27
Challenges and trends for automotive safety assurance Mike Barnett and Dave Higham Delphi Powertrain Engineering

Challenges and trends for automotive safety assurance...Challenges and trends for automotive safety assurance ... megatrends • Superior engineering and system integration ... •

  • Upload
    others

  • View
    4

  • Download
    0

Embed Size (px)

Citation preview

Page 1: Challenges and trends for automotive safety assurance...Challenges and trends for automotive safety assurance ... megatrends • Superior engineering and system integration ... •

Challenges and trends for automotive safety assurance

Mike Barnett and Dave Higham Delphi Powertrain Engineering

Page 2: Challenges and trends for automotive safety assurance...Challenges and trends for automotive safety assurance ... megatrends • Superior engineering and system integration ... •

Overview

• Introduction

• The “Big Picture”� State of play

� Trends

� ISO 26262 Road vehicle functional safety

• MISRA guidelines for safety cases

• Comment and observations

Page 3: Challenges and trends for automotive safety assurance...Challenges and trends for automotive safety assurance ... megatrends • Superior engineering and system integration ... •

Delphi, a leading automotive technology company

126manufacturing

sites

15major global

technical centers

19,000engineers

and scientists

$16.5B2013 revenue

.... .........

..

.....

..

.

..

...

.

... ......

.

..

... .

.....

.......

...... ..

..

.... ....

........... .....

..............

......

...... ........... ...

more than

160,000people in

32 countries

$1.7 Bin

Research &Development

Page 4: Challenges and trends for automotive safety assurance...Challenges and trends for automotive safety assurance ... megatrends • Superior engineering and system integration ... •

Delphi, a leading automotive technology company

• Market relevant portfolio aligned to megatrends

• Superior engineering and system integration

• Collaborative innovation

• Leading-edge technology

• Quality products and services

• Award winning performance

• Global, precision manufacturing capabilities

• World-class customer support

Safe

Connected

Green

Page 5: Challenges and trends for automotive safety assurance...Challenges and trends for automotive safety assurance ... megatrends • Superior engineering and system integration ... •

Delphi - Portfolio of Safety solutions

Safe

Green

Connected

• 360 degree sensing• Front, rear and side

detection• Suite of radar and vision

sensing systems• RACam radar and camera

fusion

Automated Driving

Systems

• Fatigue/drowsiness• Distraction

Safety

Electronics

• Airbag control units• Multi-domain controllers

Occupant Classification

Systems

• Full and Infant-only Suppression

• Seat Belt Reminder

Driver

Assistance

• Collision avoidance• Cross traffic alert• Blind spot detection• Lane departure warning• Lane centering• Automatic headlight control• Traffic sign recognition• Forward collision warning• Automatic emergency

braking• Adaptive cruise control

Driver State Alerts &

Workload Management

Page 6: Challenges and trends for automotive safety assurance...Challenges and trends for automotive safety assurance ... megatrends • Superior engineering and system integration ... •

The “Big Picture”

Page 7: Challenges and trends for automotive safety assurance...Challenges and trends for automotive safety assurance ... megatrends • Superior engineering and system integration ... •

A Societal Challenge – A Worldwide View of Road Traffic Injuries

Source WHO Global status report on road safety 2013

• in 2010• 50% vulnerable road users• 2020: estimated 1.9 million deaths if no

action taken

1.3 million deaths

• But with only 53% of the vehicles• Only 28 countries (7% population) have

adequate laws relating to five key risk factors

92% in low- and middle-income

countries

• 2010 estimated cost$100 billion

UN “Decade of Action for Road Safety” (2011-2020) aims to save 5 million lives.

Page 8: Challenges and trends for automotive safety assurance...Challenges and trends for automotive safety assurance ... megatrends • Superior engineering and system integration ... •

Vehicle recalls make safety a top priority

Page 8

US dataSource: http://www.businessweek.com/articles/2014-06-12/the-king-of-auto-recalls-isnt-gm-dot-its-toyota

Page 9: Challenges and trends for automotive safety assurance...Challenges and trends for automotive safety assurance ... megatrends • Superior engineering and system integration ... •

Safety vision: a society that sees zero fatalities, zero injuries and zero accidents

Fatalities per 100 million miles

Airbags

Seat belts

Seat beltmandates

Occupantdetection

Child seats Side / curtain

airbags

Energy-absorbing bumpers

Active safety

1965 1985 2005 2025

1

2

3

4

5

6

Active suspensions

Active safety is seen a major contributor to road safety. ‘An extra ½ second of warning can mitigate 60% of crashes’

Page 10: Challenges and trends for automotive safety assurance...Challenges and trends for automotive safety assurance ... megatrends • Superior engineering and system integration ... •

Delphi – changing the way transportation is delivered

In the next 10 years:

50% more vehicles on the road

Stricter fuel economy regulations @ 54.5 MPG by 2025 (USA)

Automated driving/V2V/V2I

35% market growth in active safety technologies

Even today, in high-end cars we can find more than 100 electronic control units (ECUs) executing around 100 million lines of code.

