funktionale sicherheit und prozessqualität …...funktionale sicherheit und prozessqualität...
TRANSCRIPT
www.automotive-quality-alliance.eu
This project has been funded with support from the European Commission
under agreement EAC-2012-0635. This publication/communication reflects the
views only of the author, and the Commission cannot be held responsible for
any use which may be made of the information contained therein.
KNOWLEDGE ALLIANCE FOR TRAINING QUALITY AND EXCELLENCE IN AUTOMOTIVE
Fachgruppenabend
Erlangen, 22/05/2014
Andreas Riel
Dušan Busen, Damjan Ekert, Christian Kreiner, Michael Langgner,
Richard Messnarz, Michael Reiner, Dick Theisens, Serge Tichkiewitch
Funktionale Sicherheit und
Prozessqualität praxisnah umgesetzt
2 ECQA Certified Training Material
ASQF Evening Talk May 2014
Authors: AQUA Training Material Committee automotive-knowledge-alliance.eu
Motivation
• Automotive Suppliers are confronted with many Quality
Standards and Norms
• Number of standards and complexity is increasing
• Customer demands high process and product quality
• Internal process improvement to achieve high quality
Understand the synergies and deltas between the standards and
their application areas
Integrate requirements from the standards into one process
landscape
Unified process view
IEC 61508
6σ
3 ECQA Certified Training Material
ASQF Evening Talk May 2014
Authors: AQUA Training Material Committee automotive-knowledge-alliance.eu
Challenges in Automotive (some)
• Exponential growth of complex functions realised with electronic/software
systems.
• Standards to implement
– Quality Management & Lifecycle ISO TS16949
– Automotive SPICE: (Software) Quality ISO15504
– Functional Safety: ISO26262, IEC 61508
More and more components and subsystems in the car are classified ASIL
A/B/C/D, likewise SIL 1/2/3/4.
– Lean Six Sigma: combines
Lean Manufacturing – eliminating waste [Toyota]
Six Sigma – minimize variability in manufacturing and business processes
[Motorola]
– To come: Common Criteria (IT Security)
• Ever shorter development cycles –> everything integrated
4 ECQA Certified Training Material
ASQF Evening Talk May 2014
Authors: AQUA Training Material Committee automotive-knowledge-alliance.eu
Partly
Overlap Largely
Overlap
No
Overlap
Product Opportunity Gap
Identification/Understanding
Concept Development
Product Design
Process Design
Commercial Production
Se
qu
en
tia
l
En
gin
ee
rin
g
Degree of Concurrency
(Activity Overlapping)
Degree of Collaboration
(Decision Coupling)
Product Opportunity Gap
Identification/Understanding Concept Development
Product Design Process Design
Commercial Production
Inte
gra
ted
En
gin
ee
rin
g
Multiple stakeholders interact
to make multiple decisions
Multiple stakeholders interact
to achieve a single agreement
Product Opportunity Gap
Identification/Understanding
Concept Development
Product Design
Process Design
Commercial Production
Co
nc
urr
en
t
En
gin
ee
rin
g How do we make decisions for
these overlapping activities?
Interface
Relationship
Synergy
Sequential, Concurrent, Integrated
5 ECQA Certified Training Material
ASQF Evening Talk May 2014
Authors: AQUA Training Material Committee automotive-knowledge-alliance.eu
Software and System Quality Automotive SPICE® Processes
6 ECQA Certified Training Material
ASQF Evening Talk May 2014
Authors: AQUA Training Material Committee automotive-knowledge-alliance.eu
Safety as a System Property ISO26262 – Functional safety standard
7 ECQA Certified Training Material
ASQF Evening Talk May 2014
Authors: AQUA Training Material Committee automotive-knowledge-alliance.eu
Lean Six Sigma Coping with Variation and Reliability
8 ECQA Certified Training Material
ASQF Evening Talk May 2014
Authors: AQUA Training Material Committee automotive-knowledge-alliance.eu
The European AQUA Initiative
• Europe-wide Certified Qualification Platform for
Quality in Automotive
• Achieving excellence through the integration of
– Automotive SPICE® (ISO/IEC 15504)
– Functional Safety (ISO 26262)
– Six Sigma
• Targeting Automotive Suppliers
– Help them get an integrated Quality Understanding
that is compliant with leading relevant standards
– Qualify a large number of Stakeholders
9 ECQA Certified Training Material
ASQF Evening Talk May 2014
Authors: AQUA Training Material Committee automotive-knowledge-alliance.eu
The AQUA Alliance
10 ECQA Certified Training Material
ASQF Evening Talk May 2014
Authors: AQUA Training Material Committee automotive-knowledge-alliance.eu
The AQUA Training Program Architecture
Release 1
ECQA Certified Training Material
Authors: AQUA Training Material Committee
Knowledge Alliance for
Training Quality and Excellence
in Automotive
www.ecqa.org
This project has been funded with support from the European Commission
under agreement EAC-2012-0635. This publication/communication reflects the
views only of the author, and the Commission cannot be held responsible for
any use which may be made of the information contained therein.
