Comparing Different Levels of Technical Systems for a Modular Safety Approval—Why the State of the Art Does Not Dispense with System Tests Yet

While systems in the automotive industry have become increasingly complex, the related processes require comprehensive testing to be carried out at lower levels of a system. Nevertheless, the final safety validation is still required to be carried out at the system level by automotive standards like...

Descripción completa

Guardado en:
Detalles Bibliográficos
Autores principales: Björn Klamann, Hermann Winner
Formato: article
Lenguaje:EN
Publicado: MDPI AG 2021
Materias:
T
Acceso en línea:https://doaj.org/article/061e1e2f986643f0bc17a2cd6009d8ab
Etiquetas: Agregar Etiqueta
Sin Etiquetas, Sea el primero en etiquetar este registro!
id oai:doaj.org-article:061e1e2f986643f0bc17a2cd6009d8ab
record_format dspace
spelling oai:doaj.org-article:061e1e2f986643f0bc17a2cd6009d8ab2021-11-25T17:26:13ZComparing Different Levels of Technical Systems for a Modular Safety Approval—Why the State of the Art Does Not Dispense with System Tests Yet10.3390/en142275161996-1073https://doaj.org/article/061e1e2f986643f0bc17a2cd6009d8ab2021-11-01T00:00:00Zhttps://www.mdpi.com/1996-1073/14/22/7516https://doaj.org/toc/1996-1073While systems in the automotive industry have become increasingly complex, the related processes require comprehensive testing to be carried out at lower levels of a system. Nevertheless, the final safety validation is still required to be carried out at the system level by automotive standards like ISO 26262. Using its guidelines for the development of automated vehicles and applying them for field operation tests has been proven to be economically unfeasible. The concept of a modular safety approval provides the opportunity to reduce the testing effort after updates and for a broader set of vehicle variants. In this paper, we present insufficiencies that occur on lower levels of hierarchy compared to the system level. Using a completely new approach, we show that errors arise due to faulty decomposition processes wherein, e.g., functions, test scenarios, risks, or requirements of a system are decomposed to the module level. Thus, we identify three main categories of errors: insufficiently functional architectures, performing the wrong tests, and performing the right tests wrongly. We provide more detailed errors and present examples from the research project UNICAR<i>agil</i>. Finally, these findings are taken to define rules for the development and testing of modules to dispense with system tests.Björn KlamannHermann WinnerMDPI AGarticlesafety validationautomated driving systemsdecompositionmodular safety approvalmodular testingfault tree analysisTechnologyTENEnergies, Vol 14, Iss 7516, p 7516 (2021)
institution DOAJ
collection DOAJ
language EN
topic safety validation
automated driving systems
decomposition
modular safety approval
modular testing
fault tree analysis
Technology
T
spellingShingle safety validation
automated driving systems
decomposition
modular safety approval
modular testing
fault tree analysis
Technology
T
Björn Klamann
Hermann Winner
Comparing Different Levels of Technical Systems for a Modular Safety Approval—Why the State of the Art Does Not Dispense with System Tests Yet
description While systems in the automotive industry have become increasingly complex, the related processes require comprehensive testing to be carried out at lower levels of a system. Nevertheless, the final safety validation is still required to be carried out at the system level by automotive standards like ISO 26262. Using its guidelines for the development of automated vehicles and applying them for field operation tests has been proven to be economically unfeasible. The concept of a modular safety approval provides the opportunity to reduce the testing effort after updates and for a broader set of vehicle variants. In this paper, we present insufficiencies that occur on lower levels of hierarchy compared to the system level. Using a completely new approach, we show that errors arise due to faulty decomposition processes wherein, e.g., functions, test scenarios, risks, or requirements of a system are decomposed to the module level. Thus, we identify three main categories of errors: insufficiently functional architectures, performing the wrong tests, and performing the right tests wrongly. We provide more detailed errors and present examples from the research project UNICAR<i>agil</i>. Finally, these findings are taken to define rules for the development and testing of modules to dispense with system tests.
format article
author Björn Klamann
Hermann Winner
author_facet Björn Klamann
Hermann Winner
author_sort Björn Klamann
title Comparing Different Levels of Technical Systems for a Modular Safety Approval—Why the State of the Art Does Not Dispense with System Tests Yet
title_short Comparing Different Levels of Technical Systems for a Modular Safety Approval—Why the State of the Art Does Not Dispense with System Tests Yet
title_full Comparing Different Levels of Technical Systems for a Modular Safety Approval—Why the State of the Art Does Not Dispense with System Tests Yet
title_fullStr Comparing Different Levels of Technical Systems for a Modular Safety Approval—Why the State of the Art Does Not Dispense with System Tests Yet
title_full_unstemmed Comparing Different Levels of Technical Systems for a Modular Safety Approval—Why the State of the Art Does Not Dispense with System Tests Yet
title_sort comparing different levels of technical systems for a modular safety approval—why the state of the art does not dispense with system tests yet
publisher MDPI AG
publishDate 2021
url https://doaj.org/article/061e1e2f986643f0bc17a2cd6009d8ab
work_keys_str_mv AT bjornklamann comparingdifferentlevelsoftechnicalsystemsforamodularsafetyapprovalwhythestateoftheartdoesnotdispensewithsystemtestsyet
AT hermannwinner comparingdifferentlevelsoftechnicalsystemsforamodularsafetyapprovalwhythestateoftheartdoesnotdispensewithsystemtestsyet
_version_ 1718412327210975232