实例介绍
【实例简介】
找了好久关于汽车功能安全的资料,发现国内这种资料太少,这本书写的很不错,有需要的拿过去看看。
Hans-Leo ross Functional Safety for road Vehicles New Challenges and Solutions for E-mobility and Automated Driving 空 Springer Hans-Leo ross Lorsch Germany ISBN978-3-319-33360-1 ISBN978-3-319-33361-8( ebook) DOI10.1007978-3-319-33361-8 Library of Congress Control Number: 2016944354 Translation from the German language edition Funktionale sicherheit im Automobil ISO 26262 Systemengineering auf Basis eines Sicherheitslebenszyklus und bewahrten Managementsystemen by Hans-Leo ross. C Carl Hanser Verlag gmbh co. KG. All Rights reserved C Springer International Publishing Switzerland 2016 This work is subject to copyright. All rights are reserved by the Publisher, whether the whole or part of the material is concerned, specifically the rights of translation, reprinting, reuse of illustrations, recitation, broadcasting, reproduction on microfilms or in any other physical way, and transmission or information storage and retrieval, electronic adaptation, computer software, or by similar or dissimilar methodology now known or hereafter developed. The use of general descriptive names, registered names, trademarks, service marks, etc. in this publication does not imply, even in the absence of a specific statement, that such names are exempt from the relevant protective laws and regulations and therefore free for general use The publisher, the authors and the editors are safe to assume that the advice and information in this book are believed to be true and accurate at the date of publication. Neither the publisher nor the authors or the editors give a warranty, express or implied, with respect to the material contained herein or for any errors or omissions that may have been made Printed on acid-free paper This springer imprint is published by springer Nature The registered company is Springer International Publishing AG Switzerland Foreword of the author The German automobile industry took notice of the topic as iec 61508 got pub lished as din en 61508 (VDE 0803)Functional safety-related electric/electronic/ programmable electronic systems'"in 2001. Official correspondence between the VDa and the vdtuvs led to the foundation of akl in FaKRa Facharbeitskreis Automobil--German expert group from vehicle manufacturers and equipment suppliers), a group I became part of when I joined Continental Teves in 2004. In the same year, the first structures for the later ISo 26262 were designed and contact was established to further automobile standardization committees in other countries Especially with France, concrete parameters for the standard were developed. The first meeting of the standardization group of Iso/TC22/SC03/WG16 took place from October 3 1 to November 2, 2015 in Berlin. The biggest delegate groups were from France and Germany besides representatives from other countries such as Japan, the USA, Sweden, Great Britain et cetera. Up to this point, ISo 26262 was still called FAKRA-Norm'(FAKRA-Standard) Safe Tronic 2005(Safety Event from Hanser-Verlag) already addressed the first ideas for future automobile stan dards and the presentations held included 'Best Practices'and methods Until today Safe Tronic supported the development of Iso 26262, which got published as "International Standard in november 2011. This book tries to compile all the background information that has been collected over the years. Moreover, it aims to give a better understanding of safety architecture as a basis for the development of safety-related products Preface The following book is the result of over 20 years of professional experience in the field of functional safety. When I started my career after graduating as an engineer in 1992, plant engineering and construction was highly influenced by catastrophic events such as 'Bhopal'and' Seveso. The first set of rules and regulation which led later to Iec 61508 and Iso 26262 that addressed the issue of functional safety was the Vdi/Vde guideline 2180"Sicherung von Anlagen der Verfahrenstechnik Safeguarding of industrial process plants by means of process control engineering from 1966. However, it only covered the mere process of how to establish a safe environment in such facilities. In 1984 the differentiation between operational safety and safety equipment as well as monitoring and safeguarding equipment were added to the guideline. Thereafter, DIN VDE 31000General guide for designing of technical equipment to satisfy safety requirements,got published which elaborated on the correlation between risk, safety and danger and introduced tolerable risk At this time machinery standards, which prohibited the use of