GB/T 39086-2020 Functional safety requirements and testing methods for battery management system of electric vehicles English
Functional safety requirements and testing methods for battery management system of electric vehicles
1 Scope
This standard specifies the functional safety requirements and testing methods for battery management system of electric vehicles (hereinafter referred to as "battery management system").
This standard is applicable to the management system of lithium-ion power battery for electric vehicles, and other types of power battery, and also refers to the management system of other types of power battery and the management system of power battery for other vehicles.
2 Normative references
The following referenced documents are indispensable for the application of this document. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies.
GB 18384-2020 The safety requirement of electric vehicles
GB/T 19596-2017 Terms of electric vehicles
GB/T 34590-2017 (all parts) Road vehicles Functional safety
GB 38031-2020 Safety requirements of power battery for electric vehicles
GB/T 38661-2020 Technical specifications of battery management system for electric vehicles
3 Terms and definitions
For the purposes of this document, the terms and definitions given in GB/T 19596-2017, GB/T 34590.1-2017 and the following apply. For the convenience of application, some terms and definitions in GB/T 19596-2017 are listed repeatedly as follows.
3.1
battery management system; BMS
monitoring the battery condition (e.g. temperature, voltage, state of charge, etc.) is capable of providing communication, safety, cell equalization and management control for battery as well as providing the communication interface system of application equipment
[GB/T 19596-2017, definition 3.3.2.1.10]
3.2
secondary cell
basic unit device that converts the chemical energy and electric energy mutually, generally including electrode, diaphragm, electrolyte, housing and terminal, and is also designed to be rechargeable
[GB 38031-2020, definition 3.1]
3.3
high voltage power system
connection between voltage above Class B in electric vehicles and the DC busbar of the power battery, or the high-voltage driven component systems by power driving of power battery. It mainly includes but is not limited to: power battery system and/or high-voltage distribution system (high-voltage relay, fuse, resistor, main switch, etc.), motor and its control system, DC/DC converter and on-board charger, etc.
[GB/T 19596-2017, definition 3.1.2.1.11]
3.4
power battery system
energy storage device consisting of one or more battery pack(s) and corresponding accessories (battery management system, high voltage circuit, low voltage circuit, thermal management equipment and mechanical assembly, etc.) for providing electric energy to electric vehicles' driving
[GB/T 19596-2017, definition 3.1.2.1.9]
3.5
fault tolerant time interval; FTTI
under the condition that the security mechanism is not activated, the shortest time interval from the occurrence of internal faults of related items to the possible occurrence of hazardous events
Note 1: Security-related time interval see Figure 1.
Note 2: Evaluating the shortest time interval of all hazard events depends on the characteristics of hazards.
Note 3: FTTI is related to the hazards caused by abnormal performance of related items. FTTI is an attribute of the safety goals.
Note 4: During fault tolerant time interval, if the related items remain in safe state or transition to safe state or emergency operation, it means that the security mechanism has handled the fault in time.
Note 5: The occurrence of hazardous events depends on the existing faults and the scene the vehicle is in where the faults can affect the vehicle behavior.
Example: Failure of the brake system may not cause a hazardous event until the brake is applied
Note 6: When FTTI is defined only at the level of related items, the longest fault handling time interval and the state after fault handling can be specified at the level of elements to support the concept of functional safety.
Note 7: Fault detection time interval include several diagnostic test time intervals to allow the elimination of errors if diagnostic test time interval is sufficiently smaller than fault detection time interval.
... ...
... ...
3.6
thermal runaway
uncontrollable temperature rise of the battery caused by the exothermic chain reaction of the secondary cell
[GB 38031-2020, definition 3.14]
3.7
thermal propagation
the phenomenon of successive thermal runaway of the rest secondary cells caused by the thermal runaway of a secondary cell in a battery pack or system
[GB 38031-2020, definition 3.15]
3.8
explosion
sudden release of sufficient energy to generate pressure waves or jets which may cause structural or physical damage to the surrounding area
[GB 38031-2020, definition 3.10]
3.9
leakage
the liquid inside the battery leaks to the outside of the battery case
[GB/T 19596-2017, definition 3.3.3.13.7]
3.10
venting
the release of gas via the pre-designed mode upon the increase of the internal pressure in single cells and assemblies of cells
[GB/T 19596-2017, definition 3.3.3.13.8]
3.11
overcharge
continuous charging when the battery cell or battery is fully charged.
[GB/T 19596-2017, definition 3.3.3.2.4]
3.12
over discharge
continuous discharging when the battery cell or battery is completely discharged.
[GB/T 19596-2017, definition 3.3.3.1.8]
3.13
fire
any part of the secondary cell, battery module, battery pack or system keeps burning (the duration of flaming is greater than 1s).
Note 1: Here “the duration of flaming is greater than 1s” refers to single duration of flaming other than cumulative duration of several ones.
Note 2: Sparking and arcing is not considered as combustion
[GB 38031-2020, definition 3.11]
4 General requirements
Unless otherwise specified, the requirements of technology development and process development of functional safety for battery management system shall be implemented in accordance with GB/T 34590-2017 (all parts).
5 Definition of related items
5.1 General
Foreword II
1 Scope
2 Normative references
3 Terms and definitions
4 General requirements
5 Definition of related items
6 Hazard analysis and risk assessment
7 Functional safety requirements
8. Verification and validation of functional safety
Annex A (Informative) Hazard analysis and risk assessment (HARA) examples with battery management system as related item
Annex B (Informative) Example of Hazard Analysis and Risk Assessment (HARA) with Traction Battery System as Related Item
Annex C (Informative) Example of fault tolerant time interval (FTTI) determination
GB/T 39086-2020 Functional safety requirements and testing methods for battery management system of electric vehicles English
Functional safety requirements and testing methods for battery management system of electric vehicles
1 Scope
This standard specifies the functional safety requirements and testing methods for battery management system of electric vehicles (hereinafter referred to as "battery management system").
