Functional Safety of Automated Driving Systems: Does ISO 26262 Meet the Challenges?

  • Helmut MartinEmail author
  • Kurt Tschabuschnig
  • Olof Bridal
  • Daniel Watzenig


Today’s innovative automated driving systems (ADS) functions are realised by highly interconnected and networking cyber-physical systems based on existing automated driving assistance systems (ADAS). These interconnections increase the complexity of so-called systems of systems, because automation requires information and interaction with its environment. All possible interactions must be known for the definition of the intended system behaviour in order to identify any malfunctions of ADS, which may propagate over the system boundaries and influence other systems to fail in a harmful way. Hidden links are able to affect unwanted operational system states so that they cannot be perceived as failure modes. For that reason, functional safety is an important topic for reduction of safety-critical risk to cause failures in complex automotive systems.

The chapter presented discusses the application of the automotive functional safety standard ISO 26262 in context of ADS. The following main topics are highlighted: Complexity of automated driving systems, issues concerning availability and reliability, importance of the concept phase and the role of the driver. Furthermore, proposals are made on how to handle these challenges and for feasible enhancements of the current ISO 26262 standard. Existing and promising methods are discussed that deal with the increasing complexity for the development of future ADS.


ADAS Automated driving Functional safety Fail-safe Fail-operational ISO 26262 Safe state 


  1. 1.
    K. Bengler et al., Three Decades of Driver Assistance Systems: Review and Future Perspectives, in Intelligent Transportation Systems Magazine, IEEE 6.4, 2014, pp. 6–22CrossRefGoogle Scholar
  2. 2.
    International Organization for Standardization, ISO 26262—Road Vehicles—Functional Safety, Part 1–10. ISO/TC 22/SC 32—Electrical and Electronic Components and General System Aspects, 15 Nov 2011Google Scholar
  3. 3.
    European Commission, CARE Project: Road Safety Evolution in the EU, Mar 2015, [On-line]\_safety/pdf/observatory/historical\_evol.pdf. Accessed 12 Oct 2015Google Scholar
  4. 4.
    O. Carstena et al., Vehicle-based studies of driving in the real world: the hard truth? Accid. Anal. Prev. 58, 162–174 (2013)CrossRefGoogle Scholar
  5. 5.
    SAE International, SAE J3016—Taxonomy and Definitions for Terms Related to On-Road Motor Vehicle Automated Driving Systems. J3016-201401, 1 Jan 2014Google Scholar
  6. 6.
    National Highway Traffic Safety Administration (NHTSA), Preliminary Statement of Policy Concerning Automated Vehicles, 30 May 2013, [On-line]\_Vehicles\_Policy.pdf. Accessed 12 Oct 2015Google Scholar
  7. 7.
    Austrian Federal Act, Governing the Liability for a Defective Product (Product Liability Act). 21 Jan 1988, [On-line]\_99\_0/1988\_99\_0.pdf. Accessed 12 Oct 2015Google Scholar
  8. 8.
    International Electrotechnical Commission, IEC 61508—Functional Safety of Electrical/Electronic/Programmable Electronic Safety-Related Systems, 2nd edn. TC 65/SC 65A—System aspects, 4 Apr 2010Google Scholar
  9. 9.
    R.W.A. Barnard, What is wrong with Reliability Engineering? INCOSE Int. Symp. 18, 357–365 (2008). doi: 10.1002/j.2334-5837.2008.tb00811.x CrossRefGoogle Scholar
  10. 10.
    N. Leveson, Engineering a Safer World: Systems Thinking Applied to Safety. MIT Press, Jan 2012, [On-line] Accessed 12 Oct 2015
  11. 11.
    H. Butz, Safety and Fault Tolerance in a Complex Human Centred Automation Environment. Innovation Forum Embedded Systems, Munich, 24 Apr 2009, [On-line] Accessed 12 Oct 2015
  12. 12.
    H. Butz, Systemkomplexität methodisch erkennen und vermeiden, in Anforderungsmanagement in der Produktentwicklung, R. Jochem, K. Landgraf (Hrsg) (Symposion Publishing GmbH, Düsseldorf, 2011), pp. 183–217Google Scholar
  13. 13.
  14. 14.
    D. Campos et al., Egas–collaborative biomedical annotation as a service. Proc. Fourth BioCreative Challenge Evaluation Workshop 1, 254–259 (2013)Google Scholar
  15. 15.
    IAV GmbH—Ingenieurgesellschaft Auto und Verkehr, Standardized E-Gas Monitoring Concept for Gasoline and Diesel Engine Control Units, Version 6, 22 Sept 2015, [On-Line] Accessed 12 Oct 2015
  16. 16.
    International Electrotechnical Commission, IEC 60812—Analysis techniques for system reliability—Procedure for failure mode and effects analysis (FMEA), TC 56—Dependability, 26 Jan 2006Google Scholar
  17. 17.
    International Electrotechnical Commission, IEC 61025—Fault tree analysis (FTA). TC 56—Dependability, 13 Dec 2006Google Scholar
  18. 18.
    S. Friedenthal, A. Moore, S. Rick, A Practical Guide to SysML: The Systems Modeling Language, 3rd edn. (Morgan Kaufmann, Amsterdam, 2014)Google Scholar
  19. 19.
    H. Martin et al., Model-based Engineering Workflow for Automotive Safety Concepts. No. 2015-01-0273, SAE Technical Paper, 2015Google Scholar
  20. 20.
    G. Biggs et al., A profile for modelling safety information with design information in SysML. Softw. Syst. Model 15(1), 147–178 (2014). SpringerCrossRefGoogle Scholar
  21. 21.
    B. Meyer, Applying ‘design by contract’. Comput. IEEE 25(10), 40–51 (1992). 2015CrossRefGoogle Scholar
  22. 22.
    J.-P. Blanquart et al., Towards cross-domains model-based safety process, methods and tools for critical embedded systems: The CESAR approach, in Computer Safety, Reliability, and Security, ed. by F. Flammini, S. Bologna, V. Vittorini. Lecture Notes in Computer Science, vol. 6894 (Springer, Berlin, 2011), pp. 57–70CrossRefGoogle Scholar
  23. 23.
    A. Baumgart et al., A model-based design methodology with contracts to enhance the development process of safety-critical systems, in Software Technologies for Embedded and Ubiquitous Systems, ed. by S.L. Min, R. Pettit, P. Puschner, T. Ungerer. Lecture Notes in Computer Science, vol. 6399 (Springer, Berlin, 2011), pp. 59–70CrossRefGoogle Scholar
  24. 24.
    J. Westman et al., Structuring safety requirements in ISO 26262 using contract theory, in Computer Safety, Reliability, and Security, ed. by F. Bitsch, J. Guiochet, M. Kaâniche (Springer, Berlin, 2013), pp. 166–177CrossRefGoogle Scholar
  25. 25.
    A. Benveniste et al., Contracts for System Design. INRIA, Rapport de recherche RR-8147, Nov 2012, [Online] Accessed 12 Oct 2015
  26. 26.
    M. Fischer et al., Modular and scalable driving simulator hardware and software for the development of future driver assistance and automation systems, in New Developments in Driving Simulation Design and Experiments, 2014, pp. 223–229Google Scholar
  27. 27.
    M. Karner, et al., System Level Modeling, Simulation and Verification Workflow for Safety-Critical Automotive Embedded Systems. No. 2014-01-0210, SAE Technical Paper, 2014Google Scholar
  28. 28.
    M. Krammer, H. Martin et al., System Modeling for Integration and Test of Safety-Critical Automotive Embedded Systems. No. 2013-01-0189, SAE Technical Paper, 2013Google Scholar
  29. 29.
    P. Graignic et al., Complex system simulation: Proposition of a MBSE framework for design-analysis integration. Proc. Comput. Sci. 16, 59–68 (2013)CrossRefGoogle Scholar
  30. 30.
    D. Krajzewicz, Traffic simulation with SUMO—Simulation of urban mobility, in Fundamentals of Traffic Simulation, Series: International Series in Operations Research and Management Science, ed. by J. Barceló, vol. 145 (Springer, Berlin, 2010)Google Scholar
  31. 31.
    J. Erdmann, Lane-Changing Model in SUMO. German Aerospace Center (2014), [On-Line]\_Lane\_change\_model\_Template\_SUMO2014.pdf. Accessed 12 Oct 2015Google Scholar
  32. 32.
    A. Rousseau et al., Electric Drive Vehicle Development and Evaluation Using System Simulation, in Proceedings of the 19th IFAC World Congress, 2014, pp. 7886–7891CrossRefGoogle Scholar
  33. 33.
    M. Klauda et al., Automotive Safety und Security aus Sicht eines Zulieferers, 4 Oct 2013, [On-line] Proceedings/Proceedings210/13.pdf. Accessed 12 Oct 2015
  34. 34.
    T. M. Gasser, Legal consequences of an increase in vehicle automation. Bundesanstalt für Straßenwesen, 2013, [On-Line]\_consequences\_of\_an\_increase\_in\_vehicle\_automation.pdf. Accessed 12 Oct 2015Google Scholar
  35. 35.
    H. Winner, W. Wachenfeld, Absicherung automatischen Fahrens, in 6.FAS-Tagung München, 29 Nov 2013, [On-Line] Accessed 12 Oct 2015
  36. 36.
    B. Walker Smith, SAE Levels of Driving Automation. The Center for Internet and Society at Stanford Law School, 18 Dec 2013, [On-line] Accessed 12 Oct 2015
  37. 37.
    H. Winner et al., Handbuch Fahrerassistenzsysteme, 3. Auflage. ATZ/MTZ-Fachbuch, (Springer Fachmedien, Berlin, 2015)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2017

Open Access This chapter is licensed under the terms of the Creative Commons Attribution-NonCommercial 2.5 International License (, which permits any noncommercial use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license and indicate if changes were made.

The images or other third party material in this chapter are included in the chapter's Creative Commons license, unless indicated otherwise in a credit line to the material. If material is not included in the chapter's Creative Commons license and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder.

Authors and Affiliations

  • Helmut Martin
    • 1
    Email author
  • Kurt Tschabuschnig
    • 2
  • Olof Bridal
    • 3
  • Daniel Watzenig
    • 4
  1. 1.Virtual Vehicle Research CenterGrazAustria
  2. 2.Magna Steyr Engineering AG & Co KGGrazAustria
  3. 3.VOLVO Group Trucks TechnologyGothenburgSweden
  4. 4.Institute of Electrical Measurement and Measurement Signal ProcessingVirtual Vehicle Research Center and Graz University of TechnologyGrazAustria

Personalised recommendations