ASIL Inheritance

L4 10 Function Safety Requirements And ASIL Inheritance

INSTRUCTOR NOTE:

As noted in a note to a previous video, the "QM" rating does not mean functional safety is irrelevant - QM approaches need to be applied to ensure lower level risks are mitigated, but they are not directly covered under ISO 26262.

Electronic Power Steering SubSystem ASIL

We didn't directly talk about the driver steering sensor or the motor that turns the steering wheel. We simplified things marking both as ASIL C even though the functional safety requirements only pertained to the power steering ECU.

The motor to turn the steering wheel would also be marked ASIL C since it is an integral part to ensuring the lane assistance torque does not create unsafe conditions. You can consider that the entire lane keeping item has the highest ASIL identified from the hazard and risk analysis unless you can justify otherwise.

Remember that our example is a simplification of a real system. By virtue of safety requirements that comprise the safety goal design parameters, there would be functional safety requirements directly associated with to the steering wheel motor as well as the driver torque steering wheel sensor. In fact, most auto manufacturers would label an entire electronic power steering system ASIL D based on a hazard analysis and risk assessment.

Quiz

For the lane keeping assistance function, recall that the safety goal was that the "Lane keeping assistance function shall be time limited and the additional steering torque shall end after a given timer interval so that the driver can not misuse the system for autonomous driving".

The functional safety requirement was that "the electronic power steering ECU shall ensure that the lane keeping assistance torque is applied for only Max_Duration".

What is the ASIL of the functional safety requirement?

ASIL of the lane keeping assistance function

SOLUTION:

B