Safety Consulting
Overcome the challenges associated with fail-operational systems and improve functional safety
Our Safety Consulting Services offer hands-on support for developing and analyzing fail-operational systems, focusing on the design and implementation phases of the V-cycle. Tailored methodologies and in-depth training ensure comprehensive support for our customers.
Why choose us?
Our Services
Safety Design
Our service targets stakeholders in the development of fail-operational systems, from vehicle-level E/E architectures and AD systems to components like Steer-by-Wire and software/hardware solutions. We support the entire development lifecycle, from initial concepts and pre-series implementations to full series developments concluding at SOP. We propose solutions that comply with relevant standards such as ISO 26262, while being pragmatic and economically viable.
Proof of Concept
This service perfectly complements our Safety Design offerings. As part of this package, developed concepts are put directly to the test, ensuring practical functionality and effectiveness.
Fail-Operational Methodologies
Our unique set of methodologies is ideal for analyzing fail-operational systems, efficiently handling complex architectures and state explosions that challenge conventional "human" analyses. They also offer valuable guidance on rating availability and answering critical questions like "How independent is independent enough?"
Training on Fail-Operational Systems
This training provides a comprehensive understanding of fail-operational systems, distinguishing them from fail-silent systems. It covers potential architectures and platform requirements for fail-operational systems. Additionally, it introduces the best methodologies for analyzing and optimizing candidate architectures.
We ensure the safety and reliability of the automotive E/E systems through guidance and innovative solutions for fail-operational systems and software-defined vehicles.
Scope
Vehicle level
- Review architecture (or support architecture development from existing ADAS)
- Formal Verification of architecture and/or mapping, Markov modelling
- FSC and TSC review
- Review Customer Requirement Specifications to suppliers for fail-operational compatibility
- Review or develop redundancy concept
- FIT rate evaluation of communication paths incl. residual systematic faults of HW and SW Stacks
- FIT rate evaluation of power supply
- DFA: Ensure „Sufficient Independence“ of redundant paths
- Review suitability of protocols (SOME/IP, DDS, …)
- Develop Concept: ASIL D Network Management / ECU Lifecycle Management
Redundant ECUs
- Review or develop redundancy concept
- TSC review of dual ECUs
- FTA: calculate availability including residual systematic faults of HW/SW Platform /OS (< 10 FIT total)
- DFA: ensure sufficient independence of redundant units (SOCs, OS, BSW, Stacks, …)
Single ECUs
- TSC for fail-silent HW/SW platform as SEooC
- Potential target ASIL B(D) or plain ASIL D
- Assumptions of Use (AoU), Safety Manual
- HW / SW safety measures
- FMEDA: calculate FIT rate considering safety measures
- Safety evaluation of 3rd party SW
Resources