micro-controller for safety applications were still common However, an estab- lished market for safety-related control systems already existed. Different rules and standards defined the base of requirements for examinations, certifications and design of such systems. Those requirements were scaled in requirement classes (AK 1-8)according to DiN V 19250, independently from application or technology and explained a qualitative risk assessment procedure with the help of a risk graph In 1990 DIN V VDE 0801 Principles for computers in safety-related systems was released and in its revision of 1994 terms such as well-proven design prin- ciples'and the usage of consideration item' were added. By then, redundancy was the only known answer to the various risk and requirement classes. However, various measuring principles were already used in measurement and control system engineering in order to detect hazardous situations early The technical rules for steam or the regulations for pressure vessels alread required the redundant measurement of steam and temperature due to safety issues Even the german Water Ecology Act mentioned the filling quantity limit from tanks according to regulations as well as the independent overfill safety device as Preface safety measure. A lot of those safety principals emerged from the safety standards of plant operators and even served as a foundation for official permits or releases Even before in the early sixties dgaC Direction General de l aviation Civil in France), CAa(Civil Aviation Authority)in Great Britain or FAA(Federal Aviation Administration)in USa and the military and space industry defined regulations about"Functional Safety,, but those were not in the focus of the development of standards like IEC 61508 and ISo 26262. due to today' s discussion about ' au tonomous'or automated 'driving those standards become more and more in the focus of the automotive industry. Especially topics such as safety-in-use fail-operational, security, operational safety are becoming important for future revisions of iso 26262 In 1998, at the time I started my job as a sales manager of safety-related control systems, discussions over the early drafts of ieC 61508 took place, especially in countries such as England, the Netherlands and Norway. The scalable redundancy was a known concept so the discussion focused on the distinction between redundancy for safety and availability. Micro-controllers were coupled according to the lockstep principle and could change the program sequence or control logistics during runtime of a plant. Programming software was available, which allowed configuring the safety logic within a defined runtime environment The publication of IEC 61508 introduced a lifecycle approach for safety sys- tems. Additionally, it formulated a process approach for product development and the relations to quality management systems were formulated During my graduate studies at the Faculty of Business and Economy at the University of Basel, I was able to hear a lecture of Prof Dr. Walter Masing, who had a huge impact on quality management systems in germany The introduction of implemented diagnostics for the safety of functions and the electric carrier systems of these functions, respectively, broadened the view of safety architecture. In 1998 I introduced the first passive electronic system in Birmingham, which until SIL 4 was certified according to IEC 61508. I witnessed when the first certificate for a single-channel control system got signed after Safe Tronic in 1999, which took lace in the facilities of tuv-Sud. This system was completely developed according to eC 61508 During VDMA-events(Verein Deutscher Machinen und Anlagenbauer; German machinery and plant engineering association) I reported on my experiences with IEC 61508 regarding plant engineering and its influence on the development of safety-related control systems. In these days, the machinery engineering industry was still heavily influenced by relay technology. Nobody wanted to believe that software-based safety technology would change the industry so drastically and in such a short time by providing new solutions and change existing systems. In 2001 I became the head of product management; the main task was to find new appli cations for new safety systems. Another main topic was 'safe network technology which was so far based on serial link data busses. The challenge was to realize distributed and decentralized safety systems based on dynamic, or situation-, or condition-dependent safety algorithm. The only possible solution turned out to be Ethernet. It was important to make the existing computer or data