The purpose of this paper is to establish the extended models for determining and evaluating Automotive Safety Integrity Level (ASIL) from ISO 26262 automotive functional safety system. By using 3 intermediate variables, such as hazard, situation and accident into risk in terms of fatalities per year, the linkage strategy of interrelated 3 parameters of exposure, controllability and severity for determining ASIL becomes a clear and quantitative measure for the study.
In addition, the integrated Failure Mode, Effect and Diagnostic Analysis (FMEDA) introduced in this paper evaluates the undetected dangerous faults of ASIL in ISO 26262, as well as, the Safety Failure Fraction (SFF) related faults of Safety Integrity Level (SIL) in IEC 61508. The efficient fault tree gate pattern is presented in this paper to represent the safety mechanism with Self Monitoring and Mitigation System (SMMS). Fault Tree Analysis (FTA), Reliability Block Diagram (RBD) and Event Tree Analysis (ETA) are used to better understand the undetected dangerous faults which includes Single Fault (SF), Residual Fault (RF) and Latent Fault (LF).
Finally, the traceable design process is proposed by using the consistent causal relationship for the unified system of quality, reliability and functional safety. The architecture of the unified system is composed of three levels: Lower level is fault and error in perspective of quality, intermediate level is failure in perspective of reliability and the upper level is hazard, situation, accident and fatalities in perspective of functional safety. Numerical examples for Electronic Control Unit (ECU) are introduced to better comprehend the extended models proposed in this study.