eBook - ePub
Automotive System Safety
Critical Considerations for Engineering and Effective Management
Joseph D. Miller
This is a test
Share book
- English
- ePUB (mobile friendly)
- Available on iOS & Android
eBook - ePub
Automotive System Safety
Critical Considerations for Engineering and Effective Management
Joseph D. Miller
Book details
Book preview
Table of contents
Citations
About This Book
Contains practical insights into automotive system safety with a focus on corporate safety organization and safety management
Functional Safety has become important and mandated in the automotive industry by inclusion of ISO 26262 in OEM requirements to suppliers. This unique and practical guide is geared toward helping small and large automotive companies, and the managers and engineers in those companies, improve automotive system safety. Based on the author's experience within the field, it is a useful tool for marketing, sales, and business development professionals to understand and converse knowledgeably with customers and prospects.
Automotive System Safety: Critical Considerations for Engineering and Effective Management teaches readers how to incorporate automotive system safety efficiently into an organization. Chapters cover: Safety Expectations for Consumers, OEMs, and Tier 1 Suppliers; System Safety vs. Functional Safety; Safety Audits and Assessments; Safety Culture; and Lifecycle Safety. Sections on Determining Risk; Risk Reduction; and Safety of the Intended Function are also presented. In addition, the book discusses causes of safety recalls; how to use metrics as differentiators to win business; criteria for a successful safety organization; and more.
- Discusses Safety of the Intended Function (SOTIF), with a chapter about an emerging standard (SOTIF, ISO PAS 21448), which is for handling the development of autonomous vehicles
- Helps safety managers, engineers, directors, and marketing professionals improve their knowledge of the process of FS standards
- Aimed at helping automotive companies—big and small—and their employees improve system safety
- Covers auditing and the use of metrics
Automotive System Safety: Critical Considerations for Engineering and Effective Management is an excellent book for anyone who oversees the safety and development of automobiles. It will also benefit those who sell and market vehicles to prospective customers.
Frequently asked questions
How do I cancel my subscription?
Can/how do I download books?
At the moment all of our mobile-responsive ePub books are available to download via the app. Most of our PDFs are also available to download and we're working on making the final remaining ones downloadable now. Learn more here.
What is the difference between the pricing plans?
Both plans give you full access to the library and all of Perlego’s features. The only differences are the price and subscription period: With the annual plan you’ll save around 30% compared to 12 months on the monthly plan.
What is Perlego?
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, we’ve got you covered! Learn more here.
Do you support text-to-speech?
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.
Is Automotive System Safety an online PDF/ePUB?
Yes, you can access Automotive System Safety by Joseph D. Miller in PDF and/or ePUB format, as well as other popular books in Technologie et ingénierie & Transport et ingénierie de l'automobile. We have over one million books available in our catalogue for you to explore.
Information
1
Safety Expectations for Consumers, OEMs, and Tier 1 Suppliers
Every business involves sales based on customers trusting that their expectations will be satisfied. This trust by the customer is based on a belief that ethical business practices are the norm and not the exception. The customer expects to be satisfied and receive value for money. No one expects to buy disappointment, and the global automotive business is no different in this regard. To some extent, the belief in ethical business practices is supported by the observance of regulatory enforcement. Media coverage of investigations and recalls adds credibility to this belief. Consumers believe that being treated ethically is a right, not a privilege. There are consumer expectations of performance, prestige, and utility. Part of this utility is trustworthiness.
Trustworthiness
Trustworthiness includes quality, reliability, security, privacy, and safety, and expectations of trustworthiness are increasing. Advocates of quality publish competitive results for quality among competing automotive vehicle suppliers. Competing vehicle suppliers reference these publications in marketing campaigns targeting consumers' belief that they are entitled to the highest quality for their investment in an automobile. Fewer “bugs” in new cars are expected; taking the vehicle back to the dealer in two weeks due to an initial quality defect is no longer acceptable to automotive consumers. The consumer expects improved reliability to be demonstrated by longer life with fewer repairs. Consumers review warranties for length and coverage as a way to improve their confidence that potential future maintenance expense will be manageable. Comparisons are made of warranty repairs to support purchasing decisions. Consumer advocates track reliability for this purpose; it is a product differentiator.
