For Robert Bosch GmbH, Fraunhofer IESE analyzed the functional safety of the Retrofit Efficiency Module retrofit solution for logistics companies based on ISO 26262.
Last modified:
What it is about:
What it is about: Fraunhofer IESE examines the functional safety of Bosch’s intelligent speed control system
The challenge:
Determining requirements for the necessary safety assurance
The support:
Fraunhofer IESE performs safety analyses and risk assessment
The result:
Concept for functional safety assurance created
Your benefits:
Fraunhofer IESE is your partner for security technology
The Retrofit Efficiency Module retrofit solution from Bosch enables trucks to connect their existing vehicle speed control system to Cloud-based services – to save fuel and integrate company logistics. It is linked to existing interfaces in the vehicle and constantly adjusts the speed control using intelligent real-time analyses of vehicle data, inclines, and vehicle-specific efficiency levels – without any intervention from the driver.
Fraunhofer IESE examined the functional safety of the system based on ISO 26262, analyzing how the retrofit affects the vehicle. In particular, faults such as the unintentional repeated execution of a function must not lead to any impairment of the vehicle’s safety.
The Retrofit Efficiency Module solution is to be installed in vehicles from different manufacturers as a retrofit solution. As speed control is safety-critical in itself, every manufacturer has safeguards against hazards such as unintentional starting or unintentional acceleration. The solution must not impair any of these safeguards, nor may it itself cause faults that are not already safety-assured.
The associated challenges in the project were:
Fraunhofer IESE provided support with its experience in safety analyses in accordance with ISO 26262. In consultation with the Bosch engineering team, the IESE experts analyzed the existing safety concept. The analyses took into account the specific system architecture of the retrofit solution.
First, the system was examined, and a hazard and risk analysis was carried out. The latter determines which safety goals must be met for speed control systems. Based on this, a Component Fault Tree (CFT) analysis was performed, which indicates which faults of a component might contribute to a safety goal violation. Furthermore, safety mechanisms were identified that prevent safety goal violations. The determination of system requirements means that a safety goal violation is only possible in the event of extremely unlikely double or multiple faults. In addition to the fault tree analysis with CFTs, the Failure Mode Effect Analysis (FMEA) looks at how faults in the Retrofit Efficiency Module solution affect the vehicle. It must be ensured that the speed control system provides appropriate safety mechanisms to prevent safety goal violations. Moreover, the Retrofit Efficiency Module interfaces must not lead to other unintentional impairments of the vehicle.
The results were examined together with the Bosch engineering team so that they can be taken into account in the further development of the retrofit solution.
Says Michael Distel, Senior Project Manager, Robert Bosch GmbH:
The joint project with Fraunhofer IESE gave the Retrofit Efficiency Module solution from Bosch the certainty that the architecture used can be deployed. The risk of having to halt development due to safety concerns regarding the system architecture could be eliminated. The analyses revealed the requirements to be imposed on the vehicle. These were documented in a concept. Now, safety concerns no longer stand in the way of further development of the Retrofit Efficiency Module.
Fraunhofer Institute for Experimental Software Engineering IESE