Architectural design and reliability analysis of a fail‐operational brake‐by‐wire system from ISO 26262 perspectives

Next generation drive‐by‐wire automotive systems enabling autonomous driving will build on the fail‐operational capabilities of electronics, control and software (ECS) architectural solutions. Developing such architectural designs that would meet dependability requirements and satisfy other system constraints is a challenging task and will possibly lead to a paradigm shift in automotive ECS architecture design and development activities. This aspect is becoming quite relevant while designing battery‐driven electric vehicles with integrated in‐wheel drive‐train and chassis subsystems. In such highly integrated dependable systems, many of the primary features and functions are attributed to the highest safety critical ratings. Brake‐by‐wire is one such system that interfaces with active safety features built into an automobile, and which in turn is expected to provide fail‐operational capabilities. In this paper, building up on the basic concepts of fail‐silent and fail‐operational systems design we propose a system‐architecture for a brake‐by‐wire system with fail‐operational capabilities. The design choices are supported with proper rationale and design trade‐offs. Safety and reliability analysis of the proposed system architecture is performed as per the ISO 26262 standard for functional safety of electrical/electronic systems in road vehicles.