Best Practices for Advanced Modeling of Safety Mechanisms in an FTA

Abstract

To cope with the megatrends electrification, automated driving, and connectivity, new functionalities and electric and/or electronic systems must be developed, which require a safe power supply. This leads to increased functional safety requirements for the power supply system, particularly regarding availability. Fault tolerance measures can be implemented to comply with a safety goal (SG) specifying a safety-related availability requirement. To verify an architecture concerning the residual risk of an SG violation, several quantitative target values are provided in ISO 26262. This technical elaboration presents a systematic and holistic approach how to gain benefit in the quantitative evaluation from cyclic safety mechanisms (SMs)- in a fault tolerant item- which have a fault handling time interval (FHTI) longer than the fault tolerant time interval. Modelling cyclic SMs only based on conventional AND-gates is not sufficient. Instead, the fault sequence is differentiated to enable ISO 26262-compliance. Within this paper, an innovative approach including its mathematical background is presented how cyclic SMs can be modelled in a fault tree analysis- with focus on multiple-point faults. The results are verified by a Monte-Carlo-Simulation. Besides the scalability of the approach regarding the number of considered cyclic SMs, the relevant FHTI of each cyclic SM can be considered in a traceable and comprehensible manner.