Expert interview

Functional safety & trends

We talked to Christine Jacobsson, software developer and responsible for Functional Safety at BorgWarner. Christine comments about the main safety trends she sees affecting automotive: Automotive SPICE framework gaining importance, Higher ASIL due to Electrical Vehicles and of course cybersecurity.

July 11, 2023
ACES megatrend


Functional safety & trends in automotive

The more software and features, the more functions that need testing says functional safety engineer Christine Jacobsson. Christine has a vast software development experience ranging from ABB, Saab Kockums and now at BorgWarner. Adding new software driven features also add rigorous testing requirements. Christine Jacobsson lists the main safety trends she sees are on the uprising – and how they may affect the industry overall.

What does your work as functional safety engineer entail?

At BorgWarner Landskrona, I am responsible for the safety plan and the development of technical safety concepts according to safety goals from the customer following requirements in the automotive standard ISO 26262. We analyze failure modes and implement safety mechanisms to detect failures and mitigate risks and hazards. Typically, the goal is to minimize single points of failure and ensure that the system operates within acceptable risk levels according to the ASIL integrity. 

In my work, I rely on software and electronics to monitor signals and confirm safety-related factors. However, the software can sometimes have blind spots. It’s essential to gather evidence, probability assessments, and quantifiable data to support our safety claims. Testing in automotive is generally demanding and resource-intensive, especially when all the equipment needs to be in place within a limited time constraint.

What are your thoughts on testing in automotive?

Having a rig that corresponds to the real system is ideal because the more you can simulate and test, the less physical equipment you need. Developers writing code without the ability to test and verify early is unwanted but not always easy to solve.

At BorgWarner our testing team is currently driving a major change towards test-driven development. Testing teams are now part of writing the requirements, ensuring all stakeholders get what they need according to EARS (Easy Approach to Requirements Syntax). Then throughout development they work in parallel, and we’ve seen great results including reduced lead time. We work according to ASPICE (i.e., performing unity test, integration test and qualification tests – and then on system level integration and qualification tests are made again). Testing starts from the smallest component up through the entire system with the aim to find any errors as early as possible.

Christine Jacobsson with colleagues at BorgWarner’s
hosted Pink Programming event in Spring 2023.

What are the main trends you see affecting the industry?

  • Trend 1: Automotive SPICE framework gaining importance The Automotive SPICE (ASPICE i.e. Automotive Software Process Improvement Capability dEtermination) framework is gaining importance and customers are asking for it. It was introduced in 2005 for evaluating software development processes and considers the human factor in risk assessment and evaluates all development tools used. Ultimately it adds requirements for traceability. This goes hand in hand with safety as it adds to a solid foundation and documentation. This is mostly good but everyone needs to be aware that it adds more work and cost to achieve such quality labels.
  • Trend 2: Higher ASIL due to Electrical Vehicles With the rise of electrification and associated batteries, the automotive industry and other industries under this paradigm shift are required to follow higher ASIL levels (Automotive Safety Integrity Level). This increases software intensity and documentation requirements – including testing and adherence to specific methodologies. As an example, at BorgWarner we use CAN protocols mostly, this is specified by the customer. If it is a higher ASIL level in the application, the CAN signals must also have end-to-end protection. The OEM usually owns the signals – if they raise the ASIL level, they must increase the integrity of the signals we receive which adds limitations in terms of availability (risk of unwanted safe state triggered if the resolution of the signal is too low for example). With the increased administrative workload, I see that it does becomes even more difficult to attract developers. 
  • Trend 3: Cybersecurity It is important to recognize the importance of cybersecurity due to the possibility of hacking and manipulating signals. There’s much more software in a car now and a lot at stake. Access to hacking even the simplest signals on the CAN network can affect the ability to safely operate the vehicle. The new EU law (ISO/SAE 21434) mandates cyber security measures for all new car models starting from the product development process and specifications for threat analysis and risk assessment. What I work with, functional safety, in comparison is not a law but a state-of-the-art practice.

Looking at these trends from an overview perspective – with all the added software-driven functionalities and automotive trends, combined with emerging requirements, laws, and quality guidelines – are end customers willing to pay for all the added work these functionalities require? I think we might see more counter trends of suppliers and OEMs needing either to drive prices up more to be able to test everything or that they will need to limit functionality.