ISO 21448:2022
Road vehicles — Safety of the intended functionality (SOTIF)
Standard Introduction
ISO 21448:2022 is an active standard published by International Organization for Standardization (ISO). It is commonly used across Automotive, Electronics, Technology and applies in Global.
Use this page to review the official documentation, current status, and the certification or assessment bodies most commonly associated with ISO 21448:2022.
Beyond Functional Safety
Addresses hazards from functional insufficiencies and reasonably foreseeable misuse — even when the system is operating correctly without malfunctions, filling the gap that ISO 26262 does not cover.
Sensor & Algorithm Limitations
Focuses on performance limitations of sensing and perception systems (cameras, radar, lidar) and decision algorithms that may cause unsafe behavior in triggering conditions.
Scenario-Based Analysis
Uses scenario-based approaches to identify and evaluate triggering conditions — specific situations or combinations of conditions that can lead to hazardous behavior of the intended functionality.
list_alt SOTIF Process Areas
- Specification and design of the intended functionality
- Identification of potentially hazardous behavior
- Analysis of triggering conditions and functional insufficiencies
- Evaluation of known and unknown hazardous scenarios
- Definition and implementation of improvement measures
- Verification and validation strategy for SOTIF
- Criteria for demonstration of acceptable residual risk
- Operational phase monitoring and field data collection
Who Needs to Comply?
Automotive OEMs and suppliers developing advanced driver assistance systems (ADAS) and automated driving systems. Particularly critical for SAE Level 2+ through Level 4 systems where perception, decision-making, and actuation must function safely under all foreseeable conditions.
Key Requirements
Functional Insufficiency Identification
Systematically identify functional insufficiencies in the specification and design of the intended functionality, including sensor limitations, algorithm performance boundaries, and actuator constraints.
Triggering Condition Analysis
Identify and analyze triggering conditions — specific environmental situations, user behaviors, or input combinations that could cause the system to exhibit hazardous behavior despite operating as designed.
Scenario Classification & Evaluation
Classify scenarios into four areas: known safe, known hazardous, unknown safe, and unknown hazardous. Systematically reduce the unknown and known hazardous areas to achieve acceptable residual risk.
Verification & Validation Strategy
Define a comprehensive V&V strategy combining simulation, test track, and real-world driving to demonstrate that residual risk from SOTIF-related hazards is sufficiently low across all relevant scenarios.
SOTIF-Related Monitoring
Implement field monitoring and data collection to identify previously unknown triggering conditions during operation, and feed findings back into the SOTIF improvement process.
Penalties & Enforcement
No direct regulatory penalties — ISO 21448 is a voluntary standard. However, SOTIF analysis is increasingly expected by type approval authorities and is referenced in UNECE regulatory frameworks. Failure to address SOTIF can lead to recalls, liability claims, and reputational damage if automated systems cause incidents due to functional insufficiencies.
Official Documentation
Official PDF for ISO 21448:2022
Official publication or summary for ISO 21448:2022
Official online resource
International Organization for Standardization (ISO) guidance and reference material
Implementation toolkit
Templates, guidance, or companion resources for ISO 21448:2022