今天手工做了自己第一张思维导图，需要进一步完善，在这里先晒一下。同时也需要介绍一下这篇文章《Application of System Safety Engineering Processes to Advanced Battery Safety》by Galen Ressler。

摘要为：

The battery system in the Chevrolet Volt is very complex and must balance a variety of performance criteria, including the safety of vehicle occupants and other users. In order to assure a thorough approach to battery system safety, asystem safety engineering processwas applied and found to provide a useful framework. This methodical approach began with thepreliminary hazard analysisand continued throughrequirements definition, design developmentand, finally,validation. Potentially hazardous conditions related directly to functional safety (for example, charge control) and primary physical safety (for example, short circuit conditions) can all be addressed in this manner. Typicalbattery abuse testing, as well as newly definedlimit testing, supported the effort.Extensive documentation, traceability and peer reviewshelped to verify that all issues were addressed. A description of the process which was followed, specific examples of its application and recommendations for future refinement of the approach are provided.

简评：

这篇文章从电池安全概念开始讲起，主要区分了电池系统的危害的几个分类：功能安全条件、非功能安全条件，首要危害。并提出了一套与ISO2626与汽车系统/子系统开发流程兼容的安全流程，并在每一步打入子系统/部件的开发过程之中。其中对于初步危害分析、安全需求两部分着重进行了叙述。这两部分，同时可参考ISO26262-2和ISO26262-3。

系统安全在大规模量产部件中的应用，其实是真正一个比较难攻克的问题，这篇文章提出了一种思路。至少在我看得懂的论文里面（日本汽车产业的日文类和德国汽车产业德文的我一直很感兴趣，可是语言的障碍还是太大，靠那些车企在北美分部写的文章，实在是杯水车薪）。