Unit 1: Introduction
Element 1: Standards, Norms, and Guidelines
Subcomponent: Integration
12 ECQA Certified Training Material
ASQF Evening Talk May 2014
Authors: AQUA Training Material Committee automotive-knowledge-alliance.eu
SOP
Research & Development
Series
Production
Automotive SPICE
Functional Safety
Lean Six Sigma
Integrated Approach - Timeline
13 ECQA Certified Training Material
ASQF Evening Talk May 2014
Authors: AQUA Training Material Committee automotive-knowledge-alliance.eu
SW ECU Mechanics
Sensor
System Production
Lean Six Sigma
Automotive SPICE
Functional Safety
Integrated Approach - Components
14 ECQA Certified Training Material
ASQF Evening Talk May 2014
Authors: AQUA Training Material Committee automotive-knowledge-alliance.eu
Automotive SPICE Process
Functional Safety Process and Method
Processes [What]
Processes [What] &
Methods [How]
Integrated Approach - Processes
15 ECQA Certified Training Material
ASQF Evening Talk May 2014
Authors: AQUA Training Material Committee automotive-knowledge-alliance.eu
Automotive
SPICE – Process
Requirements
Additional
Process
Requirements
from the ISO
26262
Example – Software Requirements Analysis
16 ECQA Certified Training Material
ASQF Evening Talk May 2014
Authors: AQUA Training Material Committee automotive-knowledge-alliance.eu
Methods from the
ISO 26262
Process
Requirements from
Automotive SPICE
and ISO 26262
Example – Software Requirements Analysis
17 ECQA Certified Training Material
ASQF Evening Talk May 2014
Authors: AQUA Training Material Committee automotive-knowledge-alliance.eu
Functional Safety Chapters
Automotive SPICE Functional Safety
Focus on software and
system development
Focus on SW and E/E
Hardware
Capability Level and
Attribute Ratings
ASIL
Process Improvement Compliance
… …
ASPICE vs. Functional Safety
18 ECQA Certified Training Material
ASQF Evening Talk May 2014
Authors: AQUA Training Material Committee automotive-knowledge-alliance.eu
Value and Foundations of LSS
Six Sigma Focus on reducing variability
– The goal of Six Sigma is to increase business profits by eliminating the
variability, defects and waste that undermine customer loyalty
– Origin:
1986 Motorola – Bill Smith & Mikel Harry: ‘DMAIC’
1996 General Electric – Jack Welch: ‘The GE Way’
Six Sigma is a rigorous and systematic methodology that utilizes
information (management by facts) and statistical analysis to measure
and improve a company's operational performance by preventing
'defects' i.e. meet and exceed stakeholders expectations
19 ECQA Certified Training Material
ASQF Evening Talk May 2014
Authors: AQUA Training Material Committee automotive-knowledge-alliance.eu
Value and Foundations of Six Sigma
LSL USL
2700 ppm
defects
4.5σ 3.4 ppm
defects
LSL USL 6σ
3σ
Defects: outside specification
20 ECQA Certified Training Material
ASQF Evening Talk May 2014
Authors: AQUA Training Material Committee automotive-knowledge-alliance.eu
Value and Foundations of Six Sigma
Why Six Sigma Level?