Page 11: Challenges and trends for automotive safety assurance...Challenges and trends for automotive safety assurance ... megatrends • Superior engineering and system integration ... •

Rapidly evolving technology – value and opportunity, but a moving target for safety

11

Back-end ServerInfotainment

MapTrafficEntertainment

Advanced Driver Assistance systemsVehicle topogyDynamic Zones

Vehicle DataSpeedPositionLocationDiagnosticsEtc.

Vehicle DataParking infoSignageEtc..

Vehicle DataAcceleration Status

WarningsPosition

Vehicle-to-Vehicle (V2V)Vehicle-to-Infrastructure (V2I)

Personal Device

Albert Einstein: “We cannot solve our problems with the same thinking

we used when we created them.”

Page 12: Challenges and trends for automotive safety assurance...Challenges and trends for automotive safety assurance ... megatrends • Superior engineering and system integration ... •

A quick look at automotive functional safety standard ISO 26262

Page 13: Challenges and trends for automotive safety assurance...Challenges and trends for automotive safety assurance ... megatrends • Superior engineering and system integration ... •

ISO 26262: Functional Safety standard for road vehicles.

Scope:

• “electrical and/or electronic (E/E) systems….in series production passenger cars with a maximum gross vehicle mass up to 3 500 kg”.

• “addresses possible hazards caused by malfunctioning behaviour of E/E safety-related systems”

• Excludes “the nominal performance of E/E systems”

• Published Nov. 2011. 2nd edition planned for 2018 for all road vehicles.

� ISO 26262 not mandated (yet!) by existing vehicle homologation framework.

� Largely process based standard with qualitative hazard analysis and risk assessment

Page 14: Challenges and trends for automotive safety assurance...Challenges and trends for automotive safety assurance ... megatrends • Superior engineering and system integration ... •

Concept(3):Initiation;H&R assessment;Safety goals;Functional Safety concept.

System Development(4):

Technical safety concept;System design;

Production release;Safety assessment;Safety validation;Integration and test

HW Development(5):

HW safety reqs;HW design;HW architectural metrics;Evaluation of safety goal violation due to random HW failures;HW integration and test

Production and Operation (7)

SW Development(6):

Vocabulary(1), Supporting Processes(8),

ASIL Oriented Safety Analysis(9) , Informative Guideline(10)

SW safety reqs;SW architectural design;SW unit design and test;SW integration and test;Verification of SW safety reqs;

ISO 26262: 10 parts (474 pages) with over 1500 requirements

Safety Management(2)

Safety

Case

Page 15: Challenges and trends for automotive safety assurance...Challenges and trends for automotive safety assurance ... megatrends • Superior engineering and system integration ... •

ISO 26262 assurance measures

ISO 26262: “provides requirements for validation and confirmation measures to ensure a sufficient and acceptable level of safety being achieved”

• Confirmation measures –

� Work product focused.

� review; audit (process) and assessment (product)

• Safety Validation –

� Vehicle focused.

� Demonstrate safety goals are correct, complete and fully achieved

� compliance with safety goals and that safety concepts are appropriate.

• Safety assessment based on the safety case

� Judgement on the level of functional safety achieved prior to production.

Page 16: Challenges and trends for automotive safety assurance...Challenges and trends for automotive safety assurance ... megatrends • Superior engineering and system integration ... •

ISO 26262 safety case

• Development and assessment of a ‘Safety Case’ is required….

• ….but requirements regarding its development and safety assessment are scarce

“…the safety case should progressively compile the work products that are generated during the safety lifecycle.”

And that’s all!

• Independent Safety Assessment is dependent on the contents of the Safety Case.

• But what form should an Automotive Safety Case take??

