Functional safety based on ISO 26262, IEC 61508 & industry-specific standards
Whether it's the increasing number of control units in the vehicle, the advancing electrification or the increase of Car-to-X communication as well as software-based functionalities in general, one thing is certain: Functional safety is becoming increasingly important for manufacturers and developers. Our experienced, technically adept functional safety experts assist the auto-motive industry and other industries to solve these future challenges.
Mobility for tomorrow – The vehicle's system is becoming ever more complex
Functional safety has become increasingly important for automotive development in recent years, and it is clear that this development will continue in the future. The number of new, safety-related functions in the automobile will continue to increase on the way to highly automated and fully automated driving. The complexity of the "vehicle system" increases because of this; the interactions between individual functions will become even more prominent.
In addition, hybrid and electric vehicles set additional requirements from functional safety standpoint, since electric motors have much higher dynamics in their ability to influence drive torque ("torque jumps") than internal combustion engines, and safety concepts for battery and charging management must also be provided. With their many years of expertise in functional safety, our experts support the automotive industry in solving these questions of the future.
Software instead of pure mechanics – "X-by-Wire" systems as an example
For some time now, in addition to the actual functionality, the range of comfort and safety functions in automobiles has steadily increased. At the same time, the number of control units has also increased. The networking of these control units is becoming more and more complex, which is reinforced by the increasing range of functions of the individual control units. More and more functions that could previously only be implemented mechanically are now performed by software.
A good example of this are all "X-by-Wire" systems: Here, the command is detected by a sensor and electronically sent via the control unit to the electro-mechanical actuator, which executes this command. Furthermore, all software functions that actively intervene in the longitudinal dynamics, for example to transmit a required drive torque to the wheels from the engine via the transmission, or to control the brake booster must interact with the control of the transverse dynamics.
Get in touch with us!
Are you planning a project with a safety-critical aspect where functional safety must be firmly implemented right from the start? Or do you need additional support in the area of safety concept and architecture? Then we should talk! You can reach us at:
Functional safety – Prevent intolerable risks
All of this must work flawlessly because any undetected or unhandled fault can, in the worst case, have fatal effects on the handling or even controllability of the vehicle. Therefore, every single system must be designed to prevent any intolerable risk in the case of a malfunction. This requirement is also referred to as "Functional Safety" and represents a core competence of Schaeffler Engineering.
Functional safety in the automotive sector is regulated by the ISO Standard 26262, which defines the procedure for designing safety-related programmable electrical or electronic systems in automobiles, taking into account all the necessary activities, work products and methods in development and production. The standard reflects the state of the art and has become the de facto standard since its first publication in 2011. An updated version, taking into account the application experience, was published at the end of 2018.
Our mission: Functional safety applies all industries
For Schaeffler Engineering, ISO 26262 is the basis of all measures in the area of functional safety in the automotive sector. We are also familiar with IEC 61508 and industry-specific standards for applications beyond the scope of ISO 26262.
Our range of services includes the creation of hazard and risk analyses, the derivation of safety goals and safety requirements, and the development of suitable safety concepts and structures.
Our functional safety experts not only take care of the concept, but also support and take over the entire system development, the development of electronics and software, verification and validation, electronic integration, setup and application.
Our principle: Always consider functional safety at an early stage at an overall system level
The fact that functional safety should not be considered in isolation from the actual system development, but instead should be seen as an interdisciplinary task, is of particular importance. For this reason, the consideration of functional safety at Schaeffler Engineering always starts at an early stage on an overall system level, in order to identify potential hazards and risks early on.
In the automotive sector, such hazards may be, for example, unwanted acceleration, deceleration that was not caused by the driver or a dangerous distribution of the drive torque between the wheels. Based on this, our engineers develop an architectural concept that best meets the specific requirements of functional safety from a functional and economic point of view. An important question might be, for example, how much hardware and software redundancy should be provided in order to achieve the required safety integrity of a function with reasonable effort.
Achieving “safe” safety-relevant functions
The primary principle is to prevent an intolerable risk due to a malfunction by, for example, initiating degraded operation or transition to a safe state, in which no more harm is caused by the system. The measures follow a classification (in the automotive sector; e.g. by determining the respective "ASIL", short for Automotive Safety Integrity Level), which considers the danger to the user ("Severity"), the frequency of the occurrence ("Exposure") and the Controllability when the malfunction occurs.
Functional safety knows no compromises: The system must not contain intolerable risks and it must also be robust against missingt or faulty input signals from other control units.
The reasons for malfunctions are very diverse, but can be classified into two categories.
1. The first category relates to malfunctions during operation, for example caused by hardware defects such as the failure of a sensor. In this case, the system must detect the failure and react to it with a corresponding mechanism, such as the fallback to re-dundant information or, in an extreme case, the transition to a safe state.
2. The second category includes all systematic errors, such as software errors. In this case, the clear objective must be to avoid such errors already in the development pro-cess or to recognize and correct them early in the development process, for example if an algorithm responds incorrectly to a rare combination of input parameters.
Our engineers and test experts develop suitable strategies for comprehensive verification and validation - from the safety concept to the complete system.
Whether it's an ongoing project where you need additional experts for safety-relevantcritical applications, or if you are still in the planning phase of such a project, we are the right partner for you when it comes to functional safety.
Would you like to know more about our experience and core competence in the field of func-tional safety? Then contact us at: