1、BSI Standards Publication Motorcycles Functional safety PD ISO/PAS 19695:2015National foreword This Published Document is the UK implementation of ISO/PAS 19695:2015. The UK participation in its preparation was entrusted to Technical Committee AUE/14, Motor cycles and mopeds. A list of organizations
2、 represented on this committee can be obtained on request to its secretary. This publication does not purport to include all the necessary provisions of a contract. Users are responsible for its correct application. The British Standards Institution 2015. Published by BSI Standards Limited 2015 ISBN
3、 978 0 580 87686 8 ICS 43.140 Compliance with a British Standard cannot confer immunity from legal obligations. This Published Document was published under the authority of the Standards Policy and Strategy Committee on 31 December 2015. Amendments/corrigenda issued since publication Date Text affec
4、ted PUBLISHED DOCUMENT PD ISO/PAS 19695:2015 ISO 2015 Motorcycles Functional safety Motocycles Scurit fonctionnelle PUBLICLY AVAILABLE SPECIFICATION ISO/PAS 19695 First edition 2015-12-01 Reference number ISO/PAS 19695:2015(E) PD ISO/PAS 19695:2015 ISO/PAS 19695:2015(E)ii ISO 2015 All rights reserve
5、d COPYRIGHT PROTECTED DOCUMENT ISO 2015, Published in Switzerland All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on the internet or an intra
6、net, without prior written permission. Permission can be requested from either ISO at the address below or ISOs member body in the country of the requester. ISO copyright office Ch. de Blandonnet 8 CP 401 CH-1214 Vernier, Geneva, Switzerland Tel. +41 22 749 01 11 Fax +41 22 749 09 47 copyrightiso.or
7、g www.iso.org PD ISO/PAS 19695:2015 ISO/PAS 19695:2015(E)Foreword v Introduction vi 1 Scope . 1 2 Normative references 1 3 T erms, definitions, and abbr e viat ed t erms . 1 4 Safety management during the concept phase and the product development .2 4.1 Objective . 2 4.2 General . 2 4.3 Input to thi
8、s Clause 2 4.3.1 Prerequisites . 2 4.3.2 Further supporting information . 2 4.4 Requirements and recommendations . 3 4.4.1 General 3 4.4.2 Confirmation measures: Types, independency, and authority 3 4.5 Work products . 5 5 Hazard analysis and risk assessment . 5 5.1 Objective . 5 5.2 General . 5 5.3
9、 Input to this Clause 6 5.3.1 Prerequisites . 6 5.3.2 Further supporting information . 6 5.4 Requirements and recommendations . 6 5.4.1 Initiation of the hazard analysis and risk assessment . 6 5.4.2 Situation analysis and hazard identification 6 5.4.3 Classification of hazardous events . 7 5.4.4 De
10、termination of MSIL . 9 5.4.5 Determination of ASIL and safety goals 10 5.4.6 Verification .11 5.5 Work products 11 6 Vehicle integration and testing .11 6.1 Objectives11 6.2 General 12 6.3 Input to this Clause .12 6.3.1 Prerequisites 12 6.3.2 Further supporting information 12 6.4 Requirements and r
11、ecommendations 12 6.4.1 Vehicle integration 12 6.4.2 Test goals and test methods during vehicle testing 12 6.5 Work products 15 7 Safety Validation 15 7.1 Objectives15 7.2 General 15 7.3 Inputs to this Clause 15 7.3.1 Prerequisites 15 7.3.2 Further supporting information 16 7.4 Requirements and reco
12、mmendation 16 7.4.1 Validation environment 16 7.4.2 Planning of validation .16 7.4.3 Execution of validation 16 7.4.4 Evaluation .17 7.5 Work products 17 ISO 2015 All rights reserved iii Contents Page PD ISO/PAS 19695:2015 ISO/PAS 19695:2015(E)Annex A (informative) Hazard analysis and risk assessmen
13、t for motorcycles 18 Annex B (informative) Ex ample of c ontr ollability classification t echniques 28 Bibliogr aph y .32 iv ISO 2015 All rights reserved PD ISO/PAS 19695:2015 ISO/PAS 19695:2015(E) Foreword ISO (the International Organization for Standardization) is a worldwide federation of nationa
14、l standards bodies (ISO member bodies). The work of preparing International Standards is normally carried out through ISO technical committees. Each member body interested in a subject for which a technical committee has been established has the right to be represented on that committee. Internation
15、al organizations, governmental and non-governmental, in liaison with ISO, also take part in the work. ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of electrotechnical standardization. The procedures used to develop this document and those intended
16、for its further maintenance are described in the ISO/IEC Directives, Part 1. In particular the different approval criteria needed for the different types of ISO documents should be noted. This document was drafted in accordance with the editorial rules of the ISO/IEC Directives, Part 2 (see www.iso.
