CN113111501A - Functional safety and expected functional safety fusion analysis method - Google Patents
Functional safety and expected functional safety fusion analysis method Download PDFInfo
- Publication number
- CN113111501A CN113111501A CN202110352345.3A CN202110352345A CN113111501A CN 113111501 A CN113111501 A CN 113111501A CN 202110352345 A CN202110352345 A CN 202110352345A CN 113111501 A CN113111501 A CN 113111501A
- Authority
- CN
- China
- Prior art keywords
- safety
- functional
- functional safety
- expected
- fusion
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F30/00—Computer-aided design [CAD]
- G06F30/20—Design optimisation, verification or simulation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2111/00—Details relating to CAD techniques
- G06F2111/04—Constraint-based CAD
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2111/00—Details relating to CAD techniques
- G06F2111/08—Probabilistic or stochastic CAD
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2119/00—Details relating to the type or aim of the analysis or the optimisation
- G06F2119/02—Reliability analysis or reliability optimisation; Failure analysis, e.g. worst case scenario performance, failure mode and effects analysis [FMEA]
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02T—CLIMATE CHANGE MITIGATION TECHNOLOGIES RELATED TO TRANSPORTATION
- Y02T90/00—Enabling technologies or technologies with a potential or indirect contribution to GHG emissions mitigation
Landscapes
- Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Evolutionary Computation (AREA)
- Geometry (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Safety Devices In Control Systems (AREA)
Abstract
The invention provides a fusion analysis method for functional safety and expected functional safety, which comprises the following steps: s1, defining related items and designing functional specifications; s2, carrying out danger and operability analysis, namely HAZOP, and identifying and evaluating failure forms of related items; s3, carrying out hazard analysis and risk assessment, namely HARA, fusing functional safety HARA and expected functional safety HARA to obtain ASIL level, safety target and verification target, and further analyzing according to the functional failure form of the related items obtained in the step S2; s4, establishing a system safety control structure, wherein the system safety control structure is designed according to the relevant item definition and the function design specification in the step S1. The invention has the beneficial effects that: the functional safety and expected functional safety fusion analysis method provides essential support for ensuring high reliability and safety of an intelligent driving system, comprises a fusion development process and an STPA fusion analysis method, and also provides a reference basis for calculation of system verification indexes.
Description
Technical Field
The invention belongs to the technical field of intelligent networked automobiles, and particularly relates to a method for analyzing fusion of functional safety and expected functional safety.
Background
With the rapid development of intelligent networked automobiles and autonomous automobiles, designing automobile electronic systems with high reliability and safety is increasingly receiving attention from all parties, wherein functional safety and expected functional safety are indispensable parts in designing autonomous automobile systems. ISO 26262 and ISO 21448 are industry standards for automotive electronic/electrical system functional safety and expected functional safety. Functional safety means that "there is no unreasonable risk due to damage caused by abnormal performance of the electronic and electrical system", that is, functional safety focuses on whether the system can enter a safe state after failure to avoid greater damage, or reduces the probability of damage occurrence through safety measures, rather than the original function or performance of the system. Intended functional safety means "no unreasonable risk due to harm caused by intended functional insufficiency or anticipated human misuse", i.e. intended functional safety is focused on intended functional insufficiency at the vehicle level, performance limitations of the electronic-electrical system elements and human misuse, rather than harm caused by electronic-electrical system failure. Therefore, in order to ensure the reliability and safety of the intelligent driving system, two development processes and analysis methods are indispensable, and how to efficiently integrate the functional safety and the development process and the analysis method of the expected functional safety is of great importance. The invention mainly aims at the fusion analysis method of the functional safety and the expected functional safety, the functional safety development and the expected functional safety development are realized together in one development period, the development period is shortened, the comprehensive safety requirement is obtained, and the probability of harm occurrence is reduced. The invention introduces the concept of fusion development and provides essential support for the development of an intelligent driving system.
