ISO26262 安全案例Safety Case.docx
《ISO26262 安全案例Safety Case.docx》由会员分享,可在线阅读,更多相关《ISO26262 安全案例Safety Case.docx(9页珍藏版)》请在冰豆网上搜索。
ISO26262安全案例SafetyCase
SafetyCase
1
TableofContents
2
RevisionHistory
Version
ECNno.
Changedby
Changefromlastversion
01
Thechangehistoryshallbeadetailedenoughdescriptionofwhatsectionsthathavebeenchangedsincethelastversion.Dependingonthechangesthathavebeenmadeitmaybenecessarytodescribethechangesmoreindetail.
Bluetextinitalicisinformation/explanationdirectedtotheissuerofthedocument.BeforereleasingtheWorkProduct(document)allblueitalictextmustberemoved.
Markunusedsectionsofthisdocumentas“NOTAPPLICABLE”,donotremovetheparagraphheading.
Textmarkedwithaistobereplacedbysomethingspecific.ThisshallbeusediftherearespecifickeywordswithinstandardizedparagraphsthatshallbereplacedwhencreatingtheWorkProductfromthetemplate.
3
Introduction
Generaloverview
haschosenKAasthesupplieroftotheplatform.TheElectronicsoftheiscalled.hasperformedaHazardAnalysisandRiskAssessmentinaccordancewithISO26262resultinginSafetyGoals.TheSafetyGoalshavebeenrefinedintoTechnicalSafetyRequirementsallocatedtothe.ThehighestASILoftheseSafetyRequirementsisASIL.
ThesafetyresponsibilitiesarefurtherdetailedintheKA-DevelopmentInterfaceAgreement,DIA,ref[R11].
KAwillhavetoensurethattheProduction,OperationandServiceoftheaswellastheshallsatisfytherequirementsofISO26262atalevelthatcorrespondswiththehighestASILallocated.
KAisresponsiblefortheoverallTechnicalSafetyofthecompleteaswellasthe.
Aboutthisdocument
ThisdocumentcontainstheSafetyCasefortheinthe.TheSafetyCaseconstitutestheargumentationwhytheisfreefromunreasonableriskinaccordancewiththeAutomotiveFunctionalSafetyStandardISO26262ref[R1],[R2],[R3],[R4],[R5],[R6],[R7],[R8],[R9],[R10].
TheSafetyWorkProductsanddocumentslistedintheSafetyCaseareconsideredwiththerespectivetailoringthathasbeendoneintheSafetyPlan,ref[R12].
Abbreviations
Abbreviation
KA
XXAutomotive
N/A
NotApplicable
TBC
ToBeConfirmed
TBD
ToBeDefined
4
References
Ref
Id
Issue
DocumentName
[R1]
ISO26262:
1
2011
Vocabulary
[R2]
ISO26262:
2
2011
Managementoffunctionalsafety
[R3]
ISO26262:
3
2011
Conceptphase
[R4]
ISO26262:
4
2011
Productdevelopmentatthesystemlevel
[R5]
ISO26262:
5
2011
Productdevelopmentatthehardwarelevel
[R6]
ISO26262:
6
2011
Productdevelopmentatthesoftwarelevel
[R7]
ISO26262:
7
2011
Productionandoperation
[R8]
ISO26262:
8
2011
Supportingprocesses
[R9]
ISO26262:
9
2011
AutomotiveSafetyIntegrityLevel(ASIL)-orientedandsafety-orientedanalyses
[R10]
ISO26262:
10
2012
GuidelineonISO26262
[R11]
KA-DevelopmentInterfaceAgreement(DIA)
[R12]
SafetyPlan
[R13]
5
StatementofSafety
KAherebystatethattheisfreefromunreasonableriskwithrespectto“MalfunctioningbehaviorofE/Esafety-relatedsystems”.ThatisbasedonthatISO26262,ref[R1],[R2],[R3],[R4],[R5],[R6],[R7],[R8],[R9],[R10],hasbeenappliedduringthedevelopmentoftheandduringtheplanningoftheproduction.Thisclaimisbuiltonthestatementsprovidedinthisdocument.
ThisdocumentconstitutestheSafetyCasefortheinthe.
6OverviewofCreatedFunctionalSafetyWorkProducts
ThefollowingtablelistsalltheWorkProductsdevelopedinaccordancewiththeProjectSafetyPlan,ref,andthestatusofeachWorkProduct.
WorkProduct
Documenttitle
Documentid&latestreviewedrevision
ReviewProtocolid&revision
WorkProductStatus(OK,CondOK,NOK)
(WP-X:
X.X.X)
7
Deviations
Listalldeviationsfromtheplannedbaselinehere,togetherwithasummaryoftheriskthatthedeviationresultsin.
8
FunctionalSafetyManagement
OverallSafetyManagement
SafetyCulture
StatethesafetycultureinKA.DescribehowKAfocusesonsafetyinrelationtoothertasksandmilestonesintheproject.ProvideanargumentforthatKAhasanadequateattitudetowardssafetyissues.
OrganizationSpecificrulesandprocessestocomplywithISO26262
DescribetherulesandtheframeworkforhandlingISO26262relatedtasks.
QualityManagement
KAiscertifiedaccordingtoISO/TS16949.
