Approaching a SIL3-Compatible Failsafe Computer Control System in Safety-Critical Chassis Applications 2009-01-0740

The design of a cost-effective SIL3/ASILD-compliant failsafe computer control system is a great challenge because of the requirements of IEC 61508 and/or ISO CD 26262. In this paper the formal design methods in concept, space, time, and function domains are presented, which are used for the development of a failsafe chassis control system. We discuss the generic failsafe system architectures based on one-core and multi-core μCs in the framework of Markov’s safety model, and associated safety metrics like DC, SFF, and PFH. The safety aspects require that, a safety-related system is validated by an adequate safety analysis method. For this purpose a new integrated FMEDA (iFMEDA) for the validation of a safety-related vehicle application system is briefly introduced. Finally, the use of safety concepts for failure monitoring in practice chassis applications and generic diversity algorithms is shown.