technology for Preface safety technology easily manageable. In Norway, in the context of diploma theses safety control systems got distributed, which exchanged safety-relevant data within the data network of the Norwegian mineral oil association "Statoil,. The experi ences with the data transfer over satellites between oil platforms and plants ashore or between Norway and Germany as well as various solutions to the pipeline monitoring via radio systems proved that the safety technical data systems were also able to be realized based on ethernet Hans-Leo ross Acknowledgments The plentiful discussions with experts of international standardizations, colleagues within the working groups, universities and presentations as well as the insights of diploma theses and public funding projects have contributed to this book. I would like to thank all the people involved for their shared passion for functional safety Besides all the experts I especially want to thank my wife, who showed a lot of understanding and gave me the freedom and space to write this book Contents 1 ntroduction 1.1 Definitions and Translations from the iso 26262 · 1.2 Error Terms of the Iso 26262 Referenc 2 Why Functional Safety in Road vehicles? 2.1 Risk, Safety and functional safety in automobiles 2.2 Quality management System 13 2.1 Quality Management Systems from the Viewpoint of iso 26262 17 2.3 Advanced Quality Plannin 18 2. 4 Process models 20 2.4.1 V-Models 21 2.42 Waterfall Model 30 2.4.3 Spiral model 2.5 Automotive and Safety Lifecycles 33 2.5.1 Safety Lifecycles for the Development of automotive products 2.5.2 Safety-Lifecycles According to ISo 26262 36 2.5.3 Security- Versus Safety Lifecycles References 38 3 System Engineering · Philosophic back 3.2 Reliability Engineering 43 3.2.1F ation/basis of reliabilit 45 3.2.2 Reliability and S 3.3 Architecture Develo 51 3.3.1 Stakeholder of architectures 53 3.3.2 Views of Architecture 56 3.3.3 Horizontal level of abstraction 58 3.4 Requirements and architecture Development 66 X 【实例截图】
【核心代码】
找了好久关于汽车功能安全的资料,发现国内这种资料太少,这本书写的很不错,有需要的拿过去看看。
Hans-Leo ross Functional Safety for road Vehicles New Challenges and Solutions for E-mobility and Automated Driving 空 Springer Hans-Leo ross Lorsch Germany ISBN978-3-319-33360-1 ISBN978-3-319-33361-8( ebook) DOI10.1007978-3-319-33361-8 Library of Congress Control Number: 2016944354 Translation from the German language edition Funktionale sicherheit im Automobil ISO 26262 Systemengineering auf Basis eines Sicherheitslebenszyklus und bewahrten Managementsystemen by Hans-Leo ross. C Carl Hanser Verlag gmbh co. KG. All Rights reserved C Springer International Publishing Switzerland 2016 This work is subject to copyright. All rights are reserved by the Publisher, whether the whole or part of the material is concerned, specifically the rights of translation, reprinting, reuse of illustrations, recitation, broadcasting, reproduction on microfilms or in any other physical way, and transmission or information storage and retrieval, electronic adaptation, computer software, or by similar or dissimilar methodology now known or hereafter developed. The use of general descriptive names, registered names, trademarks, service marks, etc. in this publication does not imply, even in the absence of a specific statement, that such names are exempt from the relevant protective laws and regulations and therefore free for general use The publisher, the authors and the editors are safe to assume that the advice and information in this book are believed to be true and accurate at the date of publication. Neither the publisher nor the authors or the editors give a warranty, express or implied, with respect to the material contained herein or for any errors or omissions that may have been made Printed on acid-free paper This springer imprint is published by springer Nature The registered company is Springer International Publishing AG Switzerland Foreword of the author The German automobile industry took notice of the topic as iec 61508 got pub lished as din en 61508 (VDE 0803)Functional safety-related electric/electronic/ programmable electronic systems'"in 2001. Official correspondence between the VDa and the vdtuvs led to the foundation of akl in FaKRa Facharbeitskreis Automobil--German expert group from vehicle manufacturers and equipment suppliers), a group I became part of when I joined Continental Teves in 2004. In the same year, the first structures for the later ISo 26262 were designed and contact was established to further automobile standardization committees in other countries Especially with France, concrete parameters for the standard were developed. The