汽车电子功能安全标准ISO26262解析(三)——硬件部分
原创pianpian_zct 最后发布于2017-12-29 13:09:34 阅读数 13865 收藏
展开
1. The necessary activities and processes for the product development at the hardware level include:
(1) the hardware implementation of the technical safety concept;
(2) the analysis of potential hardware faults and their effects;
(3) the coordination with software development.
为了满足ISO26262,硬件方面需要做的工作包括:
(1) 功能安全概念的硬件实现;
(2) 潜在硬件失效及后果分析;
(3) 与软件开发协同合作。
2. 硬件功能安全相关工作:
硬件功能安全方面相关工作包括:
(1) 5.5 initiation of product development at the hardware level: 启动硬件设计
中国汽车改装网具体包括哪些工作包?
目的是决定并计划硬件设计每个阶段的功能安全活动。
输入:完善后的项目计划、完善前的安全计划、完善后的集成测试计划
输出:完善后的安全计划
(2) 5.6 specification of hardware safety requirements: 定义硬件功能安全需求
输入:安全计划、安全概念、系统设计说明书、硬件软件接口说明
输出:硬件安全需求(包括测试和验证标准)、完善的硬件软件接口说明、硬件安全需求验证报告
如何定义硬件功能安全需求,使用什么工具软件,模板如何?
They are derived from the technical safety concept and system design specification.
硬件功能安全需求来源于系统安全概念和系统设计文档。
The hardware safety requirements specification shall include each hardware requirement that relates to safety, including the following:
硬件功能安全需求文档包括所有和安全相关的硬件需求,包含如下几方面:
i. the hardware safety requirements and relevant attributes of safety mechanisms to control internal failures of the hardware of the element, this includes internal safety mechanisms to cover transient faults when shown to be relevant due, for instance, to the technology used;
滴滴下架EXAMPLE 1 Attributes can include the timing and detection abilities of a watchdog.
东风瑞达起亚为了控制硬件元器件内部错误的安全机制需求,例如看门狗的定时和检测能力。
ii. the hardware safety requirements and relevant attributes of safety mechnisms to ensure the element is tolerant to failures external to the element.
EXAMPLE 2 The functional behaviour required for an ECU in the event of an external failure, such as an open-circuit on an input of the ECU.
丰田新能源纯电动汽车为了保证硬件元器件对于元器件外部的失效有一定容忍能力的安全机制需求,例如当输入引脚开路时,整个控制器产品的功能行为应该符合安全需求。
iii. the hardware safety requirements and relevant attributes of safety mechanisms to comply with the safety requirements of other elements.
EXAMPLE 3 Diagnosis of sensors or actuators.
其他硬件元器件的安全需求,例如传感器或执行器的诊断功能。
iv. the hardware safety requirements and relevant attributes of safety mechanisms to detect and signal internal or external failures;
EXAMPLE 4 The specified fault reaction time for the hardware part of a safety mechanism, so as to be consistent with the fault tolerant time interval.
为了检测内部或外部失效的相关安全机制,例如为了达到失效可容忍的时间间隔而定义好的失效反应时间。
v. the hardware safety requirements not specifying safety mechanisms.
大切诺基srt8EXAMPLE 5
---requirements on the hardware elements to meet the target values for random hardware failures as described in 6.4.3 and 6.4.4
---requirements for the avoidance of a specific behaviour(for instance, "a particular sensor shall not produce an unstable output");
-
--requirements allocated to hardware elements implementing the intended functionality;
---requirements specifying design measures on harnesses or connectors.
和安全机制无关的其他硬件安全需求。例如:
--- 在FMEDA、FMEA、FTA分析过程中,为了达到安全目标等级的要求,而对硬件元器件的需求;
---为了避免指定行为的需求,例如,指定的传感器不能产生不稳定的输出;
--- 为了实现设定功能的硬件元器件需求;
--- 指定的线束和连接器的设计方法。
(3) 5.7 hardware design: 硬件设计
The first objective of this clause is to desgin the hardware in accordance with the system design specification and the hardware safety requirements.
The second objective of this clause is to verify the hardware design against the system desgin specification and the hardware safety requirements.
硬件设计的目的一是依据系统设计文档和硬件功能安全需求来设计硬件,二是验证硬件设计是否符合系统设计文档和硬件功能安全需求。瑞麒x1报价
Hardware design includes hardware architectural design and hardware detailed design.
硬件设计包括硬件架构设计和硬件具体设计。
i. Hardware architectural design
i. 硬件架构设计:
Each hardware component shall inherit the highest ASIL from the hardware safety requirements it implements. If ASIL decomposition is applied to the hardware safety requirements during hardware architectural design, it shall be applied in accordance with ISO 26262-9:2011, Clause 5.
每一个硬件元器件应该从硬件安全需求继承最高的ASIL等级。如果需要ASIL等级分解,详细分解方法参考ISO 26262-9:2011中第五章。
Non-functional causes for failure of a safety-related hardware component shall be considered during hardware architectural design , including the following influences, if applicable: temperature, vibrations, water, dust, EMI, cross-talk originating either from other hardware components of the hardware architecture or from its environment.
发布评论