1.2 Identifying hazardous system behaviour

Assurance objective: Identify how the RAS could bring about hazards given its defined operation and environment.

Contextual description: Having identified system hazards, the ways in which the system may bring about those hazards must be determined. This will require consideration of both nominal and deviant behaviour of the system. An important consideration is that unusual or unexpected behaviour of the RAS, although not necessarily directly hazardous to the RAS itself, may provoke behaviour in another system or human that is potentially hazardous.

Practical guidance: Standard techniques such as Functional Failure Analysis (FFA) and HAZOP may be used here, but for RAS additional guidance on their application may be required (including potentially additional guidewords etc). Alternative techniques such as simulation may also be required in order to fully explore the behaviour of the system. Possible security attack scenarios should also be considered to identify if these could result in system hazards.

1.2 Approach to demonstration automotive (new 2019)

A tag stating the date 17/02/2021 that the guidance was published

Next section: