Funktionale Sicherheit und Prozessqualität …...Funktionale Sicherheit und Prozessqualität praxisnah umgesetzt 2 ECQA Certified Training Material ASQF Evening Talk May 2014 Authors:

www.automotive-quality-alliance.eu

This project has been funded with support from the European Commission

under agreement EAC-2012-0635. This publication/communication reflects the

views only of the author, and the Commission cannot be held responsible for

any use which may be made of the information contained therein.

KNOWLEDGE ALLIANCE FOR TRAINING QUALITY AND EXCELLENCE IN AUTOMOTIVE

Fachgruppenabend

Erlangen, 22/05/2014

Andreas Riel

Dušan Busen, Damjan Ekert, Christian Kreiner, Michael Langgner,

Richard Messnarz, Michael Reiner, Dick Theisens, Serge Tichkiewitch

Funktionale Sicherheit und

Prozessqualität praxisnah umgesetzt

2 ECQA Certified Training Material

ASQF Evening Talk May 2014

Authors: AQUA Training Material Committee automotive-knowledge-alliance.eu

Motivation

• Automotive Suppliers are confronted with many Quality

Standards and Norms

• Number of standards and complexity is increasing

• Customer demands high process and product quality

• Internal process improvement to achieve high quality

Understand the synergies and deltas between the standards and

their application areas

Integrate requirements from the standards into one process

landscape

Unified process view

IEC 61508

6σ




Challenges in Automotive (some)

• Exponential growth of complex functions realised with electronic/software

systems.

• Standards to implement

– Quality Management & Lifecycle ISO TS16949

– Automotive SPICE: (Software) Quality ISO15504

– Functional Safety: ISO26262, IEC 61508

More and more components and subsystems in the car are classified ASIL

A/B/C/D, likewise SIL 1/2/3/4.

– Lean Six Sigma: combines

Lean Manufacturing – eliminating waste [Toyota]

Six Sigma – minimize variability in manufacturing and business processes

[Motorola]

– To come: Common Criteria (IT Security)

• Ever shorter development cycles –> everything integrated




Partly

Overlap Largely

Overlap

No

Overlap

Product Opportunity Gap

Identification/Understanding

Concept Development

Product Design

Process Design

Commercial Production

Se

qu

en

tia

l

En

gin

ee

rin

g

Degree of Concurrency

(Activity Overlapping)

Degree of Collaboration

(Decision Coupling)


Identification/Understanding Concept Development

Product Design Process Design


Inte

gra

ted

En

gin

ee

rin

g

Multiple stakeholders interact

to make multiple decisions

Multiple stakeholders interact

to achieve a single agreement


Identification/Understanding

Concept Development

Product Design

Process Design


Co

nc

urr

en

t

En

gin

ee

rin

g How do we make decisions for

these overlapping activities?

Interface

Relationship

Synergy

Sequential, Concurrent, Integrated




Software and System Quality Automotive SPICE® Processes




Safety as a System Property ISO26262 – Functional safety standard




Lean Six Sigma Coping with Variation and Reliability




The European AQUA Initiative

• Europe-wide Certified Qualification Platform for

Quality in Automotive

• Achieving excellence through the integration of

– Automotive SPICE® (ISO/IEC 15504)

– Functional Safety (ISO 26262)

– Six Sigma

• Targeting Automotive Suppliers

– Help them get an integrated Quality Understanding

that is compliant with leading relevant standards

– Qualify a large number of Stakeholders




The AQUA Alliance




The AQUA Training Program Architecture

Release 1

ECQA Certified Training Material

Authors: AQUA Training Material Committee

Knowledge Alliance for

Training Quality and Excellence

in Automotive

www.ecqa.org





Unit 1: Introduction

Element 1: Standards, Norms, and Guidelines

Subcomponent: Integration




SOP

Research & Development

Series

Production

Automotive SPICE

Functional Safety

Lean Six Sigma

Integrated Approach - Timeline




SW ECU Mechanics

Sensor

System Production

Lean Six Sigma

Automotive SPICE

Functional Safety

Integrated Approach - Components




Automotive SPICE Process

Functional Safety Process and Method

Processes [What]

Processes [What] &

Methods [How]

Integrated Approach - Processes




Automotive

SPICE – Process

Requirements

Additional

Process

Requirements

from the ISO

26262

Example – Software Requirements Analysis




Methods from the

ISO 26262

Process

Requirements from

Automotive SPICE

and ISO 26262

Example – Software Requirements Analysis




Functional Safety Chapters

Automotive SPICE Functional Safety

Focus on software and

system development

Focus on SW and E/E

Hardware

Capability Level and

Attribute Ratings

ASIL

Process Improvement Compliance

… …

ASPICE vs. Functional Safety




Value and Foundations of LSS

Six Sigma Focus on reducing variability

– The goal of Six Sigma is to increase business profits by eliminating the

variability, defects and waste that undermine customer loyalty

– Origin:

