HARA (Hazard Analysis and Risk Assessment) is a method that is used to determine the unacceptable hazards and risks which arise in the event of faults in a critical system in the vehicle. This method is one of the most significant activities that were developped during the Concept Phase of ISO26262 process.

With the help of HARA you can identify the functional hazards and risks of your product at the beginning of the development process and decide on your safety goals and the safety levels and safety modes for these goals. I have already mentioned some significant definitions and points of HARA in my previous article.  I am going to present HARA analysis using a model and make an ASIL classification.

There are certain steps to be followed before, during and the after the HARA process. These can be summarized in 6 points.

Step 1 – Item Definition: First of all there must be an item definition.

This definition should include:

• Vehicle types, vehicle variants, country and customer needs
• Previously -in prototypes and prior projects- identified hazards and malfunctions.
• Operational Modes (e. Idle, active, system off or maintenance mode)
• Operational Scenarios: Season, climate, traffic, parked mode, driving on highways
• Potential malfuntion Catalogue
• Capabilities and behavior of the driver

Step 2 – Vehicle Safety Lifecycle Definition: The vehicle and driving conditions are classified by determining the degree of the hazard and its controllability by the driver.  The following examples can be given for vehicle/driving classifications:

• Driving fast on wet roads
• Driving fast on dry roads
• Driving in Reverse
• Driving through a Tunnes
• Parked Car
• Braking

Step 3 – Malfunction identification: These are determined   through the information in the input documents and the expertise of the people conducting the assessment. Let’s assume that we are looking into the front headlight. The following items can be the potential hazards/malfunctions:

• The front headlight has turned on unexpectedly. 
• The front headlight has gone out of function unexpectedly.
• The front headlight has not worked despite being switched on
• The front headlight has turned on without being switched on. 
• The front headlight flickers.

Step 4 – HARA Process: Risk Assessment of all the functional and operational hazards:

Taking into consideration the criteria that was explained in my previous article, namely type of injuries (Severity), how often the vehicle is exposed to the hazard(Exposure) and how much the driver can do to prevent the injury (Controllability) and considering the driving conditions all hazards are classified. To give an example, a question like the following should be asked while doing the classification:

• If the front headlight did not work while driving through a tunnel with the speed of 100 km/h, what would be the severity of an injury in the case of an accident? How often can this happen? How probable is an accident? Can the driver manage or prevent the situation?

Step 5 – HARA Result: ASIL Classification for Each and Every Hazard: 

The first result of HARA is the determination of ASIL level which reveals the severity of the hazard for every identified risk. This classification is the most important element that is used while  developing a functional safety concept.

Step 6 – HARA Result: Deriving Functional Safety Goals and High Level Safety Requirements:  For each of the identified critical hazard a safety goal, one or more safery mode(s), functional safety requirements and a fault tolerant time interval should be determined.