GB/T 34590.8-2022 Road vehicles — Functional safety — Part 8: Supporting processes
1 Scope
This document specifies the requirements for supporting processes, including the following:
— interfaces within distributed developments;
— overall management of safety requirements;
— configuration management;
— change management;
— verification;
— documentation management;
— confidence in the use of software tools;
— qualification of software components;
— evaluation of hardware elements;
— proven in use argument;
— interfacing an application that is out of scope of GB/T 34590;
— integration of safety-related systems not developed according to GB/T 34590.
This document is applicable to safety-related systems including one or more electrical/electronic systems installed in series production road vehicles, excluding mopeds.
This document does not apply to unique electrical/electronic systems in special vehicles, such as, vehicle systems designed for drivers with disabilities.
Note: Other dedicated application-specific safety standards exist and can complement this document or vice versa.
Systems and their components released for production, or systems and their components already under development prior to the publication date of this document, are exempted from the scope of this edition. This document addresses alterations to existing systems and their components released for production prior to the publication of this document by tailoring the safety lifecycle depending on the alteration. This document addresses integration of existing systems not developed according to this document and systems developed according to this document by tailoring the safety lifecycle.
This document addresses possible hazards caused by malfunctioning behaviour of safety-related electrical/electronic systems, including interaction of these systems. It does not address hazards related to electric shock, fire, smoke, heat, radiation, toxicity, flammability, reactivity, corrosion, release of energy and similar hazards, unless directly caused by malfunctioning behaviour of safety-related electrical/electronic systems.
This document describes a framework for functional safety to assist the development of safety-related electrical/electronic systems. This framework is intended to be used to integrate functional safety activities into a company-specific development framework. Some requirements have a clear technical focus to implement functional safety into a product; others address the development process and can therefore be seen as process requirements in order to demonstrate the capability of an organization with respect to functional safety.
This document does not address the nominal performance of electrical/electronic systems.
Annex A provides an overview on objectives, prerequisites and work products of this document.
2 Normative references
The following documents contain requirements which, through reference in this text, constitute provisions of this document. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies.
GB/T 34590.1-2022 Road vehicles - Functional safety - Part 1: Vocabulary (ISO 26262-1:2018, MOD)
GB/T 34590.2-2022 Road vehicles - Functional safety - Part 2: Management of functional safety (ISO 26262-2:2018, MOD)
Note: There is no technical difference between the referenced content from GB/T 34590.6-2022 and that from ISO 26262-6:2018.
GB/T 34590.3-2022 Road vehicles - Functional safety - Part 3: Concept phase (ISO 26262-3:2018, MOD)
Note: There is no technical difference between the referenced content from GB/T 34590.6-2022 and that from ISO 26262-6:2018.
GB/T 34590.4-2022 Road vehicles - Functional safety - Part 4: Product development at the system level (ISO 26262-4:2018, MOD)
Note: There is no technical difference between the referenced content from GB/T 34590.6-2022 and that from ISO 26262-6:2018.
GB/T 34590.5-2022 Road vehicles - Functional safety - Part 5: Product development at the hardware level (ISO 26262-5:2018, MOD)
Note: There is no technical difference between the referenced content from GB/T 34590.6-2022 and that from ISO 26262-6:2018.
GB/T 34590.6-2022 Road vehicles - Functional safety - Part 6: Product development at the software level (ISO 26262-6:2018, MOD)
Note: There is no technical difference between the referenced content from GB/T 34590.6-2022 and that from ISO 26262-6:2018.
GB/T 34590.7-2022 Road vehicles - Functional safety - Part 7: Production, operation, service and decommissioning (ISO 26262-7:2018, MOD)
Note: There is no technical difference between the referenced content from GB/T 34590.6-2022 and that from ISO 26262-6:2018.
GB/T 34590.9-2022 Road vehicles - Functional safety - Part 9: Automotive Safety Integrity Level (ASIL)-oriented and safety-oriented analyses (ISO 26262-9:2018, MOD)
Note: There is no technical difference between the referenced content from GB/T 34590.6-2022 and that from ISO 26262-6:2018.
GB/T 34590.12-2022 Road vehicles - Functional safety - Part 12: Adaptation for motorcycles (ISO 26262-12:2018, MOD)
Note: There is no technical difference between the referenced content from GB/T 34590.6-2022 and that from ISO 26262-6:2018.
3 Terms and definitions
For the purposes of this document, the terms and definitions given in GB/T 34590.1-2022 apply.
4 Requirements
4.1 Purpose
This clause describes how:
a) to achieve compliance with GB/T 34590;
b) to interpret the tables used in the GB/T 34590;
c) to interpret the applicability of each clause, depending on the relevant ASIL(s).
