Iso Pas 19695 2015

PUBLICLY ISO/PAS
AVAILABLE 19695
SPECIFICATION
First edition
2015-12-01
Motorcycles — Functional safety

Motocycles — Sécurité fonctionnelle
iTeh STANDARD PREVIEW

(standards.iteh.ai)
ISO/PAS 19695:2015
https://standards.iteh.ai/catalog/standards/sist/7450b2a7-3b51-404e-9039-
9c6ccdeb6da2/iso-pas-19695-2015
Reference number
ISO/PAS 19695:2015(E)
© ISO 2015
ISO/PAS 19695:2015(E)


(standards.iteh.ai)
ISO/PAS 19695:2015
COPYRIGHT PROTECTED DOCUMENT

© ISO 2015, Published in Switzerland
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form
or by any means, electronic or mechanical, including photocopying, or posting on the internet or an intranet, without prior
written permission. Permission can be requested from either ISO at the address below or ISO’s member body in the country of
the requester.
ISO copyright office
Ch. de Blandonnet 8 • CP 401
CH-1214 Vernier, Geneva, Switzerland
Tel. +41 22 749 01 11
Fax +41 22 749 09 47
copyright@iso.org
www.iso.org
ii © ISO 2015 – All rights reserved

ISO/PAS 19695:2015(E)

Contents Page
Foreword...........................................................................................................................................................................................................................................v
Introduction................................................................................................................................................................................................................................. vi
1 Scope.................................................................................................................................................................................................................................. 1
2 Normative references....................................................................................................................................................................................... 1
3 Terms, definitions, and abbreviated terms................................................................................................................................ 1
4 Safety management during the concept phase and the product development.................................... 2
4.1 Objective........................................................................................................................................................................................................ 2
4.2 General............................................................................................................................................................................................................ 2
4.3 Input to this Clause............................................................................................................................................................................... 2
4.3.1 Prerequisites........................................................................................................................................................................ 2
4.3.2 Further supporting information.......................................................................................................................... 2
4.4 Requirements and recommendations.................................................................................................................................. 3
4.4.1 General...................................................................................................................................................................................... 3
4.4.2 Confirmation measures: Types, independency, and authority................................................. 3
4.5 Work products.......................................................................................................................................................................................... 5
5 Hazard analysis and risk assessment.............................................................................................................................................. 5
5.1 Objective........................................................................................................................................................................................................ 5
5.2 General............................................................................................................................................................................................................ 5
5.3 Input to this Clause............................................................................................................................................................................... 6
5.3.1 iTeh STANDARD PREVIEW
Prerequisites........................................................................................................................................................................ 6
5.3.2 Further supporting information.......................................................................................................................... 6
5.4
(standards.iteh.ai)
Requirements and recommendations.................................................................................................................................. 6
5.4.1 Initiation of the hazard analysis and risk assessment...................................................................... 6
5.4.2 Situation analysisISO/PAS and hazard 19695:2015 identification............................................................................................ 6
5.4.3https://standards.iteh.ai/catalog/standards/sist/7450b2a7-3b51-404e-9039-
Classification of hazardous events.................................................................................................................... 7
5.4.4 Determination 9c6ccdeb6da2/iso-pas-19695-2015
of MSIL................................................................................................................................................ 9
5.4.5 Determination of ASIL and safety goals..................................................................................................... 10
5.4.6 Verification.......................................................................................................................................................................... 11
5.5 Work products....................................................................................................................................................................................... 11
6 Vehicle integration and testing............................................................................................................................................................11
6.1 Objectives.................................................................................................................................................................................................. 11
6.2 General......................................................................................................................................................................................................... 12
6.3 Input to this Clause............................................................................................................................................................................ 12
6.3.1 Prerequisites..................................................................................................................................................................... 12
6.3.2 Further supporting information....................................................................................................................... 12
6.4 Requirements and recommendations............................................................................................................................... 12
6.4.1 Vehicle integration....................................................................................................................................................... 12
6.4.2 Test goals and test methods during vehicle testing......................................................................... 12
6.5 Work products....................................................................................................................................................................................... 15
7 Safety Validation.................................................................................................................................................................................................15
7.1 Objectives.................................................................................................................................................................................................. 15
7.2 General......................................................................................................................................................................................................... 15
7.3 Inputs to this Clause......................................................................................................................................................................... 15
7.3.1 Prerequisites..................................................................................................................................................................... 15
7.3.2 Further supporting information....................................................................................................................... 16
7.4 Requirements and recommendation................................................................................................................................. 16
7.4.1 Validation environment........................................................................................................................................... 16
7.4.2 Planning of validation................................................................................................................................................ 16
7.4.3 Execution of validation............................................................................................................................................. 16
7.4.4 Evaluation............................................................................................................................................................................ 17
7.5 Work products....................................................................................................................................................................................... 17
© ISO 2015 – All rights reserved iii

