SOTIF Ed. 2 Published: What Changes for Autonomous Driving Safety Cases

ISO 21448 Edition 2 (SOTIF) has been formally published, strengthening requirements around performance limitation identification, operational design domain specification, and the integration of SOTIF arguments with ISO 26262 safety cases.

SOTIF Edition 2: The Key Changes

The second edition of SOTIF addresses gaps that practitioners identified in the first edition, particularly around the ODD specification requirements and the integration with functional safety analysis.

ODD specification requirements strengthened: Edition 2 requires that the Operational Design Domain be specified with enough precision to allow determination of when the system is operating within or outside the ODD. Vague ODD specifications that characterized many first-generation systems are explicitly called out as non-conformant.

Performance limitation identification process: New requirements for systematic identification of known and reasonably foreseeable performance limitations. The process must be documented and the resulting performance limitations must be addressed in the triggering events analysis.

26262 integration: The interface between SOTIF and ISO 26262 analyses is now more formally specified. The standard defines when SOTIF analysis can inform ASIL assignment decisions and when the two analyses must remain independent.

Residual risk acceptance: Edition 2 provides more explicit guidance on residual SOTIF risk acceptance criteria, addressing a major gap in Edition 1 that led to inconsistent practices across the industry.