Architectural design and reliability analysis of a fail-operational brake-by-wire system from ISO 26262 perspectives

Next generation drive-by-wire automotive systems enabling autonomous driving will build on the fail-operational capabilities of electronics, control and software (ECS) architectural solutions. Developing such architectural designs that would meet dependability requirements and satisfy other system constraints is a challenging task and will possibly lead to a paradigm shift in automotive ECS architecture design and development activities. This aspect is becoming quite relevant while designing battery-driven electric vehicles with integrated in-wheel drive-train and chassis subsystems. In such highly integrated dependable systems, many of the primary features and functions are attributed to the highest safety critical ratings. Brake-by-wire is one such system that interfaces with active safety features built into an automobile, and which in turn is expected to provide fail-operational capabilities. In this paper, building up on the basic concepts of fail-silent and fail-operational systems design we propose a system-architecture for a brake-by-wire system with fail-operational capabilities. The design choices are supported with proper rationale and design trade-offs. Safety and reliability analysis of the proposed system architecture is performed as per the ISO 26262 standard for functional safety of electrical/electronic systems in road vehicles. (C) 2011 Elsevier Ltd. All rights reserved.