first meeting of the standardization group of Iso/TC22/SC03/WG16 took place from October 3 1 to November 2, 2015 in Berlin. The biggest delegate groups were from France and Germany besides representatives from other countries such as Japan, the USA, Sweden, Great Britain et cetera. Up to this point, ISo 26262 was still called FAKRA-Norm'(FAKRA-Standard) Safe Tronic 2005(Safety Event from Hanser-Verlag) already addressed the first ideas for future automobile stan dards and the presentations held included 'Best Practices'and methods Until today Safe Tronic supported the development of Iso 26262, which got published as "International Standard in november 2011. This book tries to compile all the background information that has been collected over the years. Moreover, it aims to give a better understanding of safety architecture as a basis for the development of safety-related products Preface The following book is the result of over 20 years of professional experience in the field of functional safety. When I started my career after graduating as an engineer in 1992, plant engineering and construction was highly influenced by catastrophic events such as 'Bhopal'and' Seveso. The first set of rules and regulation which led later to Iec 61508 and Iso 26262 that addressed the issue of functional safety was the Vdi/Vde guideline 2180"Sicherung von Anlagen der Verfahrenstechnik Safeguarding of industrial process plants by means of process control engineering from 1966. However, it only covered the mere process of how to establish a safe environment in such facilities. In 1984 the differentiation between operational safety and safety equipment as well as monitoring and safeguarding equipment were added to the guideline. Thereafter, DIN VDE 31000General guide for designing of technical equipment to satisfy safety requirements,got published which elaborated on the correlation between risk, safety and danger and introduced tolerable risk At this time machinery standards, which prohibited the use of micro-controller for safety applications were still common However, an estab- lished market for safety-related control systems already existed. Different rules and standards defined the base of requirements for examinations, certifications and design of such systems. Those requirements were scaled in requirement classes (AK 1-8)according to DiN V 19250, independently from application or technology and explained a qualitative risk assessment procedure with the help of a risk graph In 1990 DIN V VDE 0801 Principles for computers in safety-related systems was released and in its revision of 1994 terms such as well-proven design prin- ciples'and the usage of consideration item' were added. By then, redundancy was the only known answer to the various risk and requirement classes. However, various measuring principles were already used in measurement and control system engineering in order to detect hazardous situations early The technical rules for steam or the regulations for pressure vessels alread required the redundant measurement of steam and temperature due to safety issues Even the german Water Ecology Act mentioned the filling quantity limit from tanks according to regulations as well as the independent overfill safety device as Preface safety measure. A lot of those safety principals emerged from the safety standards of plant operators and even served as a foundation for official permits or releases Even before in the early sixties dgaC Direction General de l aviation Civil in France), CAa(Civil Aviation Authority)in Great Britain or FAA(Federal Aviation Administration)in USa and the military and space industry defined regulations about"Functional Safety,, but those were not in the focus of the development of standards like IEC 61508 and ISo 26262. due to today' s discussion about ' au tonomous'or automated 'driving those standards become more and more in the focus of the automotive industry. Especially topics such as safety-in-use fail-operational, security, operational safety are becoming important for future revisions of iso 26262 In 1998, at the time I started my job as a sales manager of safety-related control systems, discussions over the early drafts of ieC 61508 took place, especially in countries such as England, the Netherlands and Norway. The scalable redundancy was a known concept so the discussion focused on the distinction between redundancy for safety and availability. Micro-controllers were coupled according to the lockstep principle and could change the program sequence or control logistics during runtime of a plant. Programming software was available, which allowed configuring the safety logic within a defined runtime environment The publication of IEC 61508 introduced a lifecycle approach for safety sys- tems. Additionally, it formulated a process approach for product development and the relations to quality management systems were formulated During my graduate studies at the Faculty of Business and Economy at the University of Basel, I was able to hear a lecture of Prof Dr. Walter Masing, who had a huge impact on quality management systems in germany The introduction of implemented diagnostics for the safety of functions and the electric carrier systems of these functions, respectively, broadened the view of safety architecture. In 1998 I introduced the first passive electronic system in Birmingham, which until SIL 4 was certified according to IEC 61508. I witnessed when the first certificate for a single-channel control system got signed after Safe Tronic in 1999, which took lace in the facilities of tuv-Sud. This system was completely developed according to eC 61508 During VDMA-events(Verein Deutscher Machinen und Anlagenbauer; German machinery and plant engineering association) I reported on my experiences with IEC 61508 regarding plant engineering and its influence on the development of safety-related control systems. In these days, the machinery engineering industry was still heavily influenced by relay technology. Nobody wanted to believe that software-based safety technology would change the industry so drastically and in such a short time by providing new solutions and change existing systems. In 2001 I became the head of product management; the main task was to find new appli cations for new safety systems. Another main topic was 'safe network technology which was so far based on serial link data busses. The challenge was to realize distributed and decentralized safety systems based on dynamic, or situation-, or condition-dependent safety algorithm. The only possible solution turned out to be Ethernet. It was important to make the existing computer or data technology for Preface safety technology easily manageable. In Norway, in the context of diploma theses safety control systems got distributed, which exchanged safety-relevant data within the data network of the Norwegian mineral oil association "Statoil,. The experi ences with the data transfer over satellites between oil platforms and plants ashore or between Norway and Germany as well as various solutions to the pipeline monitoring via radio systems proved that the safety technical data systems were also able to be realized based on ethernet Hans-Leo ross Acknowledgments The plentiful discussions with experts of international standardizations, colleagues within the working groups, universities and presentations as well as the insights of diploma theses and public funding projects have contributed to this book. I would like to thank all the people involved for their shared passion for functional safety Besides all the experts I especially want to thank my wife, who showed a lot of understanding and gave me the freedom and space to write this book Contents 1 ntroduction 1.1 Definitions and Translations from the iso 26262 · 1.2 Error Terms of the Iso 26262 Referenc 2 Why Functional Safety in Road vehicles? 2.1 Risk, Safety and functional safety in automobiles 2.2 Quality management System 13 2.1 Quality Management Systems from the Viewpoint of iso 26262 17 2.3 Advanced Quality Plannin 18 2. 4 Process models 20 2.4.1 V-Models 21 2.42 Waterfall Model 30 2.4.3 Spiral model 2.5 Automotive and Safety Lifecycles 33 2.5.1 Safety Lifecycles for the Development of automotive products 2.5.2 Safety-Lifecycles According to ISo 26262 36 2.5.3 Security- Versus Safety Lifecycles References 38 3 System Engineering · Philosophic back 3.2 Reliability Engineering 43 3.2.1F ation/basis of reliabilit 45 3.2.2 Reliability and S 3.3 Architecture Develo 51 3.3.1 Stakeholder of architectures 53 3.3.2 Views of Architecture 56 3.3.3 Horizontal level of abstraction 58 3.4 Requirements and architecture Development 66 X 【实例截图】
【核心代码】
标签:
好例子网口号:伸出你的我的手 — 分享!
小贴士
感谢您为本站写下的评论,您的评论对其它用户来说具有重要的参考价值,所以请认真填写。
- 类似“顶”、“沙发”之类没有营养的文字,对勤劳贡献的楼主来说是令人沮丧的反馈信息。
- 相信您也不想看到一排文字/表情墙,所以请不要反馈意义不大的重复字符,也请尽量不要纯表情的回复。
- 提问之前请再仔细看一遍楼主的说明,或许是您遗漏了。
- 请勿到处挖坑绊人、招贴广告。既占空间让人厌烦,又没人会搭理,于人于己都无利。
关于好例子网
本站旨在为广大IT学习爱好者提供一个非营利性互相学习交流分享平台。本站所有资源都可以被免费获取学习研究。本站资源来自网友分享,对搜索内容的合法性不具有预见性、识别性、控制性,仅供学习研究,请务必在下载后24小时内给予删除,不得用于其他任何用途,否则后果自负。基于互联网的特殊性,平台无法对用户传输的作品、信息、内容的权属或合法性、安全性、合规性、真实性、科学性、完整权、有效性等进行实质审查;无论平台是否已进行审查,用户均应自行承担因其传输的作品、信息、内容而可能或已经产生的侵权或权属纠纷等法律责任。本站所有资源不代表本站的观点或立场,基于网友分享,根据中国法律《信息网络传播权保护条例》第二十二与二十三条之规定,若资源存在侵权或相关问题请联系本站客服人员,点此联系我们。关于更多版权及免责申明参见 版权及免责申明
网友评论
我要评论