SLYY183A january   2020  – january 2020 DRV3245Q-Q1 , TPS653853-Q1

PRODMIX  

  1.   1
  2.   Overview
  3.   Welcoming the by-wire era – this time with trust
  4.   “Fail-safe” systems transition to “fail-operational” systems
  5.   Electrification of the powertrain and the added considerations for functional safety
  6.   Functional safety in high-temperature applications
  7.   Human factors
  8.   Meeting the challenges of evolving functional safety systems
  9.   Related content

Human factors

The ISO TC22/SC32/WG8 working group introduced the concept of safety of the intended function (SOTIF) for future publication in ISO/publicly available specification (PAS) 21448. The purpose of SOTIF is to create a framework to identify, verify and validate unreasonable risks for advanced driver assistance systems (ADAS) and autonomous vehicles, even in the absence of malfunctions (failure) of hardware and software.

So far, I’ve focused on fail-safe and fail-operational systems (emphasis on the word “fail”), but autonomous systems require further considerations in the absence of failures. Autonomous by-wire systems simulate haptic feedback to make up for the mechanical feedback that drivers are accustomed to. In steer-by-wire systems, a motor is mounted on the steering wheel to simulate the mechanical feedback from the steering column. By-wire braking systems often implement a similar haptic actuator. These haptic mechanisms rely on a combination of sensors and complex algorithms that actuate the haptic actuator to provide feedback.

While the application of ISO26262:3:2018 is suitable for analyzing situations where the feedback actuator fails, it does not address situations where the feedback actuator is operational but the algorithm is presented with unexpected sensor information that it cannot interpret correctly. This scenario could lead to incorrect haptic feedback to the driver, resulting in an unknown and unsafe steering maneuver. SOTIF attempts to provide a framework for these scenarios.