Introduction to ISO 26262

 

In recent years, cars have become more and more intelligent. There are cars that can park themselves or sense traffic ahead and adjust their rate of speed accordingly, and even experimental vehicles that can operate without driver input. There are also many other features on today’s automobiles that are electronically controlled.  The control of the transmission is now electronic. There are multiple LCD screens displaying a variety of information, one of them being a touch screen that controls the audio system and the interaction with cell phones. While there are many advantages to the recent improvements, there is also additional risk. It is more important than ever to recognize any potential risks of hardware or software related failures. The results of such failures could result in severe injury or possible loss of life. The International Organization for Standardization (ISO) recognized this need and published the ISO 26262-1 standard to help ensure functional safety of electrical and electronic systems in road vehicles.

What is ISO 26262

The relatively new ISO-26262-1 standard is titled “Road vehicles – Functional safety” and was initially published in 2011, later revised to add section 10 in 2012, and now has section 11 under development. The ISO 26262 standard is based on the “IEC 61508 Functional safety of electrical / electronic / programmable electronic safety-related systems” standard. The ISO 26262-1 standard advocates the use of a Hazard Analysis and Risk Assessment (HARA) method to identify possible hazardous events within the system and define “safety goals” to mitigate those hazards. In addition, it includes guidelines and regulations for assigning a risk level to an electronic system, software or component, evaluate the risk and document the testing to ensure safety of road vehicle electronic systems. It is important that we cover what the standard is and is not applicable to.

·         The ISO 26262-1 Standard is applicable to:

o    All safety-related systems with one or more E/E systems installed in series production passenger vehicles with a maximum weight 3,500 kilograms

o    Possible hazards caused by a malfunction of E/E safety-related systems, including ones due to interaction of the systems

·         The ISO 26262-1 Standard is NOT applicable to:

o    Particular E/E systems for special purpose vehicles designed for drivers with disabilities

o    Systems and components in production, already under development prior to the publication date of ISO 26262

o    The nominal performance of E/E systems, even if specific dedicated functional performance standards exist for the systems (e.g. active and passive safety systems, brake systems, Adaptive Cruise Control)

o    Risk related to possible electric shock, fire, exposure to smoke, heat, radiation, toxicity, etc., unless directly caused by malfunction of E/E safety-related systems

The ISO standard includes requirements for each phase of the product life cycle from the concept phase through development, validation, product launch and decommission.  In addition, the standard includes an automotive-specific method for determining risk classes or Automotive Safety Integrity Levels (ASIL). The standard also defines methods for using ASILs to specify needed safety requirements to achieve an acceptable level of residual risk. ISO 26262 also includes requirements for proper validation and verification methods to make sure that a satisfactory level of safety has been achieved.

Why Implement ISO 26262

Today’s new vehicles are becoming more and more dependent upon electronic systems and software. These new systems introduce a new risk of possible failure modes. Some of the possible system failures could result in injury or possible fatalities. Safety in manufacturing is serious business. Failure of these new E/E systems could have an extreme impact on the future of an organization. They could result in recalls and possible litigation. Companies need to make every effort to assure safe operation or use of their product. They need to be diligent in identification and evaluation of risk in their designs and follow through with effective measures to reduce or eliminate that risk. The ISO 26262 standard was published to help companies ensure functional safety of their electrical and electronic systems. Organizations looking to implement ISO 26262 should understand the goal is to identify and analyze risk early in the product development process. In addition, they must establish safety goals and achieve these goals through a comprehensive validation plan.