Disclosure of Invention
In view of this, the invention aims to provide a method for analyzing the integration of functional safety and expected functional safety, so that an intelligent driving system has high development efficiency while having high reliability and safety, integrates the development processes of ISO 26262 and ISO 21448 based on the development concepts of functional safety and expected functional safety, integrates two standard requirements into one system for development, shortens the overall development period, and can comprehensively identify system-level hazards to obtain complete safety requirements.
In order to achieve the purpose, the technical scheme of the invention is realized as follows:
a functional safety and expected functional safety fusion analysis method comprises the following steps:
s1, defining related items and designing functional specifications;
s2, carrying out danger and operability analysis, namely HAZOP, and identifying and evaluating failure forms and hazard events of related items;
s3, carrying out hazard analysis and risk assessment, namely HARA, fusing functional safety HARA and expected functional safety HARA to obtain ASIL level, safety target and verification target, and further analyzing according to the functional failure form of the related items obtained in the step S2;
s4, establishing a system safety control structure, wherein the system safety control structure is designed according to the relevant item definition and the functional design specification in the step S1;
s5, identifying unsafe control behaviors and analyzing reasons;
s6, determining safety constraint conditions to obtain safety requirements;
and S7, verifying and confirming.
Further, the related item definition and function design specification described in step S1 include description of the expected functions, function interactions, interfaces, performance objectives and system assumptions of the system.
Further, the risk and operability analysis performed in step S2 includes the following steps: firstly, determining failure forms of functions through keywords, wherein the keywords comprise function loss, function exceeding expectation, function smaller than expectation, function direction error, function failure of accidentally providing functions and function updating as expected; then, analyzing the influence on the whole vehicle and the harm to personnel caused by the failure of the function; finally, hazard events are determined, providing basic support for hazard analysis and risk assessment of step S3.
Further, in step S3, the driving scenario is selected according to the operation mode, the driving condition, and the environmental condition, and the exposure E, the severity S, and the controllability C are determined to obtain the ASIL level and the functional safety target, while when S >0 and C >0, the expected functional safety verification target is defined for the acceptance of the trigger event.
Further, the functional safety objective is the highest level safety requirement, and an ASIL level is assigned to the safety objective, and in step S4, the ASIL level is assigned only to safety requirements related to failure of the electrical and electronic system;
the expected functional security verification objective defines acceptance criteria for the duration of use of the expected function to reduce risk to a reasonable level and uses the concept of functional security ASIL level for determining the verification objective.
Further, the system safety control structure described in step S4 includes signal interaction between the functional modules, human decision and environmental factors, which explicitly indicate control signals and feedback signals, and each control signal existing in the control structure can be used as a control action.
Further, the unsafe control action described in step S5 may result in abnormal actions and interactions of the components, and system failure;
identifying unsafe control behavior includes: first, each control behavior is determined from the control signal in step S4; the unsafe control behavior is then determined according to 4 classifications of unsafe control behavior given by the STPA analysis method: 1) do not provide the required control action; 2) provides control action when not needed; 3) premature or late or wrong time provides control action; 4) the proper control action stops too early or too long; finally, a cause analysis is performed based on the unsafe control behavior, each element associated with the control behavior is analyzed, and the limitations of the elements cause possible damage.
Further, the safety constraints in step S6 are determined according to the cause analysis of the unsafe control behavior, taking into account the safety mechanism, algorithm requirements, sensor performance requirements, and driver' S behavior requirements;
the safety requirements in step S6 include functional safety requirements and expected functional safety requirements, and the safety requirements are obtained after being refined by safety constraint conditions, wherein the safety requirements related to the failure of the electronic and electrical system are assigned ASIL levels corresponding to safety targets.
Further, the verification in step S7 includes sensor verification, decision algorithm verification, actuator verification, integrated system verification, and security requirement verification;
the validation includes hazard analysis and risk assessment, security requirements validation, and assessment of residual risk in unknown scenarios.