ISO/PAS 19695:2015(E)

Annex A (informative) Hazard analysis and risk assessment for motorcycles.......................................................18

Annex B (informative) Example of controllability classification techniques...........................................................28
Bibliography.............................................................................................................................................................................................................................. 32

(standards.iteh.ai)
ISO/PAS 19695:2015
iv © ISO 2015 – All rights reserved

ISO/PAS 19695:2015(E)

Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards
bodies (ISO member bodies). The work of preparing International Standards is normally carried out
through ISO technical committees. Each member body interested in a subject for which a technical
committee has been established has the right to be represented on that committee. International
organizations, governmental and non-governmental, in liaison with ISO, also take part in the work.
ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of
electrotechnical standardization.
The procedures used to develop this document and those intended for its further maintenance are
described in the ISO/IEC Directives, Part 1. In particular the different approval criteria needed for the
different types of ISO documents should be noted. This document was drafted in accordance with the
editorial rules of the ISO/IEC Directives, Part 2 (see www.iso.org/directives).
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. ISO shall not be held responsible for identifying any or all such patent rights. Details of
any patent rights identified during the development of the document will be in the Introduction and/or
on the ISO list of patent declarations received (see www.iso.org/patents).
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation on the meaning of ISO specific terms and expressions related to conformity
assessment, as well as information about ISO’s adherence to the WTO principles in the Technical
Barriers to Trade (TBT) see the following URL: Foreword - Supplementary information
(standards.iteh.ai)
The committee responsible for this document is ISO/TC 22, Road vehicles, Subcommittee SC 38,
Motorcycles and mopeds.
ISO/PAS 19695:2015
© ISO 2015 – All rights reserved v

ISO/PAS 19695:2015(E)

