Embitel

Embitel logo
logo
Search
Close this search box.

Functional Safety for Automotive ECU Development

Certificate badage
Tisax-2
Automotive spice

The stakes for functional safety (FuSa) rise with every innovative feature added to vehicles. Whether it is ADAS, autonomous driving system, Electronic power steering or Brake ECUs, functional safety is paramount for all of them.

Talk to our FuSa Consultants

The proven approach to ensure functional safety is by following ISO 26262 standard. It ensures that functional safety is embedded in the development cycle through the concept phase, development and verification.

At Embitel, we are dedicated to help your automotive solutions meet ISO 26262 standard in letter and spirit.

With 16+ years of domain expertise in Automotive and in-depth know-how of Functional Safety implementation practices, we help you to deliver ISO 26262 compliant solutions for your customers.

We have partnered with customers across Europe, Asia and US for development of various ASIL D compliant automotive solutions including Brake ECU, EPS ECU and more.

Automotive Functional Safety Success Stories

Our Functional Safety (FuSa) Service Offerings

svg%3E

Functional Safety Concept Phase

  • Support for Hazard Analysis and Risk Assessment (HARA) and HAZOP analysis.
  • Defining system-level safety requirements to address identified hazards.
  • Establishing FuSa strategies to achieve safety goals.
  • Allocation of safety measures across system components.
  • Expertise in tools like DOORA, Polarion and JAMA tools.
svg%3E

Functional Safety Engineering

  • ISO 26262 consulting services
  • Tool Qualification
  • Safety Element Out of Context development.
  • Design of software and hardware architectures ensuring non-interference and ASIL decomposition.
  • Gap analysis at technical and functional levels.
  • Model based development using tools- MATLAB, SIMULINK etc.
svg%3E

ISO 26262 Compliant Testing Strategies

  • Static analysis with Polyspace, Helix QAC, and LDRA for MISRA and ISO 26262 compliance.
  • Unit, integration, and system tests using VectorCAST, Tessy, and Cantata.
  • Fault injection testing with Synopsys TestMAX, Razorcat TESSY, and NI TestStand.
  • HIL and SIL validation using dSPACE, ETAS LABCAR, and Simulink Test.
  • Traceability management with Jama Connect, Polarion, and DOORS.
svg%3E

Safety Analyses

  • Software and Hardware Failure Modes & Effect Analysis (FMEA).
  • SPFM, LFM and PMHF Derivation using FMEDA.
  • Fault Tree Analysis and Dependent Failure Analysis.
  • Expertise in tools like Medini Analyzer, Enco SOX tool.
svg%3E

Functional Safety Supporting Processes

  • Support for configuration and change management.
  • Support for ISO 26262 documentation: Development Interface Agreement (DIA), Safety case, Hardware-Software Interface and other documents.
  • Safety case documentation to support certification and assessment processes.
svg%3E

Functional Safety Management

  • Design of modular documentation structures for safety artifacts.
  • Implementation of end-to-end traceability across requirements, designs, and tests.
  • Development of detailed activity plans aligned with the product lifecycle.
Talk to our FuSa Consultants

Your Functional Safety(FuSa) Journey:

Talk to our FuSa Consultants

How do we Ensure FuSa Compliance for Automotive Systems

image1

Comprehensive ISO 26262 and FuSa Expertise

  • Functional safety engineers and FuSa consultants with extensive experience
  • Proven success in high-criticality systems such as braking ECUs and motor controller platforms.
image1

Comprehensive Safety Analysis

  • Expertise in HARA, FMEA, FTA, FMEDA, DFA using ISO 26262 qualified tools.
  • Robust safety goal definition and risk assessment to ensure compliance.
image1

End-to-End Functional Safety Support

  • Support across the entire safety lifecycle, from hazard identification to validation and production.
  • Preparation of safety cases for regulatory approval and audits.
image1

Proven Track Record and Tools

  • Delivered functional safety solutions to leading global OEMs and Tier-1 suppliers.
  • Proficiency with industry-leading tools like Medini Analyze, DOORS, and Tessy, Enco Sox etc.

