08. Fault Tolerant Time Interval
Fault Tolerant Time interval
L4 15 Fault Tolerant Time Interval
Measuring Fault Tolerant Time Intervals
Depending on the hazardous situations, you might also have to consider the fault reaction time of a human driver. So you would have to run tests with actual drivers to see how long they take to react to a fault and avoid a hazardous situation.
On the other hand, software and hardware diagnostic test intervals and fault reaction times could be measured with a bench test.
You can't change a human's fault reaction time; however, you can optimize your software and hardware to minimize the diagnostic test interval and fault reaction time.
Whatever the hazardous situation, the idea of the fault tolerant time interval is to investigate how long your system has to avoid accidents when faults occur.
ISO 26262 Revisions
A second addition of ISO 26262 is in production and may redefine some FTTIs presented here.
Fault Tolerant Time Interval: Lane Keeping Assistance Fault
In terms of the lane keeping assistance, the concern was that the functionality wasn't time limited. If the lane keeping assistance goes beyond the time limit we set, then a fault has occurred and you will want to shut off the system.
The fault tolerant time interval might be 500 ms since the situation would be more controllable than for the warning system case. Because the system is now time limited, the driver will be unable to misuse the system as if it were fully autonomous, and will be more likely to keep their hands on the wheel at all times. If the lane keeping assistance function goes beyond the time limit and keeps turning the vehicle towards the center of the lane, the driver could still remain in control of the car. The lane assistance system is merely adding extra steering torque to the torque that the driver is already providing.