From 5758ba49c20a10ef53e3cd6b6353638ffcfc3127 Mon Sep 17 00:00:00 2001 From: "jhr2hi@bosch.com" Date: Wed, 20 May 2026 15:56:10 +0200 Subject: [PATCH 1/3] update safety analysis template --- .../safety_mgt/module_safety_analysis_fdr.rst | 120 ++++++++++++++---- 1 file changed, 95 insertions(+), 25 deletions(-) diff --git a/docs/safety_mgt/module_safety_analysis_fdr.rst b/docs/safety_mgt/module_safety_analysis_fdr.rst index b1fcaf0..9b78bcb 100644 --- a/docs/safety_mgt/module_safety_analysis_fdr.rst +++ b/docs/safety_mgt/module_safety_analysis_fdr.rst @@ -34,22 +34,69 @@ Safety Analysis Checklist **Purpose** - -The purpose of this Safety Analysis (DFA and FMEA) checklist template is to collect the topics to be checked during verification of the Safety Analysis. +The purpose of this Safety Analysis (DFA and FMEA) formal review report template is to collect the topics to be checked during verification of the Safety Analysis. **Conduct** - As described in :need:`wf__p_formal_rv`, the formal document review is performed by an "external" safety manager: -- reviewer: +- reviewer: **** +- scope: **** **Checklist** -Please note that the "passed" column must contain "yes" or "no" for each checklist item. Additionally, the remarks column must explain why item passed or did not passed. In case of "no" an issue link to the issue tracking system has to be added in the last column. See also the review concept for further information about reviews in general and inspection in particular. +Please note that it is mandatory to fill in the "passed" column with "yes" or "no" for each checklist item and additional to add in the remarks why it is passed or not passed. In case of "no" an issue link to the issue tracking system has to be added in the last column. See also :ref:`review_concept` for further information about reviews in general and inspection in particular. + + +.. list-table:: General Checklist + :header-rows: 1 + :widths: 10,30,10,30,20 + + * - ID + - Safety analysis activity + - Compliant to ISO 26262? + - Reference + - Comment + + * - Gen 1 + - Are the safety analysis performed according to the defined process and templates? See :ref:`process_requirements_safety_analysis` and also :ref:`FMEA_templates` and :ref:`dfa_templates` + - [YES | NO ] + - :need:`[[title]] `, :need:`[[title]] `, :need:`[[title]] `, :need:`[[title]] ` + - + + * - Gen 2 + - Are the safety analysis performed in a systematic way to identify the potential dependent failures / failure modes and their effects? Are the failure effect and the mitigation described? + - [YES | NO ] + - :need:`[[title]] `, :need:`[[title]] ` + - + + * - Gen 3 + - Is the result of the safety analysis indicate if the safety requirements are complied? + - [YES | NO ] + - :need:`[[title]] ` + - + + * - Gen 4 + - Are the mitigations effective and implemented? + - [YES | NO ] + - :need:`[[title]] ` + - + + * - Gen 5 + - Are all AoU's that are used as mitigation's created and covered in the safety manual? + - [YES | NO ] + - :need:`[[title]] ` + - -.. list-table:: Safety Analysis Checklist + * - Gen 6 + - Are additional safety-related test cases determined by potential results of the safety analyses? + - [YES | NO ] + - :need:`[[title]] ` + - + + +.. list-table:: DFA Checklist :header-rows: 1 - :widths: 10,10,30,30,20 + :widths: 10,30,10,30,20 * - ID - Safety analysis activity @@ -57,44 +104,67 @@ Please note that the "passed" column must contain "yes" or "no" for each checkli - Reference - Comment - * - 1 + * - DFA 1 + - Are the potential dependent failures identified by performming a DFA? + - [YES | NO ] + - :need:`[[title]] ` + - + + * - DFA 2 - Is it plausible that each potential identified dependent failure that has been identified, will lead to a dependent failure which cause a violation of FFI? - [YES | NO ] - :need:`[[title]] ` - - * - 2 - - Are the failure initiators :need:`[[title]] ` / fault models :need:`[[title]] ` applied? + * - DFA 3 + - Are applicable operational situations and operating modes considered? + - [YES | NO ] + - :need:`[[title]] ` + - + + * - DFA 4 + - Are the failure initiators :need:`[[title]] ` suitable and applied? - [YES | NO ] - :need:`[[title]] ` - - * - 3 - - Are measures defined to resolute the identified potential dependent failures? + * - DFA 5 + - Is a rationale provided for each identified potential dependent failure? - [YES | NO ] - - :need:`[[title]] `, :need:`[[title]] ` + - :need:`[[title]] ` - - * - 4 - - Is the result of the safety analysis indicate if the safety requirements are complied? + * - DFA 6 + - Are measures defined to resolve the identified potential dependent failures? - [YES | NO ] - - :need:`[[title]] ` + - :need:`[[title]] `, :need:`[[title]] `, :need:`[[title]] ` - - * - 5 - - Are for all not complied safety