Automotive Functional Safety Standards

Dive into the specifics of functional safety in automotive on the basis of ISO 26262 and ISO 21448 SOTIF.

The course participants are familiarized with the typical functional safety standards (generic IEC 61508, machinery IEC 62061 and ISO 13849, and automotive SOTIF – ISO/PAS 21448 and ISO 26262), their genesis, their role, and their applicability in real-world projects. The course gives a foundation for understanding functional safety standards in general and their key concepts, including risk assessment matrices/graphs and safety integrity levels. The specific focus of the course is the automotive functional safety standard ISO 26262, which is examined in detail. The philosophy of the ISO26262 standard, build-up, and process sequences are given. Focus is put on the explanation and interpretation of major parts of the ISO 26262. The lectures are accompanied by a running example with exercises, to highlight and support the application of important parts of this standard, including the practical system decomposition, safety functions definition, risk assessment, and qualification of safety functions with the respected requirements in terms of Automotive Safety Integrity Levels (ASIL).

Course topics:

Get an overview and understanding of functional safety definitions, concepts, and summary of relevant standards (generic IEC 61508, machinery IEC 62061 and ISO 13849, and automotive SOTIF – ISO/PAS 21448 and ISO 26262).

Understand the lifecycle and mandatory processes of automotive ISO26262 standard: from management, through concept, system, hardware, and software level.

Define a functional item on a vehicle level.

Perform hazard assessment and risk analysis, establish an ASIL level for an item and perform ASIL decomposition.

Perform system and requirements engineering when developing Functional and Technical Safety Concepts.

Understand and select appropriate work products while performing the tailoring of the ISO26262 lifecycle.

Be able to select appropriate methods on System, Hardware and Software level.

Be able to specify, design, implement, and test Software according to ISO 26262 guideliness.

Prepare, document, and execute Verification and Validation activities on different levels of integration, and to provide proofs for building the Safety Case.

Modules:

M1: General safety

https://academy.nit-institute.com/wp-content/uploads/2024/08/FSS-M1.png

Understanding the definition of safety and its nuances in different application domains, and differences compared to security. The lecture examines various parts of the safety iceberg: from the accidents and incidents, up to their underlying pathologies – a causal chain of faults, errors, and failures, and on the other side, the manifestations – hazards and risks with accompanying methods to measure and quantify them.

Analyzing a system, identifying fault-error-failure chains, assessing risks and hazards, proposing mitigation measures, and discussing Common Cause Failures.

1 hour 30 minutes

M2: System and Functional Safety

https://academy.nit-institute.com/wp-content/uploads/2024/08/FSS-M2.png

Learning the similarities and differences between system and functional safety, together with the definition of the necessary aspects like the safe state, the safety function, and the safety integrity. The lecture provides an overview of the rich canvas of available technical standards and motivates the necessity and importance of standards.

Identifying and documenting hazards and corresponding risks, proposing risk mitigation measures.

2 hours

M3: Safety Standards

https://academy.nit-institute.com/wp-content/uploads/2024/08/FSS-M3.png

Laying out some basic details of the key technical safety standards – from generic umbrella standard IEC 61508 for primarily one-off systems (e.g. plants), through machinery standards IEC 62061 and ISO 13849 for systems produced in smaller batches (e.g. production machines), up to the most relevant automotive safety standard ISO 26262 focusing on cars manufactured in masses. The lecture provides details about the standards, their genesis, motivation, as well as, key building blocks and ideas that were followed when creating the automotive standard for road vehicles (ISO 2626). Finally, the lecture sheds some light on the novel complementary automotive standard focusing on the safety of the intended functionality (SOTIF – ISO/PAS 21448), essential when building the autonomous driving features.

Describing a ADAS feature, identify and document issues across various categories, and proposing testing scenarios addressing each identified issue.

2 hours

M4: ISO 26262 – Overview, Management, and Work Products

https://academy.nit-institute.com/wp-content/uploads/2024/08/FSS-M4.png

Introducing the contents, structure, workflow, life-cycle of the standard with appropriate methods to read it and understand the necessary terms from the vocabulary. The lecture further dwells on the management structure, culture, goals, and roles to execute the entire safety process. Required documents (work products) as output from the process are introduced, classified, and visualized by highlighting the interactions. Moreover, the lecture concludes on mandated confirmation measures that guarantee the correctness and completeness of the content of work products.

Analyzing safety anomalies are handled, classifying work products, and reviewing project documents.

