Short series: Decomposition
Transcript (auto-generated)
However, once we get into the integration and we look at the hardware metrics, then we’re up back to the original safety goal level of ASIL D level. And this brings me to the last point about the FMEDA, looking at the hardware metrics themselves. The target value for the hardware metrics does not change because of decomposition. And a lot of people don’t understand this. Well, we apply decomposition to our hardware safety requirements. Why don’t these metrics change? Well, if you think about it in a fault tree analysis perspective, if you truly have two independent parallel paths, these are ANDed together, so mathematically you do get the benefits because each can have a little bit higher fit rate and still a little bit higher fit rate and still get a lower fit rate at the top. So the top-level event in the fault tree remains the same but you do get the benefits if you run the quantitive safety analysis.