Hello guys, welcome back to our blog. Here in this article, we will discuss how FuSa ASIL levels are assigned in-vehicle hardware and components with hardware and software components, and some real-world examples.

Ask questions if you have any electrical,  electronics, or computer science doubts. You can also catch me on Instagram – CS Electrical & Electronics

• Automotive Cybersecurity Standards: UNECE WP.29 & ISO/SAE 21434
• Why PMSM And BLDC Motors Are Very Popular In Electric Vehicles
• Battery Swapping Vs Fast Charging: Which Is The Future Of EVs

How FuSa ASIL Levels Are Assigned

In Functional Safety (FuSa) for automotive systems, Automotive Safety Integrity Levels (ASIL) are assigned to hardware and software components based on the risk they pose to the vehicle’s operation and the safety of its occupants. The assignment of ASIL levels follows a systematic process defined by the ISO 26262 standard.

Key Factors in ASIL Determination

ASIL levels range from ASIL A (lowest) to ASIL D (highest), with QM (Quality Management) indicating no special safety requirements. The assignment process involves:

Hazard Analysis and Risk Assessment (HARA):

Identifies potential hazards in the system. Assesses each hazard based on three criteria:

• Severity (S): Impact of the hazard (e.g., minor injury to fatality).
• Exposure (E): Frequency of exposure to the hazardous event.
• Controllability (C): Ability of the driver or system to avoid the hazard.

The combination of S, E, and C determines the ASIL level using a decision matrix:

• ASIL A: Low risk (e.g., moderate injuries, rarely occurs, easily controllable)
• ASIL B: Moderate risk
• ASIL C: High risk
• ASIL D: Highest risk (e.g., fatal injuries, frequently occurs, uncontrollable)

System and Functional Safety Requirements:

• Derived from the HARA results.
• Specifies safety goals and requirements to mitigate identified hazards.
• Safety goals are assigned ASIL levels.

Decomposition:

• Complex systems can be divided into smaller components.
• ASIL decomposition allows for reducing the ASIL level of individual components by providing redundancy or alternative mitigation measures.
• Example: A system requiring ASIL D can be split into two ASIL B components.

ASIL Assignment for Hardware Components

Failure Modes and Effects Analysis (FMEA):

• Analyzes potential failure modes of hardware components.
• Determines the impact on system safety and assigns ASIL accordingly.

Fault Tree Analysis (FTA):

• Analyze how component failures contribute to system-level hazards.
• Helps in assigning appropriate ASIL levels to hardware components.

ASIL Assignment for Software Components

Software Failure Modes and Effects Analysis (SFMEA):

• Similar to FMEA but focused on software failures.
• Considers bugs, incorrect logic, and data corruption.

Safety Mechanisms:

• Software safety mechanisms (e.g., watchdog timers, redundancy) are designed based on the assigned ASIL level.
• Higher ASIL levels require more robust and comprehensive safety mechanisms.

Practical Example

Electronic Stability Control (ESC) System:

• Hazard: Loss of vehicle control.
• Severity: S3 (life-threatening injuries).
• Exposure: E4 (likely in certain driving conditions).
• Controllability: C2 (driver may not control in emergencies).
• ASIL Level: ASIL D (highest risk).

Hardware ASIL Assignment:

• Microcontroller (ASIL D)
• Sensor (ASIL C, with redundancy)

Software ASIL Assignment:

• Control Algorithm (ASIL D)
• Diagnostics (ASIL B)

Types Of Examples For ASIL Levels

01. ASIL A (Lowest Safety Risk)

Failures in these systems generally do not pose direct threats to life and usually result in minor inconveniences or discomfort.

• Interior lighting system failure — This failure doesn’t affect driving; it’s simply a comfort feature.
• Infotainment system failure — Loss of navigation or entertainment features, but no direct impact on vehicle operation or safety.
• Power window failure — Causes inconveniences, such as inability to open or close windows, but doesn’t affect vehicle control.
• Radio or Bluetooth disconnection — Affects audio communication and entertainment, not driving safety.
• Seat adjustment motor failure — Minor discomfort due to inability to adjust seating, but no impact on vehicle control.
• Air conditioning failure — Discomfort due to temperature, but no impact on driving or vehicle safety.
• Wiper speed control malfunction (in normal conditions) — May reduce visibility slightly, but not critically in normal weather conditions.
• Failure in ambient lighting control — Affects aesthetic interior lighting without any safety consequences.
• Trunk release mechanism failure — Minor inconvenience if the trunk cannot be opened but has no effect on driving or safety.
• Glovebox lock failure — Security issue rather than a safety concern, since it does not affect the vehicle’s operation.

