Functional Safety (ISO 26262)

This domain guide drills into safety engineering workflows supported by TRF, complementing the regulatory overview in ISO 26262.

Hazard analysis and risk assessment

• Record hazards with severity/exposure/controllability metrics.
• Link hazards to safety goals and operational scenarios.
• Store supporting analyses (FTA, FMEA) as attachments or dedicated artifacts (fault_tree, fmea_sheet).

{"id": "haz:ACC-LOSS-001", "kind": "hazard", "fields": {"description": "Loss of ACC braking", "severity": "S3", "exposure": "E4", "controllability": "C2", "asil": "D"}}

ASIL decomposition

• Use safety_requirement artifacts with asil_level and allocation to trace decomposition.
• Add validation rules ensuring ASIL D requirements decompose into compliant child requirements.
• Link implementations (component, safety_mechanism) via mitigates relations.

Safety plans and work products

• Represent the safety plan as an artifact (safety_plan) with milestones and responsible roles.
• Attach review reports, confirmation measures, and safety cases to keep everything traceable.
• Use tags to associate work products with ISO 26262 part/clauses.

Confirmation reviews

• Capture independent reviewer approvals using link fields (rationale, confidence) or dedicated artifacts (confirmation_review).
• Sign packages after confirmation to preserve reviewer identity.

Safety case assembly

• Build a modular safety case (claims, arguments, evidence) with custom artifacts.
• Link each claim to the evidence artifacts (tests, analyses, monitoring data).
• Export a safety case bundle (tw export --format safety-case) for assessors.

Operational monitoring

• Track field incidents and OTA updates as incident_report and ota_campaign artifacts.
• Link incidents back to hazards and safety requirements to close the loop.

Combine these practices with process evidence from Automotive SPICE and cybersecurity controls from UN-R155/R156 to present a unified safety case.