Please enable JavaScript.
Coggle requires JavaScript to display documents.
ISO26262-5:2018 Product development at the hardware level - Coggle Diagram
ISO26262-5:2018
Product development at the hardware level
1 Scope
2 Normative references
3 Terms and definitions
4 Requirements for compliance
4.2 General requirements
4.3 Interpretations of tables
4.4 ASIL-dependent requirements and recommendations
4.5 Adaptation for motorcycles
See ISO 26262-12
4.1 Purpose
achieve compliance with the ISO 26262
interpret the applicability of each clause
interpret the tables used in the ISO 26262
4.6 Adaptation for trucks, buses, trailers and semi-trailers
(T&B) is indicated
5 General topics for the product development at the hardware level
5.1 Objectives
describe the functional safety activities during the individual subphases of hardware development
5.2 General
activities and processes for the product development at the hardware level include:
the HW implementation of the TSC
the analysis of potential hardware faults and their effects
coordination with SW development.
Clause 8 describes two metrics to evaluate the effectiveness of the HW architecture of the itemand the implemented SM to cope with random HW failures.
As a complement to Clause 8, Clause 9 describes two alternative methods to evaluate whether the residual risk of SG violations is sufficiently low, either by using a global probabilistic approach (see 9.4.2, PMHF method) or by using a cut-set analysis (see 9.4.3, EEC method) to study the impact of each identified fault of a HW element upon the violation of the SG.
6 Specification of hardware safety requirements
6.2 General
The TSRs are allocated to HW and SW. The requirements that are allocated to both are further partitioned to yield hardware-only safety requirements. The HW safety requirements are further detailed considering design constraints and the impact of these design constraints on the HW.
6.3 Inputs to this clause
6.3.1 Prerequisites
— TSC in accordance with ISO 26262-4:2018, 6.5.2;
— system architectural design specification in accordance with ISO 26262-4:2018, 6.5.3; and
— (HSI) specification in accordance with ISO 26262-4:2018, 6.5.4.
6.3.2 Further supporting information
SW safety requirements specification (see ISO 26262-6:2018, 6.5.1);
HW specifications (from an external source).
6.1 Objectives
specify the HW safety requirements. They are derived from the TSC and the system architectural design specification
refine the hardware-software interface (HSI) specification initiated in ISO 26262-4:2018, 6.4.7
verify that the hardware safety requirements and the hardware-software interface (HSI) specification are consistent with the TSC and the system architectural design specification
6.4 Requirements and recommendations
6.5 Work products
7 Hardware design
7.2 General
7.3 Inputs to this clause
7.3.1 Prerequisites
7.3.2 Further supporting information
7.1 Objectives
7.4 Requirements and recommendations
7.4.2 Hardware detailed design
7.4.3 Safety analyses
7.4.4 Verification of hardware design
7.4.5 Production, operation, service and decommissioning
7.4.1 Hardware architectural design
7.5 Work products
8 Evaluation of the hardware architectural metrics
8.2 General
8.4 Requirements and recommendations
8.3 Inputs of this clause
8.3.1 Prerequisites
8.3.2 Further supporting information
8.5 Work products
8.1 Objectives
9 Evaluation of safety goal violations due to random hardware failures
9.3 Inputs to this clause
9.3.1 Prerequisites
— hardware safety requirements specification in accordance with 6.5.1
— hardware design specification in accordance with 7.5.1; and
— hardware safety analysis report in accordance with 7.5.2.
9.3.2 Further supporting information
1- TSC
2- system architectural design specification
9.4 Requirements and recommendations
9.4.2 Evaluation of Probabilistic Metric for random Hardware Failures (PMHF)
9.4.3 Evaluation of Each Cause of safety goal violation (EEC)
9.4.4 Verification review
9.4.1 General
9.2 General
Two alternative methods (see 9.4) are proposed to evaluate whether the residual risk of safety goal violations is sufficiently low
1- PMHF, 2- ECC.
evaluate single-point faults, residual
faults, and plausible dual-point faults.
exposure duration will be considered as well for dual-point faults
9.5 Work products
9.1 Objectives
provide evidence that the residual risk of a safety goal violation, due to random hardware failures of the item, is sufficiently low
10 Hardware integration and verification
10.3 Inputs of this clause
10.3.1 Prerequisites
10.3.2 Further supporting information
10.4 Requirements and recommendations
10.2 General
10.5 Work products
10.1 Objectives