HOME   Cart(0)   Quotation   About-Us Tax PDFs Standard-List Powered by Google www.ChineseStandard.net Database: 189759 (6 Oct 2024)

GB/T 34590.5-2022 PDF in English


GB/T 34590.5-2022 (GB/T34590.5-2022, GBT 34590.5-2022, GBT34590.5-2022)
Standard IDContents [version]USDSTEP2[PDF] delivered inName of Chinese StandardStatus
GB/T 34590.5-2022English1040 Add to Cart 0-9 seconds. Auto-delivery. Road vehicles -- Functional safety -- Part 5: Product development at the hardware level Valid
GB/T 34590.5-2017English365 Add to Cart 0-9 seconds. Auto-delivery. Road vehicles -- Functional safety -- Part 5: Product development at the hardware level Obsolete
Standards related to (historical): GB/T 34590.5-2022
PDF Preview

GB/T 34590.5-2022: PDF in English (GBT 34590.5-2022)

GB/T 34590.5-2022 GB NATIONAL STANDARD OF THE PEOPLE’S REPUBLIC OF CHINA ICS 43.040 CCS T 35 Replacing GB/T 34590.5-2017 Road Vehicles - Functional Safety - Part 5: Product development at the hardware level (ISO 26262-5:2018, MOD) ISSUED ON: DECEMBER 30, 2022 IMPLEMENTED ON: JULY 1, 2023 Issued by: State Administration for Market Regulation; Standardization Administration of the People’s Republic of China. Table of Contents Foreword ... 4 Introduction ... 8 1 Scope ... 12 2 Normative references ... 13 3 Terms and definitions ... 14 4 Requirements ... 14 4.1 Purpose... 14 4.2 General requirements ... 14 4.3 Interpretations of tables ... 15 4.4 ASIL-dependent requirements and recommendations ... 16 4.5 Adaptation for motorcycles ... 16 4.6 Adaptation for cargo trucks, buses, special vehicles, trailers ... 16 5 General topics for the product development at the hardware level ... 16 5.1 Objectives ... 16 5.2 General ... 16 6 Specification of hardware safety requirements ... 18 6.1 Objectives ... 18 6.2 General ... 18 6.3 Inputs to this clause ... 18 6.4 Requirements and recommendations ... 19 6.5 Work products ... 21 7 Hardware design ... 21 7.1 Objectives ... 21 7.2 General ... 22 7.3 Inputs to this clause ... 22 7.4 Requirements and recommendations ... 23 7.5 Work products ... 29 8 Evaluation of the hardware architectural metrics ... 29 8.1 Objectives ... 29 8.2 General ... 29 8.3 Inputs of this clause ... 30 8.4 Requirements and recommendations ... 31 8.5 Work products ... 36 9 Evaluation of safety goal violations due to random hardware failures ... 36 9.1 Objectives ... 36 9.2 General ... 36 9.3 Inputs to this clause ... 37 9.4 Requirements and recommendations ... 37 9.5 Work products ... 49 10 Hardware integration and verification ... 49 10.1 Objectives ... 49 10.2 General ... 49 10.3 Inputs of this clause ... 49 10.4 Requirements and recommendations ... 50 10.5 Work products ... 52 Annex A (informative) Overview of and workflow of product development at the ... 53 hardware level ... 53 Annex B (informative) Failure mode classification of a hardware element ... 56 Annex C (informative) Hardware architectural metrics ... 58 Annex D (informative) Evaluation of the diagnostic coverage ... 65 Annex F (informative) Example calculation of hardware architectural metrics: "single point fault metric" and "latent-fault metric" ... 89 Annex F (informative) Example for rationale that objectives of Clause 9 in accordance with 4.2 are met... 96 Annex G (informative) Example of a PMHF budget assignment for an item consisting of two systems ... 102 Annex H (informative) Example of latent fault handling ... 106 Bibliography ... 110 Foreword This document was drafted in accordance with the rules provided in GB/T 1.1-2020 Directives for Standardization - Part 1: Rules for the Structure and Drafting of Standardizing Documents. This document is Part 5 of GB/T 34590 Road Vehicles - Functional Safety. GB/T 34590 has issued the following parts: -- Part 1: Vocabulary; -- Part 2: Management of Functional Safety; -- Part 3: Concept Phase; -- Part 4: Product Development at the System Level; -- Part 5: Product Development at the Hardware Level; -- Part 6: Product Development at the Software Level; -- Part 7: Production, Operation, Service and Decommissioning; -- Part 8: Supporting Processes; -- Part 9: Automotive Safety Integrity Level (ASIL)-oriented and Safety-oriented Analyses; -- Part 10: Guideline; -- Part 11: Guidelines on Applications to Semiconductors; -- Part 12: Adaptation for Motorcycles. This document replaces GB/T 34590.5-2017 "Road vehicles - Functional safety - Part 5: Product development at the hardware level". Compared with GB/T 34590.5-2017, the main technical changes in this document are as follows: - Change the scope of application of the standard from "mass-produced passenger cars" to "mass-produced road vehicles other than mopeds" (see Clause 1 of this Edition, Clause 1 of Edition 2017); - Add the suitability requirements for motorcycles (see 4.5 of this Edition); - Add the applicability requirements for cargo trucks, buses, special vehicles and trailers (see 4.6 of this Edition); - Change the title of Clause 5 (see Clause 5 of this Edition, Clause 5 of Edition 2017); - Change the description about the purpose (see 5.1 of this Edition, 5.1 of Edition 2017); - Change Figure 2 (see 5.2 of this Edition, 5.2 of Edition 2017); - Delete the content in 5.3, 5.4, and 5.5 about "inputs, requirements and suggestions, and work products of this Clause" (see Annex D of Edition 2017); - Delete "safety plan (refined)" (see 6.3.1 of Edition 2017); - Add hardware specification (from outside) (see 