In ISO 26262, the functional safety standard for the automotive field, a SeooC is defined as an element which is not developed in the context of a specific item. I.e., an element (that can be a complete embedded subsystem – an SBC – or a hardware or software component) that is developed outside our main safety lifecycle. SEooC is the equivalent of COTS in a functional safety context.
Precautions must be taken when integrating this element in our system, that we can shortly resume as:
Safety Manual: each SeooC should be accompanied by a safety manual listing assumptions and extra requirements Assumptions: we must verify that the assumptions (for example, ASIL, HW context, microcontroller resources etc) in the safety manual are met when integrating the SEooC in our system. This can require extra safety analyses, reviews, testing etc. but also decide if the system can be used without or without changes, if impact analyses are needed etc.
Requirements: requirements listed in the safety manual become and extra input to our requirements set. The Safety Plan must taken in account this. Integration and Interfaces: extra integration activities must be taken to verify that assumptions and requirements are actually met when integrating the SeooC. This take typically the form of extra testing activities. All interfaces to our and, perhaps, other systems in the vehicle must be also analyzed and tested. If the SEooC is a new development that is specific for the system (i.e. a SW Library for which the customer asks a supplier to develop it separately) don’t forget to give a check to requirements in ISO 26262-8 §5
This is just a quick glance at what is required for a SEooC. Contact us for more details!