A Novel Simulation-Based Approach for ISO 26262 Hazard Analysis and Risk Assessment

摘要

Development and verification of Advanced Driver Assistance Systems (ADAS) are challenging activities. Since ADAS have to deal with a huge number of possible operational situations happening in the real world and misbehavior can lead to high-severity hazards, it is imperative to test their behavior thoroughly. However, it is not cost-effective to reproduce all the possible operational situations in controlled environments (e.g., icy road, fog, very snowy steep road, ecc.) for testing ADAS through field test, i.e., through test vehicles, and it is unacceptable to demand the test to end-users. Moreover, discovering safety violations during field tests would lead to huge cost in terms of redesign and increased time-to-market, and it is therefore mandatory to anticipate this phase as early as possible. This can be achieved by means of an effective Hazard Analysis and Risk Assessment (HARA) as prescribed by the ISO26262, when the concept of the item, in our case the ADAS, is developed. Commonly recognized problems of this phase are repeatably and objectivity in terms of independence of its results from the involved engineers. This paper proposes an approach to perform HARA through clever use of vehicle-level simulators to test an initial specification of the ADAS behavior against simulated operational situations, considering also corner cases very difficult or too dangerous to be reproduced during field testing. As a proof-of-concept, the approach is applied to an Advanced Emergency Braking System (AEBS).