2 hours

M5: ISO 26262 – Concept Phase – HARA

https://academy.nit-institute.com/wp-content/uploads/2024/08/FSS-M5.png

Learning how to correctly define items (functionalities at vehicle level perceivable to the driver) and perform hazard analysis and risk assessment (HARA) in practice. The focus of the lecture is on the early HARA stages – team formation, the definition of the Operating Modes (OpMods), and determining relevant functional faults using Hazard and Operability Study (HAZOP). Students will get a chance to learn how to identify the most representative scenarios (operating situations – OpSits) where the item faults could potentially exhibit hazards.

Analyzing a vehicle functionality with defined operating modes and requirements, create a functional block diagram, and applying HAZOP, and defining operating scenarios.

2 hours

M6: ISO 26262 – Concept Phase – ASIL

https://academy.nit-institute.com/wp-content/uploads/2024/08/FSS-M6.png

Continuing further with concluding aspects of the HARA in practice – determining the automotive safety integrity level (ASIL) by creating the risk assessment matrix (combination of OpMod failures and OpSits) and evaluating and assigning appropriate risk parameters. The lecture provides insights on how each of risk parameters (severity, controllability, and exposure) is determined, and how it contributes to the conclusive ASIL rating. Finally, the lecture concludes by introducing the top-level safety requirements (safety goals) and their characteristics (safe state and fault tolerance time (FTT)) and properties (warning and degradation concept), as a foundation for consecutive safety development.

Combining relevant failures and operational situations (OpSits) in a Risk Matrix, assigning severity, controllability, and exposure levels, determine the highest ASIL for OpMod faults, and formulating top-level safety goals with necessary characteristics and properties.

2 hours

Project 1

none

Completing the Hazard Analysis and Risk Assessment (HARA) for your selected item, determine the ASIL, and describe the safety goals by revising and extending the results from exercises, ensuring accuracy and thoroughness to reflect a real-world scenario.

10 hours

M7: ISO 26262 – ASIL and safety-oriented analysis

https://academy.nit-institute.com/wp-content/uploads/2024/08/FSS-M7.png

Safety goals provide a starting point for the rest of the development on a system, hardware, and software level and can be assigned to one or several elements. Harmonious and safe operation of the overall system can be provided if composing elements coexist without negatively influencing each other. The lecture provides insights on how a composite system is implemented with elements of different ASIL.
Furthermore, the lecture examines how the established ASIL for a requirement could be reduced and mapped to redundant ones by using the ASIL decomposition.

Evaluating ASIL decomposition methods in ISO 26262, and impact to ASIL levels and requirements.

2 hours

M8: ISO 26262 – Functional and Technical Safety Concepts

https://academy.nit-institute.com/wp-content/uploads/2024/08/FSS-M8.png

The lecture explores how the safety goals should trickle down and create further child requirements on functional and system-level – a foundation of the system architecture and appropriate safety measures. Applied requirement engineering should focus on several aspects like detection and control of faults in the element itself and other elements, measures to reach or keep them safe state, measures to implement the warning and degradation concept, and finally on measures and test interval requirements to avoid latent faults.

Developing Functional and Technical Safety Concepts for a specific safety goal, including Functional Safety Requirements (FSRs) and Technical Safety Requirements (TSRs).

2 hours

M9: ISO 26262 – Verification and Validation

https://academy.nit-institute.com/wp-content/uploads/2024/08/FSS-M9.png

The lecture focuses on the right side V-model, where the idea is to make sure that we have correctly implemented all the required functionalities. Integration and Test Strategy lays out the necessary steps on several abstraction levels (hardware-to-software, system, and, vehicle) with an appropriate timeline and corresponding testing report to provide evidence. The students will get familiar with and learn about various testing methods focusing on requirements, safety mechanisms, interfaces, diagnostic coverage, and robustness.

Proposing a testing plans for, and providing justification and a general overview of expected testing activities.

2 hours

M10: ISO 26262 – Software Development

https://academy.nit-institute.com/wp-content/uploads/2024/08/FSS-M10.png

Discussion about the prevalence of software in modern car items (especially autonomous driving), highlights the corresponding safety impact and prudence that one has to apply when developing the software. Practical examples give hands-on guidance about the necessary methods required by the standard when designing, developing, and implementing software architecture and units.

Analyzing software architecture, design documents, and source code, evaluate their compliance with ISO 26262 requirements, identify gaps, and propose corrective actions based on the standard’s tables.

2 hours

M11: ISO 26262 – Software Verification

https://academy.nit-institute.com/wp-content/uploads/2024/08/FSS-M11.png

Corresponding methods from the right side of the V-model are examined – how to verify software architecture, how to devise software unit level tests, and demonstrate adequate structural coverage. Additional details, like software tool qualification and confidence level, are examined.
The lecture concludes by visiting some of the more obscure and less documented parts of the ISO 26262 standard, like safety elements out of context (SEooC), proven in use elements, and configurable software.

