With the fast-paced growth and consumer interest of autonomous vehicles (AVs), it’s no surprise that companies are rushing to get ahead on the trend. Here are some of the most overlooked considerations companies need to put more emphasis on when it comes to implementing functional safety in the automotive industry.
As a functional safety consulting firm specializing in functional safety implementation in embedded systems, LHP Engineering Solutions has noticed some common themes, especially in the automotive industry, around functional safety. These are the main items that companies and organizations need to consider before jumping in blindly and risking financial loss while attempting to comply with ISO 26262.
There Is a Paradigm Shift Occurring – AVs are expected to effectively translate what used to be a machine
used to transports people into a safety-critical device. There is a lot of meaning behind this. It’s not simply a matter of taking a functional safety standard such as ISO 26262 and trying to follow it. The entire lifecycle needs to be considered. For example, a sensor company selling a current sensor for a specific application shouldn’t attempt using that same sensor and expect the same results when used in a safety-critical application. Those sensors could have the wrong tolerance or not be designed, manufactured, and controlled in a way for use in an application where human safety is at risk. Those are things that are part of the lifecycle from the start. The automotive industry hasn’t fully accepted this as a fundamental aspect of the business because this is a major paradigm shift, and that needs to be accepted and understood by businesses and consumers.
Companies Must Develop Strong Safety Cultures – One requirement within the ISO 26262 document states that companies must have a safety culture. As the importance of having a safety culture is largely known and adopted by many companies already, ISO 26262 adds a layer of complexity to the definition. Employees are trained to put on protective eyewear when entering a machine shop. For example, employees operating certain devices (forklifts etc.) have to take training before doing so. Those are normal parts of having a safety culture. ISO 26262 adds engineering and leadership to this mix of safety. Engineers designing systems must have a decision-making process in place that considers safety above profit and other potential organizational stresses. Currently, a very public example is the 737 Max crisis. Lawmakers believe that a broken safety culture at both Boeing and the FAA may have been one of the most contributing factor in 737 Max issues. Even a company that has followed the guidelines and rules of the FAA and some of the strongest processes in the industry for decades can be susceptible to failures in safety culture, which can lead to people getting involved in harmful or fatal incidents. For a vehicle to become a safety-critical device, companies must develop and stick to strong safety cultures when implementing functional safety.
Executive-Level Awareness – It’s only natural to follow the importance of safety culture with the topic of executive awareness. Lately, it’s common for companies to get RFQ’s with functional safety required. This is if cues are accepted or not quite understood. This leaves engineering organizations – well below the executive level in some cases – attempting functional safety implementation, which creates a liability issue. One of the concepts described within parts of the functional safety standard calls for development interface agreement (DIA). The development interface agreement defines the responsibilities for every organization working on a product line.
This is effectively a legal document that states which part(s) of safety each organization is responsible for. This document should have the same priority as any other legal document or process, such as worker’s compensation, that currently has executive awareness in organizations. The visibility should be just as high. Although it somewhat lacking right now, executive awareness is a critical part of understanding functional safety.
Defending Decisions and Following Processes- The current functional safety standards are available. There are multiple standards with ISO 26262 being the primary one. These standards include functional safety implementation guidelines and recommendations.
How far and with which sections is the engineering organization going to comply?
Which recommendations does the organization take into consideration?
Which recommendations are left behind?
How does the company defend those decisions
Ultimately the safety-critical application design comes down to this – Can the organization defend decisions made, and are processes that were laid out being followed? Finding an optimal solution is a matter of experience. Include the experience of a consulting firm that focuses highly on functional safety implementation. The firm must have the experience from other industries, domain knowledge in the product, and experience dealing with regulators and certification institutions. Without this experience organization are basically running blind.
Making Engineering Quality Assurance a Top Priority – The concept of engineering quality can seem somewhat foreign in the automotive industry. Manufacturing and automotive organizations, suppliers, Tiers 1 and 2 have manufacturing quality assurance standards in place – warranties are taken care of; a repeatable process exists; the process is audited, etc. Functional safety requires that same application of quality assurance to the engineering organization.
What is the level at which software engineers are producing quality code?
Are processes being followed and audited?
Are safety culture and training procedures being followed?
Having a quality assurance organization within the engineering organization is very important within functional safety. This will be more obvious once auditing occurs. Currently it’s possible to self-audit and self-certify against functional safety. At LHP, it is believed that over time, as vehicles become more safety-critical – carrying more people with less human interaction and a higher potential for harm – engineering quality assurance will become one of the most important functions and the one that regulators will be looking at closely. The concept of understanding the importance of quality assurance in engineering seems to be missing in the automotive industry.