1986 Motorola – Bill Smith & Mikel Harry: ‘DMAIC’

1996 General Electric – Jack Welch: ‘The GE Way’

Six Sigma is a rigorous and systematic methodology that utilizes

information (management by facts) and statistical analysis to measure

and improve a company's operational performance by preventing

'defects' i.e. meet and exceed stakeholders expectations




Value and Foundations of Six Sigma

LSL USL

2700 ppm

defects

4.5σ 3.4 ppm

defects

LSL USL 6σ

3σ

Defects: outside specification





Why Six Sigma Level?

3σ

4σ

5σ

6σ

7σ

66.810

6.210

233

3.4

0.02

ppm σ level

1σ

2σ

690.000

308.537

20-30%

15-20%

10-15%

5-10%

<5%

Loss in

% of sales

30-40%

40-50%

Average

World Class

Status

Bankrupt





DfSS - Design for Six Sigma Focus on robust design

– The goal of DfSS is to design products/processes that exceed customer

expectations i.e. flawless product launch and predictable reliability

DfSS is a systematic and rigorous methodology

using tools, training, and measurements to enable

the design of new products and processes that meet

customer expectations at Six Sigma quality levels.





DfSS - Design for Six Sigma Focus on robust design

Nu

mb

er

of

ch

an

ges

20-24 months 14-17 months 1-3 months 1st day of

production

Traditional development

Design for Six Sigma / QFD

• Robust design

• Reliability

• FMEA

• QFD

• . . .







24

Red = Additional Safety

Relevant Content

Integration of Safety and Six Sigma

60575451484542

LSL USL

LSL 40

Target *

USL 60

Sample Mean 50.1598

Sample N 1000

StDev (Within) 3.08536

StDev (O v erall) 3.15039

Process Data

C p 1.08

C PL 1.10

C PU 1.06

C pk 1.06

Pp 1.06

PPL 1.07

PPU 1.04

Ppk 1.04

C pm *

O v erall C apability

Potential (Within) C apability

PPM < LSL 0.00

PPM > USL 0.00

PPM Total 0.00

O bserv ed Performance

PPM < LSL 495.80

PPM > USL 713.02

PPM Total 1208.82

Exp. Within Performance

PPM < LSL 630.03

PPM > USL 893.60

PPM Total 1523.64

Exp. O v erall Performance

Within

Overall

Process Capability of C1

Statistical

Methods – Six

Sigma




Integrated Teams of Engineering

• All three methods

describe

continuous

improvement

cycles

• The cycles are

interacting

leading to joined

learning (evolving

system)

• Design Example:

Six

Sig

ma

: D

esig

n

FM

EA

deliv

ering

co

un

ter

me

asu

res

FMEDA : Diagnose and

redundancy measures for

ISO 26262

Re

qu

irem

en

ts

Tra

ced a

nd T

este

d

(AS

PIC

E)

LEARNING about

System and Domain




Integrated Engineering Teams

• Using the

same

collaboration

principle in all

interacting

cases

• Teams are not

separate:

Six

Sig

ma

Exp

ert

s

ISO 26262

Experts

AS

PIC

E

Exp

erts

LEARNING about

System and Domain




• The Product Engineering Process (PEP) includes all activities

from the idea to the series production of a product.

• It is usually divided into phases, where each phase ends with

a gate.

• Between the gates many iterations of the V-Model

(Automotive SPICE and Functional Safety) are run through.

• The Failure mode effects analysis (FMEA) as a tool from Six

Sigma is used quantify and prioritize risks during the

development with a focus to track actions to mitigate the risks.

Process FMEA: Used to analyse production and/or

assembly process.

Integration into the

Product Engineering Process

Release 1

ECQA Certified Training Material

Authors: AQUA Training Material Committee

Knowledge Alliance for

Training Quality and Excellence

in Automotive

www.ecqa.org





Unit 2: Product Development

Element 2.: Life Cycle

Subcomponent: Integration




Integrated View

ASPICE - System

Referenz: Software Engineering nach Automotive SPICE – Ein Continental Projekt auf dem Weg zu Level 3




Integrated View

Safety - System

+ Safety Goals

+ Functional and

Technical Safety

Concept

SW

Architecture

with diganose

layers (e.g.

