Automotive Functional Safety
Development services V-Top
exida’s automotive ISO 26262 support includes the developmental services covering the top part of the V-Model lifecycle product development model.
Functional Safety Management
The Safety Plan or Functional Safety Management (FSM) Plan is a key document in any IEC 61508 / ISO 26262 development project. It specifies how functional safety will be ensured throughout the entire development project and in production.
The Safety Plan must identify the various roles and responsibilities as they apply to the development process. The Safety plan lists the various techniques and measures that will be implemented as part of the development project to ensure that the targeted SIL / ASIL is achieved.
The deliverable is a draft Safety Plan that the Customer must subsequently refine and implement in their development process.
Safety Requirements Specification
The Safety Requirements Specification (SRS) documents all relevant safety requirements for a product. It lays out the foundation to which a product should be designed. It is encouraged to clearly separate the safety requirements from the functional / generic requirements that also addresses non safety functions. This eases the final audit process.
An exida engineer will review existing functional specification documents, extract any functional safety requirements into a tool such as DOORS™ or SafetyCaseDB, and subsequently create a product-specific SRS that meets all IEC ISO requirements for such a document. In case no functional / generic specification document exists, the exida engineer will collect the specific safety requirements interviewing customer engineers.
The deliverable of this task is the «Product SRS» which will form the basis of the design and verification and validation. Note that the SRS will need to be updated with each revision of the requirements.
Validation Test Plan
The Validation Test Plan (VTP) specifies how a product will be tested once the design and development is complete.
The VTP is directly based on the SRS and “ignores” any specific design / development features.
This will make sure that the final product meets the requirements that were set forth at the beginning of the development of the product. In an IEC ISO compliant development process, the VTP should be created as soon as the SRS is complete.
This will ensure that all requirements can be tested.
An exida engineer will review the Product SRS and create a product specific VTP preferably in a tool such as DOORS™ or SafetyCaseDB. Note that the VTP will need to be updated with each revision of the SRS.
Safety Concept
The Safety Concept (SC) describes the safety-related H/W and high level S/W architecture. It decomposes the design of the safety functions and specifies the associated safety integrity functions such as self-tests and safety support functions such as operating and communication systems and justifies the partitioning.
exida engineers will review existing design documents, extract the H/W and high level S/W structure and any functional safety solution into a UML model, that meets all IEC ISO requirements for such a semi-formal model. In case no design documents exist, the exida engineer will collect the specific structure and safety solutions with customer engineers.
The deliverable of this task is the «Product SC» which will form the basis of the detailed design and verification. Note that the SC will need to be updated with each revision of the SRS.
For the Automotive domain, special services are offered to create Safety Concepts adopting AUTOSAR Software Architecture.
Safety Manual
According to IEC 61508-2 Edition 2.0 from 2010 it is necessary for a supplier of a subsystem or element to make safety-relevant information available to the designer of a safety-related system (or another subsystem or element) in the Safety Manual.
The Safety Manual (SM) is the key communication mechanism between the product vendor and the product users. The document must list any application restrictions or limits, specific installation and maintenance requirements, failure characteristics of the product, and many other items. The SM must be delivered with the product or be made electronically available through the Customer website.
exida engineers compile all product user requirements and product restrictions, considering all IEC requirements for such a document.
The outcome of this service is a Safety Manual that the Customers shall subsequently refine and confirm by validation testing.
Final Safety Case
As explained, the basis of the IEC ISO Certification of the Customer Product is a detailed Safety Case. The Safety Case compiles the arguments and evidence documents for meeting the applicable IEC or ISO requirements.
exida engineers compile the arguments for meeting each applicable IEC or ISO requirement. Customer and exida engineers will collect all related evidence documents to demonstrate that the arguments have been implemented and tested or audited during product development and outstanding action items have been closed.
The deliverable will be the final Safety Case that will be provided to the assessor in the form of an electronic SafetyCaseDB file or a Safety Case report.
Specifying Integration
Formal integration and module testing is required for IEC ISO compliance. The results of the S/W HAZAN serve as an input into the creation of the integration testing.
exida engineers can develop a product specific integration test plan to ensure all claimed safety functions, independence measures and H/W and S/W diagnostics are tested.
The deliverable of this task is the product specific integration test plan which will meet the IEC ISO requirements for such a plan.
Conducting Integration and Module Tests
exida Development engineers can instrument the source code and perform the product specific integration or module tests to ensure all claimed safety functions, independence measures and H/W and S/W diagnostics are tested, and to measure the code coverage achieved.
The deliverable of this task are product specific integration and module test reports stating the requirements and code coverage achieved.