What is Automotive Software Testing?
Modern cars include many embedded systems to improve the safety and comfort of drivers and passengers by providing functions such as adaptive cruise control and tyre-pressure monitoring.
Many of the embedded systems used in modern cars are safety-critical. For these systems, it is essential that the software is checked to ensure that it functions correctly, as even slight faults could result in serious injury.
Functional safety checks for safety-critical automotive applications may include:
- Functional testing to ensure that the software meets high- and low-level requirements.
- Worst-case execution time analysis to ensure that time-critical sections of code (such as those used in airbag deployment) meet timing deadlines
- Structural coverage analysis to ensure that structural elements of the code (such as statements) have been tested to an acceptable degree
What is ISO-26262?
ISO 26262 is an international functional safety standard for electric and electronic systems in all production vehicles. The standard aims to address the possible dangers caused by malfunctioning automotive systems. Initially published in 2011 as an adaptation of the Functional Safety standard IEC 61508, it was updated in 2018 to extend its scope from only covering passenger cars to covering all road vehicles except mopeds.
One of the key characteristics of the ISO 26262 standard is the use of a qualitative risk measurement system (safety integrity levels) to ensure adequate safety measures in an automotive project.
ASIL (Automotive Safety Integrity Level)
Automotive Safety Integrity Level is a classification system used in ISO 26262 to express the degree of risk should a component fail, and the level of risk reduction needed to prevent a hazard in an automotive system. There are 4 ASILs, A to D, where level A systems are those that represent the lowest risk on failure, and level D systems represent the highest risk. Should an ASIL D system fail, there could be potential for loss of life, and as such these systems have much stricter compliance requirements and require the highest level of assurance to demonstrate that safety measures are sufficient.
If the risk associated with a component is very low, a fifth ASIL criteria, “Quality Management” is used. This means that no safety measures are required for that component in accordance with ISO 26262.