08. Reducing Risk with Systems Engineering
Introduction to the Lane Assistance System
Throughout the functional safety module, you will use a lane assistance system as a practical example. The lane assistance system will be the basis of the final project as well.
Lane assistance technology is relatively new in the automotive world. A lane assistance system generally has two functions:
- lane departure warning
- lane keeping assistance
If a driver departs a lane without using a turn signal, the system assumes that the driver has become distracted and did not mean to leave the lane. The system will vibrate the steering (lane departure warning) and also move the steering wheel back towards the lane center (lane keeping assistance).
Lane assistance technology represents an intermediate step on the way to fully autonomous driving. In this video, you will hear references to the lane assistance system, lane departure warning and lane keeping assistance. The Hazard Analysis and Risk Assessment lesson will go into more detail about how this system works. While multiple fields use the approach described in this concept, we offer systems engineering as an example. Systems engineering is an interdisciplinary field of engineering and engineering management that focuses on the design and management of complex systems.
The Basics of Systems Engineering
L1 17 Reducing Risk With System Engineering
What is a System?
What exactly is a system? ISO 26262 defines a system as a:
[1.129] set of elements that relates at least a sensor, a controller and an actuator with one another. The related sensor or actuator can be included in the system, or can be external to the system. An element of a system can also be another system.
(Note that an element is defined by ISO 26262 [1.32] as a system or part of a system including components, hardware, software, hardware parts, and software units ).
Admittedly, the definition of a system is a little bit hard to pin down.
For the purposes of the rest of this module, a system will be a part of the vehicle that provides some functionality.
We will specifically look at a simplified version of an advanced driver assistance lane keeping system that helps the driver stay centered in a lane.
The V Model
To organize a system analysis, system engineers use what are called process models. These process models provide a framework for conducting a methodical systems analysis.
ISO 26262 uses a process model called the V model. Before we introduce ISO 26262 and its specific version of the V model, let's discuss the characteristics of a generic V model.
Generic V Model
The V model starts in the upper left corner, moves down to the bottom center, and then moves back up to the upper right corner.
The left side of the V represents the design phase; this is where you
- plan what your system needs to do (requirements engineering)
- plan what the system needs to look like (system architecture design).
Left Side of the V Model
The right side of the V represents the testing, verification and integration; on the right side, you Build prototypes Test and verify prototypes to see if they do what you said they would do in the design phase Integrate your prototype with other parts of the vehicle.
Right Side of the V Model
The top part of the V represents the entire vehicle as a single system. As you traverse down the left side of the V, you focus on smaller and smaller subsystems. As you go up the right side of the V, you integrate your subsystems into larger and larger systems.
At the top left, you start with a bird's eye view of your entire vehicle. As you move down the left side, you start to split your vehicle into subsystems like climate control, entertainment system, steering system, braking system, etc. You then define requirements and system architectures for each sub-system.
Then you focus on a sub-system, like the climate control system, and break down the climate control system into its own sub-systems like the electronic control unit, the temperature sensor, the fan, the air filter, etc. Each sub-system will have its own design requirements and design architecture.
Notice as well that you can connect the right side of the V and the left side of the V. For every prototype you make or test you run, you can check back to see if the results match the design specifications.
Connecting the right and left side of the V
Other Process Models
Two other popular process models include the Spiral model and the Waterfall model . They are not, however, part of the ISO 26262 standard.
Although we will not be covering them in the functional safety module, these two other models are also commonly used in systems engineering.
V Model Quiz
The V Model
QUIZ QUESTION: :
Match the part of the V model with its purpose
ANSWER CHOICES:
|
Part of the V model |
Purpose |
|---|---|
|
Sub Systems |
|
|
Testing and Integration |
|
|
System Design |
|
|
Integrated Systems |
SOLUTION:
|
Part of the V model |
Purpose |
|---|---|
|
Sub Systems |
|
|
Testing and Integration |
|
|
System Design |
|
|
Integrated Systems |
Engineering Requirements and the ISO 26262 Standard
Requirements engineering is a sub-discipline of systems engineering. Because ISO 26262 is based on systems engineering principles, defining requirements comes up repeatedly in the standard.
Throughout the V model, one of the most important steps is defining requirements. In layman's terms, a requirement says what a system is supposed to do. What is the system's function? Requirements almost always start off with the phrase, "X shall …..".
As you travel down the left side of the V model, you will generally take requirements from the previous step and then refine them in the current step. It makes sense that requirements would be refined at each level; as you travel down the V, you dive into sub systems with increasing detail.
Then you start to move up the right side of the V. First, you'll test your temperature sensor to make sure it functions correctly according to its design requirements. You will do the same for all of the air conditioning subsystems. Then you will integrate the temperature sensor with the electronic control unit and run more tests to make sure they play well together.
You move up the V until you have a complete air conditioning system that functions according to its design specifications. You move up the V and integrate the air conditioning system with the other electronic systems in the vehicle, and then you test again. Eventually, when you get to the top right side of the V, you will have a complete car ready for production!
For every design step on the left side of the V, there is a corresponding test and integration step on the right side of the V. You test your system and then go back and see if the test results match the design requirements and specifications. The correspondence between the left and rights sides of the V is one of the advantages of the V model.