Functional Safety BMS Design Methodology for Automotive Lithium-Based Batteries

The increasing use of lithium batteries and the necessary integration of battery management systems (BMS) has led international standards to demand functional safety in electromobility applications, with a special focus on electric vehicles. This work covers the complete design of an enhanced automotive BMS with functional safety from the concept phase to verification activities. Firstly, a detailed analysis of the intrinsic hazards of lithium-based batteries is performed. Secondly, a hazard and risk assessment of an automotive lithium-based battery is carried out to address the specific risks deriving from the automotive application and the safety goals to be fulfilled to keep it under control. Safety goals lead to the technical safety requirements for the next hardware design and prototyping of a BMS Slave. Finally, the failure rate of the BMS Slave is assessed to verify the compliance of the developed enhanced BMS Slave with the functional safety Automotive Safety Integrity Level (ASIL) C. This paper contributes the design methodology of a BMS complying with ISO 26262 functional safety standard requirements for automotive lithium-based batteries.

Download Full-text

Hardware-in-the-Loop Simulation of Functional Safety Compliant Electric Power Steering System

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.781.500 ◽

2015 ◽

Vol 781 ◽

pp. 500-503

Author(s):

Kyung Jung Lee ◽

Hyun Sik Ahn

Keyword(s):

Electric Power ◽

Steering System ◽

Functional Safety ◽

Hardware In The Loop ◽

Electric Power Steering ◽

Automotive Safety ◽

Iso 26262 ◽

Power Steering ◽

Safety Integrity Level ◽

Electric Power Steering System

In this paper, we propose a hardware-in-the-loop simulation (HILS) for functional safety compliant electric power steering (EPS) system. The proliferation of electric and electronic systems in vehicles has brought the new automotive standard ISO 26262 for the safety of functions. The proposed EPS system should be Automotive Safety Integrity Level (ASIL) D compliant, which is the highest ASIL level. Therefore, EPS system complies with functional safety and HILS is configured to verify performance of functional safety compliant EPS system.

Download Full-text

ISO 26262 Concept Phase Analysis on Distributed Electro-Hydraulic Braking System: The Influence of System Architecture on ASIL Decomposition

Volume 3: 16th International Conference on Advanced Vehicle Technologies; 11th International Conference on Design Education; 7th Frontiers in Biomedical Devices ◽

10.1115/detc2014-35600 ◽

2014 ◽

Cited By ~ 1

Author(s):

Zhizhong Wang ◽

Liangyao Yu ◽

Ning Pan ◽

Lei Zhang ◽

Jian Song

Keyword(s):

System Architecture ◽

Event Analysis ◽

Automotive Safety ◽

System Architectures ◽

Iso 26262 ◽

Braking System ◽

Safety Integrity Level ◽

Actuator System ◽

Hazardous Event ◽

Wire System

The Distributed Electro-hydraulic Braking system (DEHB) is a wet type brake-by-wire system. As a safety critical automotive electrical and/or electronic (E/E) system, DEHB shall be designed under the guideline of ISO 26262 in order to avoid unreasonable risk due to the malfunctions in the item. This paper explores how the Automotive Safety Integrity Level (ASIL) decomposition in the concept phase is influenced by the system architectures of DEHB. Based on a typical hazardous event, analysis on DEHB with the same system architecture as the Electro-mechanical Braking system (EMB) is carried out, which is taken as the basis for comparison. Two types of DEHB with different system architectures are then analyzed. Results show that the adoption of hydraulic backup enables ASIL decomposition in the pedal unit. The adoption of both hydraulic backup and normally open balance valves offers the opportunity to perform ASIL decomposition in the brake actuator system of DEHB.

