ISO 26262, Road vehicles – Functional Safety, is a risk-based safety standard that defines functional safety for all automotive electronic and electrical (E/E) safety-related systems. The standard is an adaptation of the Functional Safety standard, IEC 61508, and is applicable throughout the life-cycle of all safety-related systems that include electronic and/or electrical systems.
The latest version of the standard, ISO 26262:2018, was published in late 2018 and supersedes the earlier ISO 26262:2011 as well as previous drafts (DIS & FDIS) for all systems commencing development after the 2018 publication date. ISO 26262:2018 is an international standard for road vehicles. It applies not only to series production passenger cars but also provides guidance on developing E/E systems for use in trucks, buses, trailers and semi-trailers. Motorcycles (but not mopeds) are also covered by the 2018 version of the standard. ISO 26262 specifies four Automotive Safety Integrity Levels (ASIL A to D) with ASIL D as the highest safety level. This enables hazards to be classified based on a combination of the likelihood of the event occurring and the probable severity of the event should it occur.
Fitness for purpose litigation against companies and individuals is now an increasing risk. ISO 26262:2018 is a technical standard used by lawyers to interpret laws. The relevant law in question for Europe is the General Product Safety Directive 2001/95/EC (GPSD). This states that the product creator has the responsibility to develop a safety critical product in a way which is compliant with ‘State-of-the-Art’ development principles. ‘State-of-the-Art’ simply refers to commonly accepted best practices, which in the case of passenger road vehicles are now embodied in ISO 26262:2018. Where companies fail to employ accepted industry practices, they cannot use the “State-of-the-Art” legal defence against such litigation.
Recommended tools for compliance with ISO 26262
QA Systems enables organisations to accelerate ISO 26262 compliance with automated static analysis and software testing tools:
Tool Certification & Qualification
ISO 26262, Part 8 section 11 defines how software tools are qualified. In accordance with this our dynamic testing tool Cantata has been classified and certified by SGS-TÜV GmbH, an independent third party certification body for functional safety, accredited by Deutsche Akkreditierungsstelle GmbH (DAkkS). Cantata has been classified as a Tool Confidence Level (TCL) 1 tool, and is usable in development of safety related software according to ISO 26262:2018 up to the Automotive Safety Integrity Level (ASIL) D.
For our static analysis tool QA-MISRA, our tool Qualification Support Kit (QSK) automatically executes a full tool qualification verification test suite on the installed tool configuration and generates the necessary reports for ISO 26262 tool qualification.
These tool kits for ISO 26262 are available to ease our customers’ path to certification. They contain everything needed to prove that Cantata and QA-MISRA provide the required confidence in the use of software tools under ISO 26262 recommendations as well as comprehensive and detailed guidance on how to use them to comply with the required software verification activities of ISO 26262.
Please contact us for more information about these tool kit.
Dynamic testing for ISO 26262 compliance
Section 6 of ISO 26262 recommends unit and integration testing. The Cantata testing tool enables developers to automate their unit and integration testing and to verify ISO 26262 compliant code on host native and embedded target platforms.
Cantata helps accelerate compliance with the standard’s dynamic testing requirements by automating:
Please contact us for more information on Cantata for ISO 26262.
The ISO 26262 dynamic testing recommendations by ASIL and how these are supported by Cantata are summarised in our White Paper “Cantata Standard Briefing ISO 26262”
Start a free trial & get a complete copy of Cantata to evaluate using your code.
Static Analysis for ISO 26262 compliance
Part 6 of ISO 26262 addresses product development at the software level including several tables that define the methods that must be considered in order to achieve compliance with the standard.
Static Analysis is most useful for meeting clause 8 “Unit design and implementation”, within part 6 of the standard. QA-MISRA can be used to make sure that the software conforms to coding standards specified by section 5.4.7 and required by section 8.4.3.d.
Please contact us for more information on Static Analysis.
The ISO 26262 static analysis recommendations by ASIL and how these are supported by QA-MISRA and Astrée are summarised in our “QA-MISRA Safety Manual”.
Start a free trial of QA-MISRA to evaluate your code against MISRA, AUTOSAR, CERT C/C++, CWE and other coding standards to ensure automated compliance with ISO 26262.