01. Introduction

Concept Phase Versus Product Development Phase

ISO 26262 places the functional safety concept in the concept phase while the technical safety concept is part of the product development phase.

This is because the technical safety concept is more concrete and gets into the details of the item's technology. The product development phase also includes designing hardware and software. This lesson will only focus on the technical safety concept, and the next lesson will discuss hardware and software development.

As a reminder, here is a version of the V model that has been stretched out vertically. You can see the functional safety concept is the last step in the concept phase. The technical safety concept would belong to the product development at the systems level:

Product Development Phase

The product development phase is divided into two parts:

• Product development at the system level
• Product development at the hardware and software level

ISO 26262 treats an item as if it were a system of systems. Take the lane assistance item as an example. The item has three systems:

• Vision system (camera)
• Display system (car dashboard)
• Motion system (electronic power steering)

Before developing hardware or software, the technical safety requirements need to be determined for each of these systems. And before the technical safety requirements can be determined for each system, the functional safety requirements need to be determined for the lane keeping item.

So the technical safety concept involves:

• Turning functional safety requirements into technical safety requirements
• Allocating technical safety requirements to the system architecture

This will set us up for drilling down into software and hardware implementation in the next lesson.

Technical Safety Concept at the System Level versus Technical Safety Concept at the ECU Level

In the ADAS lane assistance example, we have said that the only safety-relevant subsystem is the electronic power steering. And our example has put most of the safety-relevant functionality in the power steering ECU.

This is a simplified example. Most of the time, multiple subsystems will be involved in a technical safety analysis. When there are multiple subsystems, the technical safety concept might have to be divided into more than one document.

One technical safety concept will be called the "Technical Safety Concept at the System Level". This document would look at how the subsystems interact with each other.

There might be a separate technical safety concept that drills down to the ECU level.
Each safety relevant ECU would have its own technical safety concept document.

In our simplified lane assistance example, the only safety relevant element was the electronic power steering ECU; thus, our technical safety concept will go directly to the ECU level. But in general, you will need to develop multiple technical safety concepts; one at the system level and then one for each safety relevant ECU.

Here is an diagram showing how a technical safety concept might be divided into several documents: