Agenda Day 4
8:30 - 11:00 MODEL-BASED DEVELOPMENT OF SAFETY-CRITICAL SYSTEMS FOR ISO 26262 COMPLIANCE
This workshop will cover model-based design as the hopeful solution of managing new challenges from the increase of safety requirements
vs. the decrease of development time for embedded systems. The focus will be on the role of various techniques, tools and suitable model
based design workflows utilizing several relevant automotive industry application examples. Key topics covered include:
• Safety cases for model-based development
• Formal methods in automotive
• Application of a different design approach
• Available tools and methods
• Examples of safety critical-systems developed in a model based environment
Dr. Arun Chakrapani Rao, Senior Research Fellow, WMG, The University of Warwick, UK
11:00 - 11:15 Coffee break
11:15 - 13:45 EXAMPLES OF SAFETY ANALYSIS TECHNIQUES THROUGHOUT THE LIFECYCLE
This workshop will focus on giving an overview of existing safety analysis methods and how to apply them to define various safety goals.
Moreover, you will learn the differences and overlaps of these methods and advantages and disadvantages for various cases.
• Understanding the aims and purpose of safety analyses
• Understanding which analyses are needed, at which stage, and in which areas of development
• FTA, FMEA, STPA and their overlaps
• How to use the methods
11:45 - 12:30 Networking luncheon
14:30 - 17:00 WORKSHOP C | UNDERSTANDING SAFETY OF THE INTENDED FUNCTIONALITY (SOTIF)
The first draft of PAS21448 is to be published in 2018. The working group is working on addressing issues arising from “a correctly functioning
(complex) system that can have an inappropriate behavior in a given life situation, and violate safety requirements”.
In addition to the interactions of ISO 26262 and the SOTIF guidance, important aspects to explore include:
• Timeframe and main concepts
• Functional improvement iteration
• Validation targets, and acceptable means of demonstration.
• Examples of “current processes” for functional development on ADAS(/AD) and where SOTIF adds steps to ensure how possible and detected
failures should be handled.