Home Embedded Blog ASIL vs MSIL: Why a Separate ISO 26262-12:2018 Standard has been Introduced for Two-Wheelers?

ASIL vs MSIL: Why a Separate ISO 26262-12:2018 Standard has been Introduced for Two-Wheelers?

When ISO 26262 standard was launched in 2011, it was meant for vehicles with four wheels or more (up to 3500 kg). Although not mentioned explicitly, the standard was not applicable to two-wheelers.

“Why were motorcycles excluded from the standard?” you may ask. Well, the specific answer to that question will be best known to the insiders at the ISO 26262 committee. However, what can easily be interpreted is that the safety criticality guidelines designed for a four-wheeler were not relevant for a two-wheeler.

For example, the onus of balancing a motorcycle (when it is stationary) is on the rider. There is no such dependence in a car. Furthermore, the controls in both types of vehicles are quite different.

Even some similar components in a car and a bike would pose different hazards and thus, a need for a separate set of guidelines was felt for motorcycles.

In 2018, with the launch of a new version of the ISO 26262 standard, motorcycles were finally brought under the purview of ISO 26262 functional safety.

The new scope of ISO 26262 took a major shift from “road vehicles up to 3500 kg” to “road vehicles excluding mopeds”. This, not only brought motorcycles under the ISO 26262 umbrella but also heavy vehicles like buses and trucks.

The scope of this blog will be restricted to the functional safety guidelines for motorcycles or two-wheelers in general.

Notable Differences in the New ISO 26262 Guidelines for Motorcycle Functional Safety

As already mentioned, the safety criticality in a motorcycle works differently. Therefore, there are some key differences in the ISO 26262 standards for two-wheelers.

Let’s explore them!

  1. Hazard Analysis and Risk Assessment (HARA)

    There are a few modifications made to the process of HARA. Naturally so, because the safety in a two-wheeler ecosystem depends on multiple external factors such as helmets, protective gears, training, etc. Also, the rider has an enhanced responsibility to keep the two-wheeler safe while riding.

    A hazard may also result from the motorcycle’s behavior and not necessarily from a failure.

    For instance, a passenger car is inherently designed to navigate safely through snow/ice on the road. However, a motorcycle is not.

    So, if the rider decides tries off-roading or drives in hazardous situation (during a heavy snowfall), he/she is accepting a higher degree of risk.

    Such a scenario is outside the scope of ISO 26262 Part-12. Moreover, the 3 important factors in Hazard Analysis and Risk Assessment (HARA)controllability, severity and exposure are also affected to a great extent in such conditions.

    Taking all these factors into account, the hazards associated with a motorcycle pose greater risk as compared to a passenger vehicle.

    And to counter it, the PART-12 places higher emphasis on the rider than the machine to mitigate a risk.

    These scenarios make way for a different paradigm for assigning safety criticality to a system, called MSIL (Motorcycle Safety Integrity Level).

  2. Introduction to Motorcycle Safety Integrity Level (MSIL)

    The output of HARA for a motorcycle is MSIL, the motorcycle counterpart of the ASIL.

    The method and the approach used to perform HARA for motorcycles is similar to that for the passenger vehicles. However, the ASIL-MSIL alignment/mapping is the key difference.

    For example, ASIL C for a passenger car is equivalent to MSIL D, which is the maximum value for MSIL.

    Reasons for Mapping MSIL to ASIL:

    • This mapping of MSIL to ASIL helps the motorcycle industry to develop the software/hardware components in accordance with the mapped ASIL grade.
    • Before the safety goals are derived from the MSIL, it needs to be mapped to the corresponding ASIL value. This is because, the product development phase (Part-4) is still relevant and so are its applicable requirements.

    Similar to ASIL, MSIL is also derived based on the three factors – Severity (S), Exposure (E) and Controllability (C). The table below will help you understand how these factors contribute to the process.

    MSIL

    We have already discussed why it is important to map the MSIL value to ASIL. But for those interested in working on the Functional Safety of two-wheelers, ‘how’ assumes more importance.