Introduction
This Publicly Available Standard is the adaptation of ISO 26262:2011 (all parts) to comply with needs
specific to the application sector of electrical and/or electronic (E/E) systems installed in motorcycles,
and provides the partial tailoring activities of ISO 26262-2:2011, Clause 6, ISO 26262-3:2011, Clause 7,
and ISO 26262-4:2011, Clauses 8 and 9.
ISO 26262:2011 (all parts) is intended to be applied to safety-related systems that include one or more
E/E systems and that are installed in series production passenger cars with a maximum gross vehicle
mass up to 3 500 kg. ISO 26262:2011 (all parts) does not address unique E/E systems in special purpose
vehicles such as vehicles designed for drivers with disabilities.
The motorcycle industry recognizes the need to use appropriate safety-related techniques to avoid
unreasonable risk resulting from random or systematic faults of E/E systems.
Many of the requirements specified in ISO 26262:2011 (all parts) are applicable for E/E systems
produced for the motorcycle industry and therefore it was accepted by SC 22 (superseded to SC 38) that
the E/E systems developed for motorcycles should be within the scope of ISO 26262:2011 (all parts).
However, the adoption of ISO 26262:2011 (all parts) can lead to an inappropriate estimation of
motorcycle risk. Therefore, some existing ISO 26262:2011 (all parts) requirements are considered
infeasible for the motorcycle industry, e.g. user test under real-life conditions.
Motorcycle Safety Integrity Level (MSIL) is the output of hazard analysis and risk assessment. This is
then apportioned between the risk reduction mechanisms and measures assigned to E/E systems using
Automotive Safety Integrity Level (ASIL) and the risk reduction taken care of by external measures
and/or other technologies [which are outside the scope of ISO 26262:2011 (all parts) and this Publicly
Available Standard].
(standards.iteh.ai)
Specifically in the motorcycle industry, a greater proportion
ISO/PAS 19695:2015 of the overall risk reduction is generally
apportioned to external measures (for example, riding rules, training/qualification of riders, personal
protective equipment, e.g. helmets and infrastructure features).
The worldwide established level of technology (“state-of-the-art”) in the motorcycle industry suggests
that ASIL requirements are not appropriate for motorcycles. This is addressed through the alignment
between MSIL and ASIL.
It is acknowledged that product development processes and technical solutions within the motorcycle
industry are inhomogeneous with those of the automobile industry; therefore, the difference between
MSIL and ASIL has been made to accommodate worldwide capability.
It can be necessary to modify certain requirements, methods, and measures of ISO 26262:2011 (all
parts) in order to adapt the standards’ best practices to match state-of-the-art practices for motorcycle
functional safety.
Other areas of ISO 26262:2011 (all parts) which would be affected by inclusion of motorcycles within
the scope of the standard have also been identified and necessary changes recommended. The content
of this Publicly Available Standard requires consideration and acceptance by SC 32 in order to facilitate
the inclusion of motorcycles within the scope of ISO 26262:2011 (all parts) Edition 2.
Figure 1 shows the structure and relation of this Publicly Available Standard and ISO 26262:2011 (all
parts).
vi © ISO 2015 – All rights reserved

ISO/PAS 19695:2015(E)


(standards.iteh.ai)
ISO/PAS 19695:2015
Figure 1 — Overview of this Publicly Available Standard and the relation to ISO 26262:2011 (all
parts)
© ISO 2015 – All rights reserved vii

(standards.iteh.ai)
ISO/PAS 19695:2015
PUBLICLY AVAILABLE SPECIFICATION ISO/PAS 19695:2015(E)
Motorcycles — Functional safety
1 Scope
This Publicly Available Standard is intended to be applied to safety-related systems that include one
or more electrical and/or electronic (E/E) systems and that are installed in series production two-
wheeled or three-wheeled motorcycles.
This Publicly Available Standard does not address unique E/E systems in special purpose vehicles, such
as vehicles designed for competition.
This Publicly Available Standard addresses possible hazards caused by malfunctioning behaviour of E/E
safety-related systems, including interaction of these systems. It does not address hazards related to
electric shock, fire, smoke, heat, radiation, toxicity, flammability, reactivity, corrosion, release of energy,
and similar hazards, unless directly caused by malfunctioning behaviour of E/E safety-related systems.
This Publicly Available Standard does not address the nominal performance of E/E systems, even if
dedicated functional performance standards exist for these systems.
2 Normative references
The following documents, in whole or in part, are normatively referenced in this document and are
(standards.iteh.ai)
indispensable for its application. For dated references, only the edition cited applies. For undated
references, the latest edition of the referenced document (including any amendments) applies.
ISO/PAS 19695:2015
ISO 26262-1:2011, Road vehicles — Functional safety — Part 1: Vocabulary
ISO 26262-2:2011, Road vehicles —9c6ccdeb6da2/iso-pas-19695-2015
Functional safety — Part 2: Management of functional safety
ISO 26262-3:2011, Road vehicles — Functional safety — Part 3: Concept phase
ISO 26262-4:2011, Road vehicles — Functional safety — Part 4: Product development at the system level
ISO 26262-5:2011, Road vehicles — Functional safety — Part 5: Product development at the hardware level
ISO 26262-6:2011, Road vehicles — Functional safety — Part 6: Product development at the software level
ISO 26262-8:2011, Road vehicles — Functional safety — Part 8: Supporting processes
ISO 26262-9:2011, Road vehicles — Functional safety — Part 9: Automotive Safety Integrity Level (ASIL)-
oriented and safety-oriented analyses
3 Terms, definitions, and abbreviated terms