SafetyManagementduringtheConceptPhaseandtheProductDevelopment
DescribetheprojectorganizationbrieflyandprovideareferencetoallSafetyRelatedRoles,theirappointmentsandthesafetybackground/competenceofthepersonshavingthoseroles.
SafetyManagementaftertheItem’sReleaseforProduction
Describehowthesafetymanagementwillbeorganisedafterthestartofproductionandtheclosureofthedevelopmentproject.
9
MainSafetyArgumentation
TechnicalSafetyConcept
Overview
Provideanoverviewofthesafetyrelatedmechanismsintheproduct.
SafetyArchitecture
DescribetheTechnicalSafetyArchitecturehere,includingthederivationoftheTechnicalSafetyRequirementsontheSystemLevel.
Referencestomoredetailedinformation
Referenceadditionalinformationsuchasspecificationsandrequirements.
HardwareSafetyRequirements
Overview
Inthissection,describehowHardwareSafetyRequirementshavebeenderivedfromTechnicalSafetyRequirementsontheSystemLevel.Alsodescribehowtheyhavebeenreviewedforcorrectnessandhowtheyhavebeenverified.
Referencestomoredetailedinformation
Referenceadditionalinformationsuchasspecificationsandrequirements.
SoftwareSafetyRequirements
Overview
Inthissection,describehowSoftwareSafetyRequirementshavebeenderivedfromTechnicalSafetyRequirementsontheSystemLevel.Alsodescribehowtheyhavebeenreviewedforcorrectnessandhowtheyhavebeenverified.
Referencestomoredetailedinformation
Referenceadditionalinformationsuchasspecificationsandrequirements.
Verification&Validation
SummaryofSafetyRequirements’verification
Summarizetheverificationofthesafetyrequirements.
ElectronicUnitSafetyTesting
ElectronicUnitSystemSafetyTestResults
SummarizethetestresultsfromtheSafetyTestingonSystemLevelinthissection.
ElectronicUnitHardwareSafetyTestResults
SummarizethetestresultsfromtheHardwareSafetyTestinginthissection.
ElectronicUnitSoftwareSafetyTestResults
SummarizethetestresultsfromtheSoftwareSafetyTestinginthissection.
SafetyRequirementsReviewResults
IncasesomeSafetyRequirementsareverifiedbyreview,summarizethereviewresultsinthissection.
Qualificationtesting
Functionaltestingoncompleteassemblylevel(mechanicalandelectronical)
Summarizethetestingonthecompleteassemblylevel,combiningbothmechanicalandelectronicalsystemsinthissection.
EMCtesting
SummarizetheEMCtestingonthecompleteassemblylevel,combiningbothmechanicalandelectronicalsystemsinthissection.
Environmentaltesting
Summarizetheenvironmentaltestingonthecompleteassemblylevel,combiningbothmechanicalandelectronicalsystemsinthissection.
SafetyAnalyses
Methods&Results
Describeanddetailtheresultsfromthesafetyanalysesaswellasthemethodsthathavebeenused.
HardwareMetrics
SummarizetheHardwareMetricsfromtheFMEDAinthissection.
10SupportingArgumentation
KAhasanextensiveprocesstoensurequality,timingandsafetyduringtheentireproductdevelopment.
TheKAproductdevelopmentprocessiscalledKBD,“KnowledgeBasedDevelopment”.ItisdescribedbyasetofpagesontheKAIntranet,inthesection“XXAutomotiveManagementSystem”,visualizingtheprocessphasesandstepsinagraphicalway.
Production
ProductionPlan&ProductionControlPlan
DescribehowtheProductionPlanandProductionControlPlanhandlesafetycriticaltasksandhowfaultsthatcanbesafetyrelatedarehandledwhenfoundduringtheproduction.
Operation,ServiceandDecommissioning
Operation
Describehowtheenduserdocumentationrelayssafetyrelatedinformationtotheenduserwhereapplicable.Ifenduserdocumentationisomitted,argueforwhythatisacceptable.
Service
Describethelimitationsforserviceinordertonotbreachsafetycompatibility.
Decommissioning
Ifthereareanyspecialconsiderationsforthesafedecommissioningoftheproduct,describehowthatinformationisrelayedtothepersonnellresponsibleforsuchtasks.
FieldMonitoring
DescribetheKAfieldmonitoringprocessusedintheproject.
RequirementsManagement
Describehowrequirementsarehandledintheproject.Ifapplicable,referencetheKARequirementsManagementprocess.
ConfigurationManagement
ReferencetheKAConfigurationManagementProcess.
ChangeManagement
ReferencetheKAChangeManagementProcess.
Verification
Seesection9.4.
Documentation
ArguethatanadequateamountofSafetyDocumentationhasbeenperformed,referencetheSafetyPlanandstateifalllisteddocumentationhasbeenperformed.
ConfidenceintheUseofSoftwareTools
ArguethatallsoftwareusedduringallphaseshavebeenassignedaToolImpactLevelandthatalltoolsthathavebeenidentifiedaspossiblyaffectingthesafetyalsohavebeenclassifiedandverifiedfortheirintendeduse.
Referencethereportfromtheanalysisoftheconfidenceinthesoftwaretools.
QualificationofSoftwareComponents
Ifre-useofSoftwareComponents