Handbook: Functional Safety (FuSa) Consulting Services

Get more details about our service offerings for the implementation of ISO 26262 based FuSa framework for Automotive Projects

Download PDF

[Video on ISO 26262] How to Derive Automotive Safety Integrity Level (ASIL) Using HARA

Talk to our FuSa Consultants

Functional Safety Consultants: Team Structure

01

Veteran Functional Safety Managers

who partner with you to achieve compliance with the desired ASIL Grade (ASIL B, ASIL C or ASIL D)

02

Senior ISO 26262 consultant

with 20+years of experience, to partner with you for critical automotive projects for product development and consulting support

03

Senior embedded engineers

Proficient in developing automotive applications as per the latest industry standards including AUTOSAR, ISO 26262 and MBD.

Download Webinars: Learn more about ISO 26262 standard and Functional Safety in Automotive

FAQs’:ISO 26262 Consulting, Analysis and Design/Development Services

What is functional safety in automotive?

Ans. Functional safety is the absence of risk caused by faults in electronic and electric components of a vehicle. When a fault occurs in an automotive component, it can compromise the safety of the driver and occupants. For example, if the airbag system develops a fault such as a faulty sensor that fails to detect a collision, leading this leads to the airbag not deploying in a critical accident. This would be considered a compromise to functional safety due to a malfunctioning electronic component in the vehicle.

To ensure functional safety in automotive systems, it must be developed as per the guidelines mandated in ISO 26262 standard.

What is HARA in automotive functional safety?

Ans. Hazard Analysis and Risk Assessment (HARA) is among the first steps in the journey to ISO 26262 compliance. It identifies potential hazards in electrical and electronic (E/E) systems, assesses the associated risks, and defines safety goals to mitigate these risks. Based on the risk assessment performed during HARA, ASIL rating is allocated to the system under development. Risk for each hazard is evaluated based on 3 factors:

  • Severity: Potential impact of the hazard
  • Exposure: The likelihood of occurrence of hazard
  • Controllability: Ability of the driver to control or avoid the hazard

HARA ensures that safety measures are proportional to the risk associated with each hazard.

What are the basic principles of automotive functional safety?

Ans. The focus of functional safety is to ensure that safety-critical systems in a vehicle operate reliably under all conditions, including during faults or failures. Key principles include:

  1. Hazard and Risk Assessment (HARA):Identifying and analyzing potential risks to assign appropriate ASIL levels, ensuring mitigation strategies are proportionate to the severity of risks.
  2. Fail-Safe Design: Ensuring systems transition to a safe state during malfunctions, with designs that anticipate and handle failures effectively.
  3. Safety Goals and Requirements: Defining clear safety objectives and implementing functional and technical requirements to meet these goals in all conditions.
  4. Verification and Validation: Verifying the system’s adherence to design specifications and validating its performance under real-world scenarios.
  5. Avoidance of Single Points of Failure: Incorporating redundancy in critical functions to ensure reliability in the event of individual component failures.
  6. Safe Degradation: Designing systems to maintain partial functionality while minimizing risk during degraded operating states.
  7. Continuous Monitoring: Implementing diagnostics and monitoring mechanisms to detect, report, and respond to faults in real time.
  8. Traceability: Ensuring safety requirements, implementation, and verification are clearly documented and aligned throughout the development lifecycle.

These principles ensure the reliability of safety-critical systems like ABS, ADAS, and autonomous driving, supporting safe vehicle operation at all times.

What can we expect from an ISO 26262 Consulting engagement with Embitel?
Ans. Under our ISO26262 Consulting services, we partner with your automotive product development teams for the following:
  • Understanding the framework of ISO26262 Functional Safety Practices
  • Evaluation and identification of critical Checklists , Guidelines, Templates, and Tools ( based on the project requirement)
  • End-to end Technical Consulting, in order to develop a well-define functional safety roadmap.
What are the services offered under the ISO 26262 Functional Safety analysis?
Ans. Post our Functional Safety workshops, we can partner with your design and development teams with in-depth analysis of the system and hardware/software components. Under this engagement, we collaborate to achieve the following
  • Failure Modes and Effects Analysis
  • Concept phase Safety Analysis( HARA for ASIL Determination)
  • System level safety analysis
  • Hardware and Software safety Analysis
  • Independent Review of the product and the process
P.S: We also partner with our customers directly for “Functional Safety Analysis” , as per their requirement and the current stage of their Functional Safety journey.
What do you offer under design & development of ISO 26262 compliant automotive systems?
Ans. Our ISO26262 design & development is based on the V-model SDLC (Software Development Lifecycle): For this engagement, our Functional Safety Project Managers and Embedded Product Developers, will partner with your teams for the following action items:
  • Concept Development (HARA)
  • System Requirement Analysis
  • Hardware and Software Safety Analysis (FMEA, FTA and FMEDA) & Architectural Design
  • Design Implementation
  • Testing (Unit testing, Integration Testing & Functional Testing)
  • System Integration and Testing
  • Safety Assessment and Validation
Can Embitel provide onsite support for Functional Safety training and implementation?

