道路车辆功能安全 ISO 26262标准(4-4)—系统级产品开发
写在前面
本系列文章主要讲解道路车辆功能安全ISO26262标准的相关知识,希望能帮助更多的同学认识和了解功能安全标准。
若有相关问题,欢迎评论沟通,共同进步。(*^▽^*)
1. 道路车辆功能安全ISO 26262标准
4. ISO 26262-4 系统级产品开发
四、项目集成和测试
4. 系统集成
根据系统的设计,在系统中包含的各个元素应被集成,按照 ISO26262-5 和 ISO26262-6中指定的系统集成测试。
5. 系统测试的测试目标和方法
为检测系统集成过程中的系统故障,依据下面表格中的测试目标和测试方法。
- 系统级功能安全和技术安全需求验证,如下表所示:
| Methods | ASIL | ||||
| A | B | C | D | ||
| 1a | Requirement-based test | ++ | ++ | ++ | ++ |
| 1b | Fault injection test | + | + | ++ | ++ |
| 1c | Back-to-back test | o | + | + | ++ |
| a:A requirements-based test denotes a test against functional and non-functional requirements. b:A fault injection test uses special means to introduce faults into the system. This can be done within the system via a special test interface or specially prepared elements or communication devices. The method is often used to improve the test coverage of the safety requirements, because during normal operation safety mechanisms are not invoked. c:A back-to-back test compares the responses of the test object with the responses of a simulation model to the same stimul, to detect differences between the behaviour of the model and its implementation. | |||||
- 系统级的功能性能,精度和安全机制的时序的正确性,如下表所示:
| Methods | ASIL | ||||
| A | B | C | D | ||
| 1a | Back-to-back test | o | + | + | ++ |
| 1b | Performance test | o | + | + | ++ |
| a:A back-to-back test compares the responses of the test object with the responses of a simulation model to the same stimul, to detect differences between the behaviour of the model and its implementation. b:A performance test can verify the performance (e.g. actuator speed or strength, whole system response times) of the safety mechanisms concerning the system. | |||||
- 系统级的外部和内部接口的一致性和正确性,如下表所示:
| Methods | ASIL | ||||
| A | B | C | D | ||
| 1a | Test of external interfaces | + | ++ | ++ | ++ |
| 1b | Test of internal interfaces | + | ++ | ++ | ++ |
| 1c | Interface consistency check | o | + | ++ | ++ |
| 1d | Test of interaction/communication | ++ | ++ | ++ | ++ |
| a:An interface test of the system includes tests of analogue and digital inputs and outputs, boundary tests, and equivalence-class tests, to completely test the specifed interaces, compatibility, timings, and other specifed characteristics of the system. Internal interfaces of the system can be tested by static tests (e.g. match of plug connectors) as well as by dynamic tests concerning bus communications or any other interface between system elements. b:A communication and interaction test includes tests of the communication system elements,as well as between the system under test and other vehicle systems during runtime, against the functional and non-functional requirements. | |||||
- 系统级的安全机制的诊断覆盖率的有效性,如下表所示:
| Methods | ASIL | ||||
| A | B | C | D | ||
| 1a | Fault injection test | + | + | ++ | ++ |
| 1b | Error guessing test | + | + | ++ | ++ |
| 1c | Test derived from field experience | o | + | ++ | ++ |
| a:A fault injection test uses special means to introduce faults into the system. This can be done within the system via a special test interface, specially prepared elements, or communication devices. The method is often used to improve the test coverage of the safety reguirements, because during normal operation safety measures are not invoked. b:An error guessing test uses expert knowedge and data collected through lessons leared and feld experience to anticipate errors in the system. Then a set of tests along with adequate test facilities is designed to check for these errors. Error guessing is an effective method given a tester who has previous experience with similar systems. | |||||
- 系统级的鲁棒性,如下表所示:
| Methods | ASIL | ||||
| A | B | C | D | ||
| 1a | Resource usage test | o | + | ++ | ++ |
| 1b | Stress test | o | + | ++ | ++ |
| 1c | Test for interference resistance and robustness under certain environmental conditions | ++ | ++ | ++ | ++ |
| a:A fault injection test uses special means to introduce faults into the system. This can be done within the system via a special test interface, specially prepared elements, or communication devices. The method is often used to improve the test coverage of the safety reguirements, because during normal operation safety measures are not invoked. b:An error guessing test uses expert knowedge and data collected through lessons leared and feld experience to anticipate errors in the system. Then a set of tests along with adequate test facilities is designed to check for these errors. Error guessing is an effective method given a tester who has previous experience with similar systems. | |||||
6. 测试目标和测试方法
在整车集成过程中为了检测系统故障,从需求中产生的测试目标,应通过适当的测试方法来解决,下面的表格来阐述。
- 整车级功能安全验证,如下表所示:
| Methods | ASIL | ||||
| A | B | C | D | ||
| 1a | Requirement-based test | ++ | ++ | ++ | ++ |
| 1b | Fault injection test | ++ | ++ | ++ | ++ |
| 1c | Long-term test | ++ | ++ | ++ | ++ |
| 1d | User test under real-life conditions | ++ | ++ | ++ | ++ |
