Fail-Operational Automotive Systems

Due to the trend towards autonomous driving, the demand on fail operational systems is increasing. These are able to maintain the full or an acceptably limited function in case of failures. In this book, the state of the art of other industrial domains is investigated, focusing on their related safety standards and technical solutions. Based on that, a detailed investigation of the ISO 26262 is performed from the perspective of fail-operational systems. As part of that, typical fail-operational SW and HW architectures are investigated within the framework of the ISO 26262 and an automotive application. The key finding of this is that for automotive fail-operational systems, full redundancy is seldom required. To support the definition of sufficiently independent redundant architectures, a generic, structured dependent failure analysis is developed. Based on these findings, the redundancy allocation problem is solved for an automotive application. In order to do so, a mathematical model is derived, to host failure-propagation modelling, and the calculation of the HW metrics of the ISO 26262 as reliability metric. A genetic algorithm is developed to utilise this mathematical model.