This post describes the functional safety specifications. Many people have already posted about the ISO 26262 functional safety standard, so I will skip it in this post.
Functional safety specifications (see figure below) mainly include specifications for abnormality detection and diagnostic NG judgment, fail-safe at the time of abnormality detection and fail-safe at the time of diagnostic NG judgment. Functional safety specifications are issued by the design source as shown in the system block diagram. Functional safety specifications as software are as follows.
| Type | |
|---|---|
| MCU Internal Functions | Interrupt function, Timer function, CPU, Core, RAM, FROM, EEPROM, etc. |
| RTOS | Thread (Task) Period, Thread (Task) Missing, Stack, CPU Load, etc. |
supplement
Although not a specification, ISO 26262 also specifies quality control and program code, unit test coverage levels, and verification. However, program code and verification will not change just because it is fundamentally functional safety. The coverage level of the unit test should also just always be done at the MC/DC level, regardless of the ASIL determination. Regarding quality control, I don’t see any major problems as long as traceability is performed and compliance with IATF 16949 is achieved.