LHP Blog and Technical Articles

Electric Vehicle Considerations for Functional Safety Verification and Validation Testing

Written by Karilyn Odom | Mar 5, 2024 8:25:02 PM

Electric Vehicle Considerations for Functional Safety Verification and Validation Testing

The functional safety standard for the automotive industry, “ISO 26262: 2018 - Road vehicles – Functional safety,” provides guiding principles for developing hardware and software for safety-related functions and systems in vehicles. The number of “safety-related” automotive systems seems to be growing every year on all vehicles, including electric vehicles (EVs). This means more electric vehicle testing at all levels since the functional safety processes now encompass more components and systems vehicle-wide, for every type of vehicle including EVs. While some of this might at first seem redundant, this overlap is an important part of the way the standard works to reduce unreasonable risk consistently across all vehicle types.

As LHP’s Chief Technology Officer Steve Neemeh told our partner Jama Software in a recent collaborative expert column, mainstream acceptance of electric vehicles is moving forward, not without mishap, but will continue “as the infrastructure, engineering tools and capability, supply chain, and consumer acceptance, slowly catch up with the dream of pure clean mobility1.” Embedded power transfer research is currently underway2, possibly opening the door to wirelessly charging an EV while driving on certain stretches of roadway. There is also finally a small number of EVs on the threshold of the 1000-mile battery range category3. These two factors, demonstrating improvements in infrastructure and improvements in the day-to-day practicality of EVs, may well prove to be significant motivators for consumer acceptance. The ongoing improvements to the technology, as well as continuing consumer education on the topic of EVs and decreasing tailpipe emissions, are both factors that will lead to a likely increase in EV production and sales.

Another factor in the predicted increase in electric vehicle usage is a legal one. EVs are at the center of forthcoming regulations from the governments of at least seven leading industrial nations. These early-adopting nations (and in the U.S., the state of California with executive order N-79-204) intend these regulations to help decrease overall tailpipe emissions. These regulations, incentives, and improving infrastructure all add up to increasing numbers of electric vehicles on the roads.

EV functional safety compliance is a voluntary submission to the standard, and not mandatory unless required by contract; however, functional safety encompasses and encodes the best automotive safety practices. So, as the number of EVs being produced rises, it is likely that the demand within the industry for electric vehicles to comply with ISO 26262, will also increase. This leads us to ask, what special considerations are needed in the functional safety validation and verification testing of electric vehicles?


What is Verification and Validation Testing?

Considerations or special cases for electric vehicles within the verification and validation (V&V) testing processes require a definition of the tests. Verification and validation are two separate independent processes that the device must undergo. The “Verification” half of this expression entails testing the software and system in question for production quality and conformity to the requirements of the design. Verification confirms the operation of the device within the design guidelines. The “Validation” half involves testing to confirm that not only do the specified guidelines meet customer requirements, but also that the device, system, or component’s safety-specific design goals meet the requirements of the standard.

V&V testing is where functional safety becomes more iterative. What this means is that the component or system “under test” will be evaluated through all required testing, and then the developers or programmers will go back to adjusting the design of the product where required, based on the results of the testing.

From an engineering perspective, V&V tests are intended to reveal whether a component or system performs as expected and whether the written requirements for the component’s design were sufficient in the first place.

After the requirements are re-evaluated, engineers or designers can revisit the component’s design, to reconsider if this is sufficient to support the requirements. After the requirement and design evaluations are completed, the device can be reiterated. This could entail changes to hardware, software, or both. Finally, the component or system can be re-submitted to testing, and a new iterative cycle begins. The specific tests may even change, depending on the requirement and design necessities.

This is the typical order of software development (for both functional safety and many other industrial processes). It is important to note that V&V testing is not limited to a functional safety application; V&V testing protocols are used to monitor performance in all manner of design and development environments every single day. However, the safety goals and requirements inherent to the design, production, and testing of the various safety-related mechatronic devices in question are unique to functional safety.

Automotive manufacturing has been absorbing professionals from other industries where functional safety is already inherent, like commercial aviation. The point arises often that one reason for the improvements in aviation safety, for example, over the past several decades is the redundant nature of safety equipment and failsafe systems. Functional safety, with its iterative V&V test cycles and specific safety goals, is one way to move toward a safer future.

Electric vehicle requirements for V&V testing

Similarities with other types of vehicles

Except for battery management and usage, high voltage precautions, and the electric drive motor, functional safety for EVs can be considered largely the same as functional safety for many other new internal combustion and hybrid software-defined vehicles. They have much the same connectivity, the same elevated functions, advanced driver assistance systems (ADAS), and infotainment systems, all of which require embedded controls, and may be subject to ISO 26262 hazard assessment, depending on their specific design.

What is hazard assessment in functional safety for EVs?

