05. Allocation of Requirements to System Architecture Elements
Technical Safety Requirements Review
Here is a list of the technical safety requirements we have identified so far. This list might be helpful as you watch the video below.
-
The LDW safety component shall ensure that the amplitude of the 'LDW_Torque_Request' sent to the 'Final electronic power steering Torque' component is below 'Max_Torque_Amplitude.
-
As soon as a failure is detected by the LDW function, it shall deactivate the LDW feature and the 'LDW_Torque_Request' shall be set to zero.
-
As soon as the LDW function deactivates the LDW feature, the 'LDW Safety' software block shall send a signal to the car display ECU to turn on a warning light.
-
The validity and integrity of the data transmission for 'LDW_Torque_Request' signal shall be ensured.
-
Memory test shall be conducted at start up of the EPS ECU to check for any faults in memory.
L5 12 Allocation Of Requirements To System Acrchitecture Elements
Other Things to Consider
Here are a few constraints to consider when refining a system architecture in a technical safety concept:
- Elements inherit the highest ASIL from the technical safety requirements. So if the same software element provides functionality to the lane departure warning and lane keeping assistance functions, the higher ASIL wins. In this case, the lane departure warning had ASIL C whereas the lane keeping assistant had ASIL B. So ASIL C wins.
- If an element contains subelements with different ASILs, both sub-elements receive the highest ASIL. If a subelement has an ASIL but another subelement is QM, then the same rule applies and both will take the highest ASIL. The exception is if the criteria for coexistence is met. Criteria for coexistence was already discussed in the previous lesson. If a failure in one sub-element will not affect the other sub-element, then the sub-elements can have different ASILs.
- Internal and external interfaces for safety-related elements need to be clearly defined. This way non-safety related elements are clearly identified as well.
System Diagram
Here is a system diagram with the added functionality from the technical safety requirements:
System Architecture Taking into Account Lane Departure Warning Technical Safety Requirements
Allocation: Functional Safety Concept versus Technical Safety Concept
In the functional safety concept, you allocated all of the requirements to the EPS ECU. Now, your system diagram has a lot more detail. So it isn't enough to say that the technical safety requirements are allocated to the EPS ECU; the technical safety requirements will be allocated to different software elements such as the "LDW Safety Functionality" block, the "Data Transmission Integrity Check", or other relevant blocks inside the EPS ECU.
Allocation for the Other Technical Safety Requirements
With the information we've given about the lane departure warning technical safety requirements, you can derive a few technical safety requirements for the lane keeping assistance function and then allocate the requirements to the architecture. This will be part of the project.
Quiz: Functional Safety Requirements versus Technical Safety Requirements
Functional versus Technical Safety Requirements
QUIZ QUESTION: :
Decide which belong to functional safety requirements and which belong to technical safety requirements
ANSWER CHOICES:
|
Description |
Requirement Type |
|---|---|
|
Functional Safety Requirements |
|
|
Technical Safety Requirements |
|
|
Functional Safety Requirements |
|
|
Technical Safety Requirements |
SOLUTION:
|
Description |
Requirement Type |
|---|---|
|
Functional Safety Requirements |
|
|
Functional Safety Requirements |
|
|
Technical Safety Requirements |
|
|
Technical Safety Requirements |
|
|
Functional Safety Requirements |
|
|
Functional Safety Requirements |
|
|
Technical Safety Requirements |
|
|
Technical Safety Requirements |