For the purposes of this document, the terms and definitions given in ISO 26262-1:2011 and the
following apply
3.1
expert rider
role filled by persons capable of evaluating controllability classifications based on operation of
actual motorcycles
Note 1 to entry: An expert rider is a rider who has the
— skill to evaluate controllability,
— capability to conduct the vehicle test, and
© ISO 2015 – All rights reserved 1

ISO/PAS 19695:2015(E)

— knowledge to evaluate motorcycle controllability characteristics with respect to a representative rider’s

riding capability.
Note 2 to entry: See Annex B for information relating to the use of expert riders.
3.2
motorcycle safety integrity level
MSIL
one of four levels that specify the item’s or element’s necessary ISO 26262:2011 (all parts) risk reduction
requirements and safety measures to apply for avoiding unreasonable residual risk for items and
elements used specifically in motorcycle applications, with D representing the most stringent and A the
least stringent level
4 Safety management during the concept phase and the product development
4.1 Objective
The objective of this Clause is to define the independency requirements of confirmation measures
associated with ASIL, converted from MSIL.
4.2 General
Safety management includes the responsibility to ensure that the confirmation measures are
performed. Depending on the applicable ASIL, some confirmation measures require independence
regarding resources, management, and release authority (see 4.4).
(standards.iteh.ai)
Confirmation measures include confirmation reviews, functional safety audits, and functional
safety assessments.
ISO/PAS 19695:2015
— The confirmation reviews are intended to check the compliance of selected work products to the
corresponding requirements of ISO 26262 (all parts).
— A functional safety audit evaluates the implementation of the processes required for the functional
safety activities.
— A functional safety assessment evaluates the functional safety achieved by the item.
In addition to the confirmation measures, verification reviews are performed. These reviews, which
are required in other parts of ISO 26262, are intended to verify that the associated work products fulfil
the project requirements, and the technical requirements with respect to use cases and failure modes.
Table 1 lists the required confirmation measures. ISO 26262-2:2011, Annex D lists the reviews
concerning verification and refers to the applicable parts of ISO 26262.
4.3 Input to this Clause
4.3.1 Prerequisites
See applicable prerequisites of the relevant phases of the safety lifecycle in which confirmation
measures are planned or carried out.
4.3.2 Further supporting information
See applicable further supporting information of the relevant phases of the safety lifecycle in which
confirmation measure is planned or carried out.
2 © ISO 2015 – All rights reserved

ISO/PAS 19695:2015(E)