When they purchase a vehicle, consumers expect that the vehicle will be secure and robust against cyber attacks. No loss of service availability is expected due to hacking of vehicle systems. Security of entry mechanisms is expected to be robust against cyber attacks by potential thieves. Even though successful hacks are in the news, it is expected that security considerations sufficient for lifetime protection are included in the vehicle design. If updates are needed, no intrusion or loss of availability is acceptable. Privacy of personal information is expected to be protected, even if some information is used to provide vehicle service. Ethical treatment of data concerning driving behavior, locations visited, and frequently used routes is expected. Permission to share this data may not be assumed. Privacy is considered a right, and enforcement is expected.
Perhaps most important are expectations of safety. Even when advanced convenience features are included in a vehicle, the consumer expects that there is no additional risk. The risk of harm is expected to be the same or less than it was before the features were added. When consumers acquire and operate an automobile, they are demonstrating an acceptance of the risk of operating the vehicle based on the current state of the art, and this state‐of‐the‐art assumption does not include an assumption of increased risk. Consumers may not cognitively be accepting a state‐of‐the‐art risk – they may not even be aware of what the state‐of the‐art risk is at the time of purchase. Nevertheless, they accept it by their actions. They purchase the vehicle knowing that there is a risk of harm when operating a road vehicle. This indicates accepting state‐of‐the‐art risk.
Consumers have an expectation of safety. What is this expectation? How can risk be determined to be consistent with the state of the art at the time of purchase? This determination depends on the definition of safety and how that definition is employed in automotive practice. There are several candidate definitions to consider. Safety has been discussed as meaning “no accidents.” This is aspirational; consumers are expected to welcome the freedom to operate a vehicle without the risk of accidents, especially if such freedom from accidents can be achieved at a reasonable cost. While useful for some analysis [1], the current state of the art for automotive vehicles has not yet advanced to this stage. Convenience features are being added to move in this direction, and vehicle manufactures reaffirm such shared aspirations in their marketing campaigns. The news reports on progress and setbacks along the journey to reach this aspirational goal of automotive technology. Clearly it has not been achieved – it is not yet the state of the art for automotive safety. Still, consumers purchase vehicles knowing there is a risk that they may have an accident and die while driving a vehicle, and they drive anyway. They accept this risk by their actions. Consumers know there is a risk of death to their loved ones who travel in the vehicle they purchase. Still, they drive their loved ones – they have accepted the risk.
Another definition of safety is “absence of unacceptable risk” [2]. The definition may be applied in any situation or scenario, whether related to the automotive industry or not. In this definition, safety is not absolute; the concept of risk is introduced. Risk is defined as the combination of the probability of harm and the severity of that harm. Harm is defined as damage to persons or, more broadly, as damage to persons or property. Acceptable in this context is ambiguous in that it implies that someone defines what risk is acceptable.
A similar definition is the “absence of unreasonable risk” [3]. This definition is also used in non‐automotive scenarios or applications. However, it is the definition chosen for the functional safety standard used in the automotive industry. It seems reasonable to conclude that the consumer accepts that the risk is not unreasonable if they purchase or drive the automobile. While the consumer prefers the risk did not exist at all and that there were never any automotive accidents, by their actions they have shown that they consider the risk not unreasonable when considering the benefits provided by driving. This is the basis for the automotive functional safety standard, ISO 26262.
To not be unreasonable, the risk must not violate the moral norms of society. These moral norms may change over time, as do the expectations of consumers. However, the norms of society are not aspirational. Recalls occur if it is discovered that these norms might be violated due to an issue with a vehicle. Since the current rates of various accidents, including fatal accidents, are the norms of society at the time a vehicle is purchased, they define reasonable risk for the consumer. Consumers decide the risk is not unreasonable when they make the decision to purchase a vehicle. The consumer does not expect that the vehicle will put people at a greater risk than other cars already on the road do – the consumer does not expect to purchase a defective or an inherently unsafe vehicle. Rather, the consumer expects the risk to be the same or less, depending on information they have received through the media or dealership concerning the new state‐of‐the‐art features that are included. Even new features that do not have data to confirm their safety, from years of experience on public roads, are expected to improve, not diminish, the state of the art with respect to safety. Consumers consider this not unreasonable. They consider this safe.
