BS ISO 26262-1 pdf download – Road vehicles – Functional safety Part 1: Vocabulary

BS ISO 26262-1 pdf download – Road vehicles – Functional safety Part 1: Vocabulary.
NOTE I ConfIguration data cannot contain executable or interpretable code.
NOTE 2 ConfIguration data controls the software build. Onty code, or data selected by configuration data can be included in the executable code.
confirmation measure
confirmation review (1.18), audit (1.5) or assessment (1.4) concerning functional safety (1.51)
1.18
confirmation review
confirmation that a work product meets the requirements of ISO 26262 with the requred level of independence (1.61) of the reviewer
NOTE I A complete list of oonfwniation reviews is given in ISO 262622,
NOTE 2 The goal of confirmation reviews is to ensure compliance with ISO 26262.
1.19
controllability
ability to avoid a specified harm (1.56) or damage through the timely reactions of the persons involved. possibly with support from external measures (1.38)
NOTE I Persons involved can include the driver, passengers or persons in the viciruly of the vehicWs exterior. NOTE 2 The parameter C in hazard analysis and risk assessment (1.58) represents the potential for controllability.
1.20
dedicated measure
measure to ensure the lielure rate (1.41) claimed lithe evaluation of the probability of violation of safety goals (1.108)
EXAMPLE Design feature (such as hardware pail (1.55) over-desIgn (e.g. electncal or thermal stresS rating) or physical separation (eg. spaong of contacts on a pnnted circial board)J; special sample test of incoming material to redr,ca the rIsk (199) of occurrence of talky modes (1 40) contribute to the violation of safely geels, bum.ln test; dedicated control plan
1.21
degradation
strategy for providing safely (1.103) by design after the occurrence of failures (139)
NOTE Degradation can todude recfuced functionality, reck,ced performance, or both reduced functionality and performance
1.22
dependent failures
failures (1.39) whose probability of simultaneous or successive occurrence cannot be expressed as the simple product of the unconditional probabilities of each of them
1.23
detected fault
fault (1.42) whose presence is detected within a prescribed time by a safety mechanism (1.111) that prevents the fault from being latent
EXAMPLE The fault can be detected by a dedicated safety mechanism (1.111) (e.g. detection of the error (1.36) and notifying the driver via an alerting device on the instrument panel) as defined in the functional safety concept (1.52).
1.24
development interface agreement
agreement between customer and supplier in which the responsibilities for activities, evidence or work products to be exchanged by each party are specified
1.25
diagnostic coverage
proportion of the hardware element (1.32) failure rate (1.41) that is detected or controlled by the implemented safety mechanisms (1.111)
NOTE 1 Diagnostic coverage can be assessed with regard to residual faults (1.96) or with regard to latent multiple-
point faults (1.77) that might occur in a hardware element.
NOTE 2 The definition can be represented in terms of the equations given in ISO 26262-5.
NOTE 3 Safety mechanisms implemented at different levels in the architecture (1.3) can be considered.
1.26
diagnostic test interval
amount of time between the executions of online diagnostic tests by a safety mechanism (1.111)
1.27
distributed development
development of an item (1.69) or element (1.32) with development responsibility divided between the customer and supplier(s) for the entire item or element, or for subsystems
NOTE Customer and supplier are roles of the cooperating parties.
1.28
diversity
different solutions satisfying the same requirement with the aim of independence (1.61)
EXAMPLE Diverse programming; diverse hardware.
NOTE Diversity does not guarantee independence, but addresses certain types of common cause failures (1.14).
1.29
dual-point failure
failure (1.39) resulting from the combination of two independent faults (1,42) that leads directly to the violation of a safety goal (1.108)
NOTE 1 Dual-point faures are multiple-point failures (1.76) of order 2.
NOTE 2 Dual-point failures that are addressed in ISO 26262 include those where one fault affects a safety-related element (1.113) and another fault affects the corresponding safety mechanism (1.111) intended to achieve or maintain a safe state (1.102).
NOTE 3 For a dual-point failure to directly violate a safety goal, the presence of both independent faults is necessary, i.e. the violation of a safety goal due to a combination of a residual fault (1.96) with a safe fault (1.101) is not considered a dual-point failure since the residual fault leads to a violation of a safety goal with or without the presence of a second independent fault.