Compared with the prior art, the functional safety and expected functional safety fusion analysis method has the following beneficial effects:
(1) the invention provides a functional safety and expected function safety fusion analysis method based on the fusion development requirement of functional safety and expected function safety; by establishing a functional safety and expected functional safety fusion analysis model, the damage caused by failure of an electronic and electrical system, insufficient expected functions and misuse of personnel is comprehensively analyzed; the development efficiency of the intelligent driving system is improved, the development period is shortened, and comprehensive system-level hazards and safety requirements can be obtained.
(2) The functional safety and expected functional safety fusion analysis method provided by the invention provides indispensable support for ensuring high reliability and safety of an intelligent driving system, comprises a fusion development process and an STPA fusion analysis method, and also provides a reference basis for calculation of system verification indexes.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate an embodiment of the invention and, together with the description, serve to explain the invention and not to limit the invention. In the drawings:
FIG. 1 is a schematic diagram of a method for analyzing fusion of functional safety and expected functional safety according to an embodiment of the present invention;
FIG. 2 is a schematic diagram illustrating a fusion process of functional safety and expected functional safety according to an embodiment of the present invention;
fig. 3 is a schematic diagram of an ACC system safety control structure according to an embodiment of the present invention.
Detailed Description
It should be noted that the embodiments and features of the embodiments may be combined with each other without conflict.
The present invention will be described in detail below with reference to the embodiments with reference to the attached drawings.
As shown in fig. 1 to fig. 3, the present invention provides a method for analyzing fusion of functional safety and expected functional safety, which comprises the following steps:
step 1: relevant item definitions and functional design specifications;
the related item definition and the functional design specification describe the expected functions, functional interaction, interfaces, performance targets, system assumptions and the like of the system.
Step 2: hazard and operability analysis (HAZOP);
the HAZOP analysis is used to identify and evaluate failure modes of related terms that may cause harm, potentially to vehicle occupants, other vehicles and occupants, or other personnel. Firstly, determining failure forms of functions through keywords, wherein the keywords comprise function loss, function exceeding expectation, function smaller than expectation, function direction error, function failure of accidentally providing functions and function updating as expected; then, analyzing the influence on the whole vehicle and the harm to personnel caused by the failure of the function; and finally, determining the hazard event, and providing basic support for hazard analysis and risk assessment in the step 3.
And step 3: hazard Analysis and Risk Assessment (HARA);
and the HARA integrates a functional safety HARA and an expected functional safety HARA, further analysis is carried out according to the functional failure form obtained in the step 2, as shown in the following table, a driving scene is selected according to an operation mode, a driving condition and an environmental condition, the exposure rate E, the severity S and the controllability C are determined to obtain an ASIL level and a functional safety target, and meanwhile, when S is greater than 0 and C is greater than 0, an expected functional safety verification target is defined for receiving a trigger event.
The ASIL rating is determined by referring to table 4 of the ISO 26262 standard;
the functional safety objective is the highest level safety requirement, and an ASIL level is assigned to the safety objective, and in step 4, the ASIL level is assigned only to safety requirements related to failure of the electronic and electrical system;
the intended function security verification objective defines acceptance criteria for the duration of use of the intended function to reduce risk to a reasonable level. I.e., the occurrence rate of accidents caused by a function is equal to or less than the current occurrence rate of the same accidents caused by humans, the function is considered to be risk-acceptable, and therefore PHazard ACC≤PHazard Human。
The concept of functional security ASIL level is used to determine the verification target. For ASIL D grade, the functional safety requires that the random hardware failure target value is less than 10-8h-1, namely the system does not fail in 108h as the target time; for the ASIL C grade and the ASIL B grade, the functional safety requires that the random hardware failure target value is less than 10-7h < -1 >, namely the system does not fail for 107h when running as the target time; the no-accident test duration is equal to the target time x the exposure coefficient x the severity coefficient x the controllable coefficient. The exposure coefficient, the severity coefficient and the controllable coefficient in the formula are determined by respectively consulting the tables C.1, C.2 and C.3 of the ISO 21448 standard according to the E \ S \ C grade. Or calculating a verification target through traffic statistical data and a safety margin according to ISO 21448, wherein the obtained accident-free mileage or duration tau is as follows:
where λ is the target event rate, α is the confidence level, x is the average mileage or duration experienced by the human driver between events, and y is the safety margin.