6.3.2 of this Edition); - Change the description about the purpose (see 7.1 of this Edition, 7.1 of Edition 2017); - Delete the safety plan (refined) (see 7.3.1 of Edition 2017); - Add non-safety-related hardware requirements specification (from outside) (see 7.3.2 of this Edition); - Change Table 1 from "modular hardware design principles" to "hardware architecture design principles" (see 7.4.1.6 of this Edition, 7.4.1.6 of Edition 2017); - Add requirements for noise factors (see 7.4.1.7 of this Edition); - Add requirements for ASIL (A) (see 7.4.3.3 of this Edition); - Add requirements for ASIL (A) (see 7.4.3.4 of this Edition); - Add the content about "provide evidence according to the hardware design verification methods listed in Table 3" (see 7.4.4.1 of this Edition); - Add the requirement to verify the validity of assumptions of SEooC (see 7.4.4.3 of this Edition); - Add requirements for the production, operation, service and scrapping of hardware elements generated during the hardware design process (see 7.4.5.5 of this Edition); - Add the requirements for "additional safety mechanisms" in items a) and b) (see 8.4.4 of this Edition); - Add examples of formulas related to SPFM target values (see 8.4.7 of this Edition); - Change the description of the general provisions (see 9.2 of this Edition, 9.2 of Edition 2017); - Add the content about "ASIL application level of this requirement" (see 9.4.1.1 of this Edition); - Add the content of the argument "to prove that the probability of a single point of failure of a single hardware component is sufficiently low" (see 9.4.1.2 of this Edition); - Add the content of the argument "to prove that the probability of residual failure of a hardware component is sufficiently low" (see 9.4.1.3 of this Edition); - Add the requirements for multiple systems constituting related items (see 9.4.2.3 of this Edition); - Delete the content about "failure rate combination and scale factor conversion" (see 9.4.2.7 of Edition 2017); - Add applicable ASIL levels (see 9.4.3.4 of this Edition); - Delete the content of failure rate conversion (see 9.4.3.12 of Edition 2017); - Add the requirements for acceptable conditions for double-point failures that may be caused by double-point failures (see 9.4.3.12 of this Edition); - Add the content about "conditions leading to possible double-point failure when the requirements of 9.4.3.11 or 9.4.3.12 cannot be met" (see 9.4.3.13 of this Edition); - Change the title of Clause 10 (see Clause 10 of this Edition, Clause 10 of Edition 2017); - Delete the hardware security requirements specification and hardware design specification (see 10.3.1 of Edition 2017); - Delete the project plan (refinement) (see 10.3.2 of Edition 2017); - Add examples and qualification requirements for safety-related hardware components (see 10.4.3 of this Edition); - Change the title of Table 12 (see 10.4.6, 10.4.6 of Edition 2017); - Add hardware integration and verification specifications (see 10.5.1 of this Edition); - Delete the content of "starting product development at the hardware level" (see Clause 5 and Table A.1 of Edition 2017). The revision of this document adopts ISO 26262-5:2018 "Road vehicles - Functional safety - Part 5: Product development at the hardware level". The technical differences between this document and ISO 26262-5:2018 and their reasons are as follows: - Change the description of T&B vehicles from "trucks, buses, trailers and semi-trailers" to "cargo trucks, buses, special vehicles, trailers" (see 4.6 of this Edition, 4.6 of ISO 26262- 5:2018), to be consistent with the vehicle types specified in GB/T 3730.1-2022 "Terms and definitions of motor vehicles, trailers and combination vehicle -- Part 1: Types". Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. The issuing authority shall not be held responsible for identifying any or all such patent rights. Road vehicles - Functional safety - Part 5: Product development at the hardware level 1 Scope This document specifies the requirements for product development at the hardware level for automotive applications, including the following: - general topics for the product development at the hardware level; - specification of hardware safety requirements; - hardware design; - evaluation of the hardware architectural metrics; - evaluation of safety goal violations due to random hardware failures; - hardware integration and verification. This document is intended to be applied to safety-related systems that include one or more electrical and/or electronic (E/E) systems and that are installed in series production road vehicles, excluding mopeds. NOTE: Other specific safety standards can be used as a supplement to this document, and vice versa. Systems and their components that have been released for production or are in development prior to the publication date of this document do not apply to this document. When changes are made to the system and its components that have completed production release before the release of this document, this document tailors the activities of the safety life cycle based on these changes. When a system not developed in accordance with this document is integrated with a system developed in accordance with this document, the safety life cycle needs to be tailored according to this document. This document addresses possible hazards caused by malfunctioning behaviour of safety- related E/E systems, including