Application of ISO 26262 in Distributed Development ISO 26262 in Reality 2009-01-0758
With its origin in the process industry, the IEC 61508 „Functional safety of electrical/electronic/programmable electronic safety-related systems” is not fully applicable in the automotive industry, forcing the automotive industry to work on an automotive specific adaptation (ISO 26262 “Functional Safety – Road Vehicles”).
This ISO 26262 describes an ideal development process that starts from scratch. In reality development activities are often split locally and in time. This can only be handled with a world wide standard as a basis of a common approach, wide enough to give enough freedom to adapt to diverse boundary conditions, but tight enough to hinder local interpretations to be that far, that a complete safety case becomes impossible. Therefore a strict world-wide standard which allows compatible interpretations is mandatory.
The processes, defined in the ISO 26262 can only be managed, if they are integrated in the existing company process guidelines, so that the development engineer following one internal guideline fulfills all relevant process standards. Multiple process assessments according to different standards, but comparable content have to be avoided.
With the potential decision not to include trucks and motorcycles in the scope of the ISO 26262 the IEC 61508 would become the relevant safety standard for those vehicle classes. To avoid the development of automotive systems according to ISO 26262 and IEC 61508 in parallel, we propose to focus in the automotive industry on the ISO 26262 either by defining the standard as relevant for “road vehicles” in general or by a mutual understanding, that the ISO 26262 is the relevant adaptation of the IEC 61508 for all automotive systems.