17、org/directives). Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. ISO shall not be held responsible for identifying any or all such patent rights. Details of any patent rights identified during the development of the document will
18、be in the Introduction and/or on the ISO list of patent declarations received (see www.iso.org/patents). Any trade name used in this document is information given for the convenience of users and does not constitute an endorsement. For an explanation on the meaning of ISO specific terms and expressi
19、ons related to conformity assessment, as well as information about ISOs adherence to the WTO principles in the Technical Barriers to Trade (TBT) see the following URL: Foreword - Supplementary information The committee responsible for this document is ISO/TC 22, Road vehicles, Subcommittee SC 38, Mo
20、torcycles and mopeds. ISO 2015 All rights reserved v PD ISO/PAS 19695:2015 ISO/PAS 19695:2015(E) Introduction This Publicly Available Standard is the adaptation of ISO 26262:2011 (all parts) to comply with needs specific to the application sector of electrical and/or electronic (E/E) systems install
21、ed in motorcycles, and provides the partial tailoring activities of ISO 26262-2:2011, Clause 6, ISO 26262-3:2011, Clause 7, and ISO 26262-4:2011, Clauses 8 and 9. ISO 26262:2011 (all parts) is intended to be applied to safety-related systems that include one or more E/E systems and that are installe
22、d in series production passenger cars with a maximum gross vehicle mass up to 3 500 kg. ISO 26262:2011 (all parts) does not address unique E/E systems in special purpose vehicles such as vehicles designed for drivers with disabilities. The motorcycle industry recognizes the need to use appropriate s
23、afety-related techniques to avoid unreasonable risk resulting from random or systematic faults of E/E systems. Many of the requirements specified in ISO 26262:2011 (all parts) are applicable for E/E systems produced for the motorcycle industry and therefore it was accepted by SC 22 (superseded to SC
24、 38) that the E/E systems developed for motorcycles should be within the scope of ISO 26262:2011 (all parts). However, the adoption of ISO 26262:2011 (all parts) can lead to an inappropriate estimation of motorcycle risk. Therefore, some existing ISO 26262:2011 (all parts) requirements are considere
25、d infeasible for the motorcycle industry, e.g. user test under real-life conditions. Motorcycle Safety Integrity Level (MSIL) is the output of hazard analysis and risk assessment. This is then apportioned between the risk reduction mechanisms and measures assigned to E/E systems using Automotive Saf
26、ety Integrity Level (ASIL) and the risk reduction taken care of by external measures and/or other technologies which are outside the scope of ISO 26262:2011 (all parts) and this Publicly Available Standard. Specifically in the motorcycle industry, a greater proportion of the overall risk reduction i
27、s generally apportioned to external measures (for example, riding rules, training/qualification of riders, personal protective equipment, e.g. helmets and infrastructure features). The worldwide established level of technology (“state-of-the-art”) in the motorcycle industry suggests that ASIL requir
28、ements are not appropriate for motorcycles. This is addressed through the alignment between MSIL and ASIL. It is acknowledged that product development processes and technical solutions within the motorcycle industry are inhomogeneous with those of the automobile industry; therefore, the difference b
29、etween MSIL and ASIL has been made to accommodate worldwide capability. It can be necessary to modify certain requirements, methods, and measures of ISO 26262:2011 (all parts) in order to adapt the standards best practices to match state-of-the-art practices for motorcycle functional safety. Other a
30、reas of ISO 26262:2011 (all parts) which would be affected by inclusion of motorcycles within the scope of the standard have also been identified and necessary changes recommended. The content of this Publicly Available Standard requires consideration and acceptance by SC 32 in order to facilitate t
31、he inclusion of motorcycles within the scope of ISO 26262:2011 (all parts) Edition 2. Figure 1 shows the structure and relation of this Publicly Available Standard and ISO 26262:2011 (all parts).vi ISO 2015 All rights reserved PD ISO/PAS 19695:2015 ISO/PAS 19695:2015(E) F i g u r e 1 O v e r v i e w
32、 o f t h i s P u b l i c l y A v a i l a b l e S t a n d a r d a n d t h e r e l a t i o n t o I S O 2 6 2 6 2 : 2 0 1 1 ( a l l parts) ISO 2015 All rights reserved vii PD ISO/PAS 19695:2015 Motorcycles Functional safety 1 Scope This Publicly Available Standard is intended to be applied to safety-re
33、lated systems that include one or more electrical and/or electronic (E/E) systems and that are installed in series production two- wheeled or three-wheeled motorcycles. This Publicly Available Standard does not address unique E/E systems in special purpose vehicles, such as vehicles designed for com
