ISO 26262:2018
Road vehicles — Functional safety (Parts 1-12)
Standard Introduction
ISO 26262:2018 is an active standard published by International Organization for Standardization (ISO). It is commonly used across Automotive, Electronics, Manufacturing and applies in Global.
Use this page to review the official documentation, current status, and the certification or assessment bodies most commonly associated with ISO 26262:2018.
ASIL Classification
Defines Automotive Safety Integrity Levels (ASIL A through D) based on hazard analysis and risk assessment, with ASIL D requiring the most rigorous safety measures for the highest risk scenarios.
Hardware & Software Safety
Provides detailed requirements for both hardware and software development, including hardware architectural metrics, diagnostic coverage, and software verification at every ASIL level.
Full Safety Lifecycle
Covers the complete automotive safety lifecycle from concept through development, production, operation, service, and decommissioning of E/E systems in road vehicles.
list_alt Standard Parts Overview
- Vocabulary and management of functional safety (Parts 1-2)
- Concept phase — hazard analysis and risk assessment (Part 3)
- Product development at system level (Part 4)
- Product development at hardware and software levels (Parts 5-6)
- Production, operation, service, and decommissioning (Part 7)
- Supporting processes and ASIL-oriented analyses (Parts 8-9)
- Guidelines on ISO 26262 and semiconductor application (Parts 10-11)
- Adaptation for motorcycles (Part 12)
Who Needs to Comply?
Automotive OEMs, Tier 1/2/3 suppliers, semiconductor manufacturers, and software developers working on safety-related E/E systems in passenger cars, trucks, buses, trailers, and motorcycles (the 2018 edition expanded scope beyond passenger cars).
Key Requirements
Hazard Analysis & Risk Assessment (HARA)
Systematically identify vehicle-level hazards, classify them using ASIL levels (A-D) based on severity, exposure probability, and controllability, and define safety goals for each hazardous event.
Functional & Technical Safety Concepts
Derive functional safety requirements from safety goals and allocate them to system elements. Develop a technical safety concept with specific hardware and software safety requirements traceable to the functional safety concept.
Hardware Safety Metrics
Demonstrate compliance with hardware architectural metrics — single-point fault metric, latent fault metric, and probabilistic metric for random hardware failures (PMHF) — appropriate to the target ASIL level.
Software Development Process
Follow a structured software development process with ASIL-dependent requirements for design principles, coding guidelines, verification methods (reviews, analysis, testing), and documentation at each phase.
Confirmation Measures
Perform confirmation reviews, functional safety audits, and functional safety assessments by qualified personnel with appropriate independence levels based on the ASIL of the safety-related item.
Implementation Roadmap
Prepare scope, ownership and regulatory context
Define the road-vehicle functional safety lifecycle scope across safety-related electrical and electronic systems, items, components, software, hardware, production, operation, service, and decommissioning activities. Assign accountable owners, identify applicable legal, customer, certification, or market-access drivers, and agree the evidence model before remediation starts.
Gap analysis and risk-based planning
Assess current practices against ISO 26262 expectations and risk context. Review safety management, item definition, HARA, ASIL determination, functional and technical safety concepts, system/software/hardware development, verification, validation, production release, and safety case evidence, then prioritize gaps by legal exposure, customer impact, safety or privacy risk, and audit or submission readiness.
Implement controls, documentation and evidence
Deploy the required processes, controls, reviews, training, supplier controls, and documented information. Build traceable evidence around safety plans, item definitions, HARA worksheets, ASIL rationale, safety requirements, architecture reviews, verification reports, validation results, confirmation reviews, safety cases, and production release evidence.
Review, audit and maintain compliance
Complete internal reviews, readiness checks, and corrective actions before the functional safety assessment or customer audit. Keep the program current after product, supplier, legal, customer, incident, or operational changes.
Compliance Checklist
checklist Scope and accountability
checklist Controls and records
checklist Monitoring and improvement
Penalties & Enforcement
No direct regulatory penalties — ISO 26262 is a voluntary standard. However, it has become a de facto industry requirement. Failure to demonstrate functional safety compliance can lead to product liability exposure, exclusion from OEM supply chains, and rejection in type approval processes under UNECE regulations.
Frequently Asked Questions
Who needs ISO 26262?
expand_more
ISO 26262 is relevant for organizations whose activities fall within safety-related electrical and electronic systems, items, components, software, hardware, production, operation, service, and decommissioning activities. It is commonly driven by regulation, customers, procurement requirements, market access, or the need to demonstrate disciplined control over high-impact risks.
What is the core purpose of ISO 26262?
expand_more
The core purpose is to create a repeatable program for safety management, item definition, HARA, ASIL determination, functional and technical safety concepts, system/software/hardware development, verification, validation, production release, and safety case evidence. The details vary by sector, but the practical goal is to make obligations visible, assign ownership, operate controls, and keep evidence current.
What should be done first?
expand_more
Start by confirming scope and ownership. Many failures come from unclear boundaries, missing accountable owners, or evidence that does not match the actual product, service, system, or data flow.
How long does implementation take?
expand_more
A focused implementation can take several months. Timelines depend on maturity, number of products or sites, supplier involvement, technical complexity, test evidence, and the depth of external review required.
What evidence is most useful?
expand_more
Useful evidence includes safety plans, item definitions, HARA worksheets, ASIL rationale, safety requirements, architecture reviews, verification reports, validation results, confirmation reviews, safety cases, and production release evidence. Auditors, regulators, customers, or reviewers usually expect evidence that controls are operating, not only that policies exist.
How should suppliers be handled?
expand_more
Supplier responsibilities should be defined contractually and operationally. High-risk suppliers need due diligence, flow-down requirements, evidence requests, performance monitoring, and escalation routes for findings or incidents.
How often should the program be reviewed?
expand_more
Review frequency should follow risk and change. Annual reviews are common, but product releases, incidents, regulatory changes, customer requirements, major suppliers, or audit findings should trigger targeted review sooner.
Can this be integrated with other compliance programs?
expand_more
Yes. ISO 26262 can often share governance, training, supplier management, document control, issue tracking, internal audit, and management review with related standards, while keeping its specific legal or technical evidence separate.
Official Documentation
Official PDF for ISO 26262:2018
Official publication or summary for ISO 26262:2018
Official online resource
International Organization for Standardization (ISO) guidance and reference material
Implementation toolkit
Templates, guidance, or companion resources for ISO 26262:2018