And 4, step 4: establishing a system safety control structure;
the system safety control structure is designed according to the related item definition and the functional design specification in the step 1, comprises signal interaction, personnel decision and environmental factors among all functional modules, explicitly expresses control signals and feedback signals, and each control signal in the control structure can be used as a control behavior.
And 5: identifying unsafe control behaviors and analyzing reasons;
the unsafe control behavior can lead to abnormal behavior and interaction of components, and system failure. Firstly, determining each control behavior according to the control signal in step 4; the unsafe control behavior is then determined according to 4 classifications of unsafe control behavior (UCA) given by the STPA analysis method: 1) do not provide the required control action; 2) provides control action when not needed; 3) too early or too late (or wrong time) provides control action; 4) the proper control action stops too early or too long; finally, a cause analysis is performed based on the unsafe control behavior, each element associated with the control behavior is analyzed, and the limitations of the elements cause possible damage.
Step 6: and determining safety constraint conditions to obtain safety requirements.
The safety constraints are determined from causal analysis of unsafe control behavior, taking into account safety mechanisms, algorithm requirements, sensor performance requirements, driver behavior requirements, and the like.
The safety requirements comprise functional safety requirements and expected functional safety requirements, and the safety requirements are obtained after safety constraint conditions are refined. Wherein the safety requirements associated with the failure of the electrical and electronic system assign ASIL levels corresponding to the safety objectives.
And 7: and (4) verifying and confirming.
The verification comprises sensor verification, decision algorithm verification, actuator verification, integrated system verification and safety requirement verification;
the validation includes hazard analysis and risk assessment, security requirements validation, and assessment of residual risk in unknown scenarios.
The functional safety and expected functional safety fusion analysis method of the present invention will be described clearly and completely with reference to the accompanying drawings, which illustrate some, but not all embodiments of the present invention. Taking the function of controlling the output braking torque of an adaptive cruise control system (ACC) as an example, the implementation process of the fusion development of functional safety and expected functional safety is explained in detail.
The following is a specific implementation process of this embodiment:
step 1: relevant item definitions and functional design specifications;
the adaptive cruise control system collects information of a front vehicle through a camera and a radar and sends the information to an ACC controller, the ACC controller receives a speed and distance signal of the front vehicle to make a decision, and a braking torque request signal is sent to a brake control module to perform deceleration braking. Meanwhile, when the ACC controller detects that the brake pedal is pressed down, the ACC function is quitted and the ACC state is displayed on the HMI.
Step 2: hazard and operability analysis (HAZOP);
in the embodiment, the ACC system is used for controlling output braking torque as an example, and HAZOP analysis is performed, wherein the failure modes include failure to output braking torque, too small output braking torque, too large output braking torque, and unexpected supply braking torque, and all of the three failure modes belong to hazard events.
TABLE 1 HAZOP analysis Table
And step 3: hazard Analysis and Risk Assessment (HARA);
for the control output brake torque function of the present embodiment, the safety objective is to avoid outputting an unexpected brake torque, the ASIL level is ASIL C, and the random hardware failure target value is less than 10 according to the functional safety requirement-7h-1I.e. system operation 107h does not fail as the target time, i.e. the accident-free testing time length is the target time multiplied by the exposure coefficient multiplied by the severity coefficient multiplied by the controllable coefficient is 107h×1×1×0.1=106h, namely the accident-free test time length of the function of controlling the output braking torque is not less than 106h。
TABLE 2 hazard analysis and Risk assessment Table
And 4, step 4: establishing a system safety control structure;
the ACC system safety control structure of the present embodiment is shown in fig. 3, which shows an example of the safety control structure with the function of controlling the output braking torque of the ACC system as an important point.
