A Novel Hazard Analysis and Risk Assessment Approach for Road Vehicle Functional Safety through Integrating STPA with FMEA

ISO26262: 2018 is an international functional safety standard for electrical and/or electronic (E/E) systems within road vehicles. It provides appropriate safety requirements for road vehicles to avoid unreasonable residual risk according to automotive safety integrity levels (ASILs) derived from hazard analysis and risk assessment (HARA) required in the ISO26262 concept phase. Systems theoretic process analysis (STPA) seems to be designed specifically to deal with hazard analysis of modern complex systems, but it does not include risk evaluation required by most safety related international standards. So we integrated STPA into Failure Mode and Effect Analysis (FMEA) template to form a new method called system theoretic process analysis based on an FMEA template, STPAFT for shot, which could not only meet all the requirements of the concept phase in ISO26262, but also make full use of the advantages of the two methods. Through the focus of FMEA on low-level components, STPAFT can obtain more detailed causal factors (CFs), which is very helpful for derivation of safety goals (SGs) and the functional safety requirements (FSRs) in the concept phase of ISO26262. The application of STPAFT is described by the case study of fuel level estimation and display system (FLEDS) to show how the concept phase of ISO26262 could be supported by STPAFT.