|
BOOKS
PACKAGES
EDITION
PUBLISHER
CONTENT TYPE
Act
Admin Code
Announcements
Bill
Book
CADD File
CAN
CEU
Charter
Checklist
City Code
Code
Commentary
Comprehensive Plan
Conference Paper
County Code
Course
DHS Documents
Document
Errata
Executive Regulation
Federal Guideline
Firm Content
Guideline
Handbook
Interpretation
Journal
Land Use and Development
Law
Legislative Rule
Local Amendment
Local Code
Local Document
Local Regulation
Local Standards
Manual
Model Code
Model Standard
Notice
Ordinance
Other
Paperback
PASS
Periodicals
PIN
Plan
Policy
Product
Product - Data Sheet
Program
Provisions
Requirements
Revisions
Rules & Regulations
Standards
State Amendment
State Code
State Manual
State Plan
State Standards
Statute
Study Guide
Supplement
Sustainability
Technical Bulletin
All
|
Content DescriptionThis document provides a general argument framework and guidance on measures to ensure the safety of the intended functionality (SOTIF), which is the absence of unreasonable risk due to a hazard caused by functional insufficiencies, i.e.: a) the insufficiencies of specification of the intended functionality at the vehicle level; or b) the insufficiencies of specification or performance insufficiencies in the implementation of electric and/or electronic (E/E) elements in the system. This document provides guidance on the applicable design, verification and validation measures, as well as activities during the operation phase, that are needed to achieve and maintain the SOTIF. This document is applicable to intended functionalities where proper situational awareness is essential to safety and where such situational awareness is derived from complex sensors and processing algorithms, especially functionalities of emergency intervention systems and systems having levels of driving automation from 1 to 5[2]. This document is applicable to intended functionalities that include one or more E/E systems installed in series production road vehicles, excluding mopeds. Reasonably foreseeable misuse is in the scope of this document. In addition, operation or assistance of a vehicle by a remote user or communication with a back office that can affect vehicle decision making is in scope of this document when it can lead to safety hazards. This document does not apply to: —   faults covered by the ISO 26262 series; —   cybersecurity threats; —   hazards directly caused by the system technology (e.g. eye damage from the beam of a lidar); —   hazards related to electric shock, fire, smoke, heat, radiation, toxicity, flammability, reactivity, release of energy and similar hazards, unless directly caused by the intended functionality of E/E systems; and —   deliberate actions that clearly violate the system’s intended use, (which are considered feature abuse). This document is not intended for functions of existing systems for which well-established and well-trusted design, verification and validation (V&V) measures exist (e.g. dynamic stability control systems, airbags). About ISOISO, the International Organization for Standardization, brings global experts together to agree on the best way of doing things – for anything from making a product to managing a process. As one of the oldest non-governmental international organizations, ISO has enabled trade and cooperation between people and companies all over the world since 1946. The International Standards published by ISO serve to make lives easier, safer and better. |
GROUPS
|