The Safety Assessment Process, defined by SAE ARP4761 and associated regulatory guidance and the system development process defined by SAE ARP4754 are built on an understanding of the functions performed by a system or systems. [1, 2] These recommended practices do not provide, or reference, specific guidance regarding function definition, though they do provide some conventional airplane examples. ASTM E2013-20 describes function identification principles for cost evaluations, but does not consider how functions are used in safety assessments.[3] Without a systematic process for establishing and describing functions for safety assessments, the application of the development and safety assessment processes can be complicated by inappropriate function selections. Such functions may be overly inclusive, applied at the wrong level of abstraction, or might not describe the intended behaviors adequately. While these concerns can be managed as developers gain experience with these processes, the continually increasing complexity of system behaviors and the introduction of multi-vehicle “swarms” promises to increase these concerns.
This paper proposes a process to assist the system or product developer with identifying and describing functions at each level of abstraction used in describing the architecture. This includes establishing system boundaries and checking the appropriateness of the resulting function lists.
