Qualifying Dependent Failure Analysis Within ISO26262: Applicability to Semiconductors

In early 2018, the second edition of ISO 26262:2018 [1] functional safety standard for road vehicles, was released. One of the main challenges in safety analysis is the decision on suitability of dependent failures. Many discussions ensue on the suitability and the potential impact of any common cause or dependent failures. ISO 26262 parts 9 and 11 give guidance of the categories of dependent failures initiators, but how to gauge acceptability is not so easily quantified. There is a lot of excellent literature on calculating failure rates for common causes, but this information may not easily support design teams in assessing the dependency of the 7 groups of dependent failure initiators listed in ISO 26262-9:2018. IEC 61508 uses a grading system based on a series of questions, however it relates any score gained to the beta factors used in calculating failure rates. Ultimately it is desirable for dependent failures analysis to produce a quantitative result, but not one that feeds into failure rates, as many decisions based on failure rates involve software or system level considerations and are systematic rather than random. One other significant factor in the dependent failures analysis is that many products being assessed against ISO 26262 were not originally designed to meet the standard and are being adapted to comply. In this case an assessment of additional safety mechanisms and the quality of them is key. This paper proposes a quantitative approach to grade dependent failures analyses such that an acceptability criterion can be defined for different ASILs.