1. Holistic Safety Considerations for Automotive Battery Systems

The objective of system safety engineering is to develop a system with no unreasonable risk. To this end, risks caused by the electrical and/or electronic (E/E) system that could potentially harm persons must be analyzed, and appropriate risk reduction measures have to be considered in an early phase of development. This requires a close collaboration between different engineering disciplines in order to specify a comprehensive description of risk reduction and mitigation measures—the safety concept. The international functional safety standard ISO 26262 has to be considered for the development of E/E systems within road vehicles up to 3.5 tons. This standard focuses on E/E measures and considers other non-E/E measures only after the specification of the safety concept. In contrast, this chapter proposes a workflow for the elaboration of an integrated safety concept including safety measures from different engineering disciplines. Two main lessons learned were that the consideration of all kinds of risk reduction measures in the concept phase improves the understanding of the safety of the overall system, and involving various fields of expertise enables the development of a clear safety concept. This approach will improve the development of the overall system, while complying with the requirements of ISO 26262 for the development of E/E systems. The applicability of the introduced approach is demonstrated on an automotive battery case study, where the influence of various safety measures on the Automotive Safety Integrity Level (ASIL) determination has been taken into account in order to reduce the costs of E/E system development.