关键词: ISO 26262；整车控制系统；转矩控制；功能安全设计；Simulink

Abstract: The vehicle control system serves as the source of the torque request and plays a decisive role in the operational safety of the vehicle.This paper conducts hazard and operability analysis,and hazard analysis and risk assessment of the longitudinal control function of the entire vehicle control system based on the ISO 26262 standard,deriving complete safety goals.Firstly,it performs a failure analysis of entire vehicle torque control function based on the ISO 26262 standard,selecting the failure mode of unexpected entire vehicle loss torque control as the analysis direction.Then,match the function failure with the typical operation scenario of the entire vehicle,obtain possible whole vehicle hazardous events,combine the entire vehicle parameters,build a Simulink calculation model and finally quantify the three dimensions of hazard analysis and risk assessment in exposure,severity, and controllability based on the Simulink calculation results and industry standards and papers,thus obtaining automotive safety integrity level of the unintended loss of propulsion of the entire vehicle and giving complete safety goals.This paper exports the design analysis methods of the entire vehicle safety goals,which can provide a reference basis for the functional safety design and optimization of other vehicle control systems.

Key words: ISO 26262;vehicle control system;torque control;functional safety design;Simulink