And 5: identifying unsafe control behaviors and analyzing reasons;
in the control action CA1 of the present embodiment, the ACC controller sends a brake torque request signal to the brake control module, and the cause analysis for the UNSAFE control actions UCA1-H1, UCA1-H2, UCA1-H3 and UCA1-H4 are shown in Table 3.
TABLE 3 unsafe behavior and cause analysis Table
Step 6: and determining safety constraint conditions to obtain safety requirements.
The cause analysis according to step 5 yields security constraints and refines into security requirements, including functional security requirements and expected functional security requirements, and assigns ASIL levels to the functional security requirements, as shown in table 4.
TABLE 4 safety requirements table
And 7: and (4) verifying and confirming.
The embodiment comprises the verification and the confirmation of the tables 2 and 4, wherein the verification contents comprise sensor verification, decision algorithm verification and safety requirement verification, and the confirmation contents comprise hazard analysis and risk assessment confirmation, safety requirement confirmation and verification target confirmation.
In summary, the invention provides a method for analyzing the integration of functional safety and expected functional safety based on the requirements of the development process of functional safety and expected functional safety. On the basis of ensuring the reliability and the safety of the intelligent driving vehicle, the development period of the system is shortened, the functional safety and the expected functional safety are subjected to fusion analysis, and a full-period development process and an implementation method are provided. The invention not only ensures the reliability and safety requirements of the intelligent driving system, but also greatly shortens the development period of the system.
Those of ordinary skill in the art will appreciate that the elements and method steps of the examples described in connection with the embodiments disclosed herein may be embodied in electronic hardware, computer software, or combinations of both, and that the components and steps of the examples have been described in a functional general in the foregoing description for the purpose of clearly illustrating the interchangeability of hardware and software. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention.
In the several embodiments provided in the present application, it should be understood that the disclosed method and system may be implemented in other ways. For example, the above described division of elements is merely a logical division, and other divisions may be realized, for example, multiple elements or components may be combined or integrated into another system, or some features may be omitted, or not executed. The units may or may not be physically separate, and components displayed as units may or may not be physical units, that is, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment of the present invention.
Finally, it should be noted that: the above embodiments are only used to illustrate the technical solution of the present invention, and not to limit the same; while the invention has been described in detail and with reference to the foregoing embodiments, it will be understood by those skilled in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some or all of the technical features may be equivalently replaced; such modifications and substitutions do not depart from the spirit and scope of the present invention, and they should be construed as being included in the following claims and description.
The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents, improvements and the like that fall within the spirit and principle of the present invention are intended to be included therein.
Claims (9)
1. A functional safety and expected functional safety fusion analysis method is characterized by comprising the following steps:
s1, defining related items and designing functional specifications;
s2, carrying out danger and operability analysis, namely HAZOP, and identifying and evaluating failure forms and hazard events of related items;
s3, carrying out hazard analysis and risk assessment, namely HARA, fusing functional safety HARA and expected functional safety HARA to obtain ASIL level, safety target and verification target, and further analyzing according to the functional failure form of the related items obtained in the step S2;
s4, establishing a system safety control structure, wherein the system safety control structure is designed according to the relevant item definition and the functional design specification in the step S1;
s5, identifying unsafe control behaviors and analyzing reasons;
s6, determining safety constraint conditions to obtain safety requirements;
and S7, verifying and confirming.
2. The method for analyzing fusion of functional safety and expected functional safety as claimed in claim 1, wherein: the associated item definitions and functional design specifications set forth in step S1 include information describing the intended functions, functional interactions, interfaces, performance objectives and system assumptions of the system.
