Automatic and optimal allocation of safety integrity levels

Powertrain electrification of vehicles leads to a higher number of sensors, actuators and control functions resulting in increasing complexity. Due to the safety-criticality of the functionalities, safety standards must be considered during system development. The safety standard ISO 26262 defines discrete ASILs (Automotive Safety Integrity Levels) that must be identified and allocated to the components of the system under development. Once allocated, they determine the applicable requirements of ISO 26262 and the necessary safety measures to accordingly minimize residual risk. Fu rthermore, the allocated ASILs directly influence the development efforts and the costs per piece of the system components. Manual elaboration of an ASIL allocation that is economic and assures functional safety is complex and cumbersome. This work presents a method that allows the automatic allocation of ASILs to the system components. In our approach ASIL allocation is interpreted as an ILP (Integer Linear Programming) problem. This allows obtaining an ASIL allocation that is optimal with respect to an objective function that is subject to constraints. These constraints are derived from the results of PHA (Preliminary Hazard Analysis), FTA (Fault Tree Analysis) and preferences of the safety engineer. The approach is evaluated by the case study of hybrid electric vehicle development.