The Hazard Analysis and Risk Assessment sets the stage for developing safety goals. But just how much information about an item is needed in order to produce a quality HARA? Surprisingly, not that much.
Recall the purpose of the HARA is to identify hazardous events, classify them and develop safety goals to prevent unreasonable risks from occurring. To do this properly, engineers must first identify the functionality of the system during the concept phase. This is done with the item definition.
As the HARA is performed at the vehicle level, details of the implementation are not needed. The driver doesn’t care about the particulars of how the function is implemented but instead how it malfunctions. For example, the driver may ask was the function missing, did it operate unintendedly, was it early, late, inverted or intermittent? These are all key types of malfunctioning behaviors.
So what operational scenarios are relevant with respect to the vehicle functionality? Once identified using the malfunctioning behaviors, the hazardous events can be identified and classified. ASIL ratings are determined and safety goals at the vehicle level are identified.