Home / Standards / ISO 26262
Standard · ISO 26262
ISO 26262 — Fault Tree Analysis for Automotive Functional Safety
ISO 26262 is the road-vehicle adaptation of IEC 61508. It introduces the Automotive Safety Integrity Level (ASIL A → D) and prescribes deductive analysis (FTA) at the higher integrity levels. FTA Studio implements the IEC 61025 backbone that ISO 26262-9 expects, plus the hardware random-failure metrics specific to automotive.
Where ISO 26262 calls for FTA
ISO 26262-9 ASIL-oriented and safety-oriented analyses recommends deductive analysis (FTA) — Highly Recommended at ASIL-C and ASIL-D, Recommended at ASIL-B. ISO 26262-5 then uses FTA to evidence the hardware architectural metrics:
- PMHF (Probabilistic Metric for Random Hardware Failures) — top-event probability per hour. Targets: <10⁻⁷ /h (ASIL-C), <10⁻⁸ /h (ASIL-D).
- SPFM (Single Point Fault Metric) — fraction of single-point failures covered by safety mechanisms.
- LFM (Latent Fault Metric) — fraction of latent multi-point failures covered.
The fault tree's role is to show the architecture has no unmitigated single-point fault and that the residual probability beats the PMHF target.
ASIL classification recap
| ASIL | Hardware target (PMHF) | FTA recommendation |
|---|---|---|
| ASIL-A | < 10⁻⁶ /h | Recommended |
| ASIL-B | < 10⁻⁷ /h | Recommended |
| ASIL-C | < 10⁻⁷ /h | Highly Recommended |
| ASIL-D | < 10⁻⁸ /h | Highly Recommended |
How FTA Studio supports ISO 26262
- IEC 61025 symbol set — drawn to ISO 26262-Annex compatible geometry.
- ASIL labels on basic events — propagate through the tree so ASIL decomposition (per ISO 26262-9 Clause 5) is visually traceable.
- PMHF computation — exact Boolean evaluation at the top event, with mission time configurable per project.
- Common-cause modelling — Beta-factor and MGL CCF blocks for redundant ECU/sensor architectures.
- Importance measures — Fussell-Vesely on cut sets directs hardware safety mechanism placement.
- FMEA cross-reference (Enterprise) — ties FTA cut sets to FMEA failure modes, the inductive companion ISO 26262-9 also expects.
- IEC JSON / PDF export — audit-ready outputs for the safety case bundle.