Program 2020

MONDAY, 30 MARCH 2020TUESDAY, 31 MARCH 2020WEDNESDAY, 1 APRIL 2020

SOTIF & AUTONOMOUS DRIVING & FUNCTIONAL SAFETY

8.20

Reception and welcome coffee

8.50

Welcome address by the moderator

Carsten GebauerCarsten Gebauer
Senior Expert
Bosch Center of Competence „Functional Safety“, Robert Bosch GmbH

9.00

ISO/PAS 21448: SOTIF – update and insights from the ISO working group

  • Summary of the Luxemburg meeting
  • New topics
  • Outlook and timeline

Alexander MirmilsteinAlexander Mirmilstein
Customer Safety Engineer
NVIDIA

9.30

Q&A and discussion

9.40

The SOTIF mindset

Carsten GebauerCarsten Gebauer
Senior Expert, Bosch Center of Competence „Functional Safety“
Robert Bosch GmbH

10.10

OMG Safety and Reliability

  • Overview of the new object Management Group Model Based Systems Engineering (MBSE) standard for safety and reliability
  • The new standard defines a standard graphical language for use to support ISO 21448 and ISO 26262
  • Analysis methods included in the standard include HAZOP, ISO 26262 HARA, FTA, FMEA, STPA, and GSN

Kyle PostKyle Post
Vehicle Systems Safety Supervisor
Ford Motor Company

10.40

Q&A and discussion

10.50

Coffee break

11.20

SOTIF risk management for different levels of automation

  • Risk management
  • Automated driving system
  • SOTIF process

Hsing-Hua Fan Krzysztof Pennar

Hsing-Hua Fan, System Safety Engineer, General Motors
Krzysztof Pennar, System Safety Engineer, General Motors

11.50

Analytic based safety requirements development – supports SOTIF

  • Process identifies gaps in the developed safety requirements and analysis
  • Leverages analysis required of the standard(s) in the development and verification for completeness of resultant safety requirements
  • Leverages safety requirements developed to verify completeness of safety analysis performed

Bhargav ChavaBhargav Chava
Functional Safety Engineer
FEV

12.20

Comparison between FUSA and SOTIF from the perspective of a safety architecture

  • Overview of safety architecture in the context of ISO 26262
  • FUSA/SOTIF safety architecture comparison in SCDL application
  • Status of SCDL standardization in ASAM
  • Evolution of SCDL for autonomous driving system

Shuhei Yamashita Stephen Norton

Shuhei Yamashita, Principal Technical Expert/Senior Director, DNV GL Business Assurance Japan K.K.
Stephen Norton, Managing Director, Quint Safety GmbH

12.50

Lunch

1.50

Safety assurance case development for autonomous vehicles at General Motors

  • Outlining safety assessment areas for autonomous vehicle development
  • Creating a complete and consistent safety case across all safety assessment areas
  • Utilizing Goal Structuring Notation (GSN) for safety case development

David Byars Alison Bayzat

David Byars, Autonomous Vehicle System Safety Engineer, General Motors
Alison Bayzat, Autonomous Vehicle System Safety Engineer, General Motors

2.20

Manageable Safety Goals in ADAS

Dr Barbara CzernyDr Barbara Czerny
Technical Fellow Engineering, Functional Safety and Cybersecurity
DURA Automotive Systems

2.50

ASIL determination for fully autonomous vehicle functionality

  • Inherent complexity of decision-making in ASIL determination for fully autonomous vehicle functionality
  • Lack of differentiation between hazards in risk assessment for fully autonomous vehicle functionality
  • Objective criteria for evaluating the complexity of autonomous vehicle functionality that mimics or replaces human decision-making

Dr Jeffrey JoyceDr Jeffrey Joyce
Managing Director
Critical Systems Labs, Inc.

3.20

MPS high ASIL power solutions – centralized vs decomposed

  • Summarizing high ASIL architecture for power solutions
  • Centralized solution pros, cons, and ADAS SoC example
  • Decomposed solution pros, cons, and ADAS SoC example
  • Deciding between centralized and decomposed safety architecture

Jing Y. GuoJing Y. Guo
Technical Marketing Functional Safety Manager
Automotive Monolithic Power Systems

3.50

Coffee break

4.20

Standardization of autonomous driving test scenarios – certification/licensing of autonomous vehicles

  • Current initiatives for certifying autonomous vehicles across geographies
  • Challenges/gaps in existing approaches
  • Proposed stages for certification
  • Recommendations on standardization of test scenarios & certification

Annie Paul Sadanandan

Annie Paul, Competency Manager, TataElxsi
Nijesh Sadanandan, Senior Architect, TataElxsi

4.50

Model based safety goal development/verification (supports SOTIF)

  • Safety goal development based upon application specific vehicle dynamic models
  • Safety goal metric quantification to support required
    Pass/Fail criteria of both controls and validation
  • Safety goal optimization, allowing the presence of a fault for as long a period as possible while vehicle remains in a safe state

Dr David LaRue, Functional Safety Engineer, FEV

5.20

End-to-end challenges for risk management when developing mechatronic products

Matthias MaihöferMatthias Maihöfer
Head of Functional Safety
Schaeffler Technologies AG & Co. KG

CYBERSECURITY AS IT RELATES TO FUNCTIONAL SAFETY

8.20

Reception and welcome coffee

8.50

Welcome address by the moderator

Dr David WardDr David Ward
Head of Functional Safety
MIRA Ltd.

