功能安全需求书写 汽车电子咖啡厅.pdf

1、How to write requirement which fulfill ISO 26262 For Rheinland Functional Safety Workshop Prepared by Jun Jiang 2016-08-26 Agenda HELLA FUSI team Introduction FUSI Requirement for Requirement Engineering Method for Requirement Combination Summary Prepared by Jun Jiang. II All right reserved by HELLA

2、. 2 HELLA Group Overview Partner of the automotive industry and the aftermarket for over 100 years Global family-owned company with more than 100 locations in over 35 countries Sales of 5.8 billion FY 2014/2015 Approx. 32,000 employees worldwide, thereof over 6,000 in Research Velocity control 1999

3、15 projects ECU UP30; DMTR, EPS, STAR, CAPE, APS, TAS/TOS coming from ASIL A/B ASIL C/D ASIL A/B ASIL C/D ASIL A/B ASIL C/D 2003/4 2008 2010 2011 Hella process ready for functional safety“ HP-GE569 Start with process Release 1 HP-GE 569 Patch according ISO DIS 26262 Patch according ISO 26262 Release

4、d version is A mandatory Safety standard for automotive products - OEMs require complete implementation of ISO in Projects; Several OEM e.g. VW, Audi, BMW,Renault, PSA, GM developed internal guidelines 30 projects Each product segment affected, (Body, DAS, Energy, Components, Lighting, After Market,

5、 Non-Automotive) 5 projects PQ 35; BCM 2 2004 2009 2011 Avoiding of accidents is not only an order of the law but is also a command of the human obligation and economic rationality“ Werner von Siemens, 1880 Hella Shanghai Functional Safety Overview Since Mar. 2011 1 FUSI Manager 2011 GCAPE ASIL B 20

6、12 BCM ASIL B 2015 BMS ASIL C 2016 TAS/TOS ASIL D ASIL B Customer Projects SOPed 15 ASIL B Platform Projects 3 2 FUSI Manager + 1 SOM 3 Customer Projects w. ASIL B/C/D 30 Prepared by Jun Jiang ll All right reserved by HELLA. 6 Agenda HELLA FUSI team Introduction FUSI Requirement for Requirement Engi

7、neering Method for Requirement Combination Summary Prepared by Jun Jiang. II All right reserved by HELLA. 7 Functional Safety Requirement Overview Prepared by Jun Jiang. II All right reserved by HELLA. 8 F u n c t i o n a l S a f e t y D e v e l o p m e n tI t e m D e f i n i t i o nH A R AF S C ( V

8、 e h i c l e L e v e l )I n c l . v e h i c l e a r c h .S a f e t y A n a l y s i s( V e h i c l e L e v e l )F S C ( S Y S L e v e l )I n c l . s y s t e m a r c h .T S C( I n s i d e S Y S r e q . )S a f e t y A n a l y s i s( S y s t e m L e v e l )H W / S W R e q u i r e m e n tH W / S W T e s

9、tS y s t e m T e s tN AT e s tS a f e t y V a l i d a t i o nH W / S W D e s i g n V e r i f i c a t i o nRequirement The requirement to Engineering Requirement inside ISO 26262 To each requirement Unambiguous and Comprehensible Atomic Internally consistent Feasible Verifiable With below attributes

10、A unique ID A status (such as approved) An ASIL To requirement work product Hierarchical structure Organizational structure (CM) Completeness External consistency No duplication of information Maintainability Traceability Prepared by Jun Jiang. II All right reserved by HELLA. 9 Refer to ISO 26262-Pa

11、rt 8 Reason for those Characteristics / Attribute / Properties Prepared by Jun Jiang. II All right reserved by HELLA. 10 Correctness Complexity Distribute Development Hierarchical Structure Information Model 1. Traceability 2. Completeness 3. Consistency 4. No duplication 5. Unambiguous and Comprehe

12、nsible 6. Atomic 7. Testability 8. Attribute Transfer Human Technical 1. Traceability 2. Test Method 3. Example - Structure Structure of Entire Safety Related Work Product Information Model Each Requirements structure Prepared by Jun Jiang. II All right reserved by HELLA. 11 ID Requirement Content T

13、ype (Req., Info, Headline) ASIL Level + Safety Goal ID Status (Approved, pending) Test Level Test Method Change Record Link - Traceability FSC TSC Customer Requirement System Requirement Parameter HW Req. Spec SW Req. Spec Just Example Traditional Requirement Content Requirement traditional content

