TY - GEN
T1 - Early safety evaluation of design decisions in E/E architecture according to ISO 26262
AU - Rupanov, Vladimir
AU - Knoll, Alois
AU - Fiege, Ludger
AU - Armbruster, Michael
AU - Spiegelberg, Gernot
AU - Buckl, Christian
PY - 2012
Y1 - 2012
N2 - ISO 26262 addresses development of safe in-vehicle functions by specifying methods potentially used in the design and development lifecycle. It does not indicate what is sufficient and leaves room for interpretation. However, the architects of electric/electronic systems need design boundaries to make decisions during architecture evolution without adding a risk of late architectural changes. Designing and changing a system benefits from correct selection of safety mechanisms at early design stages. This paper presents an iterative architecture design and refinement process that is centered around ISO 26262 requirements. We propose a domain-specific modeling scheme and component repositories to build up a bottom-up analysis framework that allows early quantitative safety evaluation. To guarantee that the target ASIL level can be reached, we complement our design-time component-level analysis with conservative top-down analysis. Given that analysis starts at early design stages, evolution of the architecture is supported by different levels of detail used in the analysis framework.
AB - ISO 26262 addresses development of safe in-vehicle functions by specifying methods potentially used in the design and development lifecycle. It does not indicate what is sufficient and leaves room for interpretation. However, the architects of electric/electronic systems need design boundaries to make decisions during architecture evolution without adding a risk of late architectural changes. Designing and changing a system benefits from correct selection of safety mechanisms at early design stages. This paper presents an iterative architecture design and refinement process that is centered around ISO 26262 requirements. We propose a domain-specific modeling scheme and component repositories to build up a bottom-up analysis framework that allows early quantitative safety evaluation. To guarantee that the target ASIL level can be reached, we complement our design-time component-level analysis with conservative top-down analysis. Given that analysis starts at early design stages, evolution of the architecture is supported by different levels of detail used in the analysis framework.
KW - Architecture modeling
KW - Automotive systems
KW - Functional safety
KW - Integration of analysis techniques
UR - http://www.scopus.com/inward/record.url?scp=84864036887&partnerID=8YFLogxK
U2 - 10.1145/2304656.2304658
DO - 10.1145/2304656.2304658
M3 - Conference contribution
AN - SCOPUS:84864036887
SN - 9781450313476
T3 - ISARCS'12 - Proceedings of the 3rd International ACM SIGSOFT Symposium on Architecting Critical Systems
SP - 1
EP - 10
BT - ISARCS'12 - Proceedings of the 3rd International ACM SIGSOFT Symposium on Architecting Critical Systems
T2 - 3rd International ACM SIGSOFT Symposium on Architecting Critical Systems, ISARCS'12
Y2 - 25 June 2012 through 28 June 2012
ER -