Download Full-text

A Novel Hazard Analysis and Risk Assessment Approach for Road Vehicle Functional Safety through Integrating STPA with FMEA

Applied Sciences ◽

10.3390/app10217400 ◽

2020 ◽

Vol 10 (21) ◽

pp. 7400

Author(s):

Lei Chen ◽

Jian Jiao ◽

Tingdi Zhao

Keyword(s):

Risk Assessment ◽

Process Analysis ◽

Hazard Analysis ◽

International Standards ◽

Functional Safety ◽

Road Vehicles ◽

Effect Analysis ◽

Automotive Safety ◽

Safety Requirements ◽

Assessment Approach

ISO26262: 2018 is an international functional safety standard for electrical and/or electronic (E/E) systems within road vehicles. It provides appropriate safety requirements for road vehicles to avoid unreasonable residual risk according to automotive safety integrity levels (ASILs) derived from hazard analysis and risk assessment (HARA) required in the ISO26262 concept phase. Systems theoretic process analysis (STPA) seems to be designed specifically to deal with hazard analysis of modern complex systems, but it does not include risk evaluation required by most safety related international standards. So we integrated STPA into Failure Mode and Effect Analysis (FMEA) template to form a new method called system theoretic process analysis based on an FMEA template, STPAFT for shot, which could not only meet all the requirements of the concept phase in ISO26262, but also make full use of the advantages of the two methods. Through the focus of FMEA on low-level components, STPAFT can obtain more detailed causal factors (CFs), which is very helpful for derivation of safety goals (SGs) and the functional safety requirements (FSRs) in the concept phase of ISO26262. The application of STPAFT is described by the case study of fuel level estimation and display system (FLEDS) to show how the concept phase of ISO26262 could be supported by STPAFT.

Download Full-text

ISO 26262 - The Relevance and Importance of Qualitative and Quantitative Methods for Safety and Reliability Issues Regarding the Automotive Industry

Journal of Konbin ◽

10.2478/v10040-008-0175-7 ◽

2010 ◽

Vol 14-15 (1) ◽

pp. 165-176

Author(s):

Marco Schlummer ◽

Dirk Althaus ◽

Andreas Braasch ◽

Arno Meyna

Keyword(s):

Risk Assessment ◽

Automotive Industry ◽

Quantitative Methods ◽

Hazard Analysis ◽

Functional Safety ◽

Automotive Safety ◽

Iso 26262 ◽

Qualitative And Quantitative ◽

Qualitative And Quantitative Methods ◽

Safety And Reliability

ISO 26262 - The Relevance and Importance of Qualitative and Quantitative Methods for Safety and Reliability Issues Regarding the Automotive IndustrySafety and reliability are key issues of today's and future automotive developments, where the involved companies have to deal with increasing functionality and complexity of software-based car functions. New functionalities cannot only be found in the area of driver assistance - most of the new car functions are and will be safety related as for example in vehicle dynamics control or active and passive safety systems. The development and integration of those functions will strengthen the need of safe processes during the system development. The new upcoming automotive standard on functional safety (ISO 26262), which is derived from the generic functional safety standard IEC 61508 to comply with the specific needs to the application sector of E/E-systems in road vehicles, will provide guidance to avoid the increasing risks from systematic faults and random hardware faults by providing feasible processes and requirements. It is evident that aspects and methods of the safety and reliability engineering are implemented and suited methods are performed in the development process at an early stage. This is one of the requirements of the new ISO 26262, which introduces a so called automotive safety lifecycle to handle all those activities that are necessary to guarantee the functional safety of automotive E/E-systems. In the following, a brief overview of the upcoming automotive standard, its new safety life cycle and the connected activities in order to ensure functional safety for safety related systems will be given. The main aim of this paper is to show the relevance and importance of one of the major tasks within the ISO 26262: the process of the hazard analysis and risk assessment as it is currently performed in the automotive industry. With the help of an example from the automotive sector, the basic steps of this method to determine the automotive safety integrity level (ASIL) are explained. Depending on the ASIL, safety requirements need to be derived as a result of the new standard regarding safety integrity attributes. Furthermore, the connection of the automotive functional safety process with methods for qualification and quantification of safety and reliability issues will be explained in this paper. The Fault Tree Analysis will be used to exemplify one of these methods which are applied subsequent to the hazard analysis and risk assessment and which make a contribution to the validation and verification of the safety process.

