From 64933d458c31eaac40363b4a6fd262f88d464ad1 Mon Sep 17 00:00:00 2001 From: Attilio Stefano Funel Date: Wed, 18 Feb 2026 13:49:06 +0100 Subject: [PATCH 01/12] 2501 attifunel: added missing templates --- .../platform/docs/safety_mgt/index.rst | 22 +++++ .../platform_safety_analysis_fdr.rst | 92 ++++++++++++++++++ .../platform_safety_package_fdr.rst | 66 +++++++++++++ .../safety_mgt/platform_safety_plan_fdr.rst | 96 +++++++++++++++++++ .../platform_verification_report.rst | 52 ++++++++++ process/folder_templates/platform/index.rst | 4 +- .../platform/safety_analysis/platform_dfa.rst | 11 +-- 7 files changed, 333 insertions(+), 10 deletions(-) create mode 100644 process/folder_templates/platform/docs/safety_mgt/index.rst create mode 100644 process/folder_templates/platform/docs/safety_mgt/platform_safety_analysis_fdr.rst create mode 100644 process/folder_templates/platform/docs/safety_mgt/platform_safety_package_fdr.rst create mode 100644 process/folder_templates/platform/docs/safety_mgt/platform_safety_plan_fdr.rst create mode 100644 process/folder_templates/platform/docs/verification/platform_verification_report.rst diff --git a/process/folder_templates/platform/docs/safety_mgt/index.rst b/process/folder_templates/platform/docs/safety_mgt/index.rst new file mode 100644 index 0000000000..abc7e63abb --- /dev/null +++ b/process/folder_templates/platform/docs/safety_mgt/index.rst @@ -0,0 +1,22 @@ +.. + # ******************************************************************************* + # Copyright (c) 2026 Contributors to the Eclipse Foundation + # + # See the NOTICE file(s) distributed with this work for additional + # information regarding copyright ownership. + # + # This program and the accompanying materials are made available under the + # terms of the Apache License Version 2.0 which is available at + # https://www.apache.org/licenses/LICENSE-2.0 + # + # SPDX-License-Identifier: Apache-2.0 + # ******************************************************************************* + +Safety Management +################# + +.. toctree:: + :titlesonly: + + platform_safety_plan_fdr + platform_safety_package_fdr diff --git a/process/folder_templates/platform/docs/safety_mgt/platform_safety_analysis_fdr.rst b/process/folder_templates/platform/docs/safety_mgt/platform_safety_analysis_fdr.rst new file mode 100644 index 0000000000..a3045bbd2b --- /dev/null +++ b/process/folder_templates/platform/docs/safety_mgt/platform_safety_analysis_fdr.rst @@ -0,0 +1,92 @@ +.. + # ******************************************************************************* + # Copyright (c) 2026 Contributors to the Eclipse Foundation + # + # See the NOTICE file(s) distributed with this work for additional + # information regarding copyright ownership. + # + # This program and the accompanying materials are made available under the + # terms of the Apache License Version 2.0 which is available at + # https://www.apache.org/licenses/LICENSE-2.0 + # + # SPDX-License-Identifier: Apache-2.0 + # ******************************************************************************* + + +Safety Analysis Checklist +========================= + +.. document:: Platform Safety Analysis Checklist + :id: doc__module_name_safety_analysis_fdr + :status: draft + :safety: ASIL_B + :security: YES + :realizes: wp__fdr_reports + :tags: template + + + +**Purpose** +The purpose of this Safety Analysis (DFA and FMEA) checklist template is to collect the topics to be checked during verification of the Platform Safety Analysis. + +**Conduct** +As described in :need:`wf__p_formal_rv`, the formal document review is performed by an "external" safety manager: + +- reviewer: + +**Checklist** + +Please note that it is mandatory to fill in the "passed" column with "yes" or "no" for each checklist item and additional to add in the remarks why it is passed or not passed. In case of "no" an issue link to the issue tracking system has to be added in the last column. See also :ref:`review_concept` for further information about reviews in general and inspection in particular. + +.. list-table:: Safety Analysis Checklist + :header-rows: 1 + :widths: 10,30,30,15,8,8 + + * - Review ID + - Acceptance Criteria + - Guidance + - Passed + - Remarks + - Issue link + * - REQ_01_01 + - Is / are the attribute sufficient set correctly? + - The mitigations shall have a direct influence ont the violation by prevention, detection or mitigation to reduce the risk to an acceptable level. + - The mitigations are sufficient. + - + - + * - REQ_01_02 + - Are the templates for DFA and/or FMEA used? + - See :ref:`dfa_templates` / :ref:`FMEA_templates` and also :ref:`process_requirements_safety_analysis` + - Templates are used to generate the DFA or / and FMEA. + - + - + * - REQ_01_03 + - Were the failure initiators / fault models applied? + - See :need:`gd_guidl__dfa_failure_initiators` / :need:`gd_guidl__fault_models` + - The applicable items of the failure initiators / fault models are used to ensure