Hazard assessment for individual systems can be performed early in system development, though it sometimes occurs right before V&V testing commences. ISO 26262 provides a formalized rubric of risk called Hazard and Risk Assessment (HARA). Performing a HARA for a device will yield an Automotive Safety Integrity Level (ASIL) rating. ASIL is the system that ISO 26262 specifies and defines as the tool to classify the risks inherent to a component or system as used in a particular vehicle. So, the HARA gives designers the ASIL, and the ASIL helps define the safety requirements for the device.

ASIL ratings progress from “A” (lowest risk and least stringent testing found within functional safety) to “D” (the highest risk, and therefore components subject to the greatest degree of testing). The ASIL rating typically tends to be fairly high for an EV’s traction motor, its high-voltage battery, and the management systems for those EV-specific systems. While this rating is subject to quantification using variables from within the HARA, an EV’s battery management system often falls into the ASIL “C” category. For comparison, here is a simple table showing the typical components or systems that might fall into each ASIL rating range.

ASIL rating:

Feature:

Walk-through

Prototype

generation

A

Both sides rear lights, for example

strongly recommend

 

B

Both brake lights, or the rear camera

recommend

 

C

Active suspension, or engine management (possibly higher)

 

recommend

D

Airbags, antilock braking

 

strongly recommend

 

For the most part, ASIL ratings on most of the systems found on an EV are going to fall in line with the ASIL ratings for the same, typical, or similar components, systems, and functions found on non-EVs. Forward and rear-facing lights, turn and hazard signals, and wiper functions, for example, all fall within the safety equipment purview. ASIL ratings on particular EVs for those systems will vary slightly but typically will fall into the same range as for a non-electric vehicle. There are other factors related to the placement, visibility, and overall operation of these systems that have a far greater effect on their ASIL rating than the question of whether they will be installed on an electric vehicle.

 

The developmental V-model and V&V testing for Electric Vehicles

Functional safety overall makes heavy use of V-models to illustrate the work plan over time.

 

As with most engineering V-models, the Functional Safety model begins at the top left with concept and safety requirements. Then in the “implementation” phase, the device is iterated (or re-iterated). Following that, the testing is performed and the process begins climbing up the right side of the V model.

One noteworthy aspect is the series of arrows directing the process back from the right arm of the V to the left side. This reflects the iterative nature of the process. At any stage on the right side of the V, especially during validation or verification, should the results not be as expected, the device is returned to the design phase, the requirements are re-evaluated, and the process begins again.

Note that the V-model is taken directly from the ISO 26262 standard and depicts not only the full testing cycle but also sets up the plan-design-iterate-and-test cycle for both hardware and software with the smaller doubled V.

Summary

The automotive industry appears to be gearing up for a large increase in EV production over the next five to ten years, driven by improvements (and ongoing research) in both battery management and infrastructure technology, as well as regulations and incentives aimed at decreasing overall tailpipe emissions. This increase places electric vehicles in the position to account for upwards of 40% of global automobile manufacturing by 20305.

As the production rates of electric vehicles continue to rise, accounting for a significant amount of global automotive production, the need to understand functional safety testing in electric vehicles will become increasingly urgent.

The special cases and considerations for functional safety testing in EVs require, like all functional safety testing and certification, a thorough knowledge of not only electric vehicle technology but also the requirements and specific details of the ISO 26262 functional safety standard. The engineering staff of LHP’s EV Test Center is packed full of some of the best functional safety minds on the continent.

 

For more information on electric vehicles, their testing requirements, and functional safety, please see these recent and relevant blogs:

  • Click here to read more about Electric Vehicle Testing.
  • Click here for Standards for Electric Vehicles.
  • Click here to read about Software V&V Testing for Functional Safety.
  • Click here for HIL Testing.
  • Click here to find out more about Automated Testing Equipment.

 

1 Jama Software. 7 December 2023. https://www.jamasoftware.com/blog/2024-predictions-for-automotive-product-systems-and-software-development

2 Purdue University. 8 May 2023. https://www.purdue.edu/newsroom/releases/2023/Q2/building-the-first-highway-segment-that-can-charge-electric-vehicles-as-they-drive.html

3 Jennifer Jacobs Dungs. Forbes Magazine. 18 August 2022. https://www.forbes.com/sites/jenniferdungs/2022/08/18/1000-miles-per-charge--whats-under-the-hood-of-the-longest-range-electric-cars/?sh=67fcd0d6481e

4 Executive Department, State of California. 23 September 2023. https://www.gov.ca.gov/wp-content/uploads/2020/09/9.23.20-EO-N-79-20-Climate.pdf

5 S&P Global Mobility. 05 Jan 2024. https://www.spglobal.com/mobility/en/topic/electric-vehicle-trends.html#:~:text=FAQs,production%20of%2097%20million%20cars.