Download Full-text

Enabling ISO 26262 Compliance with Accelerated Diagnostic Coverage Assessment

Electronics ◽

10.3390/electronics9050732 ◽

2020 ◽

Vol 9 (5) ◽

pp. 732

Author(s):

Frederico Ferlini ◽

Laio Oriel Seman ◽

Eduardo Augusto Bezerra

Keyword(s):

Development Process ◽

Fault Injection ◽

Functional Verification ◽

Description Language ◽

Automotive Safety ◽

Iso 26262 ◽

Safety Integrity Level ◽

Hardware Description ◽

Small Parts ◽

Vehicle Development Process

Modern vehicles are integrating a growing number of electronics to provide a safer experience for the driver. Therefore, safety is a non-negotiable requirement that must be considered through the vehicle development process. The ISO 26262 standard provides guidance to ensure that such requirements are implemented. Fault injection is highly recommended for the functional verification of safety mechanisms or to evaluate their diagnostic coverage capability. An exhaustive analysis is not required, but evidence of best effort through the diagnostic coverage assessment needs to be provided when performing quantitative evaluation of hardware architectural metrics. These metrics support that the automotive safety integrity level—ranging from A (lowest) to D (strictest) levels—was obeyed. In this context, this paper proposed a verification solution in order to build an approach that can accelerate the diagnostic coverage assessment via fault injection in the semiconductor level (i.e., hardware description language). The proposed solution does not require any modification of the design model to enable acceleration. Small parts of the OpenRISC architecture (namely a carry adder, the Tick Timer peripheral, and the exception block) were used to illustrate the methodology.

Download Full-text

ISO 26262 system level functional safety validation for battery management systems in automobiles

2017 Innovations in Power and Advanced Computing Technologies (i-PACT) ◽

10.1109/ipact.2017.8245081 ◽

2017 ◽

Cited By ~ 3

Author(s):

Jihas Khan

Keyword(s):

System Level ◽

Management Systems ◽

Battery Management ◽

Functional Safety ◽

Iso 26262 ◽

Battery Management Systems

Download Full-text

Do globalisation and adoption of IFRS by banks in Africa lead to less earnings management?

Journal of Financial Reporting and Accounting ◽

10.1108/jfra-05-2017-0035 ◽

2019 ◽

Vol 17 (2) ◽

pp. 222-248 ◽

Cited By ~ 2

Author(s):

Mohammed Amidu ◽

Haruna Issahaku

Keyword(s):

Financial Reporting ◽

Design Methodology ◽

Information Quality ◽

Accounting Information ◽

Financial Statements ◽

International Standards ◽

Content Type ◽

Financial Reporting Standards ◽

Accounting Information Quality ◽

National Economies

Purpose This paper aims to analyse the implications of globalisation and the adoption of international standards (International Financial Reporting Standards [IFRS]) for accounting information quality. Design/methodology/approach This paper uses a sample of 329 banks across 29 countries leading up to and beyond the implementation of IFRS to test for related hypotheses. Findings First, banks’ financial statements are prepared on the basis of international standards as national economies are integrated when social norms are diffused. Building on these results, the second test suggests that the relatively high-quality earnings among banks in Africa during the period is attributable to the adoption of and interaction of IFRS with globalisation and the strategy of banks to diversify within and across interest and non-interest income. Originality/value The authors investigate how globalisation and the adoption of IFRS affect accounting information quality.