a structured analysis. For all not applicable items an argument shall be given in the content of the document. + - + - + * - REQ_01_04 + - Are the failure effects clearly and completely described? + - Use the generic failure effect descriptions and enlarge the description if it's applicable to the considered element. + - The effects of the failure is described completely. The effect can be recognized easily. + - + - + * - REQ_01_06 + - Is the attribute "mitigated by" linked correct? + - Check if the correct failure effect is linked via "mitigated by". + - The "mitigated by" link is correct. + - + - + * - REQ_01_07 + - Is the sufficiency of the "mitigated by" (prevention, detection or mitigation) described or can it be recognized easily? + - The sufficiency of the "mitigated by" is described in the content of the document. It can be recognized easily. + - The "mitigated by" shows clearly that a fault / failure can be mitigated by the linked requirement by prevention, detection or mitigation. It shall be described in the contend. + - + - + * - REQ_01_08 + - Is the overall result of the Safety Analysis described in the report? + - It shall be shown in the report if the Safety Analysis are finished and if all artifacts are "valid" and "sufficient". + - The results of the Safety Analysis are described in the report. The report is available :need:`wp__verification_platform_ver_report`. + - + - diff --git a/process/folder_templates/platform/docs/safety_mgt/platform_safety_package_fdr.rst b/process/folder_templates/platform/docs/safety_mgt/platform_safety_package_fdr.rst new file mode 100644 index 0000000000..761b7200eb --- /dev/null +++ b/process/folder_templates/platform/docs/safety_mgt/platform_safety_package_fdr.rst @@ -0,0 +1,66 @@ +.. + # ******************************************************************************* + # Copyright (c) 2025 Contributors to the Eclipse Foundation + # + # See the NOTICE file(s) distributed with this work for additional + # information regarding copyright ownership. + # + # This program and the accompanying materials are made available under the + # terms of the Apache License Version 2.0 which is available at + # https://www.apache.org/licenses/LICENSE-2.0 + # + # SPDX-License-Identifier: Apache-2.0 + # ******************************************************************************* + +Safety Package Formal Review Report +=================================== + +.. note:: Document header + +.. document:: Platform Safety Package Formal Review + :id: doc__platform_safety_package_fdr + :status: draft + :safety: ASIL_B + :security: NO + :realizes: wp__fdr_reports + :tags: template + + +**1. Purpose** + +The purpose of this review checklist is to report status of the formal review for the platform safety package. + +**2. Checklist** + +.. list-table:: Safety Package Checklist + :header-rows: 1 + + * - Id + - Safety package activity + - Compliant to ISO 26262? + - Comment + + * - 1 + - Is a safety package provided which matches the safety plan (i.e. all planned work products referenced)? + - [YES | NO ] + - + + * - 2 + - Is the argument how functional safety is achieved, provided in the safety package, plausible and sufficient? + - NO + - The argument is intentionally not provided by the project. + + * - 3 + - Are the referenced work products available? + - [YES | NO ] + - + + * - 4 + - Are the referenced work products in released state, including the process safety audit? + - [YES | NO ] + - + + * - 5 + - If safety related deviations from the process or safety concept are documented, are these argued understandably? + - [YES | NO ] + - diff --git a/process/folder_templates/platform/docs/safety_mgt/platform_safety_plan_fdr.rst b/process/folder_templates/platform/docs/safety_mgt/platform_safety_plan_fdr.rst new file mode 100644 index 0000000000..087a69dcc7 --- /dev/null +++ b/process/folder_templates/platform/docs/safety_mgt/platform_safety_plan_fdr.rst @@ -0,0 +1,96 @@ +.. + # ******************************************************************************* + # Copyright (c) 2025 Contributors to the Eclipse Foundation + # + # See the NOTICE file(s) distributed with this work for additional + # information regarding copyright ownership. + # + # This program and the accompanying materials are made available under the + # terms of the Apache License Version 2.0 which is available at + # https://www.apache.org/licenses/LICENSE-2.0 + # + # SPDX-License-Identifier: Apache-2.0 + # ******************************************************************************* + +Safety Plan Formal Review Report +================================ + +.. note:: Document header + +.. document:: PlatformSafety Plan Formal Review + :id: doc__platform_safety_plan_fdr + :status: draft + :safety: ASIL_B + :security: NO + :realizes: wp__fdr_reports + :tags: template + + +**1. Purpose** + +The purpose of this safety plan formal review checklist is to report status of the review for the platform safety