3σ
4σ
5σ
6σ
7σ
66.810
6.210
233
3.4
0.02
ppm σ level
1σ
2σ
690.000
308.537
20-30%
15-20%
10-15%
5-10%
<5%
Loss in
% of sales
30-40%
40-50%
Average
World Class
Status
Bankrupt
21 ECQA Certified Training Material
ASQF Evening Talk May 2014
Authors: AQUA Training Material Committee automotive-knowledge-alliance.eu
Value and Foundations of Six Sigma
DfSS - Design for Six Sigma Focus on robust design
– The goal of DfSS is to design products/processes that exceed customer
expectations i.e. flawless product launch and predictable reliability
DfSS is a systematic and rigorous methodology
using tools, training, and measurements to enable
the design of new products and processes that meet
customer expectations at Six Sigma quality levels.
22 ECQA Certified Training Material
ASQF Evening Talk May 2014
Authors: AQUA Training Material Committee automotive-knowledge-alliance.eu
Value and Foundations of Six Sigma
DfSS - Design for Six Sigma Focus on robust design
Nu
mb
er
of
ch
an
ges
20-24 months 14-17 months 1-3 months 1st day of
production
Traditional development
Design for Six Sigma / QFD
• Robust design
• Reliability
• FMEA
• QFD
• . . .
23 ECQA Certified Training Material
ASQF Evening Talk May 2014
Authors: AQUA Training Material Committee automotive-knowledge-alliance.eu
24 ECQA Certified Training Material
ASQF Evening Talk May 2014
Authors: AQUA Training Material Committee automotive-knowledge-alliance.eu
24
Red = Additional Safety
Relevant Content
Integration of Safety and Six Sigma
60575451484542
LSL USL
LSL 40
Target *
USL 60
Sample Mean 50.1598
Sample N 1000
StDev (Within) 3.08536
StDev (O v erall) 3.15039
Process Data
C p 1.08
C PL 1.10
C PU 1.06
C pk 1.06
Pp 1.06
PPL 1.07
PPU 1.04
Ppk 1.04
C pm *
O v erall C apability
Potential (Within) C apability
PPM < LSL 0.00
PPM > USL 0.00
PPM Total 0.00
O bserv ed Performance
PPM < LSL 495.80
PPM > USL 713.02
PPM Total 1208.82
Exp. Within Performance
PPM < LSL 630.03
PPM > USL 893.60
PPM Total 1523.64
Exp. O v erall Performance
Within
Overall
Process Capability of C1
Statistical
Methods – Six
Sigma
25 ECQA Certified Training Material
ASQF Evening Talk May 2014
Authors: AQUA Training Material Committee automotive-knowledge-alliance.eu
Integrated Teams of Engineering
• All three methods
describe
continuous
improvement
cycles
• The cycles are
interacting
leading to joined
learning (evolving
system)
• Design Example:
Six
Sig
ma
: D
esig
n
FM
EA
deliv
ering
co
un
ter
me
asu
res
FMEDA : Diagnose and
redundancy measures for
ISO 26262
Re
qu
irem
en
ts
Tra
ced a
nd T
este
d
(AS
PIC
E)
LEARNING about
System and Domain
26 ECQA Certified Training Material
ASQF Evening Talk May 2014
Authors: AQUA Training Material Committee automotive-knowledge-alliance.eu
Integrated Engineering Teams
• Using the
same
collaboration
principle in all
interacting
cases
• Teams are not
separate:
Six
Sig
ma
Exp
ert
s
ISO 26262
Experts
AS
PIC
E
Exp
erts
LEARNING about
System and Domain
27 ECQA Certified Training Material
ASQF Evening Talk May 2014
Authors: AQUA Training Material Committee automotive-knowledge-alliance.eu
• The Product Engineering Process (PEP) includes all activities
from the idea to the series production of a product.
• It is usually divided into phases, where each phase ends with
a gate.
• Between the gates many iterations of the V-Model
(Automotive SPICE and Functional Safety) are run through.
• The Failure mode effects analysis (FMEA) as a tool from Six
Sigma is used quantify and prioritize risks during the
development with a focus to track actions to mitigate the risks.
Process FMEA: Used to analyse production and/or
assembly process.
