verified_user
Standardful
Homechevron_rightStandardschevron_rightISO 26262:2018
ActiveInternational Standardupdate Standard Updated: Dec 2018fact_check Fact checked: Jun 28, 2026

ISO 26262:2018

Road vehicles — Functional safety (Parts 1-12)

apartmentPublishing Organization:International Organization for Standardization (ISO)

Standard Introduction

ISO 26262:2018 is an active standard published by International Organization for Standardization (ISO). It is commonly used across Automotive, Electronics, Manufacturing and applies in Global.

Use this page to review the official documentation, current status, and the certification or assessment bodies most commonly associated with ISO 26262:2018.

directions_car

ASIL Classification

Defines Automotive Safety Integrity Levels (ASIL A through D) based on hazard analysis and risk assessment, with ASIL D requiring the most rigorous safety measures for the highest risk scenarios.

developer_board

Hardware & Software Safety

Provides detailed requirements for both hardware and software development, including hardware architectural metrics, diagnostic coverage, and software verification at every ASIL level.

cycle

Full Safety Lifecycle

Covers the complete automotive safety lifecycle from concept through development, production, operation, service, and decommissioning of E/E systems in road vehicles.

list_alt Standard Parts Overview

  • Vocabulary and management of functional safety (Parts 1-2)
  • Concept phase — hazard analysis and risk assessment (Part 3)
  • Product development at system level (Part 4)
  • Product development at hardware and software levels (Parts 5-6)
  • Production, operation, service, and decommissioning (Part 7)
  • Supporting processes and ASIL-oriented analyses (Parts 8-9)
  • Guidelines on ISO 26262 and semiconductor application (Parts 10-11)
  • Adaptation for motorcycles (Part 12)

Who Needs to Comply?

groups

Automotive OEMs, Tier 1/2/3 suppliers, semiconductor manufacturers, and software developers working on safety-related E/E systems in passenger cars, trucks, buses, trailers, and motorcycles (the 2018 edition expanded scope beyond passenger cars).

Key Requirements

1

Hazard Analysis & Risk Assessment (HARA)

Systematically identify vehicle-level hazards, classify them using ASIL levels (A-D) based on severity, exposure probability, and controllability, and define safety goals for each hazardous event.

2

Functional & Technical Safety Concepts

Derive functional safety requirements from safety goals and allocate them to system elements. Develop a technical safety concept with specific hardware and software safety requirements traceable to the functional safety concept.

3

Hardware Safety Metrics

Demonstrate compliance with hardware architectural metrics — single-point fault metric, latent fault metric, and probabilistic metric for random hardware failures (PMHF) — appropriate to the target ASIL level.

4

Software Development Process

Follow a structured software development process with ASIL-dependent requirements for design principles, coding guidelines, verification methods (reviews, analysis, testing), and documentation at each phase.

5

Confirmation Measures

Perform confirmation reviews, functional safety audits, and functional safety assessments by qualified personnel with appropriate independence levels based on the ASIL of the safety-related item.

Implementation Roadmap

1
Phase 1schedule Duration: 2-4 weeks

Prepare scope, ownership and regulatory context

Define the road-vehicle functional safety lifecycle scope across safety-related electrical and electronic systems, items, components, software, hardware, production, operation, service, and decommissioning activities. Assign accountable owners, identify applicable legal, customer, certification, or market-access drivers, and agree the evidence model before remediation starts.

2
Phase 2schedule Duration: 4-8 weeks

Gap analysis and risk-based planning

Assess current practices against ISO 26262 expectations and risk context. Review safety management, item definition, HARA, ASIL determination, functional and technical safety concepts, system/software/hardware development, verification, validation, production release, and safety case evidence, then prioritize gaps by legal exposure, customer impact, safety or privacy risk, and audit or submission readiness.

3
Phase 3schedule Duration: 8-20 weeks

Implement controls, documentation and evidence

Deploy the required processes, controls, reviews, training, supplier controls, and documented information. Build traceable evidence around safety plans, item definitions, HARA worksheets, ASIL rationale, safety requirements, architecture reviews, verification reports, validation results, confirmation reviews, safety cases, and production release evidence.

4
Phase 4schedule Duration: Ongoing

Review, audit and maintain compliance

Complete internal reviews, readiness checks, and corrective actions before the functional safety assessment or customer audit. Keep the program current after product, supplier, legal, customer, incident, or operational changes.

Compliance Checklist

0 / 12

checklist Scope and accountability

checklist Controls and records

checklist Monitoring and improvement

Penalties & Enforcement

warning

No direct regulatory penalties — ISO 26262 is a voluntary standard. However, it has become a de facto industry requirement. Failure to demonstrate functional safety compliance can lead to product liability exposure, exclusion from OEM supply chains, and rejection in type approval processes under UNECE regulations.

Frequently Asked Questions

Who needs ISO 26262?

expand_more

ISO 26262 is relevant for organizations whose activities fall within safety-related electrical and electronic systems, items, components, software, hardware, production, operation, service, and decommissioning activities. It is commonly driven by regulation, customers, procurement requirements, market access, or the need to demonstrate disciplined control over high-impact risks.

What is the core purpose of ISO 26262?

expand_more

The core purpose is to create a repeatable program for safety management, item definition, HARA, ASIL determination, functional and technical safety concepts, system/software/hardware development, verification, validation, production release, and safety case evidence. The details vary by sector, but the practical goal is to make obligations visible, assign ownership, operate controls, and keep evidence current.

What should be done first?

expand_more

Start by confirming scope and ownership. Many failures come from unclear boundaries, missing accountable owners, or evidence that does not match the actual product, service, system, or data flow.

How long does implementation take?

expand_more

A focused implementation can take several months. Timelines depend on maturity, number of products or sites, supplier involvement, technical complexity, test evidence, and the depth of external review required.

What evidence is most useful?

expand_more

Useful evidence includes safety plans, item definitions, HARA worksheets, ASIL rationale, safety requirements, architecture reviews, verification reports, validation results, confirmation reviews, safety cases, and production release evidence. Auditors, regulators, customers, or reviewers usually expect evidence that controls are operating, not only that policies exist.

How should suppliers be handled?

expand_more

Supplier responsibilities should be defined contractually and operationally. High-risk suppliers need due diligence, flow-down requirements, evidence requests, performance monitoring, and escalation routes for findings or incidents.

How often should the program be reviewed?

expand_more

Review frequency should follow risk and change. Annual reviews are common, but product releases, incidents, regulatory changes, customer requirements, major suppliers, or audit findings should trigger targeted review sooner.

Can this be integrated with other compliance programs?

expand_more

Yes. ISO 26262 can often share governance, training, supplier management, document control, issue tracking, internal audit, and management review with related standards, while keeping its specific legal or technical evidence separate.

Official Documentation

View All

Implementation Timeline

description
Nov 2011
First edition (ISO 26262:2011) published with 10 parts, applicable to passenger cars up to 3.5 tons
trending_up
2014
Industry-wide adoption accelerates with major OEMs requiring ISO 26262 compliance from suppliers
check_circle
Dec 2018
Second edition published with 12 parts, extending scope to trucks, buses, motorcycles, and semiconductors
security
2021
ISO/SAE 21434 published as a complementary standard addressing cybersecurity engineering
psychology
2023
ISO/TR 9839 published bridging ISO 26262 functional safety with AI components
update
2025
Third edition development underway with expected updates for AI/ML components and SOTIF integration
edit_document
2026
ISO/CD 26262 third edition committee draft expected for ballot covering software-defined vehicles

Related Categories