Hello guys, welcome back to our blog. Here in this article, I will discuss the difference between automotive functional safety (ISO 26262) and the safety of the intended functionality (SOTIF – ISO 21448), it’s applications and challenges.

Ask questions if you have any electrical, electronics, or computer science doubts. You can also catch me on Instagram – CS Electrical & Electronics

Automotive Functional Safety (ISO 26262) Vs Safety Of The Intended Functionality (SOTIF – ISO 21448)

In the rapidly evolving automotive industry, ensuring vehicle safety is a top priority, particularly with the advent of autonomous driving and advanced driver assistance systems (ADAS). Two critical standards have emerged to address different aspects of automotive safety: ISO 26262 (Functional Safety) and ISO 21448 (SOTIF – Safety of the Intended Functionality). While both standards aim to mitigate risks, they address different types of hazards. Understanding their scope, differences, and applications is essential for engineers, developers, and safety professionals.

This article provides a comprehensive comparison between ISO 26262 and ISO 21448 (SOTIF) by examining their key objectives, methodologies, applications, and the challenges they address in modern vehicle systems.

Understanding ISO 26262 (Automotive Functional Safety)

ISO 26262 is an international standard dedicated to functional safety in automotive electrical and electronic (E/E) systems. It aims to reduce risks due to system malfunctions by applying rigorous safety measures across the vehicle’s lifecycle.

Key Aspects of ISO 26262:

Hazard Analysis and Risk Assessment (HARA): Identifies potential hazards and assesses their risks based on severity, exposure, and controllability.
Automotive Safety Integrity Levels (ASILs): Classifies risk levels into ASIL A, B, C, and D, with D being the most critical.
V-Model Development Process: Follows a systematic V-model approach covering requirements, design, implementation, verification, and validation.
Fault Handling Mechanisms: Includes redundancy, error detection, and fail-safe designs to mitigate systematic and random hardware failures.
Verification & Validation: Emphasizes testing, fault injection, safety analysis (FTA, FMEA), and software/hardware verification to ensure functional safety compliance.

Applications of ISO 26262

Electric power steering (EPS)
Anti-lock braking systems (ABS)
Electronic stability control (ESC)
Airbag deployment systems
Autonomous driving components (perception, decision-making, actuation)

Limitations of ISO 26262

Focuses primarily on failures due to hardware and software malfunctions.
Does not explicitly address issues arising from misuse cases, design limitations, or unexpected operating conditions.

Understanding ISO 21448 (SOTIF – Safety of the Intended Functionality)

ISO 21448, also known as SOTIF (Safety of the Intended Functionality), extends beyond functional safety by addressing hazards that arise from the intended function of a system, even when no faults or malfunctions occur.

Key Aspects of ISO 21448:

Unintended Behaviors and Limitations: Considers scenarios where sensor limitations, AI perception errors, or software misinterpretations lead to safety-critical situations.
Safety Analysis and Testing Beyond Failures: Evaluates edge cases, challenging operational scenarios, and environmental factors (e.g., adverse weather, poor lighting conditions).
Risk Mitigation through Enhanced Perception & AI Reliability: Improves sensor fusion, deep learning models, and scenario-based testing.
Focus on ADAS & Autonomous Vehicles: Specifically addresses safety risks in modern AI-driven vehicle systems where unintended behaviors can compromise safety.

Applications of ISO 21448

Adaptive cruise control (ACC)
Autonomous emergency braking (AEB)
Lane-keeping assist (LKA)
Object detection using LiDAR, radar, and cameras
Automated parking and driver assistance features

Limitations of ISO 21448

Primarily focuses on perception and decision-making errors, not hardware failures.
Does not replace ISO 26262 but complements it by addressing non-failure-related hazards.

Key Differences Between ISO 26262 and ISO 21448

Feature	ISO 26262 (Functional Safety)	ISO 21448 (SOTIF – Safety of the Intended Functionality)
Focus	System failures and malfunctions	Unintended system behavior despite no failure
Hazards Considered	Electrical, electronic, and software failures	Limitations in AI, perception, and environment-dependent risks
Methodology	ASIL classification, failure analysis, fault injection	Scenario-based testing, performance validation, risk mitigation
Application Areas	Conventional E/E systems like brakes, airbags, steering	ADAS, autonomous systems, perception algorithms
Risk Mitigation	Hardware/software redundancy, fail-safe mechanisms	AI robustness, environmental testing, sensor fusion improvements
Standard Type	Established for safety-critical automotive systems	Emerging standard, primarily for AI and ADAS

How ISO 26262 and ISO 21448 Work Together

While ISO 26262 ensures functional safety by addressing component failures, ISO 21448 ensures the reliability of intended functions even when components work correctly. The two standards complement each other, particularly in modern vehicles equipped with AI-driven systems.

Example Scenario: Autonomous Emergency Braking (AEB)

ISO 26262 Compliance: Ensures that the braking system operates reliably and does not fail due to hardware/software malfunctions.
ISO 21448 Compliance: Ensures that the AEB system correctly identifies obstacles (e.g., distinguishing between a pedestrian and a plastic bag) and does not apply brakes unnecessarily or fail to detect an actual hazard.

Both standards work together to create a comprehensive safety framework that ensures robust vehicle operation in real-world conditions.

Challenges and Future Trends

Challenges in Implementing ISO 26262 and ISO 21448

Integration Complexity: Modern vehicles require both functional safety (ISO 26262) and AI-based safety measures (ISO 21448), leading to complex verification processes.
Testing for Infinite Scenarios: Ensuring the safety of autonomous functions across all possible driving scenarios is challenging.
Standard Evolution: As AI and automation evolve, SOTIF guidelines will continue to be refined to address emerging risks.

Future Trends in Automotive Safety

AI-Driven Safety Verification: Machine learning models for anomaly detection and risk mitigation.
Digital Twin Technology: Simulating real-world driving scenarios to enhance safety validation.
Enhanced Sensor Fusion Techniques: Combining LiDAR, radar, and vision-based AI to improve object detection and environmental awareness.
Regulatory Alignment: Increased global adoption of ISO 26262 & ISO 21448 for safety compliance in autonomous vehicles.

Conclusion

As the automotive industry advances towards higher levels of autonomy, ISO 26262 and ISO 21448 play complementary roles in ensuring vehicle safety. While ISO 26262 focuses on failures due to system malfunctions, ISO 21448 (SOTIF) ensures that intended functionalities do not pose unexpected risks. A holistic approach integrating both standards is essential for developing safe and reliable ADAS and autonomous driving systems.

By understanding the distinctions and synergies between these two standards, automotive engineers, developers, and safety professionals can build more robust and secure vehicle systems that enhance road safety for all users.

This was about “Automotive Functional Safety (ISO 26262) Vs Safety Of The Intended Functionality (SOTIF – ISO 21448)“. Thank you for reading.

Also, read:

About The Author

Chetan Shidling

Automotive | Technical Blogger | Engineer | Content Creator

See author's posts

Share Now