Research On The Method Of Evaluating Safety Integrity Level According To ISO 26262 Standard

Automobile brings convenience to people's life at the same time,but also brings unignored security risks,so that people pay more attention to its safety.With the development of automotive electronics technology in terms of systematization,integrated integration and intelligent,the electrical/electronic/ programmable electronic system(E/E/EP)in the automotive industry has been widely used.Howerver whether its function is safe has been a studied hotspot.To this end,ISO 26262 road vehicle safety standards was introducted to guide the design,development and testing of electronic systems,whose core contains the determination of the Automobile safety integrity level(ASIL).Therefore,in order to realize the accurate and effective evaluation on the ASIL of the automotive electronic system,this paper proposes a Markov dynamic evaluation method based on the 3D risk matrix method(Markov-3DRM)according to ISO 26262 standard.This method combines the simple and easy-to-use features of the 3D risk matrix method with the advantages of the dynamic prediction of the Markov method,and can be targeted to dynamically evaluate the ASIL.Firstly,the function safety of the system is analyzed with proposed method,and the ASIL of different security targets is obtained.Next,the hardware architecture and circuit of the system need to be analyzed in detail to draw the hardware index calculation table and get many hardware index vulue.Then compare the obtained index with the requirements of ISO 26262 to verify whether the functional safety of the system meets the safety requirements.Finally,according to the system architecture to determine the Markov model voting structure,drawing the state transition diagram,establishingthe state transition matrix,the system failure rate of dynamic changes and the influence of different test intervals on the Average Probabilitic Failure rate of an hour's Demonding(PFDavg)are achieved.In this paper,the accelerator pedal signal acquisition circuit in pure electric vehicle controller's drive-control function is taken as an example to evaluate the ASIL.Through the functional safety analysis on the acquisition system,the ASIL level was C.Then through the detailed analyzing on its structure and circuit referring to IEC 62380 standard for the failure data of electronic components,the SPFM of 97.02%,LFM of 92.49%,PHFM of 5.00028*10-9 h-1 was obtained.These indexes meet the requirements of the C-level system.In addition,5 years later,the acquisition circuit will be invalid in the absence of diagnostic tests.In the case of diagnostic tests,the best test interval should be 12 months.the LABCAR hardware in the loop system(HIL)was performed to test the acquisition circuit for a month(730 hours),the accelerator pedal opening degree of the measured values and theoretical values were in good agreement,and showed a maximum error of 1% without any failures.Finally,the reliability estimation of test data using the moment method presented that the reliability for 730 hours to replace 107 hours of testing is 90%.The results show that the method can flexibly represent all events from start to failure,repair to re-failure,and can reflect the static and dynamic changes of system states and the dynamic changes of failure rate and ASIL.This method is flexible and effective in assessing the ASIL,and can provide guidance for the relevant personnel to determine the ASIL and test cycle,and provide reference for the relevant assessment work.