9.00

Update on interactions between safety and security

  • Risk assessment and risk management
  • Product development lifecycle
  • Assessment and assurance activities

Dr David WardDr David Ward
Head of Functional Safety
MIRA Ltd.

9.30

The role of the programming language in safety-/security-critical systems

  • Review of ISO 26262 requirements for programming languages and comparison to DO-178
  • Addressing safety and security concerns of objectoriented language features
  • Hidden complexities of C++
  • Influence on tool qualification

Dr Daniel KästnerDr Daniel Kästner
CTO
AbsInt GmbH

10.00

Automotive system exploitation in the era of ISO 21434

  • Describe current methods of car hacking, and
  • 1 – How these would be thwarted/prevented by correct implementation of ISO 21434
  • 2 – How these would be successful given incorrect implementation of 21434
  • Goal: Demonstrate that 21434 can solve lots of problems if done right, but the success thereof is in the hands of the implementers

Dr Karol NiewiadomskiDr Karol Niewiadomski
Project Manager Functional Safety and Cyber Security
SGS-TÜV Saar GmbH

10.30

Cybersecurity effects on functional safety

  • Translate cybersecurity terms into ASIL terminology

Issak DavidovichIssak Davidovich
VP R&D
C2A Security

11.00

Coffee break

AGILE IN AUTOMOTIVE

11.30

Agile systems engineering for safety and security

  • Systems engineering for automotive E/E development
  • Safety and security requirements and systems engineering methods
  • Scaling agile development for critical systems
  • Ford case study

Dr Christof EbertDr Christof Ebert
Managing Director
Vector Consulting Services

12.00

Agile model-based software development in the context of ISO 26262

  • Automotive standards on agility (ISO 26262 and ASPICE 3.x)
  • Agile approaches to model-based software development – the core concepts of agile methods like Kanban or Scrum
  • Continuous integration in the context of agile software development: Elements of continuous quality assurance

Dr Jan GrabowskiDr Jan Grabowski
Product Application Manager
Model Engineering Solution GmbH

12.30

Adopting Agile/DevOps ALM in automotive & safety-critical development

Peter HallerPeter Haller
Senior Presales
Intland Software

1.00

Lunch

2.00

Functional safety for batteries to support autonomous driving functions

  • Meeting the stringent safety requirements up to ASIL D
  • Avoiding conflicts with other non-safety and safety requirements
  • Safety requirements development methodology including AUTOSAR implementation

Marilyn RouetMarilyn Rouet
Senior System Safety Engineer
IAV Automotive Engineering, Inc.

PRACTICE WITH ISO 26262

2.30

Challenges and lessons learnt in achieving ISO 26262 compliance for pre-existing software from a non-automotive domain

  • Challenges with design and architecture
  • Challenges with tools and tool certification
  • Challenges with process and safety culture

Gurunath RamaswamyGurunath Ramaswamy
Principal Manager
Qualcomm Inc

3.00

Coffee break

3.30

Property based testing of compiler calling conventions

  • Fuzz testing of calling conventions
  • Compiler qualification of the architecture binary interface
  • ISO 26262 tool qualification for compilers

Dr Marcel BeemsterDr Marcel Beemster
CTO
Solid Sands B.V.

4.00

Q&A and discussion

5.00

CTI NETWORKING NIGHT
The CTI networking night is an opportunity to mingle with the participants, speakers, exhibitors and sponsors. Make new business contacts in a relaxed atmosphere, discuss the topics of the day with your colleagues and peers while enjoying delicious food and drinks.

8.30

Reception and welcome coffee

LEGAL ASPECTS

9.00

Functional safety – best practice of product development from a legal perspective in the US and the EU

  • State of the art and technology as legal terms and how to adapt them
  • Agreements between supplier and customer – to be precise or not to be precise
  • Communication and documentation – curse or blessing

Jeffrey Greene Daniel Wuhrmann

Jeffrey Greene, Lawyer, Shareholder, Greenberg Traurig LLP
Daniel Wuhrmann, Attorney at Law (Germany), reuschlaw legal consultants

9.30

Q&A and discussion

9.50

Functional safety requires due care

  • State of the art – legal basis of development
  • Reliability – cornerstone for functional safety
  • Use of consumer components in automotive applications?
  • Testing – passport to SOP

Andreas Reuter
former Syndikus Corporate Legal Services
Robert Bosch GmbH

10.20

Coffee break

DEEP DIVE WORKSHOP INTRODUCING SAFETY OF THE INTENDED FUNCTIONALITY (SOTIF)

Dr David Ward, Head of Functional Safety, MIRA Ltd.
Steve Crozier, MIRA Ltd.

In this workshop we will introduce the concepts and principles of SOTIF, the publicly-available specification ISO/PAS 21448, and some interactive case studies describing the SOTIF approach based on our practical experiences of applying the SOTIF PAS and wider activities.

10.50

Session 1 – introducing SOTIF

  • Functional safety, SOTIF and the wider system safety context
  • Brief overview of ISO/PAS 21448 “Safety of the intended functionality”
  • SOTIF “area” concept for managing complexity and unknowns of automated driving scenarios
  • Introduction to SOTIF approach to different “areas” of scenarios
12.30

Lunch

1.30

Session 2 – case studies

  • Functional and system specification in the context of SOTIF
  • SOTIF hazard analysis and risk assessment
  • SOTIF risk reduction – verification, validation and acceptance
  • Outlook and future directions of SOTIF
3.00

End of conference and workshop