plan. + +**2. Checklist** + +.. list-table:: Safety Plan Checklist + :header-rows: 1 + + * - Id + - Safety plan activity + - Compliant to ISO 26262? + - Comment + + * - 1 + - Is the rationale for the safety work products tailoring included? + - [YES | NO ] + - + + * - 2 + - Is impact analysis planned in case of re-use of SW (needed for every release following the first formal release)? + - [YES | NO ] + - + + * - 3 + - Does the safety plan define all needed activities for safety management (incl. Confirmation review and Safety Audit)? + - [YES | NO ] + - + + * - 4 + - Does the safety plan define all needed activities for System and SW development, integration and verification? + - [YES | NO ] + - + + * - 5 + - Does the safety plan define all needed activities for safety analysis and DFA? + - [YES | NO ] + - + + * - 6 + - Does the safety plan define all needed activities for supporting processes (incl. tool mgt)? + - [YES | NO ] + - + + * - 7 + - Does the safety plan document a responsible for all activities? + - [YES | NO ] + - + + * - 8 + - If OSS software components is used, is it planned to be qualified? + - [YES | NO ] + - + + * - 9 + - Is a safety manager and a project manager appointed for the project? + - [YES | NO ] + - + + * - 10 + - Is safety plan sufficiently linked to the project plan? + - [YES | NO ] + - + + * - 11 + - Is safety plan updated iteratively to show the progress? + - [YES | NO ] + - diff --git a/process/folder_templates/platform/docs/verification/platform_verification_report.rst b/process/folder_templates/platform/docs/verification/platform_verification_report.rst new file mode 100644 index 0000000000..ca245753c9 --- /dev/null +++ b/process/folder_templates/platform/docs/verification/platform_verification_report.rst @@ -0,0 +1,52 @@ +.. + # ******************************************************************************* + # Copyright (c) 2026 Contributors to the Eclipse Foundation + # + # See the NOTICE file(s) distributed with this work for additional + # information regarding copyright ownership. + # + # This program and the accompanying materials are made available under the + # terms of the Apache License Version 2.0 which is available at + # https://www.apache.org/licenses/LICENSE-2.0 + # + # SPDX-License-Identifier: Apache-2.0 + # ******************************************************************************* + +Verification Report +=================== + +.. note:: Document header + +.. document:: platform Verification Report + :id: doc__platform_verification_report + :status: draft + :safety: ASIL_B + :security: YES + :realizes: wp__verification_platform_ver_report + :tags: template + + +Verification Report contains: + +**1. List of requirements and architecture tested ** + + - List of requirements (stakeholder and feature) tested by which test + - List of architecture elements tested by which test (can be several levels) + - For all tests "passed/failed" shall be reported + - For all tests, completeness verdict shall be report, including normal operation and failure reactions + - The list of requirements may also contain other verification methods like “Analysis” + +**2. Safety analyses ** + - Formal evidence about the performed DFA + - Formal evidence about the performed Safety Analyses (this has to be compared against safety plan, i.e. needed only if FMEA actually planned on platform level) + - Final statement resume (i.e. all passed, or are there open points, further actions needed, justifications etc.) + +**2. Integration test results ** + - Test results per test case from Platform Integration Test (:need:`wp__verification_platform_int_test`) + - Test results per test case from Feature Integration test (:need:`wp__verification_feat_int_test`) + - All test results shall include status ("passed/failed/not_run") + +**3. Integration test logs ** + - Test log per test case from Platform Integration Test (:need:`wp__verification_platform_int_test`) + - Test log per test case from Feature Integration test (:need:`wp__verification_feat_int_test`) + - All test results shall include status ("passed/failed/not_run") diff --git a/process/folder_templates/platform/index.rst b/process/folder_templates/platform/index.rst index 721fb404de..b7b6aa4e29 100644 --- a/process/folder_templates/platform/index.rst +++ b/process/folder_templates/platform/index.rst @@ -1,6 +1,6 @@ .. # ******************************************************************************* - # Copyright (c) 2024 Contributors to the Eclipse Foundation + # Copyright (c) 2026 Contributors to the Eclipse Foundation # # See the NOTICE file(s) distributed with this work for additional # information regarding copyright ownership. @@ -24,3 +24,5 @@ Platform requirements/stakeholder/chklst_req_inspection.rst safety_planning/index.rst safety_planning/platform_safety_analysis_fdr.rst + safety_mgt/index.rst + verification/platform_verification_report.rst diff --git a/process/folder_templates/platform/safety_analysis/platform_dfa.rst