Background

Among the reasons that the automotive industry expends significant resources to assure the achievement of system safety for products is to reduce the risk of safety‐related recalls. A single recall can cost hundreds of millions or even billions of dollars. This is just the direct cost, such as replacing ignition switches because of potential fire issues on 28 million cars at a cost of $20 each. The direct cost of some recalls concerning accelerator pedals or airbag inflators has been estimated in the billions of dollars. In addition, sales may be lost because of lost goodwill. The ISO 26262 standard makes no claim that compliance will avoid safety‐related recalls; it is a compilation of the judgment of industry experts over many years of what is required to achieve functional safety, and what artifacts are to be assessed to assure compliance with these requirements.

Following the guidance in the ISO 26262 standard to compile a safety case is intended to show evidence of the safety of the subject item. A safety case for functional safety is a compilation of the work products to show evidence of compliance with ISO 26262 and the argument that the item is safe. However, if the product fails safely too often, there is a recall. The safety case may contain evidence that this should not happen due to random failures.

Likewise, ISO PAS 21448 does not claim that if its guidance is followed, there will be no recalls related to the safety ...