02. ASIL B (Moderate Safety Risk)

Failures could cause discomfort or minor hazards but are unlikely to lead to severe accidents directly.

• Parking brake sensor failure — This may lead to improper brake engagement when parked, but not a risk while driving.
• Backup camera failure — Reduces situational awareness when reversing, increasing the chance of minor collisions.
• Instrument cluster failure — Loss of information like speed and fuel level; important but not immediately dangerous.
• Daytime Running Lights (DRL) failure — Reduced vehicle visibility to others, potentially increasing accident risk, but generally safe during the day.
• Low beam headlight failure — Reduced visibility at night; however, high beams or other lights can compensate.
• Tire pressure monitoring system (TPMS) failure — Drivers may miss a flat tire warning, leading to potential tire damage or handling issues.
• Heated mirror failure — Reduced visibility in foggy or cold conditions, but manageable without significant risk.
• Side mirror auto-fold failure — Inconvenience in tight spaces or parking, but not a safety hazard.
• Speed limiter malfunction — The driver could unintentionally exceed speed limits, but still within driver control.
• Turn signal failure — Reduces communication with other drivers, increasing the risk of minor collisions.

03. ASIL C (High Safety Risk)

Failures in these systems could contribute to dangerous situations, especially under certain driving conditions.

• Cruise control failure — Unexpected changes in vehicle speed can startle the driver or lead to dangerous situations.
• Anti-lock Braking System (ABS) failure — Without ABS, braking distances increase, especially on slippery surfaces, raising accident risk.
• Electronic Stability Control (ESC) failure — Loss of stability assistance could cause the vehicle to skid or lose control during sudden maneuvers.
• Lane departure warning failure — The driver may unintentionally drift out of the lane without warning, increasing collision risks.
• Adaptive headlight failure — Limited visibility on curves or hills, especially dangerous at night or in poor weather.
• Airbag sensor failure — Risk that airbags might not deploy when needed, significantly increasing injury risks in an accident.
• Brake light failure — Following vehicles might not realize the car is slowing down or stopping, increasing rear-end collision risks.
• Automatic emergency braking (AEB) failure — Vehicle cannot automatically respond to imminent collisions, increasing accident likelihood.
• Collision avoidance system failure — Without this, the vehicle cannot detect and react to potential obstacles, leading to a higher risk of accidents.
• Autonomous driving Level 2 system failure — Sudden disengagement could confuse the driver or cause control issues.

04. ASIL D (Highest Safety Risk)

Failures in these systems can lead to fatal accidents or severe injuries due to their critical role in vehicle control and safety.

• Brake-by-wire system failure — Total loss of braking capability can lead to catastrophic accidents.
• Steer-by-wire failure — Loss of steering control can result in the driver being unable to control the vehicle’s direction.
• Power steering failure — Makes it difficult to steer, particularly at high speeds, increasing accident risk.
• Electronic throttle failure (stuck open/closed) — Sudden unintended acceleration or loss of acceleration, both of which can lead to crashes.
• Failure in traction control system (TCS) — Increases the chance of skidding or losing control on slippery surfaces, especially during acceleration.
• Autonomous driving Level 3+ failure — Inability to safely navigate the vehicle, requiring immediate driver intervention, which may not always be possible.
• ESC system total failure — Without electronic stability, vehicles are more likely to roll over or spin out during extreme maneuvers.
• Airbag deployment failure in a crash — Significantly increases the risk of severe injury or death during a collision.
• Failure in the engine control unit (ECU) leads to stall — Sudden loss of power while driving, particularly dangerous on highways or in heavy traffic.
• Electric vehicle battery management failure — Potential for thermal runaway and fire hazards, especially critical in electric vehicles.

Conclusion

Assigning ASIL levels involves a rigorous process of hazard analysis, risk assessment, and functional safety requirements definition. Both hardware and software components are evaluated based on their potential impact on vehicle safety, leading to appropriate ASIL classifications that ensure compliance with ISO 26262 standards.

This was about “How FuSa ASIL Levels Are Assigned“. Thank you for reading.

Also, read:

• 100 (AI) Artificial Intelligence Applications In The Automotive Industry
• 2024 Is About To End, Let’s Recall Electric Vehicles Launched In 2024
• 50 Advanced Level Interview Questions On CAPL Scripting
• 8 Reasons Why EVs Can’t Fully Replace ICE Vehicles in India
• Advanced Technologies In-Vehicle Infotainment Systems
• Automotive Companies And Their Investment In Technology
• Automotive Cybersecurity Standards: UNECE WP.29 & ISO/SAE 21434
• Automotive Engineers Must Know NCAP Vs GCAP

About The Author

Chetan Shidling

Automotive | Technical Blogger | Engineer | Content Creator

See author's posts