Consumer Expectations
The consumer may choose to purchase a vehicle differentiated by advanced driver‐assistance features not yet included on all the vehicles in service. Even if these advanced driver‐assistance features are available for vehicles on the road, there may not be sufficient data to determine the risk to society of these features. Improvements and additions may be made to these features, or there may be more interactions of these features with other automotive systems that have the potential to cause harm. Now the expectations become less clear because they are not based on data that includes the influence of these advanced systems.
Expectations are influenced by advertising, news data about similar features, and personal experience. There has been much in the news about automated driving without these vehicles being broadly available to consumers. Still, expectations are being influenced by information provided by the media. Media reports of fleets of automated vehicles raise awareness of the many successful test miles as well as any errors or accidents that are publicly reported. This information may raise or lower expectations of advanced driver‐assistance features that have some similarity to automated features. Automated vehicles have control of steering systems and braking systems in a manner similar to emergency braking and lane‐keeping assist systems. Some clarifications might be discerned from the media, which explains the expectations of driver responsibilities and awareness. Expectations of the automated system are clarified; the capability of assistance has limitations.
Nevertheless, such publicity can have the effect of increasing consumer expectations regarding the performance of advanced driver assistance systems (ADAS) that are available. The more publicity there is about automated driving successes, failures, improvements, and goals, the greater the anticipation of its availability. The anticipation of available automated driving features may distort the understanding of the capability of more‐limited features. This has been discussed as leading to a cyclic variation in consumer expectations based on experience. The consumer may not fully appreciate the nuanced limitations of an ADAS.
For example, the consumer may initially have high performance expectations for a follow‐to‐stop radar cruise control system. The consumer expects the system to perform as the driver would perform in all circumstances. This is reinforced by the early experience of having the vehicle slow to a stop automatically while following another vehicle. Gradually this experience leads the driver to not hover a foot over the brake pedal: the driver observes but does not intervene, and confidence starts to build. Then the driver mistakenly expects the Doppler radar cruise control system to stop for a vehicle that was not being followed and that is sitting still at a traffic light. This is consistent with the behavior expected from a human driver. However, the ADAS does not respond because it ignores stationary objects in its field of view that are not being followed, like bridges and trees. This is a technical limitation of the system but is consistent with the requirements of the design. The consumer's mistaken expectations are not satisfied, and the consumer's opinion of the product becomes less favorable.
The expectations of the consumer are not consistent with the required capability of the ADAS. Further, the system sometimes mistakenly brakes when the vehicle in front slows and then changes lanes. The vehicle in front appears to disappear, consistent with the appearance of a stopping vehicle. Consumer sentiment drops further.
The consumer's experience continues with more successful following, acceleration, and proper behavior when changing lanes. In these scenarios, the ADAS reacts in much the same way as a human is expected to react. The consumer's expectations now are being calibrated. The consumer is ready to intervene when the ADAS's limitations are exceeded but does not intervene when the system is capable of handling situations successfully. Overall, the consumer does not feel the risk is unreasonable. The ADAS is not an automated driver, and it will not handle every situation like a human driver. However, it is pretty good; it seems safe.
Unless the consumer has confidence that their expectations of safety are satisfied by a vehicle, they will not purchase that vehicle. This confidence may be influenced by publicity, publicly reported performance and performance comparisons, and word of mouth. It is clear that consumer expectations of safety are critical to the automotive business, because the safety concerns of potential customers can severely limit sales of a vehicle. Tremendous resources are deployed not only to influence these expectations, but, more importantly, to satisfy them.
Vehicle manufacturers (VMs) expend resources to promote the advances they have made to improve crashworthiness. They spend vast resources to continuously improve the crashworthiness of the vehicles they intend to manufacture. Resources are provided to support development of improved passive safety systems to protect occupants and pedestrians during an accident. Included in these resources are not only provisions for development engineers, but also resources for engineering quality, safety management, and execution of the safety process. These resources are deployed by both the original equipment manufacturer (OEM) and suppliers. Each has its own process and resources to ensure the safety of its own products. They may share and coordinate resources for joint development of safety‐related systems; safety resources must be managed effectively in both individual and joint developments. Effective management of a safety organization is discussed in Chapter 2...