4.4 Requirements and recommendations
4.4.1 General
The organizations involved in the execution of the safety lifecycle shall comply with 4.4.2 for items that
have at least one safety goal with an ASIL A, B, or C, unless stated otherwise.
4.4.2 Confirmation measures: Types, independency, and authority
4.4.2.1 The confirmation measures specified in Table 1 shall be performed, in accordance with the
required level of independency as specified in ISO 26262-2:2011, Table 2, 6.4.3.5 i), 6.4.8, and 6.4.9.
NOTE 1 The confirmation reviews are performed for those work products that are specified in Table 1 and
required by the safety plan.
NOTE 2 A confirmation review includes the checking of correctness with respect to formality, contents,
adequacy, and completeness regarding the requirements of ISO 26262:2011 (all parts).
NOTE 3 Table 1 includes the confirmation measures. An overview of the verification reviews is given in
ISO 26262-2:2011, Annex D.
NOTE 4 A report that is a result of a confirmation measure includes the name and revision number of the work
products or process documents analysed (see ISO 26262-8:2011, 10.4.5).
NOTE 5 If the item changes subsequent to the completion of confirmation reviews or functional safety
assessments, then these will be repeated or supplemented (see ISO 26262-8:2011, 8.4.5.2).
NOTE 6 (standards.iteh.ai)
The aim of each confirmation measure is given in ISO 26262-2:2011, Annex C.
NOTE 7 Confirmation measures such as confirmation reviews and functional safety audits can be merged and
combined with the functional safety assessment to support
ISO/PAS the handling of comparable variants of an item.
19695:2015
Table 1 — Required confirmation 9c6ccdeb6da2/iso-pas-19695-2015
measures, including the required level of independency
Degree of
independencya
Confirmation measures applies to ASIL, con- Scope
verted from MSIL
A B C
Confirmation review of the hazard analysis The scope of this review shall include
and risk assessment of the item (see Clause 5, the correctness of the determined
ISO 26262-3:2011, Clauses 5, and if applicable, ASILs and quality management (QM)
ISO 26262-8:2011, Clause 5) I2 I2 I2
ratings of the identified hazardous
Independence with regard to those generating events for the item, and a review of
the work product the safety goals
a The notations are defined as follows:
— —: no requirement and no recommendation for or against regarding this confirmation measure;
— I0: the confirmation measure should be performed; however, if the confirmation measure is performed, it shall be
performed by a different person;
— I1: the confirmation measure shall be performed, by a different person;
— I2: the confirmation measure shall be performed, by a person from a different team, i.e. not reporting to the same direct
superior.
b A software tool development is outside the item’s safety lifecycle whereas the qualification of such a tool is an activity
of the safety lifecycle.

ISO/PAS 19695:2015(E)

Table 1 (continued)
Degree of
independencya
verted from MSIL
A B C
Confirmation review of the safety plan (see
ISO 26262-2:2011, 6.5.1) Applies to the highest ASIL among the
— I1 I2
Independence with regard to those generating safety goals of the item
the work product
Confirmation review of the item integration
and testing plan (see ISO 26262-4:2011) Applies to the highest ASIL among the
I0 I1 I2
the work product
Confirmation review of the validation plan (see
ISO 26262-4:2011) Applies to the highest ASIL among the
I0 I1 I2
the work product
Confirmation review of the safety analyses (see
ISO 26262-9:2011, Clause 8) Applies to the highest ASIL among the
I1 I1 I2
the work product iTeh STANDARD PREVIEW
b
(standards.iteh.ai)
Confirmation review of the software tool qual-
ification report (see ISO 26262-8:2011, Clause Applies to the highest ASIL of the
11) — I0 I1 requirements that can be violated by
ISO/PAS 19695:2015
the use of the tool
Independence with regard tohttps://standards.iteh.ai/catalog/standards/sist/7450b2a7-3b51-404e-9039-
the persons per-
forming the qualification of the software tool 9c6ccdeb6da2/iso-pas-19695-2015
Confirmation review of the proven in use
arguments (analysis, data, and credit) of the Applies to the ASIL of the safety goal
candidates (see ISO 26262-8:2011, Clause 14) or requirement related to the con-
I0 I1 I2
sidered behaviour, or function, of the
Independence with regard to those developing candidate
the argument
Confirmation review of the completeness of the
safety case (see ISO 26262-2:2011, 6.5.3) Applies to the highest ASIL among the
I0 I1 I2
Independence with regard to those developing safety goals of the item
the safety case
Functional safety audit in accordance with
ISO 26262-2:2011, 6.4.8 Applies to the highest ASIL among the
— I0 I2
Independence with regard to the developers of safety goals of the item
the item and project management
superior.
4 © ISO 2015 – All rights reserved

ISO/PAS 19695:2015(E)