requirements mitigations defined to resolute the non-compliance? The mitigations shall have a direct influence on the violation by prevention, detection or mitigation to reduce the risk to an acceptable level. + * - DFA 7 + - Can be the required level of independence shown for the identified potential dependent failures? - [YES | NO ] - - :need:`[[title]] ` + - :need:`[[title]] ` - - * - 6 - - Are the mitigations effective and implemented? + +.. list-table:: FMEA Checklist + :header-rows: 1 + :widths: 10,30,10,30,20 + + * - ID + - Safety analysis activity + - Compliant to ISO 26262? + - Reference + - Comment + + * - FMEA 1 + - Are the fault models suitable and applied for the FMEA? See :ref:`fault_models` and also :ref:`process_requirements_safety_analysis` - [YES | NO ] - - :need:`[[title]] ` + - :need:`[[title]] ` - - * - 7 - - Are the templates for DFA and/or FMEA used? See the DFA templates, FMEA templates, and process requirements for safety analysis. + * - FMEA 2 + - Are measures defined to resolve the identified faults? - [YES | NO ] - - :need:`[[title]] `, :need:`[[title]] `, :need:`[[title]] ` + - :need:`[[title]] ` - From 67acb09c9992b7a3bab7ddb130bbe3c7940283d0 Mon Sep 17 00:00:00 2001 From: "jhr2hi@bosch.com" Date: Wed, 20 May 2026 15:59:09 +0200 Subject: [PATCH 2/3] add linebreaks --- docs/safety_mgt/module_safety_analysis_fdr.rst | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/safety_mgt/module_safety_analysis_fdr.rst b/docs/safety_mgt/module_safety_analysis_fdr.rst index 9b78bcb..b18146b 100644 --- a/docs/safety_mgt/module_safety_analysis_fdr.rst +++ b/docs/safety_mgt/module_safety_analysis_fdr.rst @@ -34,9 +34,11 @@ Safety Analysis Checklist **Purpose** + The purpose of this Safety Analysis (DFA and FMEA) formal review report template is to collect the topics to be checked during verification of the Safety Analysis. **Conduct** + As described in :need:`wf__p_formal_rv`, the formal document review is performed by an "external" safety manager: - reviewer: **** From 7a02e11cae6a4d2338b13f2c57dac3735db2cb56 Mon Sep 17 00:00:00 2001 From: "jhr2hi@bosch.com" Date: Wed, 20 May 2026 17:29:53 +0200 Subject: [PATCH 3/3] fix missing links --- docs/safety_mgt/module_safety_analysis_fdr.rst | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/docs/safety_mgt/module_safety_analysis_fdr.rst b/docs/safety_mgt/module_safety_analysis_fdr.rst index b18146b..9cfc9a1 100644 --- a/docs/safety_mgt/module_safety_analysis_fdr.rst +++ b/docs/safety_mgt/module_safety_analysis_fdr.rst @@ -46,7 +46,7 @@ As described in :need:`wf__p_formal_rv`, the formal document review is performed **Checklist** -Please note that it is mandatory to fill in the "passed" column with "yes" or "no" for each checklist item and additional to add in the remarks why it is passed or not passed. In case of "no" an issue link to the issue tracking system has to be added in the last column. See also :ref:`review_concept` for further information about reviews in general and inspection in particular. +Please note that it is mandatory to fill in the "passed" column with "yes" or "no" for each checklist item and additional to add in the remarks why it is passed or not passed. In case of "no" an issue link to the issue tracking system has to be added in the last column. See also :need:`doc_concept__wp_inspections` for further information about reviews in general and inspection in particular. .. list-table:: General Checklist @@ -60,7 +60,7 @@ Please note that it is mandatory to fill in the "passed" column with "yes" or "n - Comment * - Gen 1 - - Are the safety analysis performed according to the defined process and templates? See :ref:`process_requirements_safety_analysis` and also :ref:`FMEA_templates` and :ref:`dfa_templates` + - Are the safety analysis performed according to the defined process and templates? See :need:`gd_req__saf_structure` and also :need:`doc__feature_name_fmea` and :need:`doc__feature_name_dfa` - [YES | NO ] - :need:`[[title]] `, :need:`[[title]] `, :need:`[[title]] `, :need:`[[title]] ` - @@ -107,7 +107,7 @@ Please note that it is mandatory to fill in the "passed" column with "yes" or "n - Comment * - DFA 1 - - Are the potential dependent failures identified by performming a DFA? + - Are the potential dependent failures identified by performing a DFA? - [YES | NO ] - :need:`[[title]] ` - @@ -160,7 +160,7 @@ Please note that it is mandatory to fill in the "passed" column with "yes" or "n - Comment * - FMEA 1 - - Are the fault models suitable and applied for the FMEA? See :ref:`fault_models` and also :ref:`process_requirements_safety_analysis` + - Are the fault models suitable and applied for the FMEA? See :need:`gd_guidl__fault_models` and also :need:`gd_req__saf_structure` - [YES | NO ] - :need:`[[title]] ` -