容错时间:FunctionalSafety requires predictable reactions in realtime
开始之前先学习下公众号之前的几篇文章:
Functional Safety & Diagnostics of Hybrid Vehicles
风险分析安全概念容错时间
Functional Safety Compliant ECU Design for Electro-Mechanical Brake (EMB) System
监测任务执行时间
【SAE ‖EMB】ISO 26262:监测任务执行时间&电子制动(EMB)技 术发展情况一览…
EPS故障诊断/故障容错/功能安全
Abstract
Functional Safety, as defined basically in IEC 61508 and in ISO 26262 for automotive systems, clearly describes actions to take, methods to perform to develop a safe system. Safe means actually the presence of faults and bugs. That implies the detection of malfunctions and taking proper actions, before any harm is done. So it‟s all about timing: Before a hazard occurs, the system has to get itself in time into a safe state involving automated mechanisms and the driver.Precisely defining the safety requirements, including time spans the system has to respond to faults, is mandatory. And it is crucial for project success to evaluate early in the development process if these requirements are met. We will introduce the reader to the timing aspects of functional safety. A model based methodology based on a matured tool suite will be described to help design embedded systems having the correct dynamic behavior and showing robustness to changes and unexpected system states.
Conclusion
The introduction of functional safety to already complex embedded systems is a challenge for all involved parties. Especially the integrator has to have a detailed knowledge of the planned system‟s behavior to design an architecture capable to fulfill the functional safetyrequirements. Timing and performance analysis of functions and event chains have to be anintegral part of the safety process. The dynamic system behavior needs to be considered byall project parties from the early specification down to the validation of its correctimplementation. And it requires a close, tool supported collaboration between safetyengineers and system architects.The paper describes the basic steps along the safety process and highlights how timing and performance are key factors. Mechanical design, electronics and software will have a common architectural blueprint to derive critical event chains and timing budgets. The earlier, because model based, this can be tested, the faster a robust architecture can be found and the safety goals can be achieved. The example demonstrated that even small functions aren‟t trivial especially when they rely on complex integrated systems. Nevertheless it was shown that the modeling of timing and performance is feasible with the right methods and tools.
- 用户评论