34、petition. This Publicly Available Standard addresses possible hazards caused by malfunctioning behaviour of E/E safety-related systems, including interaction of these systems. It does not address hazards related to electric shock, fire, smoke, heat, radiation, toxicity, flammability, reactivity, cor
35、rosion, release of energy, and similar hazards, unless directly caused by malfunctioning behaviour of E/E safety-related systems. This Publicly Available Standard does not address the nominal performance of E/E systems, even if dedicated functional performance standards exist for these systems. 2 No
36、rmative references The following documents, in whole or in part, are normatively referenced in this document and are indispensable for its application. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendment
37、s) applies. ISO 26262-1:2011, Road vehicles Functional safety Part 1: Vocabulary ISO 26262-2:2011, Road vehicles Functional safety Part 2: Management of functional safety ISO 26262-3:2011, Road vehicles Functional safety Part 3: Concept phase ISO 26262-4:2011, Road vehicles Functional safety Part 4:
38、 Product development at the system level ISO 26262-5:2011, Road vehicles Functional safety Part 5: Product development at the hardware level ISO 26262-6:2011, Road vehicles Functional safety Part 6: Product development at the software level ISO 26262-8:2011, Road vehicles Functional safety Part 8: S
39、upporting processes ISO 26262-9:2011, Road vehicles Functional safety Part 9: Automotive Safety Integrity Level (ASIL)- oriented and safety-oriented analyses 3 T erms, d efinitions , and abbr e viat ed t erms For the purposes of this document, the terms and definitions given in ISO 26262-1:2011 and
40、the following apply 3.1 expert rider role filled by persons capable of evaluating controllability classifications based on operation of actual motorcycles Note 1 to entry: An expert rider is a rider who has the skill to evaluate controllability, capability to conduct the vehicle test, and PUBLICLY A
41、VAILABLE SPECIFICATION ISO/PAS 19695:2015(E) ISO 2015 All rights reserved 1 PD ISO/PAS 19695:2015 ISO/PAS 19695:2015(E) knowledge to evaluate motorcycle controllability characteristics with respect to a representative riders riding capability. Note 2 to entry: See Annex B for information relating to
42、 the use of expert riders. 3.2 motorcycle safety integrity level MSIL one of four levels that specify the items or elements necessary ISO 26262:2011 (all parts) risk reduction requirements and safety measures to apply for avoiding unreasonable residual risk for items and elements used specifically i
43、n motorcycle applications, with D representing the most stringent and A the least stringent level 4 Safety management during the concept phase and the product development 4.1 Objecti v e The objective of this Clause is to define the independency requirements of confirmation measures associated with
44、ASIL, converted from MSIL. 4.2 General Safety management includes the responsibility to ensure that the confirmation measures are performed. Depending on the applicable ASIL, some confirmation measures require independence regarding resources, management, and release authority (see 4.4). Confirmatio
45、n measures include confirmation reviews, functional safety audits, and functional safety assessments. The confirmation reviews are intended to check the compliance of selected work products to the corresponding requirements of ISO 26262 (all parts). A functional safety audit evaluates the implementa
46、tion of the processes required for the functional safety activities. A functional safety assessment evaluates the functional safety achieved by the item. In addition to the confirmation measures, verification reviews are performed. These reviews, which are required in other parts of ISO 26262, are i
47、ntended to verify that the associated work products fulfil the project requirements, and the technical requirements with respect to use cases and failure modes. Table 1 lists the required confirmation measures. ISO 26262-2:2011, Annex D lists the reviews concerning verification and refers to the app
48、licable parts of ISO 26262. 4.3 Input to this Clause 4.3.1 Pr er equisit es See applicable prerequisites of the relevant phases of the safety lifecycle in which confirmation measures are planned or carried out. 4.3.2 Further supporting information See applicable further supporting information of the
49、 relevant phases of the safety lifecycle in which confirmation measure is planned or carried out.2 ISO 2015 All rights reserved PD ISO/PAS 19695:2015 ISO/PAS 19695:2015(E) 4.4 R equir ements and r ec ommendations 4.4.1 General The organizations involved in the execution of the safety lifecycle shall comply with 4.4.2 for items that have at least one safety goal with an ASIL A, B, or C, unless stated otherwise. 4.4.2 C onfirmation measur es: T ypes, independen cy , and authority 4.4.2.1 Th