Download Full-text

Assessing the impact of libraries – the role of ISO 16439

Information and Learning Sciences ◽

10.1108/ils-05-2017-0037 ◽

2018 ◽

Vol 119 (1/2) ◽

pp. 87-93 ◽

Cited By ~ 2

Author(s):

Claire Creaser

Keyword(s):

Design Methodology ◽

International Standards ◽

Content Type ◽

International Standard ◽

The World ◽

The Difference ◽

Library Impact ◽

The Impact

Purpose Library impact and how to evaluate it has been debated for a number of years. While the activity – the busy-ness – of the library is now routinely measured and described, the difference the library makes is less tangible and harder to measure. Libraries in all sectors and worldwide are grappling with this issue, and the purpose of this paper is to summarise international standards available to support them. Design/methodology/approach The first international standard concerning library impact, ISO 16439 Information and documentation – methods and procedures for assessing the impact of libraries, was published in 2014 after several years in development. Findings The standard describes a range of methods for assessing library impact which have been used across the world in a variety of libraries in all sectors. Originality/value This paper summarises the key methods described in the standard, and gives references for further reading.

Download Full-text

Mathematical Approaches in Functional Safety Assessment for E/E/PE Safety-Related Software

International Journal of Reliability Quality and Safety Engineering ◽

10.1142/s0218539321500431 ◽

2021 ◽

pp. 2150043

Author(s):

Shinji Inoue ◽

Takaji Fujiwara ◽

Shigeru Yamada

Keyword(s):

Software Reliability ◽

Safety Assessment ◽

Assessment Method ◽

Functional Safety ◽

Reliability Modeling ◽

Software Failure ◽

Safety Integrity Level ◽

Iec 61508 ◽

Systematic Failure ◽

Quantitative Safety Assessment

Safety integrity level (SIL)-based functional safety assessment is widely required in designing safety functions and checking their validity of electrical/electronic/programmable electronic (E/E/PE) safety-related systems after being issued IEC 61508 in 2010. For the hardware of E/E/PE safety-related systems, quantitative functional safety assessment based on target failure measures is needed for deciding or allocating the level of SIL. On the other hand, IEC 61508 does not provide any quantitative safety assessment method for allocating SIL for the software of E/E/PE safety-related systems because the software failure is treated as a systematic failure in IEC 61508. We discuss the needfulness of quantitative safety assessment for software of E/E/PE safety-related systems and propose mathematical fundamentals for conducting quantitative SIL-based safety assessment for the software of E/E/PE safety-related systems by applying the notion of software reliability modeling and assessment technologies. We show numerical examples for explaining how to use our approaches.

Download Full-text

A Functional Safety Assessment Methodology for Explosion Protection with Application to a Variable Frequency Drive System

Energies ◽

10.3390/en14237872 ◽

2021 ◽

Vol 14 (23) ◽

pp. 7872

Author(s):

Shiguang Li ◽

Xiaojie Wu

Keyword(s):

Safety Assessment ◽

Assessment Method ◽

Variable Frequency ◽

International Electrotechnical Commission ◽

Functional Safety ◽

Variable Frequency Drive ◽

Safety Devices ◽

Safety Integrity Level ◽

Protection Technology ◽

Explosion Protection

Modern explosion protection equipment, protected by traditional explosion protection technology (as defined by the international electrotechnical commission (IEC) publication IEC60079-ff series standards) and electrical/electronic/programmable electronic (E/E/PE) safety-related systems, is becoming ever more complex in coal mine development and petrochemical industry; thus, the possibility of failures in their operation is also growing. It is well-known that E/E/PE safety-related systems can be used to actively control dangerous sources, with real and expected levels of reliability, if they have been qualified according to the IEC61508-ff series standards. To uniformly evaluate the safety integrity level (SIL) of the explosion protection function of traditional explosion protection technology and E/E/PE safety-related system technology, this study analyzed the ability of these types of protection to remove the ignition risk residual, evaluating the failure rates of safety devices. The key objective of this paper is the presentation of a new equipment protection level (EPL) assessment method for explosion protection equipment based on a functional safety assessment. The method is applied to a variable frequency drive (VFD) system, and the results show that the EPL of the explosion protection equipment evaluated by this method is consistent with the EPL corresponding to the traditional explosion protection type of the IEC60079-ff series standard. Meanwhile, the flexible configuration of explosion protection safety devices and E/E/PE safety-related systems enables explosion protection equipment of different EPL levels to be designed.

Download Full-text