety concept
▪ Deriviation of TSC to Subsystems
26262:2018
© Method Park
Part 5: Prod. dev. at the hw level
▪ Small changes in Examples
▪ Annex removed
▪ Annex F: Application of scaling factors
Annex extended
▪ Annex F: Example for rationale that objectives of Clause 9 in accordance with 4.2 (Requirements for Compliance)are met
▪ Annex G (informative) Example of a PMHF budgetassignment for an item consisting of two systems.
▪ Annex H (informative) Example of latent fault handling
ISO26262:2018 – Part 5: Prod. dev. at the hw level 17/31
© Method Park
Part 6: Prod. dev. at the sw level
ISO26262:2018 – Part 6: Production development at the software level 18/31
▪ Release for Production and Functional Safety assessment in overview removed
(now in Part 7 resp. 3 and objectives)
▪ Specification of software safety requirementsadded
Old structure New Structure
© Method Park
Part 6: Reference Phase Model
ISO26262:2018 – Part 6: Production development at the software level 19/31
© Method Park
Part 6: Reference Phase Model
ISO26262:2018 – Part 6: Production development at the software level 20/31
26262:201826262:2011
© Method Park
Part 6: Reference Phase Model
ISO26262:2018 – Part 6: Production development at the software level 21/31
26262:201826262:2011
© Method Park
Part 6: Mechanisms for error detection/handling
▪ Former Table 4— Mechanisms for error detection at the software architectural level removed
▪ Former Table 5 — Mechanisms for error handling at the software architectural level removed
▪ New: Methods for tests of the embedded software
▪ New: Methods for deriving tc for the test of the embedded sw
▪ Several Changes in existing tables
ISO26262:2018 – Part 6: Production development at the software level 22/31
© Method Park
Part 6: Methods for verification of swintegration
ISO26262:2018 – Part 6: Production development at the software level 23/31
▪ Method 1d:’test’ replaced by ‘evaluation’
▪ Method 1d (ASIL A,B,C) changed from ‘+’ to ‘++’
▪ Method 1f, Method 1g, Method 1h added
© Method Park
Part 6: Annex B, E
▪ Annex B: Model-based development approaches enhanced
▪ Annex E: Application of safety analysis and analyses of dependent failures at the software architectural level added
ISO26262:2018 – Part 6: Production development at the software level 24/31
© Method Park
Part 8: Characteristics of requirements
Characteristics of requirements extended:
▪ Maintained: unambiguous; comprehensible; atomic (singular);internally consistent; verifiable.
▪ Changed: feasible → feasible and achievable
▪ New: necessary; implementation free; complete; conforming.
ISO26262:2018 – Part 8: Supporting processes 25/31
© Method Park
Part 8: Characteristics of documents
Characteristics of documents extended:
▪ Maintained: precise and concise, structured in a clear manner,
easy to understand by the intended users,
maintainable.
▪ New: verifiable
ISO26262:2018 – Part 8: Supporting processes 26/31
© Method Park
Part 10: Guideline on ISO 26262
ISO26262:2018 – Part 10: Guidelines on ISO 26262 27/31
▪ Guidance for system development with safety-related availability requirements added (Fault tolerance)
▪ Guidance on safety-related special characteristics
▪ Special characteristics (Besondere Merkmale): procedure to ensure that manufactured products or their elements provide the level of safety and quality required by customers
▪ Special characteristics can be product characteristics or manufacturing process parameters.
▪ Guidance for Identification, Specification, Monitoring of special characteristics.
© Method Park
Part 11: Guideline for semiconductors
ISO26262:2018 – Part 11: Guideline for semiconductors 28/31
▪ New Part; intended as a guideline for semiconductors
Content:
1 Scope
2 Normative references
3 Terms and definitions
4. A semiconductor component and its partitioning
▪ 4.1 How to consider semiconductor components
▪ 4.2 Dividing a semiconductor component in parts
▪ …
5 Specific semiconductor technologies and use cases
▪ 5.1 Digital components and memories
▪ 5.2 Analogue/mixed signal components
▪ …
Annex
▪ Several Examples of usage and analysis for digital and analogue components
© Method Park
Part 12: Adaptation of ISO26262for motorcycles
ISO26262:2018 – Part 12: Adaptation for motorcycles 29/31
New Structure (new Part)
▪ New Part; specifies adaptation for motorcyles including
▪ general topics for adaptation for motorcycles
▪ safety culture
▪ confirmation measures
▪ hazard analysis and risk assessment
▪ vehicle integration and testing
▪ safety validation.
© Method Park
Part 12: Terms and MSIL
New Terms:
▪ expert rider
▪ motorcycle
▪ Motorcycle Safety Integrity Level (MSIL)
▪ Controllability Classification Panel
ISO26262:2018 – Part 12: Adaptation for motorcycles 30/31
© Method Park
Vielen Dank
für Ihre
Aufmerksamkeit!
Thank you
for your kind
attention!