4.2 General requirements
When claiming compliance with GB/T 34590, each requirement shall be met, unless one of the following applies:
a) tailoring of the safety activities in accordance with GB/T 34590.2-2022 has been performed that shows that the requirement does not apply; or
b) a rationale is available that the non-compliance is acceptable and the rationale has been evaluated in accordance with GB/T 34590.2-2022.
Informative content, including notes and examples, is only for guidance in understanding, or for clarification of the associated requirement, and shall not be interpreted as a requirement itself or as complete or exhaustive.
The results of safety activities are given as work products. “Prerequisites” are information which shall be available as work products of a previous phase. Given that certain requirements of a clause are ASIL-dependent or may be tailored, certain work products may not be needed as prerequisites.
“Further supporting information” is information that can be considered, but which in some cases is not required by the GB/T 34590 as a work product of a previous phase and which may be made available by external sources that are different from the persons or organizations responsible for the functional safety activities.
4.3 Interpretations of tables
Tables in this document are normative or informative depending on their context. The different methods listed in a table contribute to the level of confidence in achieving compliance with the corresponding requirement. Each method in a table is either:
a) a consecutive entry (marked by a sequence number in the leftmost column, e.g. 1, 2, 3), or
b) an alternative entry (marked by a number followed by a letter in the leftmost column, e.g. 2a, 2b, 2c).
For consecutive entries, all listed highly recommended and recommended methods in accordance with the ASIL apply. It is allowed to substitute a highly recommended or recommended method by others not listed in the table, in this case, a rationale shall be given describing why these comply with the corresponding requirement. If a rationale can be given to comply with the corresponding requirement without choosing all entries, a further rationale for omitted methods is not necessary.
For alternative entries, an appropriate combination of methods shall be applied in accordance with the ASIL indicated, independent of whether they are listed in the table or not. If methods are listed with different degrees of recommendation for an ASIL, the methods with the higher recommendation should be preferred. A rationale shall be given that the selected combination of methods or even a selected single method complies with the corresponding requirement.
Note: A rationale based on the methods listed in the table is sufficient. However, this does not imply a bias for or against methods not listed in the table.
For each method, the degree of recommendation to use the corresponding method depends on the ASIL and is categorized as follows:
— “++” indicates that the method is highly recommended for the identified ASIL;
— “+” indicates that the method is recommended for the identified ASIL;
— “o” indicates that the method has no recommendation for or against its usage for the identified ASIL.
Contents
Foreword
Introduction
1 Scope
2 Normative references
3 Terms and definitions
4 Requirements
4.1 Purpose
4.2 General requirements
4.3 Interpretations of tables
4.4 ASIL-dependent requirements and recommendations
4.5 Adaptation for motorcycles
4.6 Adaptation for trucks, buses, trailers and semi-trailers
5 Interfaces within distributed developments
5.1 Objectives
5.2 General
5.3 Inputs to this clause
5.3 Requirements and recommendations
5.5 Work products
6 Specification and management of safety requirements
6.1 Objectives
6.2 General
6.3 Inputs to this clause
6.4 Requirements and recommendations
6.5 Work products
7 Configuration management
7.1 Objectives
7.2 General
7.3 Inputs to this clause
7.4 Requirements and recommendations
7.5 Work products
8 Change management
8.1 Objectives
8.2 General
8.3 Inputs to this clause
8.4 Requirements and recommendations
8.5 Work products
9 Verification
9.1 Objectives
9.2 General
9.3 Inputs to this clause
9.4 Requirements and recommendations
9.5 Work products
10 Documentation management
10.1 Objectives
10.2 General
10.3 Inputs to this clause
10.4 Requirements and recommendations
10.5 Work products
11 Confidence in the use of software tools
11.1 Objectives
11.2 General
11.3 Inputs to this clause
11.4 Requirements and recommendations
11.5 Work products
12 Qualification of software components
12.1 Objectives
12.2 General
12.3 Inputs to this clause
12.4 Requirements and recommendations
12.5 Work products
13 Hardware element assessment
13.1 Objectives
13.2 General
13.3 Inputs to this clause
13.4 Requirements and recommendations
13.5 Work products
14 Proven in use argument
14.1 Objectives
14.2 General
14.3 Inputs to this clause
14.4 Requirements and recommendations
14.5 Work products
15 Interfacing an application that is out of scope of GB/T 3
15.1 Objectives
15.2 General
15.3 Inputs to this clause
15.4 Requirements and recommendations
15.5 Work products
16 Integration of safety-related systems not developed according to GB/T 3
16.1 Objectives
16.2 General
16.3 Inputs to this clause
16.4 Requirements and recommendations
16.5 Work products
Annex A (informative) Overview of and workflow of supporting processes
Annex B (Informative) Development Interface Agreement (DIA) example
Bibliography
GB/T 34590.8-2022 Road vehicles — Functional safety — Part 8: Supporting processes
1 Scope
This document specifies the requirements for supporting processes, including the following:
— interfaces within distributed developments;
— overall management of safety requirements;
— configuration management;
— change management;
— verification;
— documentation management;
— confidence in the use of software tools;
— qualification of software components;
— evaluation of hardware elements;
— proven in use argument;
— interfacing an application that is out of scope of GB/T 34590;
— integration of safety-related systems not developed according to GB/T 34590.
