Safety Analysis for Highly Automated Driving

Highly automated driving affords a fail-operational system and therefore more effort regarding functional safety. The engineering standard for vehicles, ISO 26262 does not give an applicable approach for a safety argumentation in this context and has its limitations regarding fail-operational systems. Therefore, the aim of the work is to enhance methods in compliance with ISO 26262. For this purpose, methods for the safety analysis are evaluated and extended for the usage in fail-operational systems. This concerns especially the dependent failure analysis, where completeness and applicable guidelines in the automotive domain will be derived. I will also address quantification of common-cause events and derive factors. Furthermore the extension of deductive and inductive methods will be discussed and state-machines and control structures will be verified.

[1]  M. Hillenbrand Funktionale Sicherheit nach ISO 26262 in der Konzeptphase der Entwicklung von Elektrik/Elektronik Architekturen von Fahrzeugen , 2012 .

[2]  Stefan Wagner,et al.  Using STPA in Compliance with ISO 26262 for Developing a Safe Architecture for Fully Automated Vehicles , 2017, Automotive - Safety & Security.

[3]  Joseph R. Belland Modeling common cause failures in diverse components with fault tree applications , 2017, 2017 Annual Reliability and Maintainability Symposium (RAMS).

[4]  Riccardo Mariani,et al.  A flexible microcontroller architecture for fail-safe and fail-operational systems , 2010 .

[5]  CEE RU-SK IC-MOL RA ECZ,et al.  Common-cause failures as major issue in safety of control systems , 2013 .

[6]  Thomas Müller,et al.  Elektronik-Architektur für automatisiertes Fahren und digitale Geschäftsmodelle , 2017 .

[7]  D.M. Tilbury,et al.  Modular verification of modular finite state machines , 2004, 2004 43rd IEEE Conference on Decision and Control (CDC) (IEEE Cat. No.04CH37601).

[8]  Georg Schildbach On the Application of ISO 26262 in Control Design for Automated Vehicles , 2018, SCAV@CPSWeek.

[9]  Dulcinéia Oliveira da Penha,et al.  Pattern-Based Approach for Designing Fail-Operational Safety-Critical Embedded Systems , 2015, 2015 IEEE 13th International Conference on Embedded and Ubiquitous Computing.

[10]  Gregory Levitin,et al.  BDD-based reliability evaluation of phased-mission systems with internal/external common-cause failures , 2013, Reliab. Eng. Syst. Saf..

[11]  Gerhard Grießnig,et al.  Development of the 2nd Edition of the ISO 26262 , 2017, EuroSPI.

[12]  Joel R. Sklaroff,et al.  Redundancy Management Technique for Space Shuttle Computers , 1976, IBM J. Res. Dev..

[13]  T. R. Moss,et al.  Common-cause failure analysis , 1995 .

[14]  Jörg Bormann Vollständige funktionale Verifikation , 2009 .

[15]  J. Borcsok,et al.  Estimation and Evaluation of Common Cause Failures , 2007, Second International Conference on Systems (ICONS'07).

[16]  Per Hokstad,et al.  Common Cause Failures in Safety Instrumented Systems: beta factors and equipment specific checklists based on operational experience , 2015 .

[17]  Y. C. Yeh,et al.  Triple-triple redundant 777 primary flight computer , 1996, 1996 IEEE Aerospace Applications Conference. Proceedings.

[18]  Bernhard Schätz,et al.  Formal analysis of feature degradation in fault-tolerant automotive systems , 2018, Sci. Comput. Program..

[19]  W Mechri,et al.  Uncertainty analysis of common cause failure in safety instrumented systems , 2011 .

[20]  Andreas Herkersdorf,et al.  Fail-operational in safety-related automotive multi-core systems , 2015, 10th IEEE International Symposium on Industrial Embedded Systems (SIES).

[21]  J V Bukowski,et al.  Verifying common-cause reduction rules for fault tolerant systems via simulation using a stress-strength failure model. , 2001, ISA transactions.