Upload
others
View
28
Download
0
Embed Size (px)
Citation preview
Page 1
© KUGLER MAAG CIE North America, Inc.
Implementation of ISO 26262 - Adoption, Challenges, Efficient Application
Mike Staszel, Bonifaz MaagKUGLER MAAG CIE NA, Inc.
May 13th, 2014
Page 2
• Kugler Maag Cie
• ISO 26262 – At a Glance
• Obstacles and Challenges as we perceive them
• Technical and Organizational Competencies required
• Impact of Development Tools
• Status Worldwide and Upcoming Changes
• Summary
Content
Implementation of ISO 26262 / Staszel, Maag / May 2014
Seite 3
Kugler Maag Cie
Management of engineering risks with the development while maintaining the speed of innovation
Integration of open methods & standards, such as Automotive SPICE®, CMMI®, Functional Safety, Lean, Agile …
Analysis, assessment, improvement, and operative implementation ofProcesses
International and independent consulting company in the area of sustainable performance improvement
some of our automotive customers
Implementation of ISO 26262 / Staszel, Maag / May 2014
Page 4
ISO 26262 covers the whole Product Lifecycle. Emphasis is on the Development Phase
Implementation of ISO 26262 / Staszel, Maag / May 2014
Page 5
ISO 26262 – Essentially nine parts build the Standard
Implementation of ISO 26262 / Staszel, Maag / May 2014
Page 6
• Process Maturity is important but not sufficient
Obstacles and Challenges as we perceive them (1/4)
Implementation of ISO 26262 / Staszel, Maag / May 2014
Page 7
Maturity Models (e.g. CMMI)• Focus: Software and System development
• Approach to harmonize rating criteria, assessment method and to achieve comparability
• Objective: efficient, repeatable development of products
• Target depends on business goals
• Do not require certain methods (“what”)
• Result: Certificate for process maturity
Functional Safety Standards• Focus: Development of safety-related systems
(incl. HW)
• Context dependent assessment method and criteria are dominating
• Objective: Capability to develop a product with calculable risk
• Target depends on hazard analysis
• Require methods (“how”) & characteristics (e.g. SFF)
• Result: Expertise for a product
Obstacles and Challenges as we perceive them (2/4)
Implementation of ISO 26262 / Staszel, Maag / May 2014
Page 8
Last but not least: Subcontracted elements are in scope, too
Obstacles and Challenges as we perceive them (3/4)Functional Safety impacts many Pieces
Implementation of ISO 26262 / Staszel, Maag / May 2014
Process improvement
Safety Concepts & Analyses
Hardware Components
Software Architecture
Test methods
Qualification
Safety Case
Field Monitoring
Page 9
Obstacles and Challenges as we perceive them (4/4)Functional safety asks for some more documents, e.g. ...
Implementation of ISO 26262 / Staszel, Maag / May 2014
Page 10
• The additional effort required for development according ISO 26262 varies significantly. Among the impacting factors are
• Number of functional safety goals or functional safety requirements
• Required maximum ASIL per safety goal
• Product architecture
• Existing engineering approach
Additional Effort induced by ISO 26262
Implementation of ISO 26262 / Staszel, Maag / May 2014
Source: Hansen Report October 2011, pg.1
Page 11
Key Competencies required – Organizational
Implementation of ISO 26262 / Staszel, Maag / May 2014
FunctionalSafety
Safety Culture
Merge sequential
and iterative
approaches
Work with less mature customers or supplier
Apply ISO 26262
during the product lifecycle
Efficient and safe platform develop-
ment
Page 12
• Even if ISO 26262 standard is prescriptive, there are still areas when mutual agreement needs to be established which defines “sufficiently safe”
• Calculation of hardware metrics
• Separate safety relevant parts from non-safety related parts• Partition the architecture
• Provide a process that allows tailoring of process
• Very good configuration management -> Safety Case
• Integrate testing of functional safety and other requirements• Not all functional safety related tests need to be performed for all releases
• Clear understanding, what tests are related to functional and which aren’t
Key Competencies required – Technical
Implementation of ISO 26262 / Staszel, Maag / May 2014
Page 13
Competencies - Technical and Organizational per Company Type
Implementation of ISO 26262 / Staszel, Maag / May 2014
• Manage safety case
• Process skillsAll
• Monitor safety activities of Tier 2 supplierTier 1
• Understand how their customer implement functional safety mechanismsSemiconductor
• Break down the system, manage the functional safety interdependenciesOEMs
• Provide qualification kits to their customerTool Vendors
Page 14
Impact of Development Tools
Implementation of ISO 26262 / Staszel, Maag / May 2014
In the end ...
• Safety case and Functional safety assessment build on evidences (documents, design, reports, ...)
• Well structured evidences make life easier and arguments clearer
Therefore
• Tools are of great help to organize and provide the various kinds of evidences
• Achieving functional safety without tools / structured processes is possible but inefficient
Are tools safe?
• Step 1: Determine which tools are critical and which aren’t -> Classification
• Step 2 (based on step 1): Are relevant tools sufficiently safe -> Qualification
Page 15
• Lacking requirements are found early
• Tool supported model checking possible
• Code generation avoids faults (-> tool qualification!)
• Comparison of model and ECU behavior possible (Back-to-back test)
• Generation of test stimuli saves time and increases test quality
Model Based Design and Functional Safety
Implementation of ISO 26262 / Staszel, Maag / May 2014
Page 16
• ISO 26262 is adopted worldwide in all major markets
• OEMs that want to sell in Europe or North America ask for it
• China works on a tailored version
• A new version won’t be available, soon
• Joint efforts (e.g. SAE) are ongoing to harmonize interpretation (e.g. work on common classification of hazards and risks)
• Definitions of “safe state” (e.g. loss of steering assist) change
Status Worldwide and Upcoming Changes
Implementation of ISO 26262 / Staszel, Maag / May 2014
Page 17
• Functional Safety adds burden to organizations
• However, if you are used to develop safe products in the past, there should be nothing essentially different
• Robust processes help to keep required artifacts well under control
• Tools help to do the work efficiently
• But overall functional safety is a matter of culture – without the organizational focus on functional safety, it can‘t be sustained
Summary
Implementation of ISO 26262 / Staszel, Maag / May 2014
Page 18
Further discussions and queries...
… contact me
Bonifaz [email protected] +1 248 687 1210
KUGLER MAAG North AmericaColumbia Center101 w. Big Beaver Suite 1400Troy, MI USA 48084+1-248-687-1210
www.kuglermaagusa.com
Page 19
© KUGLER MAAG CIE GmbH
Thank you for your kind Attention.