This document is applicable to safety-related systems including one or more electrical/electronic systems installed in series production road vehicles, excluding mopeds.
This document does not apply to unique electrical/electronic systems in special vehicles, such as, vehicle systems designed for drivers with disabilities.
Note: Other dedicated application-specific safety standards exist and can complement this document or vice versa.
Systems and their components released for production, or systems and their components already under development prior to the publication date of this document, are exempted from the scope of this edition. This document addresses alterations to existing systems and their components released for production prior to the publication of this document by tailoring the safety lifecycle depending on the alteration. This document addresses integration of existing systems not developed according to this document and systems developed according to this document by tailoring the safety lifecycle.
This document addresses possible hazards caused by malfunctioning behaviour of safety-related electrical/electronic systems, including interaction of these systems. It does not address hazards related to electric shock, fire, smoke, heat, radiation, toxicity, flammability, reactivity, corrosion, release of energy and similar hazards, unless directly caused by malfunctioning behaviour of safety-related electrical/electronic systems.
This document describes a framework for functional safety to assist the development of safety-related electrical/electronic systems. This framework is intended to be used to integrate functional safety activities into a company-specific development framework. Some requirements have a clear technical focus to implement functional safety into a product; others address the development process and can therefore be seen as process requirements in order to demonstrate the capability of an organization with respect to functional safety.
This document does not address the nominal performance of electrical/electronic systems.
Annex A provides an overview on objectives, prerequisites and work products of this document.
2 Normative references
The following documents contain requirements which, through reference in this text, constitute provisions of this document. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies.
GB/T 34590.1-2022 Road vehicles - Functional safety - Part 1: Vocabulary (ISO 26262-1:2018, MOD)
GB/T 34590.2-2022 Road vehicles - Functional safety - Part 2: Management of functional safety (ISO 26262-2:2018, MOD)
Note: There is no technical difference between the referenced content from GB/T 34590.6-2022 and that from ISO 26262-6:2018.
GB/T 34590.3-2022 Road vehicles - Functional safety - Part 3: Concept phase (ISO 26262-3:2018, MOD)
Note: There is no technical difference between the referenced content from GB/T 34590.6-2022 and that from ISO 26262-6:2018.
GB/T 34590.4-2022 Road vehicles - Functional safety - Part 4: Product development at the system level (ISO 26262-4:2018, MOD)
Note: There is no technical difference between the referenced content from GB/T 34590.6-2022 and that from ISO 26262-6:2018.
GB/T 34590.5-2022 Road vehicles - Functional safety - Part 5: Product development at the hardware level (ISO 26262-5:2018, MOD)
Note: There is no technical difference between the referenced content from GB/T 34590.6-2022 and that from ISO 26262-6:2018.
GB/T 34590.6-2022 Road vehicles - Functional safety - Part 6: Product development at the software level (ISO 26262-6:2018, MOD)
Note: There is no technical difference between the referenced content from GB/T 34590.6-2022 and that from ISO 26262-6:2018.
GB/T 34590.7-2022 Road vehicles - Functional safety - Part 7: Production, operation, service and decommissioning (ISO 26262-7:2018, MOD)
Note: There is no technical difference between the referenced content from GB/T 34590.6-2022 and that from ISO 26262-6:2018.
GB/T 34590.9-2022 Road vehicles - Functional safety - Part 9: Automotive Safety Integrity Level (ASIL)-oriented and safety-oriented analyses (ISO 26262-9:2018, MOD)
Note: There is no technical difference between the referenced content from GB/T 34590.6-2022 and that from ISO 26262-6:2018.
GB/T 34590.12-2022 Road vehicles - Functional safety - Part 12: Adaptation for motorcycles (ISO 26262-12:2018, MOD)
Note: There is no technical difference between the referenced content from GB/T 34590.6-2022 and that from ISO 26262-6:2018.
3 Terms and definitions
For the purposes of this document, the terms and definitions given in GB/T 34590.1-2022 apply.
4 Requirements
4.1 Purpose
This clause describes how:
a) to achieve compliance with GB/T 34590;
b) to interpret the tables used in the GB/T 34590;
c) to interpret the applicability of each clause, depending on the relevant ASIL(s).