3. The method for analyzing the fusion of functional safety and expected functional safety according to claim 1, wherein the risk and operability analysis performed in step S2 comprises the following steps: firstly, determining failure forms of functions through keywords, wherein the keywords comprise function loss, function exceeding expectation, function smaller than expectation, function direction error, function failure of accidentally providing functions and function updating as expected; then, analyzing the influence on the whole vehicle and the harm to personnel caused by the failure of the function; finally, hazard events are determined, providing basic support for hazard analysis and risk assessment of step S3.
4. The method for analyzing fusion of functional safety and expected functional safety as claimed in claim 1, wherein: in step S3, a driving scenario is selected according to the operation mode, the driving condition, and the environmental condition, and the exposure E, the severity S, and the controllability C are determined to obtain the ASIL level and the functional safety target, and when S >0 and C >0, an expected functional safety verification target is defined for the acceptance of the trigger event.
5. The functional safety and expected functional safety fusion analysis method according to claim 4, wherein the analysis method comprises the following steps: the functional safety objective is the highest level safety requirement, and an ASIL level is assigned to the safety objective, and in step S4, the ASIL level is assigned only to safety requirements related to failure of the electrical and electronic system;
the expected functionality security verification target defines acceptance criteria for the duration of use of the expected functionality to reduce risk to a reasonable level; and the concept of functional security ASIL level is used to determine the verification target.
6. The method for analyzing fusion of functional safety and expected functional safety as claimed in claim 1, wherein: the system safety control structure described in step S4 includes signal interaction between the functional modules, human decision, and environmental factors, and explicitly shows control signals and feedback signals, and each control signal existing in the control structure can be used as a control action.
7. The method for analyzing fusion of functional safety and expected functional safety as claimed in claim 1, wherein: the unsafe control behavior described in step S5 may result in abnormal behavior and interaction of components, and system failure;
identifying unsafe control behavior includes: first, each control behavior is determined from the control signal in step S4; the unsafe control behavior is then determined according to 4 classifications of unsafe control behavior given by the STPA analysis method: 1) do not provide the required control action; 2) provides control action when not needed; 3) premature or late or wrong time provides control action; 4) the proper control action stops too early or too long; finally, a cause analysis is performed based on the unsafe control behavior, each element associated with the control behavior is analyzed, and the limitations of the elements cause possible damage.
8. The method for analyzing fusion of functional safety and expected functional safety as claimed in claim 1, wherein: the safety constraint conditions in step S6 are determined according to cause analysis of unsafe control behavior, taking into account safety mechanisms, algorithm requirements, sensor performance requirements, and driver' S behavior requirements;
the safety requirements in step S6 include functional safety requirements and expected functional safety requirements, and the safety requirements are obtained after being refined by safety constraint conditions, wherein the safety requirements related to the failure of the electronic and electrical system are assigned ASIL levels corresponding to safety targets.
9. The method for analyzing fusion of functional safety and expected functional safety as claimed in claim 1, wherein: the verification in the step S7 includes sensor verification, decision algorithm verification, actuator verification, integrated system verification, and security requirement verification;