14、Who When Where At which condition Do what Prepared by Jun Jiang. II All right reserved by HELLA. 12 Easy to Understood, No misunderstanding Word Picture / Module Mathematic Language / Program Code Agenda HELLA FUSI team Introduction FUSI Requirement for Requirement Engineering Method for Requirement

15、 Combination Summary Prepared by Jun Jiang. II All right reserved by HELLA. 13 Method for Requirement Creation Prepared by Jun Jiang. II All right reserved by HELLA. 14 System Requirement (Function Requir.) Functional Safety Requirement New Requirement which fulfil ISO 26262 Relationship between tho

16、se 2 requirement Prepared by Jun Jiang. II All right reserved by HELLA. 15 System Requirement (Function Requirement) Functional Safety Requirement With impact Without impact Relationship Prepared by Jun Jiang. II All right reserved by HELLA. 16 System Requirement (Function Requirement) Functional Sa

17、fety Requirement 3 Main Attributes of Product (Function) Prepared by Jun Jiang. II All right reserved by HELLA. 17 Reliability (dependability, trustworthiness) Functional Safety Information Security & Privacy Accident prevention (protection against random failures) Attack prevention (protection agai

18、nst malicious manipulations) Failure Attack System Requirement (Function Requirement) Combination Prepared by Jun Jiang. II All right reserved by HELLA. 18 Customer Requirement FSC (FSR) Cybersecurity Concept Reliability/Testability/Maintenance System Requirement Each Attribute Summary From Function

19、al Safety Aspect, Tool such as SYSML/UML tools better for requirement engineering. Functional Safety Requirement shall be treated as an attribute of function, and it is just part of system requirement / HW requirement / SW requirement. Prepared by Jun Jiang. II All right reserved by HELLA. 19 Thank

20、You Very Much Any Question, please Contact With Me: Name: Jun Jiang / 蒋军 Tel: 021 6160 7302 Email: Jun.JiangHella.Com Backup Prepared by Jun Jiang. II All right reserved by HELLA. 21 Agenda Responsibility Distribution (Distribution Development） Vehicle Level FUSA Design Item definition Initiation of

21、 the Safety Life Cycle HARA Functional Safety Concept System Level FUSA Design Safety Analysis Technical Safety Concept System Design Integration and Testing Safety Validation (Vehicle Level) Assessment Release for Production Prepared by Jun Jiang. II All right reserved by HELLA. 22 Agenda Responsib

22、ility Distribution (Distribution Development） Vehicle Level FUSA Design Item definition Initiation of the Safety Life Cycle HARA Functional Safety Concept System Level FUSA Design Safety Analysis Technical Safety Concept System Design Integration and Testing Safety Validation (Vehicle Level) Assessm

23、ent Release for Production Prepared by Jun Jiang. II All right reserved by HELLA. 23 Prepared by Jun Jiang. II All right reserved by HELLA. 24 功 能 安 全 活 动概览 2 - 5 整 体 安 全 管 理 2 - 6 概 念 阶 段 和 产 品 开 发 阶 段 的 安 全 管 理 2 - 7 生 产 发 布 后 的 安 全 管 理2 . 功 能 安 全 管 理3 . 概 念 阶 段3 - 5 相 关 项 定 义3 - 6 安 全 生 命 周 期 启 动

24、3 - 7 危 害 分 析 和 风 险 评 估3 - 8 功 能 安 全 概 念4 . 产 品 开 发 ： 系 统 层 面4 - 5 系 统 层 面 产 品 开 发 启 动4 - 6 技 术 安 全 要 求 规 范4 - 7 系 统 设 计4 - 1 1 生 产 发 布4 - 1 0 功 能 安 全 评 估4 - 9 安 全 确 认4 - 8 相 关 项 集 成 和 测 试5 . 产 品 开 发 ： 硬 件 层 面5 - 5 硬 件 层 面 产 品 开 发 启 动5 - 6 硬 件 安 全 要 求 规 范5 - 7 硬 件 设 计5 - 8 硬 件 架 构 指 标5 - 9 由 硬 件 随 机

