Safety manual coverage of failure modes detailed in the ISO26262

xjem · ‎11-29-2021

Hi, I have a simple question dealing with the safety manuals provided with SafeAssure documents: how far can I consider them as complete with regard to the failure modes detailed in the ISO 26262-5 and the ISO 26262-11:2018?

I have mixed feelings about this. In one hand, it is clear that the set of safety mechanisms proposed in the safety manual is sufficient to achieve the safety metrics for the targeted ASIL, the FMEDA is clear about it. On the other hand, it seems that a custom analysis is relevant to gather some evidence of the coverage of the failure modes listed in the norm, even if the conclusion is the same as in the safety manual.

Any insight would be helpful.

naveenm · ‎01-18-2022

Hi Xavier,

Could you please explain in more details about the custom analysis that you're referring to in your query? May be an example will help to understand more.

In general, the FMEDA contains the failure modes and it goes through verification and confirmation reviews as required by the standard and NXP safety procedures/process.

Regards,

NaveenM

xjem · ‎01-24-2022

Hi Naveenm,

Thanks for your answer. Let me clarify my problem.

The chip I am using has been designed according to the 2011 version of the ISO 26262, and therefore refers to the failure modes listed in this version of the norm (the FMEDA, especially). I am considering it against the 2018 version of the ISO 26262, for which the recommendation is not the same. For instance I am not considering stuck-at or open gates, but service omission / commission, ... The failure model has changed (for good).

Therefore I made the link between the two versions of the norm, and re-analyzed the chip against the newer version. I think it was the right approach.

Thanks for your time.