Learn about ISO 26262 functional safety standards and the challenges automotive manufacturers face in meeting them.
Over the years, automotive safety has maintained a top spot in the minds of original equipment manufacturers (OEMs). Self-driving vehicles, advanced driver assistance systems (ADAS), and AI-driven innovations designed to further protect us on the road are rapidly evolving.
It’s been an exciting journey but not without some hiccups for automotive manufacturers along the way. For instance, according to Forbes, the number of automotive software-related recalls jumped from 13% to 42% in 2023. And only a handful (13%) of them could be addressed by over-the-air updates. Unfortunately, this trend is predicted to continue well into 2025 and beyond.
Recalls are costly yet necessary events for OEMs to protect brand integrity and, more importantly, anyone affected by the potential failure of the system or systems involved. Yet with the ever-growing complexity of these and other automotive safety systems, traditional approaches to safety verification remain a serious challenge for automotive manufacturers.
Let's take a look at safety analysis, an important aspect of systems engineering. It’s the first of two blogs focused on the relationship between safety analysis and systems engineering. You’ll get an introduction to the ISO 26262 Functional Safety and Automotive Functional Safety standards driving automotive innovation, along with the pain points in systems engineering experienced when addressing them.
Later, we’ll walk you through model-based safety analysis (MBSA) and how Ansys medini analyze system-oriented safety analysis software fits into this process.
Functional Safety: The Basics
Functional safety is a key subtopic within safety. It is specifically aimed at reducing the risks proposed by the failure of electronic systems and software to operate correctly, with a focus on the safety of the electrical/electronic (E/E) architectural systems. Therefore, hazards from gas, fire, and electricity, for example, are not applicable, whereas other safety subtopics, including cybersecurity and physical safety, are.
Of course, different industries use different standards. Industries such as automotive, rail, power plants, medical devices, and aerospace have their own functional safety standards. For industries that do not have specific standards, IEC 61508 is used for general E/E systems.
Breaking down functional safety across industries
ISO 26262 is the standard for functional safety in the automotive industry. The first and second editions of the standard were published in 2011 and 2018, respectively. The current scope of ISO 26262 includes not only passenger cars but buses, trucks, motorcycles, and semiconductors.
The emergence of ISO 26262, from left to right
ISO 26262 Systems Engineering Approach for Automotive
As it pertains directly to automotive, ISO 26262 describes the entire life cycle of system development as an additional activity to ensure the safety of vehicle systems, as opposed to the traditional V-model development process, and indicates who is responsible for which safety activities at what time.
The engineering V-model, represented below, captures the sequence of steps during automotive development, from the initial design to the actual build and subsequent system testing. The “V” shape of the diagram places emphasis on the development and test phases running parallel to one another.
ISO 26262 Automotive Development Process V-Model
Each section of the diagram represents a different aspect of the ISO 26262 safety development life cycle. Blue represents the traditional V-model development process while red includes activities added for safety. White is used for planning and tracking, and green is support processes — for example, change management and version control.
The life cycle starts from the top left of the V-model (which is initiated by the OEM), passes through the middle part of the V (which is the supplier’s responsibility), and proceeds to the top right of the V-shaped model. Each phase is arranged in a V-shape, with the requirements defined in the initial phase (on the left) being validated in the latest stage (on the right) at the same height in the V-shape.
Automotive Safety Integrity Levels in ISO 26262
Another important concept in ISO 26262 is Automotive Safety Integrity Levels (ASILs), which function as an indicator of the system’s integrity. ASILs are represented by four levels of system failure at the conceptual stage, depending on the level of unacceptable risk. ASIL D is the strictest and requires a high level of safety, ASIL A is the most lenient, and QM (quality management) operates outside the scope of ASIL A.
The four Automotive Safety Integrity Levels (ASILs) in ISO 26262 determine the requirements and mitigate risks and damage, ensuring functional safety throughout the process life cycle, from conceptualization to design.
After the appropriate level of ASIL has been determined, safety systems, elements, and requirements must comply with the assigned ASIL throughout the automotive development process.
Challenges in Systems Engineering and Automotive Safety
The core of systems engineering hasn’t changed much, but its complexity has as these systems have grown exponentially in size. Consequently, traditional approaches can’t manage this level of complexity. Further, the expansion and evolution of these systems are having a deleterious effect on development. The rapid expansion and evolution of these systems can be inferred from the global sales forecast of autonomous vehicles.
Specifically, from 2019 to 2030, the number of vehicles with at least Level 3 autonomous driving capabilities is expected to reach approximately 58 million units (up from 1.4 million). Of course, the downside of this rapid growth is the ability to verify and validate the operational integrity of all the systems and systems of systems supporting this upward trend.
Levels of autonomous driving
The following are some specific problems that engineers come up against when taking a traditional systems engineering approach to automotive safety:
- Duplicate information. The same information appears in different documents.
- Scattered information. Relevant information is scattered across different documents.
- Lack of consistency. Information is inconsistent.
- Lack of traceability. Meta information is not available. For instance, a lack of understanding as to why the change was added, as well as not knowing who commissioned the change, when it was implemented, or whether further analysis of the change was carried out, is a common scenario.
- Highly reliant on a specific small number of employees. Difficulty sharing/passing on experience to colleagues slows progress and creates knowledge gaps among teams.
Functional safety is an important topic in various manufacturing industries, particularly automotive. This is due to the complexity of vehicle systems and the severity of consequences associated with system failures on the road. Amid seeming uncertainty, one thing is certain: When it comes to meeting industry regulations and international standards, traditional systems engineering approaches no longer suffice.
Learn more about how Ansys medini analyze software can help with your automotive safety.
