Real-World Challenges, Overlay vs. Cleansheet Approaches in Safety Concepts and Systems Designs
Car Training Institute ISO 26262. Conference data
- 2013, May 14th-16th
- Detroit Marriott Troy in 48084 Troy, Mi.
Beginning a new safety concept from scratch is most desirable because every option provided in the standard is available to the designer. The ability to tap this range of options leads to much greater efficiency including lower cost hardware, less complex software, and easier testing. However the opportunity to actually do so is rare because most new safety-critical features are usually built upon existing systems, already in the field.
Exploiting Functional Decomposition.
The concept of Functional Decomposition as defined in ISO 26262 provides substantial flexibility when implementing a new safety-critical feature, allowing very efficient and cost effective designs to be created. Because they are "clean sheet" from the start, many options can be studied before choosing a solution.
Building Upon Legacy Systems
Most automotive real-world situations do not permit clean-sheet designs to be used, primarily because of the financial need to carry along existing subsystems on the vehicle after they having been fitted to it in previous model years. Most often this takes the form of reusing existing sensing, actuation, signals and network messaging where possible.
Dealing with the Limited Flexibility that Results
This situation almost always limits the flexibility available in creating new designs because they must live with choices and design decisions made in the past, before the new feature was envisioned.
Learning from a High-Level Fresh Design Exercise that can't be Used
Especially in these situations a quick high-level attempt at a fresh design can provide subsystem, component and software alternatives that can be implemented using legacy inputs, outputs, signals and messaging, even though they may never be put on a vehicle as part of a totally new solution.