2nd edition ISO 26262 – Interview with the chair of the CTI ISO 26262 Conference USA


Dr Dr h.c. Manfred Broy

Professor Dr Dr h.c. Manfred Broy, Chair Software & Systems Engineering, Department of Informatics, Technical University of Munich, Germany

CTI:
Which are in your opinion the most important changes for companies regarding the 2nd edition ISO 26262?

Prof. Manfred Broy:
While ISO 26262 covers the entire development process of electronic safety-related systems including supporting processes such as software tools used in the design, test, and manufacture of semiconductors its part 5 on hardware development does not have specific guidelines for semiconductors. In the second edition of ISO 26262 there is a new section (part 11) for semiconductor and silicon IP suppliers. It includes sections on improving cyber security in relation to functional safety and extensions to cover trucks, buses, and motorcycles.

CTI:
Which are the most important challenges and chances regarding the contents of the new parts 11 and 12 (semiconductors, motorcycles)?

Prof. Manfred Broy:
The new section (part 11) for semiconductor and silicon IP suppliers includes recommendations for designing ISO 26262 compliant ICs and IP with information about failure rates, transient faults, and diagnostic coverage.

Motorcycles have very specific safety requirements which are not addressed by the existing standard. Now these issues are addressed explicitly.

These are important additions but technology is moving fast and new challenges are around.

CTI:
What are the most interesting and important topics related to functional safety?

Prof. Manfred Broy:
Cyber security is an issue for the connected car. Problems in cyber security may affect safety. Now there are sections on improving cyber security in relation to functional safety. But there is more to do on this topic. Currently, new safety issues are popping up related to advanced assistance and autonomous systems.

CTI:
What are the main safety challenges regarding autonomous driving?

Prof. Manfred Broy:
Safety for autonomous driving requires the step from fail safe to fail operational. This requires much more detailed descriptions of the intended functionality, the nominal behavior in the degraded states leading to questions of “Safety of the Intended Functionality” (SOTIF).

CTI:
Do you think customers will accept autonomous cars and if yes, how fast will customers accept autonomous cars once the safety issues are solved?

Prof. Manfred Broy:
Well, this depends on a number of future developments. Currently, most of the OEMs work hard towards autonomous driving. They made a lot of progress during recent years but still a number of key issues are not solved. Autonomous driving generally uses sub-functionalities that are based on machine learning. However, machine learning results in black boxes with no explicitly specified behavior. Therefore, classical specification and verification techniques are not applicable. These problems have to be solved. As soon as autonomous cars provide the safety we are expecting then this will help to prevent a lot of the accidents caused by human errors. If this comes true autonomous driving may become a must. Apart of that, if you have ever used autonomous driving in the typical traffic situation of today with lots of cars on the road in a situation close to a traffic jam you will find autonomous driving very convenient and relaxing. This makes me believe that customers will accept autonomous cars quickly after the safety issues are solved and first positive experiences are available.