Skip to content

ISO 21448 (SOTIF)

Road vehicles -- Safety of the intended functionality

Overview

ISO 21448 addresses the Safety of the Intended Functionality (SOTIF) for road vehicles. Unlike ISO 26262, which focuses on failures due to hardware or software faults, SOTIF deals with hazards that arise from functional insufficiencies -- situations where the system operates as designed but still causes harm due to limitations in sensing, perception, or decision-making.

Key Topics

  • Known and unknown unsafe scenarios -- systematic identification and reduction of triggering conditions
  • Sensor and perception limitations -- analysis of conditions that degrade sensing performance
  • Functional insufficiencies -- behavior limitations that may lead to hazardous situations even without faults
  • Validation strategy -- combination of simulation, track testing, and field operation to demonstrate acceptable residual risk
  • Residual risk evaluation -- quantitative and qualitative methods for assessing remaining risk

Relevance to vnvspec

SOTIF is particularly relevant for AI-based perception systems. vnvspec supports tracing requirements to ISO 21448 clauses:

from vnvspec import Requirement

req = Requirement(
    id="REQ-PERC-001",
    statement="The perception system shall detect pedestrians under rainy conditions with recall above 0.95.",
    verification_method="simulation",
    standards={"iso_21448": ["5.3", "8.2"]},
)

The ODD and Hazard models in vnvspec map directly to SOTIF concepts of triggering conditions and hazardous scenarios.

See also: vnvspec.core.odd.ODD, vnvspec.core.hazard.Hazard