D2.2 Report on the FEV test cases

Executive Summary

This document outlines work carried out in the HEMIS project concerning:

- definition of the tolerable hazard rate and the safety principle;

- the RAMS apportionment of the FEV;

- the test cases for the safety objectives previously defined.

The adaptation of a safety principle in automotive sector is suggested, which serves as the guidelines for setting safety objectives at the global level. From the selected safety principle, which is the Minimum Endogenous Mortality (EN 50126), the safety objective is  set as 2∙10-4 fatalities per person and year.

A feature of the MEM criteria is that it is assumed that there is a maximum of 20 technological systems that affect an individual at any time, therefore they each share a portion of this failure which from a given system is 10-5 fatalities/person×year.

In order to carry out the RAMS apportionment, it is necessary to identify a quantitative Tolerable Hazard Rate (THR).

The THR is not used in ISO 26262. The ISO 26262 based PHA provides qualitative risk classes (ASIL) for the various hazards identified.

It was therefore necessary to derive a mapping between ASIL, SIL and THR in order to carry out the RAMS apportionment. This allows a quantitative THR to be associated with the qualitative ASIL categories.

The core hazard limit is to reach the Minimum Endogenous Mortality. The hazard limit is calculated as the sum of the failure rate of each hazard which is calculated from the failure rate of each system, which in turn contributes to those hazards, following the fault tree.

Based on the RAMS analysis, the functional safety requirements have been defined. Related to them the PHMS behavior has been proposed.

In the test cases, from each failure mode of the Electrical Transmission, a configuration, environmental conditions and input variables of the PHMS have been defined and the expected behavior is defined.