4.2 General requirements
When claiming compliance with GB/T 34590, each requirement shall be met, unless one of the following applies:
a) tailoring of the safety activities in accordance with GB/T 34590.2-2022 has been performed that shows that the requirement does not apply; or
b) a rationale is available that the non-compliance is acceptable and the rationale has been evaluated in accordance with GB/T 34590.2-2022.
Informative content, including notes and examples, is only for guidance in understanding, or for clarification of the associated requirement, and shall not be interpreted as a requirement itself or as complete or exhaustive.
The results of safety activities are given as work products. “Prerequisites” are information which shall be available as work products of a previous phase. Given that certain requirements of a clause are ASIL-dependent or may be tailored, certain work products may not be needed as prerequisites.
“Further supporting information” is information that can be considered, but which in some cases is not required by the GB/T 34590 as a work product of a previous phase and which may be made available by external sources that are different from the persons or organizations responsible for the functional safety activities.
4.3 Interpretations of tables
Tables in this document are normative or informative depending on their context. The different methods listed in a table contribute to the level of confidence in achieving compliance with the corresponding requirement. Each method in a table is either:
a) a consecutive entry (marked by a sequence number in the leftmost column, e.g. 1, 2, 3), or
b) an alternative entry (marked by a number followed by a letter in the leftmost column, e.g. 2a, 2b, 2c).
For consecutive entries, all listed highly recommended and recommended methods in accordance with the ASIL apply. It is allowed to substitute a highly recommended or recommended method by others not listed in the table, in this case, a rationale shall be given describing why these comply with the corresponding requirement. If a rationale can be given to comply with the corresponding requirement without choosing all entries, a further rationale for omitted methods is not necessary.
For alternative entries, an appropriate combination of methods shall be applied in accordance with the ASIL indicated, independent of whether they are listed in the table or not. If methods are listed with different degrees of recommendation for an ASIL, the methods with the higher recommendation should be preferred. A rationale shall be given that the selected combination of methods or even a selected single method complies with the corresponding requirement.
Note: A rationale based on the methods listed in the table is sufficient. However, this does not imply a bias for or against methods not listed in the table.
For each method, the degree of recommendation to use the corresponding method depends on the ASIL and is categorized as follows:
— “++” indicates that the method is highly recommended for the identified ASIL;
— “+” indicates that the method is recommended for the identified ASIL;
— “o” indicates that the method has no recommendation for or against its usage for the identified ASIL.
Contents of GB/T 34590.8-2022
Contents
Foreword
Introduction
1 Scope
2 Normative references
3 Terms and definitions
4 Requirements
4.1 Purpose
4.2 General requirements
4.3 Interpretations of tables
4.4 ASIL-dependent requirements and recommendations
4.5 Adaptation for motorcycles
4.6 Adaptation for trucks, buses, trailers and semi-trailers
5 Interfaces within distributed developments
5.1 Objectives
5.2 General
5.3 Inputs to this clause
5.3 Requirements and recommendations
5.5 Work products
6 Specification and management of safety requirements
6.1 Objectives
6.2 General
6.3 Inputs to this clause
6.4 Requirements and recommendations
6.5 Work products
7 Configuration management
7.1 Objectives
7.2 General
7.3 Inputs to this clause
7.4 Requirements and recommendations
7.5 Work products
8 Change management
8.1 Objectives
8.2 General
8.3 Inputs to this clause
8.4 Requirements and recommendations
8.5 Work products
9 Verification
9.1 Objectives
9.2 General
9.3 Inputs to this clause
9.4 Requirements and recommendations
9.5 Work products
10 Documentation management
10.1 Objectives
10.2 General
10.3 Inputs to this clause
10.4 Requirements and recommendations
10.5 Work products
11 Confidence in the use of software tools
11.1 Objectives
11.2 General
11.3 Inputs to this clause
11.4 Requirements and recommendations
11.5 Work products
12 Qualification of software components
12.1 Objectives
12.2 General
12.3 Inputs to this clause
12.4 Requirements and recommendations
12.5 Work products
13 Hardware element assessment
13.1 Objectives
13.2 General
13.3 Inputs to this clause
13.4 Requirements and recommendations
13.5 Work products
14 Proven in use argument
14.1 Objectives
14.2 General
14.3 Inputs to this clause
14.4 Requirements and recommendations
14.5 Work products
15 Interfacing an application that is out of scope of GB/T 3
15.1 Objectives
15.2 General
15.3 Inputs to this clause
15.4 Requirements and recommendations
15.5 Work products
16 Integration of safety-related systems not developed according to GB/T 3
16.1 Objectives
16.2 General
16.3 Inputs to this clause
16.4 Requirements and recommendations
16.5 Work products
Annex A (informative) Overview of and workflow of supporting processes
Annex B (Informative) Development Interface Agreement (DIA) example
Bibliography