interaction of these systems. It does not address hazards related to electric shock, fire, smoke, heat, radiation, toxicity, flammability, reactivity, corrosion, release of energy and similar hazards, unless directly caused by malfunctioning behaviour of safety-related E/E systems. This document describes a framework for functional safety to assist the development of safety related E/E systems. This framework is intended to be used to integrate functional safety activities into a company-specific development framework. Some requirements have a clear technical focus to implement functional safety into a product; others address the development process and can therefore be seen as process requirements in order to demonstrate the capability of an organization with respect to functional safety. This document does not address the nominal performance of E/E systems. The requirements of this document for hardware elements are applicable to both non- programmable and programmable elements, such as ASIC, FPGA and PLD. Further guidelines can be found in GB/T 34590.10-2022 and GB/T 34590.11-2022. Annex A provides an overview on objectives, prerequisites and work products of this document. 2 Normative references The following referenced documents are indispensable for the application of this document. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies. GB/T 34590.1-2022, Road vehicles - Functional safety - Part 1: Vocabulary (ISO 26262- 1:2018, MOD) NOTE: There is no technical difference between the referenced content of GB/T 34590.1-2022 and the referenced content of ISO 26262-1:2018. GB/T 34590.2-2022, Road vehicles - Functional safety - Part 2: Management of functional safety (ISO 26262-2:2018, MOD) NOTE: There is no technical difference between the referenced content of GB/T 34590.2-2022 and the referenced content of ISO 26262-2:2018. GB/T 34590.4-2022, Road vehicles - Functional safety - Part 4: Product development at the system level (ISO 26262-4:2018, MOD) NOTE: There is no technical difference between the referenced content of GB/T 34590.4-2022 and the referenced content of ISO 26262-4:2018. GB/T 34590.6-2022, Road vehicles - Functional safety - Part 6: Product development at the software level (ISO 26262-6:2018, MOD) NOTE: There is no technical difference between the referenced content of GB/T 34590.6-2022 and the referenced content of ISO 26262-6:2018. GB/T 34590.7-2022, Road vehicles - Functional safety - Part 7: Production, operation, service and decommissioning (ISO 26262-7:2018, MOD) NOTE: There is no technical difference between the referenced content of GB/T 34590.7-2022 and the referenced content of ISO 26262-7:2018. NOTE 1: The considered failure rate is the hardware part failure rate and does not take into account the effectiveness of the safety mechanisms. NOTE 2: The proportion of safe faults of the hardware part can be considered when determining the coverage of the safety mechanisms. In this case the calculation of the coverage is done analogously to the calculation of the single‑point fault metric, but at the hardware part level instead of at the item level. 9.4.3.8 This requirement applies to ASIL D of the safety goal. A dual-point failure shall be considered plausible if: a) at least one of both hardware parts involved has a diagnostic coverage (with respect to the latent faults) of less than 90%; or b) one of the dual-point faults causing the dual-point failure remains latent for a time longer than the multiple-point fault detection interval as specified in requirement 6.4.8. NOTE: The proportion of safe faults of the hardware part can be considered when determining the coverage of the safety mechanisms. In this case the calculation of the coverage is done analogously to the calculation of the latent fault metric, but at the hardware part level instead of at the item level. 9.4.3.9 This requirement applies to ASIL C of the safety goal. A dual-point failure shall be considered plausible if: a) at least one of both hardware parts involved has a diagnostic coverage (with respect to the latent faults) of less than 80%; or b) one of the dual-point faults causing the dual-point failure remains latent for a time longer than the multiple-point fault detection interval as specified in requirement 6.4.8. NOTE: The proportion of safe faults of the hardware part can be considered when determining the coverage of the safety mechanisms. In this case the calculation of the coverage is done analogously to the calculation of the latent fault metric, but at the hardware part level instead of at the item level. 9.4.3.10 This requirement applies to ASIL C and D of the safety goal. A dual-point failure that is implausible shall be considered compatible with the safety goal target and thus acceptable. 9.4.3.11 This requirement applies to ASIL C and D of the safety goal. A dual-point fault occurring in a hardware part and contributing to a plausible dual-point failure shall be considered acceptable if the corresponding hardware part complies with the targets for the failure rate class ranking and diagnostic coverage (with respect to latent faults) given in Table 9. NOTE 1: The considered failure rate is the hardware part failure rate. Therefore, it does not consider the effectiveness of safety mechanisms. ......
 
Source: Above contents are excerpted from the PDF -- translated/reviewed by: www.chinesestandard.net / Wayne Zheng et al.