Functional Safety

Functional Safety is one of the electives in the course. It is the only project that does not require programming. The Nano-Degree has been shortened from 9 months to 6 months. A couple of projects got removed and I am sorry to say this was one of them. As someone with a background in education I can understand that 6 months is better as it fits the regular school or college year better and its easier to keep your calendar in sync with everybody else. You can do a few months break at Christmas and then do a few more months and be done for the summer. But I am sorry to see this project get removed. I will tell you why. My background is varied but back there somewhere I did a Degree called Production Management which was focused on manufacturing. It was only after some time working that I went back to university and did 2 post-grads in Computer Engineering. This means I have a lot more understanding of quality control and ISO standards than most computer engineers. This project implements ISO 26262. I didn’t know anything about it as it is not a manufacturing standard but one especially for automotive functional safety. I knew this would be useful in the kind of companies I wanted to work in and I was keen to see what things had been added to the ISO schemes since I last studied them. In the end we made some very nice professional looking documents and I glad I choose this elective.

Elektrobit (EB) is an award-winning and visionary global supplier of embedded and connected software products and services for the automotive industry.

As usual Udacity have teamed up with an industry leader for their content. This company Elektrobit has been in operation for more than 30 years with more than one Billion devices in more than 100 million vehicles ! That must make them the biggest company that you have never heard of! What many people may not realize is that many parts of cars are made by different companies and the computer systems in cars are often so.

We are lucky to have the nice people at Electrobit take us through their processes and use samples of their actual documentations to teach us how to do functional safety the right way.

 

Dheeraj, Stephanie, and Benjamin from Elektrobit.

For those unfamiliar with ISO or quality control systems they usually involve a defined process with some kind of diagram with lots of jargon to create a standardized approach so different people across a company or industry can read each others documentation and be sure they understand what they are reading. This is so important in an industry where small mistakes could cause loss of life in a car crash.

Outline of the Hazard Analysis and Risk Assessment

The team from Electrobit do a good job of conveying a few key concepts. Safety starts with company culture and the need for safe procedures built into the way a company works and thinks.

Also they are trying to get us to think in a “functional safety” kind of way. This means thinking clearly breaking down concepts into sub-concepts and logically working through implications of designs or design changes throughout an entire design process

They also teach by example. The example they choose is a lane assistance function. Basically a function built into the car that will give some kind of warning to a driver that they are about to leave a lane. Sounds easy enough maybe something to add to the power steering systems. 

If you have not done something like this before you might be shocked at how complex a function can be and how many other subsystems might be involved and how many and what type of requirements we might have to ensure such a function is safe to use.

Here you can see the formal “V model” which is part of the ISO standard. The picture is linked to the ISO website if you want to see their information on it. Basically each step that is described on the diagram is a sub-process that requires thought and documentation.

Summary of ISO 26262 V Model

The documentation that we work through becomes the basis for the project. The project includes the following documents. We are given some templates from Electrobit so they look really nice and professional and are based on real documents.

  • Safety Plan
  • Hazard Analysis and Risk Assessment
  • Functional Safety Concept
  • Technical Safety Concept
  • Software Requirements
Template Cover

You can see the code here on Github

In the end the project proved very insightful about the kind of process we have to work within in the industry and explores the question how do we make cars safe when working in large teams. It was well worth doing and I am proud of the documentation I produced.  If I were writing this course I definitely would want my students to have a good understanding of how to build safety into processes. Having said that I can understand how some people would do the course wishing to focus only on programming and for them there was another elective.