Establish Tool Confidence Level (TCL), and draft a qualification description covering various aspects like malfunction detection, expected behavior under anomalies, and usage constraints.

2 hours

M12: ISO 26262 – Safety Case

https://academy.nit-institute.com/wp-content/uploads/2024/08/FSS-M12.png

To conclude the lectures, the students have the opportunity to learn about the seminal work product answering the fundamental question “How do we know that an item is safe enough?”.
The lecture explores several possible approaches to construct a safety case, to provide appealing arguments, and to be able to convince the safety assessors (like a jury in the court case). Students will learn about the simple textual form, structured prose (XML-alike format), and a graphical way (Goal Structuring Notation (GSN)[currently being standardized and widely used.])

Analyzing a safety case document, and evaluating the safety case if it uses GSN.

2 hours

Project 2

none

Completing the Functional and Technical Safety Concepts, developing software requirements, creating a Testing Plan, and devising Test Cases across different integration levels, ensuring accuracy and alignment with previously established Safety Goals.

10 hours

Final exam

none

1 hour 30 minutes

Requirements

Hardware: Computer with Internet connection, working speakers and microphone.
Software: Chrome browser.
Prior knowledge: Students should have basic engineering knowledge in either one of the following disciplines: electrical engineering, computer engineering, or mechanical engineering.

Course Features

Course ID NIT-FSBA-05

Live classes 30

Self-paced classes 30

Skill Advanced

€1050

Enrollment closing date: 13.01.2025.

Class type: Live online (english)

Instructor: Bogdan Pavković, Ph.D. (UCSD, FTN)

More Details

Enroll Now

How to enroll
To enroll, click the Enroll now button to enroll as an individual, or use the contact form to send us an inquiry for custom groups and B2B deals. One of our staff will reach out to confirm the enrollment and give you the payment instructions. Few days prior to the course start date, you will get an intro e-mail and access to the NIT Academy learning platform (Canvas).

Course format
Once in Canvas, you will be able to review course modules and teaching concept. Each live online course will have a number of teaching modules. Each teaching module has the preparatory material (e.g. digest video lesson, reading materials, quizzes) which you can go through in a self-paced fashion. Live sessions are scheduled in the Canvas calendar, and you need to attend them. In live sessions, instructors will mentor and guide you through hands-on examples and exercises so that you can master the module content more easily. After a bundle of modules, you would be given a group project. Together with your peers you will work out a problem, apply the knowledge and deepen your expertise. The course is closed with the formal exam which is required to be granted a completion certificate.

Instructor
This course is instructed and mentored by our expert instructor, Bogdan Pavković.

How much time it will take
The course can be completed usually within one month. Live sessions schedule will pace the course (see the orientation schedule below) and you are due to finish self-paced parts (assignments, projects) with respect to the given deadlines. You will spend 30 classes in live sessions and additional 30 classes of self-paced work. You are looking to spend about 45 hours of your time on the course.

Schedule:
17.02.2025. : TBD (45')
18.02.2025. : TBD (90')
19.02.2025. : TBD (90')
20.02.2025. : TBD (90')
21.02.2025. : TBD (90')
24.02.2025. : TBD (90')
25.02.2025. : TBD (90')
27.02.2025. : TBD (45')
03.03.2025. : TBD (90')
04.03.2025. : TBD (90')
05.03.2025. : TBD (90')
06.03.2025. : TBD (90')
07.03.2025. : TBD (90')
10.03.2025. : TBD (90')
12.03.2025. : TBD (45')
14.03.2025. : TBD (90')

Payment
Payment of 1050 EUR is needed to finally confirm your enrollment for the course Automotive Functional Safety Standards scheduled for the period 17.02.2025. - 14.03.2025. You can self-generate the payment using the button below.

Sign up for:
"Functional Safety Standards in Automotive"

17.02.2025. - 14.03.2025.

Your first and last name: *

Email: *

Phone: *

CV / Resume: *

LinkedIn profile: *

Additional Questions:

By enrolling to the course, you agree to our Terms of Use.

In case the available dates or schedule is not suitable for you, or you would like to order a custom instance for a group, contact us below.

€249

If you would only like to listen to lectures at your own pace, with no exercises, live sessions and exams, no problem!

I have access - let me in!

In case you bought the course previously, you can get your course details and access information by entering the e-mail address you used to register for the course below.

Automotive Functional Safety Standards

Automotive Functional Safety Standards

Requirements