b/process/folder_templates/platform/safety_analysis/platform_dfa.rst index cf86ee24b4..2dafac8c92 100644 --- a/process/folder_templates/platform/safety_analysis/platform_dfa.rst +++ b/process/folder_templates/platform/safety_analysis/platform_dfa.rst @@ -29,13 +29,6 @@ Platform DFA (Dependent Failure Analysis) .. note:: Use the content of the document to describe e.g. why a fault model is not applicable for the diagram. -.. attention:: - The above directive must be updated according to your Feature. - - - Modify ``Your Feature Name`` to be your Feature Name - - Modify ``id`` to be your Feature Name in upper snake case preceded by ``doc__`` and succeeded by ``_dfa`` - - Adjust ``status`` to be ``valid`` - - Adjust ``safety`` and ``tags`` according to your needs Dependent Failure Initiators ---------------------------- @@ -44,10 +37,10 @@ Dependent Failure Initiators .. plat_saf_dfa:: :violates: <Feature architecture> - :id: plat_saf_DFA__<Feature>__<Element descriptor> + :id: plat_saf_DFA__Platform__<Element descriptor> :failure_id: <ID from DFA failure initiators :need:`gd_guidl__dfa_failure_initiators`> :failure_effect: "description of failure effect of the failure initiator on the element" - :mitigated_by: <ID from Feature Requirement | ID from AoU Feature Requirement> + :mitigated_by: <ID from Stakeholder Requirement | ID from AoU Feature Requirement> :mitigation_issue: <ID from Issue Tracker> :sufficient: <yes|no> :status: <valid|invalid> From f15c6d4e0322b141bcbe33db675d8869ef9ed7a0 Mon Sep 17 00:00:00 2001 From: Attilio Stefano Funel <attiliostefano.funel@etas.com> Date: Wed, 18 Feb 2026 13:49:28 +0100 Subject: [PATCH 02/12] 2501 attifunel: added missing templates From 654894814d71f6cc6fc98f2d1e7962b54cbb19c5 Mon Sep 17 00:00:00 2001 From: Attilio Stefano Funel <attiliostefano.funel@etas.com> Date: Wed, 18 Feb 2026 14:16:15 +0100 Subject: [PATCH 03/12] 2501 attifunel: fixed index errors --- .../docs/verification/platform_verification_report.rst | 8 ++++---- process/folder_templates/platform/index.rst | 3 ++- 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/process/folder_templates/platform/docs/verification/platform_verification_report.rst b/process/folder_templates/platform/docs/verification/platform_verification_report.rst index ca245753c9..4235dea692 100644 --- a/process/folder_templates/platform/docs/verification/platform_verification_report.rst +++ b/process/folder_templates/platform/docs/verification/platform_verification_report.rst @@ -28,7 +28,7 @@ Verification Report Verification Report contains: -**1. List of requirements and architecture tested ** +**1. List of requirements and architecture tested** - List of requirements (stakeholder and feature) tested by which test - List of architecture elements tested by which test (can be several levels) @@ -36,17 +36,17 @@ Verification Report contains: - For all tests, completeness verdict shall be report, including normal operation and failure reactions - The list of requirements may also contain other verification methods like “Analysis” -**2. Safety analyses ** +**2. Safety analyses** - Formal evidence about the performed DFA - Formal evidence about the performed Safety Analyses (this has to be compared against safety plan, i.e. needed only if FMEA actually planned on platform level) - Final statement resume (i.e. all passed, or are there open points, further actions needed, justifications etc.) -**2. Integration test results ** +**2. Integration test results** - Test results per test case from Platform Integration Test (:need:`wp__verification_platform_int_test`) - Test results per test case from Feature Integration test (:need:`wp__verification_feat_int_test`) - All test results shall include status ("passed/failed/not_run") -**3. Integration test logs ** +**3. Integration test logs** - Test log per test case from Platform Integration Test (:need:`wp__verification_platform_int_test`) - Test log per test case from Feature Integration test (:need:`wp__verification_feat_int_test`) - All test results shall include status ("passed/failed/not_run") diff --git a/process/folder_templates/platform/index.rst b/process/folder_templates/platform/index.rst index b7b6aa4e29..bc22e96849 100644 --- a/process/folder_templates/platform/index.rst +++ b/process/folder_templates/platform/index.rst @@ -25,4 +25,5 @@ Platform safety_planning/index.rst safety_planning/platform_safety_analysis_fdr.rst safety_mgt/index.rst - verification/platform_verification_report.rst + docs/safety_mgt/index.rst + docs/verification/platform_verification_report.rst From fabd70ca748ab03fdd7441ff0fd0845e545880f2 Mon Sep 17 00:00:00 2001 From: Attilio Stefano Funel <attiliostefano.funel@etas.com> Date: Wed, 18 Feb 2026 14:21:06 +0100 Subject: [PATCH 04/12] 2501 attifunel fixed hopefully last index error --- process/folder_templates/platform/docs/safety_mgt/index.rst | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/process/folder_templates/platform/docs/safety_mgt/index.rst