[dsuth]

European car manufacturers are required to develop safety critical software under ISO 26262, which is a derivation of IEC 61508, which absolutely does require formal verification and validation activities.

If you change the code outside of the development process, you could unwittingly compromise the safety of the vehicle. The manufacturer is required to use access controls to prohibit people from changing the software for exactly this reason.

[hvidgaard]

ISO 26262 does not to my knowledge require formal verification, and some googling around seems to support this. Without access to the actual specification I cannot find out exactly what it requires.

[dsuth]

So you don't know what's in the standard, but you make assertions and continue to support them? That's a fairly disappointing level of discourse for HN. It requires a very similar software development process to all other functional safety standards, in which verification and validation are key steps.

Here is a paper from Mathworks describing verification and validation according to ISO 26262:

http://www.mathworks.com/tagteam/71300_1D-4.pdf

[hvidgaard]

I know how ISO standards are implemented in two unrelated fields, that was really the basis for my comment. Besides, I am now certain that it does not require formal verification, as several companies sell products that support formal verification as a mean to pass the verification part of the ISO.

I'm not going to pay for access to the standard just for a comment on HN.

When you say European manufactures are required to follow this, what about non European manufactures?