M1: General safety
https://academy.nit-institute.com/wp-content/uploads/2024/09/FSSW01.png
Understanding the definition of safety and its nuances in different application domains, and differences compared to security. The lecture examines various parts of the safety iceberg: from the accidents and incidents, up to their underlying pathologies – a causal chain of faults, errors, and failures, and on the other side, the manifestations – hazards and risks with accompanying methods to measure and quantify them.
System and Functional Safety: learning the similarities and differences between system and functional safety, together with the definition of the necessary aspects like the safe state, the safety function, and the safety integrity.
Select and describe a technical system. Define EUC and ECS parts, identify fault chains and propose mitigation, discuss complex failures, assess safety hazards and risks with mitigation strategies.
2 hours 30 minutes
M2: Life-cycle Models and Documentation
https://academy.nit-institute.com/wp-content/uploads/2024/09/FSSW02.png
Introducing the variety of life-cycle models (generic and safety oriented) (ISaPro, Waterfall, V, Spiral, Rapid Prototyping, …), their usage, pros and cons, and impact they make on the rest of development processes. Required documents (work products) as output from the process are introduced, classified, and visualized by highlighting the interactions. Moreover, the lecture examines the necessary confirmation measures that guarantee the correctness and completeness of the content of work products. The lecture concludes on the importance of the Development Interface Agreement and Hardware-Software Interface documentation.
Understand the life-cycle model and safety documentation, analyze safety anomalies, classify work products, and optionally review detailed Safety and Test Plan documents.
2 hours 30 minutes
M3: Functional Safety Software varieties
https://academy.nit-institute.com/wp-content/uploads/2024/09/FSSW03.png
The lecture explores the different development paths through the chosen life-cycle V model depending on maturity of the product – a differentiation is made through an impact analysis between new item development and modification and reuse in a different context. Furthermore, students will get a chance to learn how to identify the most representative varieties of the functional safety software – from a new development as a baseline, through a differentiation between the SEooC (Safety Element out of Context) and the Qualifiable Software (usage of Proven in Use argument), up to Configurable Software (the later three being a bit obscure and less documented parts of the ISO 26262 standard). Finally, additional details, like importance of the used software tools and their impact on the development are examined through the necessary process of initial establishment of the tool confidence level and later qualification for usage.
Classify software parts of a safety-related project, evaluate and establish Tool Confidence Levels for selected tools, and prepare documentation for tools reaching higher confidence levels.
2 hours 30 minutes
M4: Software Criticality and Hazard Analysis
https://academy.nit-institute.com/wp-content/uploads/2024/09/FSSW04.png
Learning how to correctly establish SW criticality and to get familiar about different types of SW faults (bugs)(only prone to SYSTEMATIC faults), their causal factors, and ways to set an upper bound on the SW integrity. The focus of the lecture is on the early life-cycle stages and corresponding activities – devising a rough system/SW concept and delineation from the environment and user interactions, (preliminary) hazard identification, analysis, and evaluation. Students will get a chance to learn how to identify the most representative system/software hazards and establish a Preliminary Hazard List(PHL), create a detailed hazard report and how to extend it with HAZOP analysis, and finally how to propose software safety control measures (safety functions).
Verify hazard controls’ validity and status, analyze operating modes with HAZOP guide words to identify and evaluate safety-relevant failures.
2 hours 30 minutes
M5: Requirement Engineering
https://academy.nit-institute.com/wp-content/uploads/2024/09/FSSW05.png
Lecture explores and motivates the importance of Requirements Engineering as a fundamental skill necessary for appropriate implementation of the safety processes mandated by the ISO 26262 standard. Practical tips and tricks are given to elicit, document, manage, and trace requirements.
Elicit and document all relevant functional and non-functional requirements, including safety goals and technical safety requirements, for the automotive functionality selected.
2 hours 30 minutes
M6: Software Architecture Design
https://academy.nit-institute.com/wp-content/uploads/2024/09/FSSW06.png
Lecture provides an in depth overview of the methods and techniques to be exercised while designing the software architecture (modularity, partitioning, cohesion and coupling, and real-time aspects). Practical examples give hands-on guidance about the necessary methods required by the ISO 26262 standard when designing, developing, and implementing software architecture. Harmonious and safe operation of the overall system can be provided if composing elements coexist without negatively influencing each other. The lecture also provides insights on how a composite system is implemented with elements of different ASIL.Furthermore, the lecture examines how the established ASIL for a requirement could be reduced and mapped to redundant ones by using the ASIL decomposition.
Finally, two different approaches for software diversity are examined: N-version Programming (forward recovery) and Recovery Block (backward recovery).
Create a graphical representation of your software architecture mapping requirements to elements, ensuring modularity and criticality grouping, and apply N-version programming or recovery blocks for high-integrity requirements.
3 hours
Project 1
none
none
Select a driver-perceivable automotive functionality, define its system concept with clear operating modes, map it graphically, analyze and document safety hazards and requirements, and design a software architecture with redundancy for high-integrity requirements.
10 hours
M7: Software Safety Measures
https://academy.nit-institute.com/wp-content/uploads/2024/09/FSSW07.png
Becoming competent in the theoretical concepts and practical hands-on guidance for devising software measures, including the application of defensive programming, error detecting and correcting codes, as well as diverse monitoring (software watchdogs for various heartbeats (liveness, timestamp, signature, and delta values)).
Provide a set of safety measures for software elements, including static recovery, error-detecting codes, diverse monitoring, and general fault detection and control, based on identified hazards and requirements.
2 hours 30 minutes
M8: Software Unit Design
https://academy.nit-institute.com/wp-content/uploads/2024/09/FSSW08.png
Grasping the practical aspects needed for development of software units – from understanding and respecting the code complexity metrics (SLOC, cyclomatic complexity, stability index, Halstead complexity, and other HIS metrics), through writing the code in accordance to language subsets and top level governing coding standards (MISRA C compliance process is examined in details), up to topics like type safety, coding guidelines (including naming conventions), and concurrency aspects are laid out.
Inspect selected software units to ensure compliance with ISO 26262 by adhering to coding guidelines, measuring complexity metrics, applying MISRA C standards, implementing defensive programming, and managing concurrency.
2 hours 30 minutes
M9: Software Verification
https://academy.nit-institute.com/wp-content/uploads/2024/09/FSSW09.png
Corresponding methods from the right side of the V-model are examined – how to verify software architecture, how to devise software unit level tests, and demonstrate adequate structural coverage.
Inspect the selected software units for ISO 26262 compliance by providing reports on code complexity metrics, MISRA C adherence, static analysis results, and testing coverage, including deriving test cases and demonstrating structural coverage targets.
2 hours 30 minutes
Project 2
none
none
List and qualify all software tools used in the project by assessing their impact on safety and error detection, provide detailed tool descriptions and configurations, implement specific and general software safety measures, adhere to coding standards, and ensure thorough verification through metrics, compliance, and testing.
10 hours
Final exam
none
none
none
2 hours