• Our first step towards rigorous and consistent safety assessment is to define an approach to creating the Safety Case

16

Page 17: Challenges and trends for automotive safety assurance...Challenges and trends for automotive safety assurance ... megatrends • Superior engineering and system integration ... •

MISRA Safety Case Guidelines

Page 18: Challenges and trends for automotive safety assurance...Challenges and trends for automotive safety assurance ... megatrends • Superior engineering and system integration ... •

MISRA Activities

• Continued work to revise and update

– MISRA C and MISRA C++

– MISRA Autocode series

• The MISRA Safety Case Working Group began its work in 2011

• The Safety Case Working Group partners:

Page 19: Challenges and trends for automotive safety assurance...Challenges and trends for automotive safety assurance ... megatrends • Superior engineering and system integration ... •

MISRA Safety Case Guideline Content

• Key concepts used within the guidelines document� Safety Argument layers

� Safety evidence tables

� A generic safety argument framework

� “Typical Topics” and Examples

Page 20: Challenges and trends for automotive safety assurance...Challenges and trends for automotive safety assurance ... megatrends • Superior engineering and system integration ... •

Safety Argument Layers

Core – Rationale

• Why do we have confidence that the requirements are right?

• Which evidence indicates that the requirements are complete and correct?

Layer 1 – Satisfaction

• Why do we have confidence that the requirements have been implemented correctly?

• Which evidence demonstrates that the correct implementation has been verified?

Layer 2 – Means

• Why do we have confidence that an adequate process has been used to develop the work product?

• Which evidence demonstrates that the right people have used the correct methods?

Layer 3 – Environment

• Why do we have confidence in the environment in which the safety activities were undertaken?

• Which evidence demonstrates that the organisation has a good safety culture?

A Layered Model for Structuring Automotive Safety ArgumentsEDCC 2014, UK (May 2014)

Page 21: Challenges and trends for automotive safety assurance...Challenges and trends for automotive safety assurance ... megatrends • Superior engineering and system integration ... •

Product and Confidence Arguments

rationale

satisfaction means

Environment

Safety Case Argument

Product Argument Confidence Argument

Core Argument

Layer 1 Argument

Layer 2Argument

Layer 3Argument

Page 22: Challenges and trends for automotive safety assurance...Challenges and trends for automotive safety assurance ... megatrends • Superior engineering and system integration ... •

More information???

• Communication of progress / concepts

• SAFECOMP, France (September 2013),

• IQPC ISO 26262 , Germany (March 2014) and

• EDCC 2014, UK (May 2014)

Planning 2015

� Release draft guidelines for public review

� Generic GSN framework

� “Typical Topics”

� Safety argument layers

� Safety argument tables

� Publish first version of the above

� On-line examples

Page 23: Challenges and trends for automotive safety assurance...Challenges and trends for automotive safety assurance ... megatrends • Superior engineering and system integration ... •

Challenges for Automotive Assessment

• Modular safety Cases

� How do we combine safety cases/assessment based on automotive distributed development?

• Intellectual Property (IP) protection

� How to ensure we protect evidence (designs) in a competitive market

• Degree of Rigour

� How much is enough? E.g. scalability vs risk (ASIL)

• Competency of Assessors

� Today we have auditors for process, but assessment also requires technical (domain) competency.

• Methodology for assessments

� tools and techniques

� Relationship/interface with audits e.g. which aspects of ISO 26262 apply for assessment

23

Page 24: Challenges and trends for automotive safety assurance...Challenges and trends for automotive safety assurance ... megatrends • Superior engineering and system integration ... •

Frame work for ISA from the ‘Independent Safety Assurance’ working group

• Cross industry group of safety professionals providing guidance to Independent Safety Assessors (ISA)

� Code of practice

� Competency framework

� Guidance of the use of accident stats

� Assessment Framework for ISAs Evaluating Safety-Related Compliance Claims

� Annual workshop

24

Page 25: Challenges and trends for automotive safety assurance...Challenges and trends for automotive safety assurance ... megatrends • Superior engineering and system integration ... •

Final remarks

• ISO 26262 has been a catalyst to initiate safety practices (and discussion)

• Plenty of challenges as technology, complexity and systems boundaries grow.

� safety practices have to keep in pace with these changes.

• This will put much more emphasis on assurance and is likely to lead to enhanced regulation and standardisation.

• We therefore face exciting yet demanding times ahead for the automotive industry

25

Page 26: Challenges and trends for automotive safety assurance...Challenges and trends for automotive safety assurance ... megatrends • Superior engineering and system integration ... •

Thanks for your time, any questions?

• ‘Insanity: doing the same thing over and over again and expecting different results’ – Albert Einstein

• ‘The prevention of hazards shall not be seen as following law, but merely as an act of human responsibility and economic reason’ – Werner von Siemens, 1880

Mike BarnettFunctional Safety [email protected]

Dave HighamHead of Functional [email protected]

Page 27: Challenges and trends for automotive safety assurance...Challenges and trends for automotive safety assurance ... megatrends • Superior engineering and system integration ... •