Table 1 (continued)
Degree of
independencya
verted from MSIL
A B C
Functional safety assessment in accordance
with ISO 26262-2:2011, 6.4.9 Applies to the highest ASIL among the
— I0 I2
Independence with regard to the developers of safety goals of the item
the item and project management
superior.
4.4.2.2 The persons who carry out a confirmation measure shall have access to, and shall be supported
by, the persons and organizational entities that carry out safety activities during the item development.
4.4.2.3
(standards.iteh.ai)
The persons who carry out a confirmation measure shall have access to the relevant
information and tools.
ISO/PAS 19695:2015
4.5 Work products 9c6ccdeb6da2/iso-pas-19695-2015
Confirmation measure reports, resulting from 4.4.2 and ISO 26262-2:2011, Table 2, 6.4.8 and 6.4.9
5 Hazard analysis and risk assessment
5.1 Objective
This Clause provides a tailoring of ISO 26262-3:2011, Clause 7 for motorcycles.
The objective of the hazard analysis and risk assessment for motorcycles is to identify and to categorize
the hazards that malfunctions in the item can trigger and to formulate the safety goals related to the
prevention or mitigation of the hazardous events, in order to avoid unreasonable risk.
The objective of this Clause is to specify the necessary requirements that need to be complied with in
order to perform a motorcycle specific hazard analysis and risk assessment.
5.2 General
Due to the fact that the dynamic behaviour of motorcycles differs greatly from that of passenger cars,
and that controllability of motorcycle specific hazardous events could place more emphasis on the
rider, it is recognized that the method of performing risk assessment requires a degree of tailoring to
best suit motorcycle specific hazardous events.
Hazard analysis, risk assessment, and MSIL determination are used to determine the safety goals
for the item such that an unreasonable risk is avoided. For this, the item is evaluated with regard to
its potential hazardous events. Safety goals and their assigned MSIL are determined by a systematic
evaluation of hazardous events. The MSIL is determined by considering the estimate of the impact

Iso Pas 19695 2015

Uploaded by

Copyright:

Available Formats

Iso Pas 19695 2015

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Iso Pas 19695 2015

Uploaded by

Copyright:

Available Formats

PUBLICLY ISO/PAS

Motorcycles — Functional safety

iTeh STANDARD PREVIEW

iTeh STANDARD PREVIEW

COPYRIGHT PROTECTED DOCUMENT

ii ﻿ © ISO 2015 – All rights reserved

© ISO 2015 – All rights reserved ﻿ iii

Annex A (informative) Hazard analysis and risk assessment for motorcycles.......................................................18

iTeh STANDARD PREVIEW

iv ﻿ © ISO 2015 – All rights reserved

© ISO 2015 – All rights reserved ﻿ v

vi ﻿ © ISO 2015 – All rights reserved

iTeh STANDARD PREVIEW

© ISO 2015 – All rights reserved ﻿ vii

Motorcycles — Functional safety

3 Terms, definitions, and abbreviated terms

— skill to evaluate controllability,

— capability to conduct the vehicle test, and

© ISO 2015 – All rights reserved ﻿ 1

— knowledge to evaluate motorcycle controllability characteristics with respect to a representative rider’s

4.3 Input to this Clause

4.3.2 Further supporting information

2 ﻿ © ISO 2015 – All rights reserved

4.4 Requirements and recommendations

4.4.2 Confirmation measures: Types, independency, and authority

© ISO 2015 – All rights reserved ﻿ 3

4 ﻿ © ISO 2015 – All rights reserved

5 Hazard analysis and risk assessment

© ISO 2015 – All rights reserved ﻿ 5

You might also like

ii © ISO 2015 – All rights reserved

© ISO 2015 – All rights reserved iii

iv © ISO 2015 – All rights reserved

© ISO 2015 – All rights reserved v

vi © ISO 2015 – All rights reserved

© ISO 2015 – All rights reserved vii

© ISO 2015 – All rights reserved 1

2 © ISO 2015 – All rights reserved

© ISO 2015 – All rights reserved 3

4 © ISO 2015 – All rights reserved

© ISO 2015 – All rights reserved 5