the validation includes hazard analysis and risk assessment, security requirements validation, and assessment of residual risk in unknown scenarios.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110352345.3A CN113111501B (en) | 2021-03-31 | 2021-03-31 | Functional safety and expected functional safety fusion analysis method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110352345.3A CN113111501B (en) | 2021-03-31 | 2021-03-31 | Functional safety and expected functional safety fusion analysis method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113111501A true CN113111501A (en) | 2021-07-13 |
| CN113111501B CN113111501B (en) | 2023-06-02 |
Family
ID=76713464
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110352345.3A Active CN113111501B (en) | 2021-03-31 | 2021-03-31 | Functional safety and expected functional safety fusion analysis method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113111501B (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114312778A (en) * | 2022-01-27 | 2022-04-12 | 中国第一汽车股份有限公司 | Method and device for acquiring functional safety requirement of cruise control system |
| CN114348009A (en) * | 2022-01-27 | 2022-04-15 | 中国第一汽车股份有限公司 | Functional safety concept stage analysis method and brake control system |
| CN115808907A (en) * | 2022-11-17 | 2023-03-17 | 华侨大学 | Verification method and verification system of train control system based on communication |
| TWI824778B (en) * | 2022-10-17 | 2023-12-01 | 財團法人車輛研究測試中心 | System and method with safety of the intended functionality scene collection and self-update mechanism |
| CN117261943A (en) * | 2023-11-17 | 2023-12-22 | 中汽研汽车检验中心(常州)有限公司 | Mili-type state machine-based automatic driving expected functional safety hazard identification method |
Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108510185A (en) * | 2018-03-29 | 2018-09-07 | 北京紫晶立方科技有限公司 | The quick hazard analysis of road vehicle and methods of risk assessment |
| CN109885870A (en) * | 2019-01-09 | 2019-06-14 | 同济大学 | A kind of verification method and system for autonomous driving vehicle expectation function safety |
| CN110333730A (en) * | 2019-08-12 | 2019-10-15 | 安徽江淮汽车集团股份有限公司 | Verification method, platform and the storage medium of automatic Pilot algorithm expectation function safety |
| CN111103866A (en) * | 2019-12-20 | 2020-05-05 | 吉林大学 | Adaptive cruise development and test method based on expected functional safety |
| US20200290533A1 (en) * | 2019-03-11 | 2020-09-17 | Volkswagen Aktiengesellschaft | Method And System For Secure Signal Manipulation For Testing Integrated Safety Functionalities |
| CN111679646A (en) * | 2020-04-28 | 2020-09-18 | 华东师范大学 | Formalization-based automobile electronic system safety target confirmation method |
| CN112035954A (en) * | 2020-08-25 | 2020-12-04 | 长春一汽富晟集团有限公司 | Functional safety monitoring system and monitoring method of automatic driving test simulation platform |
| CN112348334A (en) * | 2020-10-26 | 2021-02-09 | 安徽江淮汽车集团股份有限公司 | Security analysis process generation method, device, equipment and storage medium |
| CN112418711A (en) * | 2020-12-07 | 2021-02-26 | 安徽江淮汽车集团股份有限公司 | Method, device, storage medium and device for evaluating damage of expected function of vehicle |
-
2021
- 2021-03-31 CN CN202110352345.3A patent/CN113111501B/en active Active
Patent Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108510185A (en) * | 2018-03-29 | 2018-09-07 | 北京紫晶立方科技有限公司 | The quick hazard analysis of road vehicle and methods of risk assessment |
| CN109885870A (en) * | 2019-01-09 | 2019-06-14 | 同济大学 | A kind of verification method and system for autonomous driving vehicle expectation function safety |
| US20200290533A1 (en) * | 2019-03-11 | 2020-09-17 | Volkswagen Aktiengesellschaft | Method And System For Secure Signal Manipulation For Testing Integrated Safety Functionalities |
| CN110333730A (en) * | 2019-08-12 | 2019-10-15 | 安徽江淮汽车集团股份有限公司 | Verification method, platform and the storage medium of automatic Pilot algorithm expectation function safety |
| CN111103866A (en) * | 2019-12-20 | 2020-05-05 | 吉林大学 | Adaptive cruise development and test method based on expected functional safety |
| CN111679646A (en) * | 2020-04-28 | 2020-09-18 | 华东师范大学 | Formalization-based automobile electronic system safety target confirmation method |
| CN112035954A (en) * | 2020-08-25 | 2020-12-04 | 长春一汽富晟集团有限公司 | Functional safety monitoring system and monitoring method of automatic driving test simulation platform |