b/process/folder_templates/platform/docs/safety_mgt/index.rst index abc7e63abb..2e1fc76a53 100644 --- a/process/folder_templates/platform/docs/safety_mgt/index.rst +++ b/process/folder_templates/platform/docs/safety_mgt/index.rst @@ -17,6 +17,7 @@ Safety Management .. toctree:: :titlesonly: - + platform_safety_plan_fdr platform_safety_package_fdr + platform_safety_analysis_fdr From 7a74e1b5a6b0bcac33af42b35c692fdf974892b4 Mon Sep 17 00:00:00 2001 From: Attilio Stefano Funel <attiliostefano.funel@etas.com> Date: Wed, 18 Feb 2026 14:59:54 +0100 Subject: [PATCH 05/12] issue 2501 attifunel fixed TOC conflict --- process/folder_templates/platform/index.rst | 3 +++ 1 file changed, 3 insertions(+) diff --git a/process/folder_templates/platform/index.rst b/process/folder_templates/platform/index.rst index bc22e96849..b67aa82a90 100644 --- a/process/folder_templates/platform/index.rst +++ b/process/folder_templates/platform/index.rst @@ -27,3 +27,6 @@ Platform safety_mgt/index.rst docs/safety_mgt/index.rst docs/verification/platform_verification_report.rst + requirements/stakeholder/chklst_req_inspection.rst + safety_planning/index.rst + safety_planning/platform_safety_analysis_fdr.rst From 0e54cb99fb05b691a98845a204304872d9a75be3 Mon Sep 17 00:00:00 2001 From: Philipp Ahmann <Philipp.Ahmann@de.bosch.com> Date: Wed, 18 Feb 2026 17:12:35 +0100 Subject: [PATCH 06/12] Fix build issues created during merge Correct one duplicated entry as copy-paste issue for safety_analysis_fdr Signed-off-by: Philipp Ahmann <Philipp.Ahmann@de.bosch.com> --- .../platform/docs/safety_mgt/platform_safety_analysis_fdr.rst | 2 +- process/folder_templates/platform/index.rst | 4 ---- 2 files changed, 1 insertion(+), 5 deletions(-) diff --git a/process/folder_templates/platform/docs/safety_mgt/platform_safety_analysis_fdr.rst b/process/folder_templates/platform/docs/safety_mgt/platform_safety_analysis_fdr.rst index a3045bbd2b..5c8655ecc4 100644 --- a/process/folder_templates/platform/docs/safety_mgt/platform_safety_analysis_fdr.rst +++ b/process/folder_templates/platform/docs/safety_mgt/platform_safety_analysis_fdr.rst @@ -17,7 +17,7 @@ Safety Analysis Checklist ========================= .. document:: Platform Safety Analysis Checklist - :id: doc__module_name_safety_analysis_fdr + :id: doc__platform_safety_analysis_fdr :status: draft :safety: ASIL_B :security: YES diff --git a/process/folder_templates/platform/index.rst b/process/folder_templates/platform/index.rst index b67aa82a90..9e6e940eee 100644 --- a/process/folder_templates/platform/index.rst +++ b/process/folder_templates/platform/index.rst @@ -24,9 +24,5 @@ Platform requirements/stakeholder/chklst_req_inspection.rst safety_planning/index.rst safety_planning/platform_safety_analysis_fdr.rst - safety_mgt/index.rst docs/safety_mgt/index.rst docs/verification/platform_verification_report.rst - requirements/stakeholder/chklst_req_inspection.rst - safety_planning/index.rst - safety_planning/platform_safety_analysis_fdr.rst From 0c2c356e7d5792a380ffaf930051df1e95a52550 Mon Sep 17 00:00:00 2001 From: Attilio Stefano Funel <attiliostefano.funel@etas.com> Date: Wed, 18 Feb 2026 19:29:05 +0100 Subject: [PATCH 07/12] issue 574 attifunel fixed comments from review --- .../platform_safety_analysis_fdr.rst | 4 +- .../platform_safety_package_fdr.rst | 4 +- .../safety_mgt/platform_safety_plan_fdr.rst | 6 +- .../platform_verification_report.rst | 6 +- .../platform_safety_analysis_fdr.rst | 99 ------------------- 5 files changed, 10 insertions(+), 109 deletions(-) delete mode 100644 process/folder_templates/platform/safety_planning/platform_safety_analysis_fdr.rst diff --git a/process/folder_templates/platform/docs/safety_mgt/platform_safety_analysis_fdr.rst b/process/folder_templates/platform/docs/safety_mgt/platform_safety_analysis_fdr.rst index 5c8655ecc4..0e9e2ff502 100644 --- a/process/folder_templates/platform/docs/safety_mgt/platform_safety_analysis_fdr.rst +++ b/process/folder_templates/platform/docs/safety_mgt/platform_safety_analysis_fdr.rst @@ -13,8 +13,8 @@ # ******************************************************************************* -Safety Analysis Checklist -========================= +Platform Safety Analysis Checklist +================================== .. document:: Platform Safety Analysis Checklist :id: doc__platform_safety_analysis_fdr diff --git a/process/folder_templates/platform/docs/safety_mgt/platform_safety_package_fdr.rst b/process/folder_templates/platform/docs/safety_mgt/platform_safety_package_fdr.rst index 761b7200eb..65d505a778 100644 --- a/process/folder_templates/platform/docs/safety_mgt/platform_safety_package_fdr.rst +++ b/process/folder_templates/platform/docs/safety_mgt/platform_safety_package_fdr.rst @@ -12,8 +12,8 @@ # SPDX-License-Identifier: Apache-2.0 # ******************************************************************************* -Safety Package Formal Review Report -=================================== +Platform Safety Package Formal Review Report +============================================ .. note:: Document header diff --git a/process/folder_templates/platform/docs/safety_mgt/platform_safety_plan_fdr.rst b/process/folder_templates/platform/docs/safety_mgt/platform_safety_plan_fdr.rst index 087a69dcc7..98c893cdcb 100644 --- a/process/folder_templates/platform/docs/safety_mgt/platform_safety_plan_fdr.rst +++ b/process/folder_templates/platform/docs/safety_mgt/platform_safety_plan_fdr.rst @@ -12,12 +12,12 @@ # SPDX-License-Identifier: Apache-2.0 # ******************************************************************************* -Safety Plan Formal Review Report -================================ +Platform Safety Plan Formal Review Report +========================================= .. note:: Document header -.. document:: PlatformSafety Plan Formal Review +.. document:: Platform Safety Plan Formal Review :id: doc__platform_safety_plan_fdr :status: draft :safety: ASIL_B diff --git a/process/folder_templates/platform/docs/verification/platform_verification_report.rst b/process/folder_templates/platform/docs/verification/platform_verification_report.rst index 4235dea692..23b4068a4b 100644 --- a/process/folder_templates/platform/docs/verification/platform_verification_report.rst +++ b/process/folder_templates/platform/docs/verification/platform_verification_report.rst @@ -12,12 +12,12 @@ # SPDX-License-Identifier: Apache-2.0 # ******************************************************************************* -Verification Report -=================== +Platform Verification Report +============================ .. note:: Document header -.. document:: platform Verification Report +.. document:: Platform Verification Report :id: doc__platform_verification_report :status: draft :safety: ASIL_B diff --git a/process/folder_templates/platform/safety_planning/platform_safety_analysis_fdr.rst b/process/folder_templates/platform/safety_planning/platform_safety_analysis_fdr.rst deleted file mode 100644 index d97625d8da..0000000000 --- a/process/folder_templates/platform/safety_planning/platform_safety_analysis_fdr.rst +++ /dev/null @@ -1,99 +0,0 @@ -.. - # ******************************************************************************* - # Copyright (c) 2025 Contributors to the Eclipse Foundation - # - # See the NOTICE file(s) distributed with this work for additional - # information regarding copyright ownership. - # - # This program and the accompanying materials are made available under the - # terms of the Apache License Version 2.0 which is available at - # https://www.apache.org/licenses/LICENSE-2.0 - # - # SPDX-License-Identifier: Apache-2.0 - # ******************************************************************************* - - -Safety Analysis Checklist -========================= - -.. document:: [Your Platform Name] Safety Analysis Checklist - :id: doc__platform_name_safety_analysis_fdr - :status: draft - :safety: ASIL_B - :security: YES - :realizes: wp__fdr_reports - :tags: template - -.. attention:: - The above directive must be updated according to your Platform. - - - Modify ``Your Platform Name`` to be your Platform Name - - Modify ``id`` to be your Platform Name in lower snake case preceded by ``doc__`` and followed by ``_safety _analysis_fdr`` - - Adjust ``status`` to be ``valid`` - - Adjust ``safety``, ``security`` and ``tags`` according to your needs - - -**Purpose** -The purpose of this Safety Analysis (DFA and FMEA) checklist template is to collect the topics to be checked during verification of the Safety Analysis. - -**Conduct** -As described in :need:`wf__p_formal_rv`, the formal document review is performed by an "external" safety manager: - -- reviewer: <committer with safety manager skills explicitly named here> - -**Checklist** - -Please note that it is mandatory to fill in the "passed" column with "yes" or "no" for each checklist item and additional to add in the remarks why it is passed or not passed. In case of "no" an issue link to the issue tracking system has to be added in the last column. See also :ref:`review_concept` for further information about reviews in general and inspection in particular. - -.. list-table:: Safety Analysis Checklist - :header-rows: 1 - :widths: 10,30,30,15,8,8 - - * - Review ID - - Acceptance Criteria - - Guidance - - Passed - - Remarks - - Issue link - * - REQ_01_01 - - Is / are the attribute sufficient set correctly? - - The mitigations shall have a direct influence ont the violation by prevention, detection or mitigation to reduce the risk to an acceptable level. - - The mitigations are sufficient. - - <yes|no> - - - * - REQ_01_02 - - Are the templates for DFA and/or FMEA used? - - See :ref:`dfa_templates` / :ref:`FMEA_templates` and also :ref:`process_requirements_safety_analysis` - - Templates are used to generate the DFA or / and FMEA. - - <yes|no> - - - * - REQ_01_03 - - Were the failure initiators / fault models applied? - - See :need:`gd_guidl__dfa_failure_initiators` / :need:`gd_guidl__fault_models` - - The applicable items of the failure initiators / fault models are used to ensure a structured analysis. For all not applicable items an argument shall be given in the content of the document. - - <yes|no> - - - * - REQ_01_04 - - Are the failure effects clearly and completely described? - - Use the generic failure effect descriptions and enlarge the description if it's applicable to the considered element. - - The effects of the failure is described completely. The effect can be recognized easily. - - <yes|no> - - - * - REQ_01_06 - - Is the attribute "mitigated by" linked correct? - - Check if the correct failure effect is linked via "mitigated by". - - The "mitigated by" link is correct. - - <yes|no> - - - * - REQ_01_07 - - Is the sufficiency of the "mitigated by" (prevention, detection or mitigation) described or can it be recognized easily? - - The sufficiency of the "mitigated by" is described in the content of the document. It can be recognized easily. - - The "mitigated by" shows clearly that a fault / failure can be mitigated by the linked requirement by prevention, detection or mitigation. It shall be described in the contend. - - <yes|no> - - - * - REQ_01_08 - - Is the overall result of the Safety Analysis described in the report? - - It shall be shown in the report if the Safety Analysis are finished and if all artifacts are "valid" and "sufficient". - - The results of the Safety Analysis are described in the report. The report is available :need:`wp__verification_platform_ver_report`. - - <yes|no> - - From 97298f7643324d74e6954ab0f3391c3c2a436afa Mon Sep 17 00:00:00 2001 From: Attilio Stefano Funel <attiliostefano.funel@etas.com> Date: Wed, 18 Feb 2026 19:33:38 +0100 Subject: [PATCH 08/12] issue 2501 attifunel fixed TOC problem --- process/folder_templates/platform/index.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/process/folder_templates/platform/index.rst b/process/folder_templates/platform/index.rst index 9e6e940eee..0a95bec675 100644 --- a/process/folder_templates/platform/index.rst +++ b/process/folder_templates/platform/index.rst @@ -25,4 +25,4 @@ Platform safety_planning/index.rst safety_planning/platform_safety_analysis_fdr.rst docs/safety_mgt/index.rst - docs/verification/platform_verification_report.rst + docs/verification/platform_verification_report.rst From 5b6a3f0c940e4ed12145cfca877c977111d188aa Mon Sep 17 00:00:00 2001 From: Attilio Stefano Funel <attiliostefano.funel@etas.com> Date: Wed, 18 Feb 2026 19:50:19 +0100 Subject: [PATCH 09/12] issue 2501 attifunel fixed python version in bazel file --- MODULE.bazel | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/MODULE.bazel b/MODULE.bazel index 31b3576376..6500714ab2 100644 --- a/MODULE.bazel +++ b/MODULE.bazel @@ -29,7 +29,7 @@ bazel_dep(name = "rules_pkg", version = "1.1.0") # Python version # ############################################################################### -bazel_dep(name = "rules_python", version = "1.4.1") +bazel_dep(name = "rules_python", version = "1.8.3") PYTHON_VERSION = "3.12" From ed6cc64136a16a15853ced59c03029225f2faecf Mon Sep 17 00:00:00 2001 From: Attilio Stefano Funel <attiliostefano.funel@etas.com> Date: Thu, 19 Feb 2026 09:30:21 +0100 Subject: [PATCH 10/12] issue 2501 attifunel fixed missing link --- process/folder_templates/platform/index.rst | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/process/folder_templates/platform/index.rst b/process/folder_templates/platform/index.rst index 0a95bec675..2b63337db4 100644 --- a/process/folder_templates/platform/index.rst +++ b/process/folder_templates/platform/index.rst @@ -23,6 +23,5 @@ Platform safety_analysis/platform_dfa.rst requirements/stakeholder/chklst_req_inspection.rst safety_planning/index.rst - safety_planning/platform_safety_analysis_fdr.rst docs/safety_mgt/index.rst - docs/verification/platform_verification_report.rst + docs/verification/platform_verification_report.rst From 3bb696609e3171c74a73983f57e46f57f3546af7 Mon Sep 17 00:00:00 2001 From: Attilio Stefano Funel <attiliostefano.funel@etas.com> Date: Thu, 19 Feb 2026 09:37:53 +0100 Subject: [PATCH 11/12] issue 2501 attifunel fixing "platform name"-type link --- .../platform/docs/safety_mgt/platform_safety_analysis_fdr.rst | 2 +- .../safety_analysis/guidance/safety_analysis_checklist.rst | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/process/folder_templates/platform/docs/safety_mgt/platform_safety_analysis_fdr.rst b/process/folder_templates/platform/docs/safety_mgt/platform_safety_analysis_fdr.rst index 0e9e2ff502..8ca74deff0 100644 --- a/process/folder_templates/platform/docs/safety_mgt/platform_safety_analysis_fdr.rst +++ b/process/folder_templates/platform/docs/safety_mgt/platform_safety_analysis_fdr.rst @@ -17,7 +17,7 @@ Platform Safety Analysis Checklist ================================== .. document:: Platform Safety Analysis Checklist - :id: doc__platform_safety_analysis_fdr + :id: doc__platform_safety_analysis_fdr :status: draft :safety: ASIL_B :security: YES diff --git a/process/process_areas/safety_analysis/guidance/safety_analysis_checklist.rst b/process/process_areas/safety_analysis/guidance/safety_analysis_checklist.rst index a5c8e4f419..d7aed9b8f3 100644 --- a/process/process_areas/safety_analysis/guidance/safety_analysis_checklist.rst +++ b/process/process_areas/safety_analysis/guidance/safety_analysis_checklist.rst @@ -25,5 +25,5 @@ Safety Analysis Checklist For the content see here: - - :need:`doc__platform_name_safety_analysis_fdr` (platform) + - :need:`doc__platform_safety_analysis_fdr` (platform) - :need:`doc__module_name_safety_analysis_fdr` (module) From 4fb3d34590ca9ca8f70a72d060ad996b1e70fac8 Mon Sep 17 00:00:00 2001 From: Attilio Stefano Funel <attiliostefano.funel@etas.com> Date: Thu, 19 Feb 2026 18:03:36 +0100 Subject: [PATCH 12/12] issue 2501 attifunel fixed further comments --- .../folder_templates/platform/docs/safety_mgt/index.rst | 2 ++ .../safety_mgt}/platform_dfa.rst | 0 .../docs/safety_mgt/platform_safety_package_fdr.rst | 9 +++++++-- .../safety_mgt/platform_safety_plan.rst} | 0 .../docs/safety_mgt/platform_safety_plan_fdr.rst | 9 +++++++-- process/folder_templates/platform/index.rst | 4 +--- 6 files changed, 17 insertions(+), 7 deletions(-) rename process/folder_templates/platform/{safety_analysis => docs/safety_mgt}/platform_dfa.rst (100%) rename process/folder_templates/platform/{safety_planning/index.rst => docs/safety_mgt/platform_safety_plan.rst} (100%) diff --git a/process/folder_templates/platform/docs/safety_mgt/index.rst b/process/folder_templates/platform/docs/safety_mgt/index.rst index 2e1fc76a53..34106b16ce 100644 --- a/process/folder_templates/platform/docs/safety_mgt/index.rst +++ b/process/folder_templates/platform/docs/safety_mgt/index.rst @@ -18,6 +18,8 @@ Safety Management .. toctree:: :titlesonly: + platform_dfa platform_safety_plan_fdr platform_safety_package_fdr platform_safety_analysis_fdr + platform_safety_plan diff --git a/process/folder_templates/platform/safety_analysis/platform_dfa.rst b/process/folder_templates/platform/docs/safety_mgt/platform_dfa.rst similarity index 100% rename from process/folder_templates/platform/safety_analysis/platform_dfa.rst rename to process/folder_templates/platform/docs/safety_mgt/platform_dfa.rst diff --git a/process/folder_templates/platform/docs/safety_mgt/platform_safety_package_fdr.rst b/process/folder_templates/platform/docs/safety_mgt/platform_safety_package_fdr.rst index 65d505a778..497309008c 100644 --- a/process/folder_templates/platform/docs/safety_mgt/platform_safety_package_fdr.rst +++ b/process/folder_templates/platform/docs/safety_mgt/platform_safety_package_fdr.rst @@ -26,11 +26,16 @@ Platform Safety Package Formal Review Report :tags: template -**1. Purpose** +**Purpose** The purpose of this review checklist is to report status of the formal review for the platform safety package. -**2. Checklist** +**Conduct** +As described in :need:`wf__p_formal_rv`, the formal document review is performed by an "external" safety manager: + +- reviewer: <committer with safety manager skills explicitly named here> + +**Checklist** .. list-table:: Safety Package Checklist :header-rows: 1 diff --git a/process/folder_templates/platform/safety_planning/index.rst b/process/folder_templates/platform/docs/safety_mgt/platform_safety_plan.rst similarity index 100% rename from process/folder_templates/platform/safety_planning/index.rst rename to process/folder_templates/platform/docs/safety_mgt/platform_safety_plan.rst diff --git a/process/folder_templates/platform/docs/safety_mgt/platform_safety_plan_fdr.rst b/process/folder_templates/platform/docs/safety_mgt/platform_safety_plan_fdr.rst index 98c893cdcb..20bcbe5664 100644 --- a/process/folder_templates/platform/docs/safety_mgt/platform_safety_plan_fdr.rst +++ b/process/folder_templates/platform/docs/safety_mgt/platform_safety_plan_fdr.rst @@ -26,11 +26,16 @@ Platform Safety Plan Formal Review Report :tags: template -**1. Purpose** +**Purpose** The purpose of this safety plan formal review checklist is to report status of the review for the platform safety plan. -**2. Checklist** +**Conduct** +As described in :need:`wf__p_formal_rv`, the formal document review is performed by an "external" safety manager: + +- reviewer: <committer with safety manager skills explicitly named here> + +**Checklist** .. list-table:: Safety Plan Checklist :header-rows: 1 diff --git a/process/folder_templates/platform/index.rst b/process/folder_templates/platform/index.rst index 2b63337db4..6a3da8bc56 100644 --- a/process/folder_templates/platform/index.rst +++ b/process/folder_templates/platform/index.rst @@ -20,8 +20,6 @@ Platform .. toctree:: :hidden: - safety_analysis/platform_dfa.rst - requirements/stakeholder/chklst_req_inspection.rst - safety_planning/index.rst + requirements/stakeholder/chklst_req_inspection.rst docs/safety_mgt/index.rst docs/verification/platform_verification_report.rst