Effective Functional Safety Concept Generation in the Context of ISO 26262 2014-01-0207
The functional safety concept definition is the backbone of a project's safety process; poor choices made at this stage can have significant impact. A weak concept may result in over-engineering of systems; late re-work when missing safety requirements are eventually uncovered at advanced stages of the development process; disagreements within the supply chains regarding responsibility for safety mechanisms; or, of most concern, release of an unsafe product. Despite this importance, ISO 26262 states that the functional safety requirements are to be derived from the safety goals (top-level safety requirements) and only notes that safety analysis might be used to support this task, giving no further guidance on how this might be done.
The automotive industry's typical time pressures mean that being able rapidly to produce an initial safety concept is critical if it is to influence the system architecture and procurement decisions. At the same time, a high degree of confidence that the functional safety requirements are effective is necessary. There is therefore a balance between rapidly producing a concept versus assurance that it is complete and sufficient.
This paper discusses the role of safety analysis in rapidly and efficiently, yet systematically, deriving functional safety requirements. It considers practical issues such as selection of appropriate analysis techniques, derivation of requirements from the analysis, establishing traceability between requirements and analysis and building upon the analysis throughout the life-cycle. An industrial case study is provided in order to illustrate the suggested approach. Finally, a number of open considerations are introduced.