    ISO 26262 Part-12 document provides Table-6 as the reference for mapping MSIL to ASIL. MSIL QM remains QM for ASIL, however, MSIL D is mapped to ASIL C.

    MSIL vs ASIL

    As per the standard, the ASIL levels mapped from the MSIL represent the minimum requirement. It implies that if the HARA determines the MSIL to be B, the component will be developed according to the requirements mentioned for ASIL A.

    However, to meet the requirements of any safety goal, the requirements mentioned in Part-12 will supersede the requirements in the other parts.

  3. Re-classification of Confirmation Measures

    Confirmation measures are major requirements for certain work products in the functional safety lifecycle. These measures include confirmation reviews, assessments and audits.

    The purpose of these reviews is to ensure that the activities such as HARA, FMEA, FMEDA, etc. are on the intended track.

    Some of these reviews need to be done by a different person (I1) while few confirmation measures are supposed to be performed by a person from a different department or organization (I3). The classification depends on the safety goals and the ASIL values.

    *I0 to I3 is the degree of independency

    ASIL values
     
    In Part-12 of the latest ISO 26262 standard, the confirmation measure has been re-classified for the motorcycle industry. I2 has been set as the highest level of independence as compared to I3 in the automotive functional safety. It implies that the confirmation measure will be performed by a person from a different team who does not report to the same direct superior.

  4. Modified Methods for Vehicle Integration Testing and Safety Validation

    The changes in the ISO 26262 standard are not only confined to HARA and ASIL but also permeate to the testing activities.

    Major modifications have been made in Part-4 of the ISO 26262 standard (Product development at system level) with respect to motorcycles.

    For instance, there is a Table-7 for correct implementation of the functional safety requirements at the vehicle level. The test methods mentioned in the table will always get preference over the test methods defined in Part-4, Part-6 or Part-8 of the ISO 26262 standard (Only Motorcycle Functional Safety).

    Similarly, Table-8 gives the methods to ensure the correct functional performance, accuracy and timing of safety mechanisms at the vehicle level. These methods are recommended to fulfill the motorcycle-specific safety goals.

How is the New ISO 26262 Version Going to Impact the Motorcycle Industry?

The answer is, ‘Exactly how it impacted the automotive industry’. The response to the ISO 26262 standard and functional safety in general has been very welcoming.

While bigger OEMs were already concerned about safety, the smaller players are now serious about it.

Now that the infotainment system, ABS, Battery Management System, etc. have made their way inside a two-wheeler, it is only natural that functional safety will assume far more importance.

Industry insiders report that a few two-wheeler OEMs were inculcating a safety culture even before the 2018 version of ISO 26262 was released.

They were mapping ASIL for motorcycles based on their expertise and domain knowledge.

However, with a formal ISO 26262 standard now out for motorcycles, a clearer path for ensuring motorcycle functional safety is available. Hopefully, the future holds safer motorcycles for us.

This entry was posted in Embedded Blog, Blog by Embitel. Bookmark the permalink

Dec 02 2019
Related Posts

ASK OUR EXPERTS

captcha

 I agree to allow this website to store my submitted data. This data can be used only for responding to my query and/or send related information about technology services and solutions.

FEATURED WHITEPAPER

12 design strategies to develop an "In-Vehicle Infotainment " system

RELATED SERVICES
 

Car HUD (Heads-up Display)

Go-to-market in 6 months with our automotive grade hardware and software design


Automotive Control Units

Electronic Control Units (ECU) development services for Body Control Modules (BCM), Powertrain, Chassis and Infotainment


AUTOSAR Software Services

AUTOSAR MCAL development, RTE and BSW integration, Application Layer development, Tools configuration and code generation


CUSTOMER SUCCESS STORIES
 
J1939-stack

J1939 Stack for advanced EPS system

Find out how J1939 stack resolved on-chip memory issue for an Automotive Tier-I supplier


connected-car

Software re-engineering | Telematics applications

Modular architecture re-design across fleet management product lines - GPS fleet security, vehicle and trailer tracking


IoT

IoT based Home Automation system

Design and development – Sensor Networks, Custom IoT gateway, Cloud and Mobile App