The Legal Implications of ISO 26262
Dr. Ekkehard Helmig is an Attorney-at-Law and Senior Partner, Dr. Helmig – Rechtsanwålte, Germany. Automotive IQ discussed the ISO 26262 standard with Dr. Helmig and how it affects the auto industry and his stance may surprise you.
"From my understanding, it is absolutely mandatory to understand that all the processes under the ISO 26262 standard must be implemented in the Quality Management System e.g. under the regime of OSO/TS 16949:2009."
Let’s discuss your background within the auto industry.
I’ve been working mainly in the automotive supply industry for about 25 years. I was the European councilor of a big American company working in the area of powertrain. I learned a lot about the Quality Management System from that experience and I have learned to think from the products to the legal aspect rather than from the legal aspect to the product. That makes a difference.
When I am working with my clients who are international companies in the automotive supply industry, the first things I deal with are all the details of the product and all the technical knowledge and experience behind it because without knowing that, you cannot make any legal assessment. The second thing is I’m working under international base there called the CLEPA. This is the European Association of Automotive Suppliers representing about 70% of the European Automotive supplier community and I’m a senior council to this organization and I’m in a working group for the warranty aspects and all the things behind that. What I’m trying to do from that area is to translate all the legislation coming from the European Union to the supplier industry because it is my experience that nobody is really aware of the system of European legal requirements for the industry and that is one of the reasons for many recalls, defects and non-compliance with legislation.
That’s true. Brussels can be a bit of a black box to many. In your function with the working groups, do you also work directly with the Commission?
Yes, I sometimes have had direct contact to the European Commission, for example, in the type approval directive. I have direct discussions with the Commission. I belonged to the group talking to the Commission and also in certain aspects of the block exemption regulations.
You gave a presentation at our conference on ISO 26262, a rather provocative one which gave plenty of people pause to think about liability.
I advise many companies from the development area and one problem is that they lack sufficient resources and competence in all the areas needed for those very complex aspects. This also applies to suppliers. The more you reduce the number of suppliers the more complex work they have to do, in particular, in areas with which they have little or no experience.
In your view, what would you say is the purpose of a standard like ISO 26262?
The purpose is to make life safer. However, that’s more philosophical. I think it’s a very good standard but it has simply been misunderstood, in my opinion. It is a standard giving a certain guideline through the processes you have to observe. However, it is not a stand-alone standard. You can never say that a product or an item is in compliance with that norm unless you have the direct connection to the physical product. The ABS system is a physical product and the item from the ISO 26262 is the virtual product making it operative.
Could you go a bit more into what the shortcomings are and how it should be more properly used?
From my understanding, it is absolutely mandatory to understand that all the processes under the ISO 26262 standard must be implemented in the Quality Management System e.g. under the regime of OSO/TS 16949:2009. If you do not have that under the umbrella of the Quality Management System, in my view, it’s impossible to make a safe product to be eligible for a vehicle.
In order to put functional safety managers at ease, what would they have to do in terms of protecting themselves from personal risk?
Yes, I think the functional safety manager is a role and should not be a title. If it is put in the title then you have concentrated all the knowledge about that at the highest level and if ever something goes wrong then he will be personally liable and that is why he should be part of the process of confirmation measures – that’s ok but he should not be personally exposed by the title functional safety manager.
Do you have any insight into how US companies may use the ISO 26262 given the different legal system within which they operate?
Perhaps the difference might be that in the US you have legislation saying that suppliers also have direct responsibility to the NHTSA so they have a reporting obligation and I believe that if they are working as they say in compliance with the standard, they are exposed to a higher risk to report more to the NHTSA than they would like to.
Should they use a different standard in their development?
No. Not a different standard but it is mandatory for them to very clearly define the validation responsibility of the OEMs and what they also have to do is better organize their own system of supplier management because the most important thing is to define the interfaces between the different devices or components they’re using and this means that if they are delivering a system or an item then they are responsible for all that because the OEM only has a restricted possibility to evaluate, They must have a better understanding of the validation level to the OEM who’s solely responsible for the validation.
A definitive supply chain is absolutely mandatory. The big recalls recently indicate, in my view, very strongly that these interfaces are neglected and they are the reason for many of the recalls we have right now. The impetus for them to do that is to save costs but this is ridiculous because, on the one side you are reducing costs while, on the other side, you are buying a big bunch of risk. You will have to face much worse for that than you can save costs by waiving an incoming inspection.
If you had to look ahead a few years, how do you see the functional safety area developing in terms of changing standards of changing processes?
One possibility might be that there’s hardly any standard at all because the complexity and the speed of changing complexity is not appropriate to create a standard. This changing complexity is true as more and more devices are coming in to the vehicle which are not specifically designed for automotive purposes such as the iPhone and Internet. There is no experience and no testing tool to make sure that they can all work together and that there is no interference.
One thing I would like to convey is that it is a mistake to waive the incoming inspection because this is a huge risk. In Europe we have very strong legislation which makes that incoming inspection mandatory and as a condition for a lack of defects in the supply chain. This is expressly mentioned in the ISO 16949.
If you take it a step further then, you have not only the violation of the legislation but also you are not complying with your purchasing contracts.
Could you envision the industry or the supplier industry coming together and creating some sort of a consultancy for the smaller companies who are unable to afford functional safety departments?
Absolutely. It is necessary. As mentioned earlier, there are many minor suppliers who don’t have the resources and the financial means to have people working with functional safety and my suggestion is, within a holding company perhaps, to really have four or five people employed only to monitor the standard and the rules and help the production areas to apply them.
I truly appreciate your input on the subject.