| CN112348334A (en) * | 2020-10-26 | 2021-02-09 | 安徽江淮汽车集团股份有限公司 | Security analysis process generation method, device, equipment and storage medium |
| CN112418711A (en) * | 2020-12-07 | 2021-02-26 | 安徽江淮汽车集团股份有限公司 | Method, device, storage medium and device for evaluating damage of expected function of vehicle |
Non-Patent Citations (2)
| Title |
|---|
| 梅远迪: "功能安全、预期功能安全与信息安全的融合与发展", 《知乎汽车电子类技术文章合集》 * |
| 梅远迪: "功能安全、预期功能安全与信息安全的融合与发展", 《知乎汽车电子类技术文章合集》, 20 January 2021 (2021-01-20), pages 1 - 5 * |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114312778A (en) * | 2022-01-27 | 2022-04-12 | 中国第一汽车股份有限公司 | Method and device for acquiring functional safety requirement of cruise control system |
| CN114348009A (en) * | 2022-01-27 | 2022-04-15 | 中国第一汽车股份有限公司 | Functional safety concept stage analysis method and brake control system |
| CN114348009B (en) * | 2022-01-27 | 2024-05-03 | 中国第一汽车股份有限公司 | Functional safety concept stage analysis method and brake control system |
| TWI824778B (en) * | 2022-10-17 | 2023-12-01 | 財團法人車輛研究測試中心 | System and method with safety of the intended functionality scene collection and self-update mechanism |
| CN115808907A (en) * | 2022-11-17 | 2023-03-17 | 华侨大学 | Verification method and verification system of train control system based on communication |
| CN117261943A (en) * | 2023-11-17 | 2023-12-22 | 中汽研汽车检验中心(常州)有限公司 | Mili-type state machine-based automatic driving expected functional safety hazard identification method |
| CN117261943B (en) * | 2023-11-17 | 2024-03-01 | 中汽研汽车检验中心(常州)有限公司 | Automatic driving expected function safety hazard identification method based on Mili type state machine |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113111501B (en) | 2023-06-02 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN113111501A (en) | Functional safety and expected functional safety fusion analysis method | |
| US20220270415A1 (en) | Partial vehicle diagnostics | |
| CN110047286A (en) | A kind of analyzing vehicle accident method and device | |
| Stachowski et al. | An assessment method for automotive intrusion detection system performance | |
| CN111103866A (en) | Adaptive cruise development and test method based on expected functional safety | |
| CN112182663A (en) | Two-stage safety access system of passenger car and access method thereof | |
| CN108646713A (en) | Based on CANoe to the analogue system of P grades of director demon logic checkings | |
| US11438332B2 (en) | Distributed vehicle network access authorization | |
| Kilian et al. | Emergency operation in the power supply domain according to ISO 26262 | |
| Van Eikema Hommes | Applying system theoretical hazard analysis method to complex automotive cyber physical systems | |
| CN116353511A (en) | Logistics mode control method and system for new energy automobile | |
| Hommes | Safety analysis approaches for automotive electronic control systems | |
| CN114802052A (en) | Trusted environment self-learning method and system for vehicle-mounted network intrusion detection system | |
| Kaiser et al. | An AEBS use case for model-based system design integrating safety analyses and simulation | |
| CN114126959B (en) | Method for checking the permitted use of a rolling chassis | |
| CN110223416B (en) | Raw data analysis method of electric vehicle and electric vehicle | |
| Becker et al. | Functional Safety Assessment of a Generic Accelerator Control System With Electronic Throttle Control in Fuel Cell Hybrid Electric Vehicles | |
| Schrade et al. | Safety Concepts for Brake-by-Wire Pedal Boxes | |
| US12021879B2 (en) | Verification of message patterns for vehicle ECUs | |
| CN111144681B (en) | Method for calculating key importance of electric vehicle and electric vehicle | |
| De Leo | Analysis of the safety functions according to ISO26262 of the Epic0 vehicle and critical overhaul of the control board | |
| US20230080078A1 (en) | Method of detecting normality of pwm signal of airbag controller | |
| US20230351340A1 (en) | Systems and methods for generating a smart contract for a parametric event based upon vehicle data | |
| KR20230056759A (en) | Method for creating software component for electronic computing device in automobile, computer program product, computer readable storage medium and off-board update system | |
| Becker et al. | Functional safety assessment of a generic accelerator control system with electronic throttle control in electric vehicles |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |