标准简介
ISO 21448:2022 是由 国际标准化组织 (ISO) 发布的有效标准,常用于汽车、电子产品、科技等行业,并适用于全球等市场。
本页汇总了 ISO 21448:2022 的官方文档、当前状态以及常见相关认证或评估机构,便于快速理解要求与落地路径。
Beyond Functional Safety
Addresses hazards from functional insufficiencies and reasonably foreseeable misuse — even when the system is operating correctly without malfunctions, filling the gap that ISO 26262 does not cover.
Sensor & Algorithm Limitations
Focuses on performance limitations of sensing and perception systems (cameras, radar, lidar) and decision algorithms that may cause unsafe behavior in triggering conditions.
Scenario-Based Analysis
Uses scenario-based approaches to identify and evaluate triggering conditions — specific situations or combinations of conditions that can lead to hazardous behavior of the intended functionality.
list_alt SOTIF Process Areas
- Specification and design of the intended functionality
- Identification of potentially hazardous behavior
- Analysis of triggering conditions and functional insufficiencies
- Evaluation of known and unknown hazardous scenarios
- Definition and implementation of improvement measures
- Verification and validation strategy for SOTIF
- Criteria for demonstration of acceptable residual risk
- Operational phase monitoring and field data collection
Who Needs to Comply?
Automotive OEMs and suppliers developing advanced driver assistance systems (ADAS) and automated driving systems. Particularly critical for SAE Level 2+ through Level 4 systems where perception, decision-making, and actuation must function safely under all foreseeable conditions.
Key Requirements
Functional Insufficiency Identification
Systematically identify functional insufficiencies in the specification and design of the intended functionality, including sensor limitations, algorithm performance boundaries, and actuator constraints.
Triggering Condition Analysis
Identify and analyze triggering conditions — specific environmental situations, user behaviors, or input combinations that could cause the system to exhibit hazardous behavior despite operating as designed.
Scenario Classification & Evaluation
Classify scenarios into four areas: known safe, known hazardous, unknown safe, and unknown hazardous. Systematically reduce the unknown and known hazardous areas to achieve acceptable residual risk.
Verification & Validation Strategy
Define a comprehensive V&V strategy combining simulation, test track, and real-world driving to demonstrate that residual risk from SOTIF-related hazards is sufficiently low across all relevant scenarios.
SOTIF-Related Monitoring
Implement field monitoring and data collection to identify previously unknown triggering conditions during operation, and feed findings back into the SOTIF improvement process.
Penalties & Enforcement
No direct regulatory penalties — ISO 21448 is a voluntary standard. However, SOTIF analysis is increasingly expected by type approval authorities and is referenced in UNECE regulatory frameworks. Failure to address SOTIF can lead to recalls, liability claims, and reputational damage if automated systems cause incidents due to functional insufficiencies.