Ans. Yes. Our ISO26262 Functional Safety offering is based on an ‘Onsite-Offshore’ model. Our team can perform requirement gathering and analysis of the project, onsite.

The actual ISO 26262 based implementation service can be done onsite or offshore, based on the scope of the project.

In some instances, sensitive work-products that can’t cross the country borders or the customer premises; are managed onsite.

Does ISO 26262 mandate the organizations to follow any Quality Assurance standards?
Ans. Yes, ISO 26262 recommends the organizations ( auto-manufacturers and suppliers ) to adhere to Quality Assurance standards such as CMMI, ISO/TS 16949 or ISO 9001.
What is ISO 26262 in automotive industry?

Ans. ISO 26262 is an automotive functional safety standard that provides a structured framework for safety-critical automotive solutions development. The standard captures the entire lifecycle from design to production and beyond. ISO 26262 introduces the concept of Automotive Safety Integrity Levels (ASIL) to classify safety-critical functions and determine the level of testing and validation required.

By adhering to ISO 26262, automotive manufacturers and suppliers can ensure vehicles are not only safe for consumers but also comply with global regulatory requirements. This standard is essential for systems like braking, steering, ADAS, and electric vehicle components, where failures could have significant safety implications.

What is an example of functional safety?

Ans.Functional safety ensures that a system operates reliably and minimizes risks when failures occur.

In the automotive domain, every Some of the electronic and electric modules that is aare critical examples of functional safety. These include: include:

  • Anti-lock Braking System (ABS): Prevents wheels from locking during braking to maintain steering control.
  • Electronic Stability Control (ESC): Helps maintain vehicle stability during cornering or slippery conditions.
  • Airbag Systems: Deploys airbags during a collision to protect passengers.
  • Advanced Driver Assistance Systems (ADAS): Features like lane-keeping assist or adaptive cruise control rely on functional safety to ensure reliable operation.
  • Battery Management Systems (BMS): In electric vehicles, these systems ensure safe charging, discharging, and temperature control.

Each module is designed and tested with ISO 26262 standards to meet safety integrity levels (ASIL) appropriate to the risk they manage.

What is a functional safety plan?

Ans. A functional safety plan is a mandatory artifact in the ISO 26262 framework. It provides a comprehensive roadmap for managing safety activities across the lifecycle of an automotive item or element, ensuring compliance with safety goals and ASIL requirements.

Core Components of a Functional Safety Plan:

  1. Scope of Safety Activities:
    • Defines the safety lifecycle phases to be covered (concept, development, production, operation, and decommissioning).
    • Specifies the item or element being addressed.
  2. Roles and Responsibilities:

    Allocates responsibilities for the Functional Safety Manager and other key stakeholders.

  3. Hazard and Risk Assessment (HARA):

    Includes strategies to identify hazards, assess risks, and determine ASIL levels.

  4. Safety Lifecycle Tailoring:
    • Details how lifecycle phases will be tailored to meet specific ASIL requirements.
    • Defines interfaces with other processes like system, hardware, and software development.
  5. Verification and Validation Activities:

    Outlines plans for confirmation reviews, functional safety assessments, and validation against safety goals.

  6. Safety Analysis Methods:

    Specifies techniques like FTA (Fault Tree Analysis), FMEA (Failure Mode and Effects Analysis), and FMEDA (Failure Mode Effects and Diagnostics Analysis).

  7. Change and Configuration Management:

    Ensures adherence to controlled processes for managing modifications while maintaining traceability.

  8. Safety Culture and Competence Management:

    Ensures the team possesses the necessary qualifications and experience for safety-critical development.

