ISO 26262 safety cases: Compliance and assurance

In the automotive domain, there is currently no formal requirement to produce an explicit safety case. Instead the implicit safety case for a vehicle is comprised of compliance with extensive national and international regulation and standards. With the imminent introduction of the automotive functional safety standard ISO 26262, the production of a functional safety case is now a requirement for compliance with the standard. This presents both opportunities and challenges to safety practitioners and researchers within that industry. This paper sets out what form an ISO 26262 safety case might take and how this fits within the existing hierarchy of automotive safety, based on the experiences of the authors who are actively engaged the development and delivery of real automotive projects. Using the pattern and modular extensions of the Goal Structuring Notation (GSN) a number of reusable safety arguments are proposed covering all parts of ISO 26262 and the issues of compliance and assurance. The patterns proposed are not instantiated for confidentiality reasons but are provided to give guidance and shared learning for others within the automotive functional safety community.