| a:A requirements-based test denotes a test against functional and non-functional requirements. b:A fault injection test uses special means to introduce faults into the item. This can be done within the item via a special test interface or specialy prepared elements or communication devices. The method is often used to improve the test coverage of the safety reauirements, because during normal operation safety mechanisms are not invoked. c:A long-term test and a user test under realife conditions are similar to tests derived from field experience but use a larger sample size, normal users as testers, and are not bound to prior specified test scenarios, but performed under reallife conditions during everyday life. These tests can have limitations if necessary to ensure the safety of the testers, e.g. with additional safety measures disabled actuators. | |||||
- 整车级的功能性能,精度和安全机制的时序的正确性,如下表所示:
| Methods | ASIL | ||||
| A | B | C | D | ||
| 1a | Performance test | + | + | ++ | ++ |
| 1b | Long-term test | + | + | ++ | ++ |
| 1c | User test under real-life conditions | + | + | ++ | ++ |
| a:A performance test can verify the performance (e.g. fault tolerant time intervals and vehicle controllability in the presence of faults) of the safety mechanisms concerning the item. b:A long-term test and a user test under realife conditions are similar to tests derived from field experience but use a larger sample size, normal users as testers, and are not bound to prior specified test scenarios, but performed under reallife conditions during everyday life. These tests can have limitations if necessary to ensure the safety of the testers, e.g. with additional safety measures disabled actuators. | |||||
- 整车级的外部和内部接口的一致性和正确性,如下表所示:
| Methods | ASIL | ||||
| A | B | C | D | ||
| 1a | Test of external interfaces | 0 | + | ++ | ++ |
| 1b | Test of interaction/communication | 0 | + | ++ | ++ |
| a:An interface test at the vehicle level tests the interfaces of the vehicle systems for compatibility. This can be done statically by validating value ranges, ratings or geometries as well as dynamically during operation of the whole vehicle. b:A communication and interaction test includes tests of the communication between the systems of the vehicle during runtime against functional and non-functional requirements. | |||||
- 整车级的安全机制的诊断覆盖率的有效性,如下表所示:
| Methods | ASIL | ||||
| A | B | C | D | ||
| 1a | Fault injection test | o | + | ++ | ++ |
| 1b | Error guessing test | o | + | ++ | ++ |
| 1c | Test derived from field experience | o | + | ++ | ++ |
| a:A fault injection test uses special means to introduce faults into the vehicle. This can be done within the vehicle via a special test interface, specialy prepared hardware or communicaion devices. The method is often used to improve the test coverage of the safety requirements, because during normal operation safety measures are not invoked. b:An error guessing test uses expert knowledge and data collected through lessons learned to anticipate errors in the vehicle.Then a set of tests along with adequate test facilities is designed to check for these errors. Error guessing is an effective method given a tester who has previous experience with similar vehicle applications. c:A test derived from field experience uses the experience and data gathered from the field. Erroneous vehicle behaviour or newly discovered operational situations are analysed and a set of tests is designed to check the vehicle with respect to the new findings. | |||||
- 整车级的鲁棒性,如下表所示:
| Methods | ASIL | ||||
| A | B | C | D | ||
| 1a | Resource usage test | o | + | ++ | ++ |
| 1b | Stress test | o | + | ++ | ++ |
| 1c | Test for interference resistance and robustness under certain environmental conditions | o | + | ++ | ++ |
| 1d | Long-term test | o | + | ++ | ++ |
| a:At the item level, resource usage testing is usually performed in dynamic environments (e.g. lab cars or prototypes ). Issues to test include item internal resources, power consumption or limited resources of other vehicle systems. b:A stress test verifies the correct operation of the vehicle under high operational loads or high demands from the environment.Therefore tests under high loads on the vehicle or with extreme user inputs or requests from other systems as well as tests with extreme temperatures, humidity or mechanical shocks can be applied. c:A test for interference resistance and robustness, under certain environmental conditions, is a special case of stress testing. This includes EMC and ESD tests. d:A long-term test and a user test under realife conditions are similar to tests derived from field experience but use a larger sample size, nommal users as testers, and are not bound to prior specified test scenarios, but performed under real-life conditions everyday life. | |||||
本文章是博主花费大量的时间精力进行梳理和总结而成,希望能帮助更多的小伙伴~ 🙏🙏🙏
后续内容将持续更新,敬请期待(*^▽^*)
欢迎大家评论,点赞,收藏→→→
原文地址:https://blog.csdn.net/eblock/article/details/142526963
免责声明:本站文章内容转载自网络资源,如本站内容侵犯了原著者的合法权益,可联系本站删除。更多内容请关注自学内容网(zxcms.com)!