What are the roles and responsibilities of an organization towards ensuring Functional Safety?
Ans. As an automotive company, your functional safety responsibility involves:
  • Implementation of organization Specific
  • Safety Policies & Rules
  • Ensuring Safety Culture
  • Management of safety anomalies
  • Competence management
  • Quality management
  • Project-independent tailoring/adaptation of the safety lifecycle
Does Embitel offer any functional safety training programs?

Ans. Yes, we have various ISO26262 training programs designed to suit your requirement. Based on your business requirements, you can collaborate with us for any of the following trainings schedules:

1-day training: ISO 26262 Overview

2-days training: Covers the specific topics under the ISO 26262 Safety Standard

5-days training: Detailed ISO 26262 Functional Safety Training

These training programs can be conducted either through online or onsite mode.

We have an existing product line that is under development/ready for production. How can we ensure ISO 26262 compliance in such a situation?
Ans. For existing product lines, we will perform Gap analysis at various levels including the process, the management, and the technical level. Gap Analysis will help you understand safety gaps in your product line while identifying measures to close the gap towards functional safety compliance. The entire process involves:
  • Addressing each gap and mitigating them as per the ISO 26262 recommendations
  • Generating Compliance report
Can Embitel support us for ASIL level safety compliance project?

Ans. Yes, Embitel’ s Functional Safety (FuSa) team can assist you by performing ISO26262 recommended analysis of any SEooC product (Safety Element out of context) to ensure safety compliance.

Is ISO 26262 compliance similar to any standard Quality Assurance certification?
Ans. Not exactly. The ISO 26262 is recommending quality process to ensure functional safety. At the same time, the standard is providing technical guidelines to meet required safety integrity goals/ levels at the hardware and software level.

Knowledge bytes

  • What is Functional Safety in Automotive? What is the role of ISO26262 Standard?

A number of components of a car are safety critical; like, Electronic Steering System, Anti-lock Braking System, Air-bags, electronic stability control, and more.

By safety critical, we mean that the failure of these components can risk the driver or the passengers’ life.

ISO26262 is a standard that defines a framework to implement safety practices during the design, development, and the testing of all the critical electrical and electronic components of a road vehicle. This standard has been derived from IEC61508.

ISO26262 standard comprises of a set of steps that regulate the product lifecycle at the software and the hardware level. ISO26262 provides an extensive set of recommendation for automotive product development, right from the conceptualization to the decommissioning stage.

  • What is ASIL in Automotive Functional Safety?

A number of components of a car are safety critical; like, Electronic Steering System, Anti-lock Braking System, Air-bags, electronic stability control, and more.

By safety critical, we mean that the failure of these components can risk the driver or the passengers’ life.

ISO26262 is a standard that defines a framework to implement safety practices during the design, development, and the testing of all the critical electrical and electronic components of a road vehicle. This standard has been derived from IEC61508.

ISO26262 standard comprises of a set of steps that regulate the product lifecycle at the software and the hardware level. ISO26262 provides an extensive set of recommendation for automotive product development, right from the conceptualization to the decommissioning stage.ASIL (Automotive Safety Integrity Level) is the notation for software or hardware component that signifies its safety-criticality.

ASIL has four categories- ASIL A, ASIL B, ASIL C, and ASIL D. ASIL A indicates least critical level and D indicates the most critical level. There are three factors that determine the ASIL of a software or hardware- probability of exposure, controllability by the driver, and the severity of the outcome if a fault occurs.

ASIL A is almost equivalent to QM level, therefore, ASIL B is usually the minimum requirement, in order to make your product complaint with ISO 26262 Standard for Functional Safety.

Considering the example of an Air-Bag, the analysis will look into how likely it is for the air bag to get activated, what will be the effect on car and how can the driver control it. Considering all these factors, ASIL will be determined, which will most likely be ASIL-D for Air- Bags.

ASIL is determined at the beginning of the automotive software development with the help of HARA. However, it can be done post the development also, but is not recommended. Based on the ASIL rating, safety processes and testing regulations are followed- strictest for D and flexible for A.

  • Functional Safety Webinars and Articles

Related Blogs: Learn more about ISO 26262 Functional Safety

Scroll to Top