xmlns:atom="http://www.w3.org/2005/Atom" xmlns:atom="http://www.w3.org/2005/Atom"

ANNEX IIIU.K. Special requirements to be applied to the safety aspects of complex electronic vehicle control systems

2.DefinitionsU.K.

For the purposes of this Annex, the following definitions shall apply:

2.1.

Safety concept’ means a description of the measures designed into the system, for example within the electronic units, so as to address system integrity and thereby ensure safe operation even in the event of an electrical failure.

The possibility of a fall-back to partial operation or even to a back-up system for vital vehicle functions may be a part of the safety concept.

2.2.

Electronic control system’ means a combination of units, designed to co-operate in the production of the stated vehicle control function by electronic data processing.

Such systems, often controlled by software, are built from discrete functional components such as sensors, electronic control units and actuators and connected by transmission links. They may include mechanical, electro-pneumatic or electro-hydraulic elements.

2.3.

Complex electronic vehicle control systems’ mean those electronic control systems which are subject to a hierarchy of control in which a controlled function may be over-ridden by a higher level electronic control system/function.

2.4.

Higher-level control systems/functions’ mean those systems/functions which employ additional processing and/or sensing provisions to modify vehicle behaviour by commanding variations in the normal function(s) of the vehicle control system.

This allows complex systems to automatically change their objectives with a priority which depends on the sensed circumstances.

2.5.

Units’ mean the smallest divisions of system components covered by this Annex: those combinations of components will be treated as single entities for purposes of identification, analysis or replacement.

2.6.

Transmission links’ mean the means used for inter-connecting distributed units for the purpose of conveying signals, operating data or an energy supply.

This equipment is generally electrical but may, in some part, be mechanical, pneumatic, hydraulic or optical.

2.7.

Range of control’ means an output variable corresponding to the range over which the system is likely to exercise control.

2.8.

Boundary of functional operation’ means the boundaries of the external physical limits within which the system is able to maintain control.