Integrating SOTIF and Agile Systems Engineering 2019-01-0141
Autonomous vehicles and advanced drive assistance systems have functionality realized across numerous distributed systems that interact with a dynamic cyber-physical environment. This complexity raises the potential for emergent behaviors which are not intended for the system’s operational use. The need to analyze the intended functionality of these emergent behaviors for potential hazards, which may occur in absence of faults, are aspects of the ISO PAS 21448, Safety of The Intended Functionality (SOTIF). This paper describes a methodology for applying SOTIF, within the context of the systems engineering pipeline, to facilitate higher levels of automated systems. By using an agile systems engineering framework, along with the Systems-Theoretic Process Analysis (STPA) method, system developers can identify potential hazards and identify previously unknown hazardous scenarios before system testing. This facilitates functional and technical improvements during the development process which can be traced back to the system design when using model based system engineering techniques. In addition, verification and validation result of the system can be fed into the analysis to aide in addressing technical limitations.