[Author]

Renhong WENG, Safety, and Security, and RAMS investigator.

Zero:

Most people will be curious about how to detail understand how to allocate Safety Mechanism in the ISO 26262, and how to bear up the safety mechanism library in company level.

This series of articles come to help and for guidelines for each one.

First: when we will use safety measures

Reason:

1.in traditional automotive field, after we perform safety analysis, the potential fault, failure causes, failure effect, and that failure modes will contribute to safety goal violation and too higher of single point failure, we have to add up safety mechanism, to reduce single point failure, and make residual fault as in accordance with ASIL requirements;

2.in traditional automotive field, after we perform the insufficient safety mechanism as their DC value or DTTI, or safety state protection mechanism not enough, then we have to add up extra safety mechanism to support, at that time;

3.insufficient dependent failure analysis in design, implementation, at that time safety mechanisms involved in for the dependent failure segregation and protection;

4.systematic failures mitigation in different lifecycles, we have to sets of hierarchical methods to deal with and better dealing with

5.complex intended functionality interface, like in HMI definition

etc

Second: random hardware failure coverage

Third: ISO 26262-5, Table D.2

1.Failure detection by online monitoring

Typical diagnostic coverage is LOW, 60%, however which is tunable based on design.

One example in progression of gear macropitting was detected with on-line particle monitoring from lubricating oil together with vibration monitoring and visual inspections.

In on-line and in-line, the detached pits or other solid contaminants in lubricating oil is detected continuously with specific at gearbox outlet proving real time information. The on-line particle monitoring methods can typically detect the amount of particles and classify them to different size classes.

Besides the output lubricants monitoring, we as well have vibration monitoring to monitor possiblephenomena which are not connected to the gear wheel pitting. These kinds of phenomena are gear wheel misalignment, different kind of looseness and rolling bearing failures. Combining vibration and oil particle monitoring and other running parameter monitoring and photographing may offer more reliable view about the progression of pitting.

Continuously monitoring the particle monitoring, we can derive out theoutcome, and be sure one thing the online diagnostic DC value same with the confidential level of data failure:

From stage 0 to stage 6, the damage percent higher and higher, and once the damage limit get, the safety violated, the cycle number can be fetched. Here the online detection diagnostic coverage value same with confidential level of data statistics.

above:

another we continue tomorow, thanks!

[REF]

1.Detection of gear pitting failure progression with on-line particle
monitoring