Achieve iso 26262 certification

© Programming Research
www.programmingresearch.com
Achieving ISO 26262 Compliance
with QA·C & QA·C++
Adrian Hunt
Pre-Sales Consultant

2
Agenda
• Overview
• Automotive Safety Integrity Levels
• ISO 26262 Qualifications
• Classification of Tools
• ISO 26262 Compliance with PRQA Tools
• ISO 26262 Compliance Tables
• Coding Standards
• Certification Report

3
Overview
• ISO 26262 is an adaptation of the IEC 61508 functional
safety standard for electronic / electrical /
programmable electronic safety-related systems.
• ISO 26262 focuses on the specific needs of electrical
and/or electronic systems installed in series-production
passenger cars, and applies to all activities within the
safety lifecycle of these safety related systems.
• As the complexity of a system increases, the risk of
systematic failures and random hardware failures
increases.

4
Overview
• Examples of systems for which the standard was
developed include:
 Driver assistance
 Propulsion and vehicle dynamics control
 Active and passive safety systems
• The standard includes guidance that helps developers
mitigate these risks through the provision of
appropriate requirements and processes.

5
Automotive Safety Integrity Levels
• ISO 26262 introduces four Automotive Safety Integrity Levels (ASIL A –
D), where ASIL D represents the most stringent level.
• This allows different methods to be applied depending upon the ASIL of
the system at a functional level.
IEC 61508
SIL level
ISO 26262
ASIL level
Consequences of a failure
1 A Potential for minor injuries
2 B Possible major injuries or one fatality
3 C Possible fatalities
4 D Possible fatalities in the community
Less critical
More critical
Note: The letter levels follows the opposite pattern when compared to DO-178B

6
ISO 26262 Qualification
• The method used to verify these requirements must
be qualified
• Why?
– Evidence that the method used are suitable for use in a safety
critical project
– Confidence that the method proceeds correctly and doesn’t
introduce bugs
• Software automation is the only effective option

7
ISO 26262 Qualification - Methods
• Allowed qualification methods
• Confidence from use
• Evaluation of the development process
• Validation of the software tool
• Development in compliance with a safety
standard
• Choose an uncertified tool and certify it yourself?
• Time and money!
• Choose a professional tool from respected company
• Choose a tool certified by a specialist certification
company

8
Classification of Tools
Class T1 tools : cannot introduce defects into the code, even if they malfunction
no requirement to formally justify them
Class T2 tools: tools which test or verify code cannot themselves introduce a fault into the code
however, they can fail to detect existing faults.
Class T3 tools: can / will introduce defects directly into the compiled code

9
Classification of Tools
Class T2 and T3 tools must be justified – there must be evidence that the tools can meet the
requirements demanded of them.
Additionally, tools in class T2 and T3 must be deployed in accordance with a ‘Safety Manual’ which
ensures that the tool is installed, configured and operated correctly.

10
ISO 26262 Compliance with PRQA Tools
• QA·C 8.1.2 with MISRA-C and QA·C++ 3.1 with an extended MISRA C++
have been certified by SGS TÜV-SAAR as fit for purpose to develop safety
related software up to ASIL D according to ISO 26262.
• Safety Manual
• QA·C with MISRA C
• ISO 26262 Certificate
• Report to the Certificate
• Safety Manual
• QA·C with MISRA C++ Extended
• ISO 26262 Certificate
• Report to the Certificate

11
ISO 26262 Compliance with PRQA Tools

12
ISO 26262 Compliance Tables
• Part 6 of ISO 26262 addresses product development at the software
level including several tables that define the methods that must be
considered in order to achieve compliance with the standard.
• The following tables identify where QA·C with MISRA C (referred to
as “QA·C”) and QA·C++ with MISRA C++ Extended (referred to as
“QA·C++”) can be used to ensure and demonstrate compliance.
• For each method, the degree of recommendation to use the
corresponding method depends on the ASIL and is categorized as
follows:
– “++” indicates that the method is highly recommended for the identified ASIL;
– “+” indicates that the method is recommended for the identified ASIL;
– “o” indicates that the method has no recommendation for or against its usage for
the identified ASIL.

13
Table 1 – Topics to be covered by modelling and coding
guidelines
“++” indicates that the method is highly recommended for the identified ASIL;
“+” indicates that the method is recommended for the identified ASIL;
“o” indicates that the method has no recommendation for or against its usage for the identified ASIL.

14
Table 3 – Principles of software architectural design

15
Table 8 – Design principles for software design and
implementation

16
Table 9 – Methods for the verification of software unit
design and implementation

17
Coding Standards
• Prevent the use of undefined or unspecified behavior
• Prevent the programmer making common mistakes
• Limit the use of certain constructs
• Remove potential ambiguity
• Restrict library usage
JSF++
MISRA
C++
C++
HIC+
+

18
Coding Standards

19
Certification Report
The analysis results are fully certified
along with our report generation.

20
Certification Report – Example 1

21
Certification Report – Example 2

22
Summary
• QA·C with the MISRA C Compliance Module and QA·C++ with
the MISRA C++ Extended Compliance Module have been
certified as “fit for purpose” for achieving compliance with ISO
26262.
• The time and cost of meeting many of the standard’s
requirements associated with development at the software level
can be reduced by using these tools.
• The long history of widespread use of QA·C and QA·C++ in
automotive development, demonstrates its suitability for use
within this industry.
• QA·C and QA·C++ with MISRA are highly effective tools for any
company that needs to achieve ISO 26262 compliance for its
products.

23
Thank you
Whitepaper: http://www.programmingresearch.com/resources/, incl:
 Achieving ISO 26262 Compliance with QA·C and QA·C++
 Independent Research on MISRA C Compliance Tools
 MISRA: An Overview
 MISRA C:2012
 The Best Coding Standards Eliminate Bugs
Webinar: http://www.programmingresearch.com/resources/, incl:
 An introduction to MISRA C:2012
 Software Development For Safety-Critical Environments, How Safe Are You?
 An Overview of Coding Standards
Video: http://www.programmingresearch.com/resources/, incl:
 Principals of Functional Safety with ISO 26262
 Coding Standard Compliance – Some Facts and Some Fallacies
Training: http://www.programmingresearch.com/services/training/, incl:
 The MISRA C:2012 (2-day public and onsite)
Additional resources

Achieve iso 26262 certification

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Viewers also liked

Viewers also liked (14)

Similar to Achieve iso 26262 certification

Similar to Achieve iso 26262 certification (20)

Recently uploaded

Recently uploaded (20)

Achieve iso 26262 certification