Decomposition Scheme in Automotive Hazard Analysis 2009-01-0745

Safety-related systems in road vehicles are subject to hazard analysis as part of developing their safety requirements. Automotive hazard analysis leads to a requirement for target risk reduction in the system to be developed, usually expressed as a safety integrity level, SIL, or ASIL. During risk analysis, credit can be taken for risk reduction from facilities outside the system of interest, or from architectural decisions to distribute the required risk reduction to sub-elements of the system. Up to now, such concepts have been presented in standards without any justification. The different approaches in the standards are discussed, and a scheme for more rigorously defining the allocation of safety integrity requirements across different elements of a system is proposed.