?
The importance of safety in the development of safety-critical automotive systems has been increasingly growing, especially with the introduction of integrated driver assist and automated driving systems. The ISO 26262: Functional Safety ?Road Vehicles Standard defines safety as the absence of unreasonable risks arising from malfunctioning behavior of the system. However, for some systems potentially hazardous behavior can be caused by the intended functionality, for instance due to a sensor performance limitation. The latter is referred to as the Safety Of The Intended Functionality or SOTIF, and has been introduced by the recently published ISO PAS 21448.
In this paper we present an overview of the ISO PAS 21448. SOTIF by definition deals with the absence of unreasonable risk resulting from functional insufficiencies or due to reasonably foreseeable misuses. Guidance on the applicable design, verification and validation measures needed to achieve SOTIF are discussed. This includes the system specification, identification and evaluation of hazards caused by the intended functionality, and any modifications needed to reduce the risk due to SOTIF. In addition, the verification and validation strategy and activities are discussed as well as the method to accept the residual risk following the SOTIF activities. The expectation is that ISO PAS 21448 is complementing the safety activities performed while following ISO 26262.
Finally, this paper introduces the timeline to publish an international standard on SOTIF, ISO 21448.