Integration into the
Product Engineering Process
Release 1
ECQA Certified Training Material
Authors: AQUA Training Material Committee
Knowledge Alliance for
Training Quality and Excellence
in Automotive
www.ecqa.org
This project has been funded with support from the European Commission
under agreement EAC-2012-0635. This publication/communication reflects the
views only of the author, and the Commission cannot be held responsible for
any use which may be made of the information contained therein.
Unit 2: Product Development
Element 2.: Life Cycle
Subcomponent: Integration
29 ECQA Certified Training Material
ASQF Evening Talk May 2014
Authors: AQUA Training Material Committee automotive-knowledge-alliance.eu
Integrated View
ASPICE - System
Referenz: Software Engineering nach Automotive SPICE – Ein Continental Projekt auf dem Weg zu Level 3
30 ECQA Certified Training Material
ASQF Evening Talk May 2014
Authors: AQUA Training Material Committee automotive-knowledge-alliance.eu
Integrated View
Safety - System
+ Safety Goals
+ Functional and
Technical Safety
Concept
SW
Architecture
with diganose
layers (e.g.
EGAS)
+ HW – SW
Interface (HSI)
Redundant
Design and
FIT Rates
+ Test of Safety
Mechanisms
+ Safety Life Cycle + Level 1-4 release
31 ECQA Certified Training Material
ASQF Evening Talk May 2014
Authors: AQUA Training Material Committee automotive-knowledge-alliance.eu
Integrated View
Design for Six Sigma - System
TQM
Standard Work
Control plan
CTQ Flowdown
dFMEA
MSA
Process Capability
Process Capability
Product Capability
Cpk Ppk
DMADV DMAIC
QFD
VOC
DOE – Design of Experiments
Transfer functions
Reliability Eng.
Referenz: Software Engineering nach Automotive SPICE – Ein Continental Projekt auf dem Weg zu Level 3
32 ECQA Certified Training Material
ASQF Evening Talk May 2014
Authors: AQUA Training Material Committee automotive-knowledge-alliance.eu
Integrated View
ASPICE - Software
Referenz: Software Engineering nach Automotive SPICE – Ein Continental Projekt auf dem Weg zu Level 3
33 ECQA Certified Training Material
ASQF Evening Talk May 2014
Authors: AQUA Training Material Committee automotive-knowledge-alliance.eu
Integrated View
Safety - Software
+ SW Safety
Requirements
+ Method tables and
E-Gas Architecture
+ Independent
Diagnose Functions
+ Freedom of
interference and
method tables
+ Branch coverage,
criticality analysis
+ interface test,
criticality analysis
+ faul injection,
range check,
equivalence class
Referenz: Software Engineering nach Automotive SPICE – Ein Continental Projekt auf dem Weg zu Level 3
34 ECQA Certified Training Material
ASQF Evening Talk May 2014
Authors: AQUA Training Material Committee automotive-knowledge-alliance.eu
Integrated View
ASPICE+ - Hardware
Referenz: Software Engineering nach Automotive SPICE – Ein Continental Projekt auf dem Weg zu Level 3
35 ECQA Certified Training Material
ASQF Evening Talk May 2014
Authors: AQUA Training Material Committee automotive-knowledge-alliance.eu
Integrated View
Safety - Hardware
+ Method tables and
Redundant
Architecture
+ HW Safety
Requirements
+ Redundant Design
and FIT Rates + HW Metric
+ HSI test
+ HW Architecture
Metric and FTA,
overall FIT rate
+ modular design
and decomposition
strategy
Referenz: Software Engineering nach Automotive SPICE – Ein Continental Projekt auf dem Weg zu Level 3
36 ECQA Certified Training Material
ASQF Evening Talk May 2014
Authors: AQUA Training Material Committee automotive-knowledge-alliance.eu
Integrated View
ASPICE+ - Hardware
Life time in specific
usage profile (DOE)
Design FMEA
Selecting
components with
proper quality
Referenz: Software Engineering nach Automotive SPICE – Ein Continental Projekt auf dem Weg zu Level 3
37 ECQA Certified Training Material
ASQF Evening Talk May 2014
Authors: AQUA Training Material Committee automotive-knowledge-alliance.eu
Three Dimensions of Iteration
All 3 methods have a specific life cycle
38 ECQA Certified Training Material
ASQF Evening Talk May 2014
Authors: AQUA Training Material Committee automotive-knowledge-alliance.eu
Integrated View Idea
39 ECQA Certified Training Material
ASQF Evening Talk May 2014
Authors: AQUA Training Material Committee automotive-knowledge-alliance.eu
Integrated Design Approach
The Integrated Design Approach requires
• a Function-Oriented Design View in all three Life Cycles
• a consideration of the complete system in terms of • Software
• Hardware (E/EE/PE)
• ALL THE REST (mechanics, hydraulics, etc.)
