Functional Safety (FuSa) and Safety Of The Intended Functionality (SOTIF) are two important aspects in ensuring the safety of autonomous vehicles. While they both aim to address potential risks and hazards, there are key differences in their focus and approach.
FuSa: Ensuring Functional Safety
FuSa is a discipline that focuses on identifying and mitigating risks associated with malfunctions or failures of autonomous vehicle systems. It ensures that the vehicle's intended functionality operates correctly and does not pose any danger to passengers, pedestrians, or other road users. FuSa involves rigorous testing, verification, and validation processes to detect and prevent failures, and it sets specific standards, such as ISO 26262 for the automotive industry, to guide these safety measures.
SOTIF: Addressing Hazards Outside of System Failures
On the other hand, SOTIF addresses hazards and risks that may arise from factors other than system failures, such as environmental conditions, unpredictable user behavior, or external events. While FuSa focuses on ensuring the correct functioning of systems, SOTIF aims to identify potential dangers that can occur even when all the vehicle's functions are working as intended. This includes scenarios where the vehicle cannot achieve its intended function due to certain external circumstances that were not considered during system development.
Differences and Complementary Roles
The main difference between FuSa and SOTIF lies in their scope of considerations. FuSa primarily deals with system functionality and related failures, while SOTIF extends beyond system functions to encompass unexpected hazards. In this sense, FuSa focuses on preventing accidents caused by system malfunctions, while SOTIF focuses on addressing risks that may lead to accidents even when the system is functioning correctly. Consequently, to ensure the safety of autonomous vehicles, both aspects are crucial and should complement each other.
In conclusion, FuSa and SOTIF are essential disciplines in autonomous vehicle safety but differ in their focus and approach. FuSa mainly deals with system malfunctions, whereas SOTIF addresses hazards beyond system failures. By working together, they play a vital role in minimizing risks and ensuring the reliable and safe operation of autonomous vehicles.