ASIL Decomposition: The Good, the Bad, and the Ugly

Paper #:
  • 2013-01-0195

Published:
  • 2013-04-08
Citation:
D'Ambrosio, J. and Debouk, R., "ASIL Decomposition: The Good, the Bad, and the Ugly," SAE Technical Paper 2013-01-0195, 2013, https://doi.org/10.4271/2013-01-0195.
Pages:
7
Abstract:
ASIL decomposition is a method described in the ISO 26262 standard for the assignment of ASILs to redundant requirements. Although ASIL decomposition appears to have similar intent to the hardware fault tolerance concept of IEC 61508-2, ASIL decomposition is not intended to reduce ASIL assignments to hardware elements for random hardware failures, but instead focuses on functions and requirements in the context of systematic failures. Based on our participation in the development of the standard, the method has been applied in different ways in practice, not all of which are fully consistent with the intent of the standard. Two potential reasons that may result in the use of “modified” ASIL algebra include the need of OEMs to partition a system and specify subsystem requirements to suppliers and the need for designers to construct systems bottom up. Constructing systems bottom up has the goal of achieving a target system level ASIL from component elements that have some notion of ASIL already associated with them. In this paper, we examine the origins of ASIL decomposition in the ISO 26262 standard, potential benefits and limitations of the approach, and by examining publications on this subject, how it is currently being applied in industry programs.
Access
Now
SAE MOBILUS Subscriber? You may already have access.
Buy
Select
Price
List
Download
$28.00
Mail
$28.00
Members save up to 42% off list price.
Share
HTML for Linking to Page
Page URL

Related Items

Standard
2015-07-08
Standard
1987-05-01
Standard
2012-10-15
Book
1996-04-01
Training / Education
2018-04-09