25、 失 效 而 违 反安 全 目 标 的 评 估5 - 1 0 硬 件 集 成 和 测 试6 . 产 品 开 发 ： 软 件 层 面6 - 5 软 件 层 面 产 品 开 发 启 动6 - 7 软 件 架 构 设 计6 - 8 软 件 单 元 设 计 和 实 现6 - 9 软 件 单 元 测 试6 - 1 0 软 件 集 成 和 测 试6 - 1 1 软 件 安 全 要 求 验 证7 . 生 产 和 运 行7 - 5 生 产7 - 6 运 行 、 维 护 和报 废Prepared by Jun Jiang. II All right reserved by HELLA. 25 功能安全活动概览

26、F u n c t i o n a l S a f e t y D i s t r i b u t i o n D e v e l o p m e n tI t e m D e f i n i t i o nH A R AF S C ( V e h i c l e L e v e l )I n c l . v e h i c l e a r c h .S a f e t y A n a l y s i s( V e h i c l e L e v e l )F S C ( S Y S L e v e l )I n c l . s y s t e m a r c h .T S CS a f e

27、t y A n a l y s i s( S y s t e m L e v e l )H W / S W D e v e l o p m e n tH W / S W T e s tS y s t e m T e s tN AN AN AN AS a f e t y V a l i d a t i o nPrepared by Jun Jiang. II All right reserved by HELLA. 26 Terms plan to manage and guide the execution of the safety activities of a project inclu

28、ding dates, milestones, tasks, deliverables, responsibilities and resources 1.112 Safety Plan activity performed in one or more sub-phases of the safety lifecycle 1.104 Safety Activities entirety of phases from concept through decommissioning of the item 1.72 Lifecycle development of an item or elem

29、ent with development responsibility divided between the customer and supplier(s) for the entire item or element, or for subsystems 1.27 Distributed Development Component development interface agreement agreement between customer and supplier in which the responsibilities for activities, evidence or

30、work products to be exchanged by each party are specified 1.24 DIA argument that the safety requirements for an item are complete and satisfied by evidence compiled from work products of the safety activities during development 1.106 Safety Case Prepared by Jun Jiang. II All right reserved by HELLA.

31、 27 Distribution #1 S a f e t y D e v e l o p m e n t a t S u p p l i e rS a f e t y M a n a g e m e n t a t S u p p l i e rS a f e t y D e v e l o p m e n t a t O E MS a f e t y M a n a g e m e n t a t O E MS a f e t y P l a n S a f e t y C a s eI t e m D e f i n i t i o nH A R AF S C ( I n c l . F

32、 U S I A r c h . )S a f e t y V a l i d a t i o nS a f e t y P l a n S a f e t y C a s eT S C / S y s R SH W / S WD e v e l o p m e n tH W / S WT e s tA u d i t / A s s e s s m e n tS Y S T e s tA u d i t / A s s e s s m e n tD I APrepared by Jun Jiang. II All right reserved by HELLA. 28 Distributio

33、n #2 S a f e t y D e v e l o p m e n t a t S u p p l i e rS a f e t y M a n a g e m e n t a t S u p p l i e rS a f e t y D e v e l o p m e n t a t O E MS a f e t y M a n a g e m e n t a t O E MS a f e t y P l a n S a f e t y C a s eI t e m D e f i n i t i o nH A R AF S C ( I n c l . F U S I A r c h

34、. )S a f e t y V a l i d a t i o nS a f e t y P l a n S a f e t y C a s eT S C / S y s R SH W / S WD e v e l o p m e n tH W / S WT e s tA u d i t / A s s e s s m e n tS Y S T e s tA u d i t / A s s e s s m e n tD I AT S C / S y s R SPrepared by Jun Jiang. II All right reserved by HELLA. 29 Distribut

35、ion #3 S a f e t y D e v e l o p m e n t a t S u p p l i e rS a f e t y M a n a g e m e n t a t O E MS a f e t y P l a n S a f e t y C a s eI t e m D e f i n i t i o nH A R AF S C ( I n c l . F U S I A r c h . )S a f e t y V a l i d a t i o nT S C / S y s R SH W / S WD e v e l o p m e n tH W / S WT e s tA u d i t / A s s e s s m e n tS Y S T e s tD I AS a f e t y M a n a g e m e n t a t S u p p l i e rS a f e t y P l a n S a f e t y C a s ePrepared by Jun Jiang. II All right reserved by HELLA. 30