This content is not included in your SAE MOBILUS subscription, or you are not logged in.

Calculation of Failure Detection Probability on Safety Mechanisms of Correlated Sensor Signals According to ISO 26262

Journal Article
2017-01-0015
ISSN: 1946-4614, e-ISSN: 1946-4622
Published March 28, 2017 by SAE International in United States
Calculation of Failure Detection Probability on Safety Mechanisms of Correlated Sensor Signals According to ISO 26262
Sector:
Citation: Granig, W., Hammerschmidt, D., and Zangl, H., "Calculation of Failure Detection Probability on Safety Mechanisms of Correlated Sensor Signals According to ISO 26262," SAE Int. J. Passeng. Cars – Electron. Electr. Syst. 10(1):144-155, 2017, https://doi.org/10.4271/2017-01-0015.
Language: English

Abstract:

Functional safe products conforming to the ISO 26262 standard are getting more important for automotive applications wherein electronic takes more and more response for safety relevant operations. Consequently safety mechanisms are needed and implemented in order to reach defined functional safety targets. To prove their effectiveness diagnostic coverage provides a measurable quantity. A straight forward safety mechanism for sensor systems can be established by redundant signal paths measuring the same physical quantity and subsequently performing an independent output difference-check that decides if the data can be transmitted or an error message shall be sent. This paper focuses on the diagnostic coverage figure calculation of such data correlation-checks for linear sensors which are also shown in ISO 26262 part5:2011 ANNEX D2.10.2. This principle is widely used in automotive application like magnetic field sensing for steering-torque measurement, position detection of throttle-valve or current sensing of actuators. It is shown how the diagnostic coverage figures can be derived based on statistical evaluation using different typical failure-probability distributions of the analog and digital elements of the sensor systems. The incorporation of temperature and lifetime drifts that are part of the specification of all mixed signal systems and their influence on the diagnostic coverage will be discussed for different configurations of the safety requirements. These diagnostic coverage figures are essential for quantitative Failure-Tree Analysis (FTA) or Failure Mode, Effect and Diagnostic Analysis (FMEDA), which is the proof of the system capability to achieve its safety requirements.