• Embedded, integrated iterations of blue (ASPICE) and red (Functional Safety) Design Cycles for safety critical functions
• Embedded, integrated iterations of green (DfSS) and blue (ASPICE)/red (Functional Safety) Design Cycles on System Level
40 ECQA Certified Training Material
ASQF Evening Talk May 2014
Authors: AQUA Training Material Committee automotive-knowledge-alliance.eu
Example
Adaptive Damping System
• Power consumption
• Accuracy of Shifting
• Dynamics in Shiftig
• Lifetime
• Operating conditions
• Etc.
Referenz:
ZF N,
Key Note bei S2QI/SOQRATES,
Kick Off Konferenz,
November 2005,
Graz, Österreich
41 ECQA Certified Training Material
ASQF Evening Talk May 2014
Authors: AQUA Training Material Committee automotive-knowledge-alliance.eu
Damper
Front Right Damper
Front Left
Damper
Rear Left
Damper
Rear Right Flexray Bus
(Height)
Stabilise
e.g.
4 electronic dampers
which can be stiffened by
pressure controlled by
an ECU per damper
System Architectural Design
describes the components, their interfaces, and the system functions.
Analogue
Pressure
Example
Adaptive Damping System
42 ECQA Certified Training Material
ASQF Evening Talk May 2014
Authors: AQUA Training Material Committee automotive-knowledge-alliance.eu
• The adaptive damping is a safety-critical item consisting of several systems and subsystems
• Special design measures have to be taken to assure a certain defined quality and reliability of the whole Signal Path that is related to the adaptive damping function
• E.g. the architectural design decision to use a redundant analogue damping pressure signal in addition to the digital signal on the FlexRay bus is a system-level design decision that has to be integrated in the whole system-level design cycle (red cycle embedded in the blue cycle)
Example
Adaptive Damping System
43 ECQA Certified Training Material
ASQF Evening Talk May 2014
Authors: AQUA Training Material Committee automotive-knowledge-alliance.eu
• The consistent and reliable choice of the pressure sensors requires DfSS methods (FIT-rate determination/verification), i.e., there is a green cycle linked to the red cycle, and therefore also influencing design decisions
• Both blue (ASPICE) and red (Functional Safety) cycles • are integrated in a green (DfSS) cycle to assure the
continuous improvement of the design
• Include green cycles on system and component levels to assure the reliability and the continuous improvement of the design
Example
Adaptive Damping System
44 ECQA Certified Training Material
ASQF Evening Talk May 2014
Authors: AQUA Training Material Committee automotive-knowledge-alliance.eu
AQUA – Key Tasks and Deliverables
…and there is a lot more!!!
You are ALL kindly invited to a free AQUA pilot
training in early autumn 2014!
Interested?
mailto: [email protected]
45 ECQA Certified Training Material
ASQF Evening Talk May 2014
Authors: AQUA Training Material Committee automotive-knowledge-alliance.eu
Acknowledgements and Contact
Contact: [email protected]
Graz University of Technology, Austria, www.iti.tugraz.at
ISCN Ltd./Ges.m.b.H, Ireland/Austria, www.iscn.com
LSSA Lean Six Sigma Academy, Netherlands, www.lssa.eu
Automotive Cluster Upper Austria, Austria, www.clusterland.at
Automotive Cluster Slovenia, www.giz-acs.si
EMIRAcle AISBL, Belgium/France, www.emiracle.eu
ECQA, Austria, www.ecqa.org
This project has been funded with support from the European
Commission under agreement EAC-2012-0635. This
publication/communication reflects the views only of the author, and
the Commission cannot be held responsible for any use which may
be made of the information contained therein.