Cloud native EDA tools & pre-optimized hardware platforms
ISO 26262 mandates a functional safety development process (from specification all the way through production release) that automotive OEMs and suppliers must follow and document (for compliance) to have their devices qualified to run inside commercial (passenger) vehicles. It outlines a risk classification system (Automotive Safety Integrity Levels, or ASILs) and aims to reduce possible hazards caused by the malfunctioning behavior of electrical and electronic (E/E) systems.
ISO (the International Organization for Standardization) collaborates closely with the International Electrotechnical Commission (IEC). ISO 26262 specifications were officially released in 2011 as an adaptation of IEC 61508, the generic functional safety standard for E/E systems.
ISO 26262 is an international functional safety standard for the development of electrical and electronic systems in road vehicles. It defines guidelines to minimize the risk of accidents and ensure that automotive components perform their intended functions correctly and at the right time. It also provides an automotive-specific approach for determining risk classes known as ASILs.
AEC-Q100 is a standard that ensures the safety of electronic parts used in cars. It's used by the car industry to check and test these parts. It focuses on reliability, specifically stress testing for integrated circuits in automotive applications. ISO 26262 is a similar standard but for the whole process of making electronic systems in cars. AEC-Q100 focuses on testing individual parts, while ISO 26262 covers the entire process.
The Society of Automotive Engineers (SAE) is a professional organization that works to improve transportation technology. They create guidelines for car, airplane, and truck industries. They also define best practices for cybersecurity in SAE J3061, vehicle autonomy levels, and more recently automotive testing standards. ISO 26262 is just one specific rule for car electronic systems safety, whereas SAE creates many guidelines for transportation technology.
MISRA (Motor Industry Reliability Association) is a set of guidelines for safe and reliable use of C programming language in automotive embedded systems. These guidelines were developed by the Motor Industry Research Association in the UK. They focus on providing guidelines for safe and reliable coding practices in the automotive industry, whereas ISO 26262 provides a comprehensive approach for the functional safety of the whole system.
ISO 26262 provides a process for managing and reducing risks associated with electrical and/or electronic systems, and it is based on the concept of a safety life cycle, which includes the following phases:
Planning. In this phase, the safety requirements for the system are defined, and a safety plan is developed.
Analysis. In this phase, the system is analyzed to identify hazards and potential failure modes.
Design and Implementation. In this phase, the system is designed and implemented to meet the safety requirements defined in the planning phase and to eliminate or mitigate the hazards identified in the analysis phase.
Verification. In this phase, the system is tested to ensure that it meets the safety requirements and that any hazards have been eliminated or mitigated.
Validation. In this phase, the system is tested in its intended environment to ensure that it behaves as expected.
ISO 26262 also specifies the documentation that must be produced and the tools that can be used at each phase of the safety life cycle.
In 2018, ISO 26262 underwent a major update and added two new standards: requirements for semiconductors and for motorcycles, trucks, and buses. Guidance was added on model based development, software safety analysis, dependent failure analysis, fault tolerance, and more.
ISO 26262’s Automotive Safety Integrity Levels (ASILs) are based on three variables: severity, probability of exposure, and controllability by the driver. Since ISO 26262 assumes that someone is driving the vehicle, it doesn’t directly pertain to fully autonomous vehicles. But as full vehicle autonomy is on the roadmap for the automotive industry, functional safety remains mission-critical and the ISO 26262 standard will continue to evolve.
Some of the challenges of implementing ISO 26262 include:
Complexity. The standard is very detailed and covers a wide range of topics, making it difficult to fully understand and implement.
Time and Cost. Meeting the requirements of the standard can be time-consuming and costly, and may require significant changes to existing development processes.
Testing and Validation. Ensuring that a system meets the requirements of the standard can be challenging, as it may require extensive testing and validation.
Risk Assessment. Identifying and assessing potential hazards and risks can be difficult, especially in complex systems.
Traceability. Maintaining traceability of requirements and design decisions throughout the development process can be difficult, especially in large and complex projects.
Tool Support. There may be a lack of tool support for certain aspects of the standard, making it difficult to fully automate the compliance process.
Expertise. Having the necessary expertise and resources to fully implement the standard can be a challenge, as it requires specialized knowledge of functional safety and automotive systems.
Adopting ISO 26262 helps ensure that the safety of car components is considered from the beginning of the development process. It provides a comprehensive framework for managing safety throughout the entire lifecycle of an automotive component, from initial risk assessment to final decommissioning. By following ISO 26262, automotive manufacturers can ensure that their suppliers are meeting safety standards, preventing costly issues from arising during the production process.
The standard takes into account the trend of increasing integration of hardware and software in automotive electronic systems. It provides detailed guidelines for concurrent development and testing of hardware and software, recognizing that they must be tested together to achieve optimal safety. This ensures that all aspects of the system are considered and tested together, promoting a more comprehensive and thorough approach to functional safety.
ISO 26262 is not required by law, but many car makers and suppliers follow it to show their commitment to safety and to improve their products safety. Sometimes customers and regulators might require them to prove they follow the standard. But even if it's not required, it's still considered a good practice and following it can improve the safety of car electronic systems and show customers, regulators and end users the company's commitment to safety.
Since ISO 26262’s official release in 2011, we have been proactively performing ISO 26262-compliance testing and adding documentation to our portfolio. We offer ASIL B & D Ready IP as well as test automation, simulation, virtual prototyping, and software security testing solutions that are ISO 26262 certified.
In the age of software-defined vehicles, Synopsys is a key to accelerating your automotive innovation.