EGAS)

+ HW – SW

Interface (HSI)

Redundant

Design and

FIT Rates

+ Test of Safety

Mechanisms

+ Safety Life Cycle + Level 1-4 release




Integrated View

Design for Six Sigma - System

TQM

Standard Work

Control plan

CTQ Flowdown

dFMEA

MSA

Process Capability

Process Capability

Product Capability

Cpk Ppk

DMADV DMAIC

QFD

VOC

DOE – Design of Experiments

Transfer functions

Reliability Eng.





Integrated View

ASPICE - Software





Integrated View

Safety - Software

+ SW Safety

Requirements

+ Method tables and

E-Gas Architecture

+ Independent

Diagnose Functions

+ Freedom of

interference and

method tables

+ Branch coverage,

criticality analysis

+ interface test,

criticality analysis

+ faul injection,

range check,

equivalence class





Integrated View

ASPICE+ - Hardware





Integrated View

Safety - Hardware

+ Method tables and

Redundant

Architecture

+ HW Safety

Requirements

+ Redundant Design

and FIT Rates + HW Metric

+ HSI test

+ HW Architecture

Metric and FTA,

overall FIT rate

+ modular design

and decomposition

strategy





Integrated View

ASPICE+ - Hardware

Life time in specific

usage profile (DOE)

Design FMEA

Selecting

components with

proper quality





Three Dimensions of Iteration

All 3 methods have a specific life cycle




Integrated View Idea




Integrated Design Approach

The Integrated Design Approach requires

• a Function-Oriented Design View in all three Life Cycles

• a consideration of the complete system in terms of • Software

• Hardware (E/EE/PE)

• ALL THE REST (mechanics, hydraulics, etc.)

• Embedded, integrated iterations of blue (ASPICE) and red (Functional Safety) Design Cycles for safety critical functions

• Embedded, integrated iterations of green (DfSS) and blue (ASPICE)/red (Functional Safety) Design Cycles on System Level




Example

Adaptive Damping System

• Power consumption

• Accuracy of Shifting

• Dynamics in Shiftig

• Lifetime

• Operating conditions

• Etc.

Referenz:

ZF N,

Key Note bei S2QI/SOQRATES,

Kick Off Konferenz,

November 2005,

Graz, Österreich




Damper

Front Right Damper

Front Left

Damper

Rear Left

Damper

Rear Right Flexray Bus

(Height)

Stabilise

e.g.

4 electronic dampers

which can be stiffened by

pressure controlled by

an ECU per damper

System Architectural Design

describes the components, their interfaces, and the system functions.

Analogue

Pressure

Example





• The adaptive damping is a safety-critical item consisting of several systems and subsystems

• Special design measures have to be taken to assure a certain defined quality and reliability of the whole Signal Path that is related to the adaptive damping function

• E.g. the architectural design decision to use a redundant analogue damping pressure signal in addition to the digital signal on the FlexRay bus is a system-level design decision that has to be integrated in the whole system-level design cycle (red cycle embedded in the blue cycle)

Example





• The consistent and reliable choice of the pressure sensors requires DfSS methods (FIT-rate determination/verification), i.e., there is a green cycle linked to the red cycle, and therefore also influencing design decisions

• Both blue (ASPICE) and red (Functional Safety) cycles • are integrated in a green (DfSS) cycle to assure the

continuous improvement of the design

• Include green cycles on system and component levels to assure the reliability and the continuous improvement of the design

Example





AQUA – Key Tasks and Deliverables

…and there is a lot more!!!

You are ALL kindly invited to a free AQUA pilot

training in early autumn 2014!

Interested?

mailto: [email protected]




Acknowledgements and Contact

Contact: [email protected]

Graz University of Technology, Austria, www.iti.tugraz.at

ISCN Ltd./Ges.m.b.H, Ireland/Austria, www.iscn.com

LSSA Lean Six Sigma Academy, Netherlands, www.lssa.eu

Automotive Cluster Upper Austria, Austria, www.clusterland.at

Automotive Cluster Slovenia, www.giz-acs.si

EMIRAcle AISBL, Belgium/France, www.emiracle.eu

ECQA, Austria, www.ecqa.org

This project has been funded with support from the European

Commission under agreement EAC-2012-0635. This

publication/communication reflects the views only of the author, and

the Commission cannot be held responsible for any use which may

be made of the information contained therein.

Documents

Funktionale Sicherheit und Prozessqualität …...Funktionale Sicherheit und Prozessqualität praxisnah umgesetzt 2 ECQA Certified Training Material ASQF Evening Talk May 2014 Authors: