Key Points in the Development and Implementation of Automotive Functional Safety Systems

As the automotive industry accelerates towards intelligent and connected vehicles, functional safety plays a crucial role in ensuring the safety of vehicles and occupants. This article focuses on the key points in the development and implementation of automotive functional safety systems. Expert Teng Yulin, who specializes in automotive safety solutions, provides an in-depth analysis based on ISO 26262 standards and extensive practical experience. The discussion covers the implementation process of functional safety development in the system phase, design concepts for system safety solutions, and the differences between system safety testing and system testing. ### Introduction to the Instructor and Course Background Teng Yulin is a certified functional safety expert by TUV NORD and DEKRA, and serves as a trainer for automotive safety and intended safety courses. He has led safety teams for various OEMs and suppliers, focusing on real-world safety projects in areas such as advanced driver assistance systems (ADAS) and chips. His experience includes the design and development of Level 2+ TJP ADAS, safety analysis for automated parking and vehicles, functional safety concept development for new energy vehicles, and the establishment of safety systems for ADAS domain controllers and intelligent cockpit systems. In the course, Teng emphasizes the core of system phase development as the implementation and validation of technical safety concepts to ensure safety across the entire process from product level to system level. The course is divided into three parts: the implementation process of functional safety development in the system phase, design concepts for system safety solutions, and the differences between system safety testing and system testing, aimed at helping participants understand the application and practice of the ISO 26262 standard at the system level. ### Implementation Process of Functional Safety Development in the System Phase In automotive functional safety development, the system phase is a crucial link between the concept phase and hardware/software development. The core goal is to transform the safety objectives defined in the concept phase into executable system-level safety solutions and verify their effectiveness through integration testing. According to ISO 26262, the system phase mainly includes sections 4-5 (general topics for system-level product development), 4-6 (technical safety concepts), 4-7 (system and item integration and testing), and 4-8 (safety confirmation). Each section is independent yet interconnected, forming a complete development chain for the system phase. #### Core Scope and Positioning of the System Phase The ISO 26262 standard divides functional safety development into two dimensions: static architecture and lifecycle. The system phase corresponds to the static architecture '4. Product development at the system level', where the core tasks are to refine safety requirements based on the output from the concept phase and design technical safety solutions, validating their feasibility through integration testing. It is essential to clarify that the verification of functional safety concepts in the concept phase (3-7) is not completed there but is implemented in the system phase's 4-7 section. This is because functional safety concepts involve designing safety mechanisms at the vehicle level, which can only be fully validated through system and vehicle-level integration testing. Furthermore, section 4-7 not only undertakes system-level integration testing but also covers vehicle-level (item) integration testing, where 'item' refers to units that implement or partially implement vehicle functions. Thus, 4-7 is a critical node linking system design to vehicle validation. The 4-8 section (safety confirmation) focuses on verifying whether the safety objectives defined in the concept phase are achieved. It examines whether the safety objectives, functional safety concepts, and elements involved in hazard analysis and risk assessment (HARA) meet the requirements of safety objectives. #### Core Deliverables of the System Phase The outputs of the system phase must be standardized documents serving as the basis for subsequent hardware and software development and testing. Key deliverables include: 1. **Technical Safety Requirements (TSR)**: These are refinements and realizations of the functional safety concept (FSC), clarifying the safety features the system must meet. 2. **Technical Safety Concept (TSC)**: This is the core framework of the system-level safety solution, defining safety mechanisms to achieve technical safety requirements. 3. **System Architecture Design Specification**: This incorporates safety-related design changes into the original product architecture to form a system architecture that meets functional safety requirements. 4. **Hardware-Software Interface Specification (HSI)**: This defines the interface requirements for safety mechanisms between system elements, including signal formats and transmission protocols. 5. **Manufacturing, Operations, Service, and Disposal Requirements Specification**: This clarifies the production, operational, and disposal requirements related to safety mechanisms. 6. **Verification Report**: This records compliance checks of the system phase output documents, including confirmation and verification reviews. 7. **Safety Analysis Report**: This includes system-level safety analysis results using methods like fault tree analysis (FTA) and failure mode and effects analysis (FMEA). #### Testing Strategy for System Integration Testing in the system phase must follow a 'ladder' principle, progressing from hardware/software integration to system integration and finally achieving vehicle-level integration, ensuring the effectiveness of safety mechanisms at each level. Tests should verify the execution of HSI specifications and the correctness of safety mechanisms in hardware/software interactions. ### Design Concepts for System Safety Solutions The design of system safety solutions must center around safety objectives, combining system architecture and functional requirements to construct viable safety mechanisms. The core logic involves 'requirement decomposition - mechanism design - verification iteration'. This article discusses the steps involved in designing inputs, transforming requirements, and key elements of technical safety requirements. ### Differences Between System Safety Testing and System Testing The objectives and methods of system safety testing significantly differ from conventional system testing. System safety testing focuses on verifying whether safety mechanisms meet safety objectives under fault scenarios, while system testing verifies whether functions meet design requirements in normal scenarios. The system phase serves as a 'bridge' in the development of automotive functional safety, transitioning safety objectives from the concept phase into viable engineering solutions through standardized processes, clear requirement definitions, reliable safety mechanisms, and layered testing. The core challenge lies in balancing safety and usability to ensure robust safety without incurring excessive costs or performance losses in the development process.