This standard is applicable to the management system of lithium-ion power battery for electric vehicles, and other types of power battery, and also refers to the management system of other types of power battery and the management system of power battery for other vehicles.
2 Normative references
The following referenced documents are indispensable for the application of this document. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies.
GB 18384-2020 The safety requirement of electric vehicles
GB/T 19596-2017 Terms of electric vehicles
GB/T 34590-2017 (all parts) Road vehicles Functional safety
GB 38031-2020 Safety requirements of power battery for electric vehicles
GB/T 38661-2020 Technical specifications of battery management system for electric vehicles
3 Terms and definitions
For the purposes of this document, the terms and definitions given in GB/T 19596-2017, GB/T 34590.1-2017 and the following apply. For the convenience of application, some terms and definitions in GB/T 19596-2017 are listed repeatedly as follows.
3.1
battery management system; BMS
monitoring the battery condition (e.g. temperature, voltage, state of charge, etc.) is capable of providing communication, safety, cell equalization and management control for battery as well as providing the communication interface system of application equipment
[GB/T 19596-2017, definition 3.3.2.1.10]
3.2
secondary cell
basic unit device that converts the chemical energy and electric energy mutually, generally including electrode, diaphragm, electrolyte, housing and terminal, and is also designed to be rechargeable
[GB 38031-2020, definition 3.1]
3.3
high voltage power system
connection between voltage above Class B in electric vehicles and the DC busbar of the power battery, or the high-voltage driven component systems by power driving of power battery. It mainly includes but is not limited to: power battery system and/or high-voltage distribution system (high-voltage relay, fuse, resistor, main switch, etc.), motor and its control system, DC/DC converter and on-board charger, etc.
[GB/T 19596-2017, definition 3.1.2.1.11]
3.4
power battery system
energy storage device consisting of one or more battery pack(s) and corresponding accessories (battery management system, high voltage circuit, low voltage circuit, thermal management equipment and mechanical assembly, etc.) for providing electric energy to electric vehicles' driving
[GB/T 19596-2017, definition 3.1.2.1.9]
3.5
fault tolerant time interval; FTTI
under the condition that the security mechanism is not activated, the shortest time interval from the occurrence of internal faults of related items to the possible occurrence of hazardous events
Note 1: Security-related time interval see Figure 1.
Note 2: Evaluating the shortest time interval of all hazard events depends on the characteristics of hazards.
Note 3: FTTI is related to the hazards caused by abnormal performance of related items. FTTI is an attribute of the safety goals.
Note 4: During fault tolerant time interval, if the related items remain in safe state or transition to safe state or emergency operation, it means that the security mechanism has handled the fault in time.
Note 5: The occurrence of hazardous events depends on the existing faults and the scene the vehicle is in where the faults can affect the vehicle behavior.
Example: Failure of the brake system may not cause a hazardous event until the brake is applied
Note 6: When FTTI is defined only at the level of related items, the longest fault handling time interval and the state after fault handling can be specified at the level of elements to support the concept of functional safety.
Note 7: Fault detection time interval include several diagnostic test time intervals to allow the elimination of errors if diagnostic test time interval is sufficiently smaller than fault detection time interval.
... ...
... ...
3.6
thermal runaway
uncontrollable temperature rise of the battery caused by the exothermic chain reaction of the secondary cell
[GB 38031-2020, definition 3.14]
3.7
thermal propagation
the phenomenon of successive thermal runaway of the rest secondary cells caused by the thermal runaway of a secondary cell in a battery pack or system
[GB 38031-2020, definition 3.15]
3.8
explosion
sudden release of sufficient energy to generate pressure waves or jets which may cause structural or physical damage to the surrounding area
[GB 38031-2020, definition 3.10]
3.9
leakage
the liquid inside the battery leaks to the outside of the battery case
[GB/T 19596-2017, definition 3.3.3.13.7]
3.10
venting
the release of gas via the pre-designed mode upon the increase of the internal pressure in single cells and assemblies of cells
[GB/T 19596-2017, definition 3.3.3.13.8]
3.11
overcharge
continuous charging when the battery cell or battery is fully charged.
[GB/T 19596-2017, definition 3.3.3.2.4]
3.12
over discharge
continuous discharging when the battery cell or battery is completely discharged.
[GB/T 19596-2017, definition 3.3.3.1.8]
3.13
fire
any part of the secondary cell, battery module, battery pack or system keeps burning (the duration of flaming is greater than 1s).
Note 1: Here “the duration of flaming is greater than 1s” refers to single duration of flaming other than cumulative duration of several ones.
Note 2: Sparking and arcing is not considered as combustion
[GB 38031-2020, definition 3.11]
4 General requirements
Unless otherwise specified, the requirements of technology development and process development of functional safety for battery management system shall be implemented in accordance with GB/T 34590-2017 (all parts).
5 Definition of related items
5.1 General
Contents of GB/T 39086-2020
Foreword II
1 Scope
2 Normative references
3 Terms and definitions
4 General requirements
5 Definition of related items
6 Hazard analysis and risk assessment
7 Functional safety requirements
8. Verification and validation of functional safety
Annex A (Informative) Hazard analysis and risk assessment (HARA) examples with battery management system as related item
Annex B (Informative) Example of Hazard Analysis and Risk Assessment (HARA) with Traction Battery System as Related Item
Annex C (Informative) Example of fault tolerant time interval (FTTI) determination
