The ASIL is established by performing a risk analysis of a potential hazard by looking at the Severity, Exposure and Controllability of the vehicle operating scenario.
That is, each hazard is assessed in terms of severity of possible injuries within the context how much of the time a vehicle is exposed to the possibility of the hazard happening (refer ISO26262 definition of exposure) as well as the relative likelihood that a typical driver can act to prevent the injury (refer ISO26262 definitions of severity and controllability).
ASIL D, an abbreviation of Automotive Safety Integrity Level D, refers to the highest classification of initial hazard (injury risk) defined within ISO 26262 and to that standard's most stringent level of safety measures to apply for avoiding an unreasonable residual risk.
[2] In particular, ASIL D represents likely potential for severely life-threatening or fatal injury in the event of a malfunction and requires the highest level of assurance that the dependent safety goals are sufficient and have been achieved.
[2] An example of dangerous hazard that warrants the ASIL D level is loss of braking on all wheels.
So, safety assurance controls are unnecessary and standard quality management processes are sufficient for development.
[2] IEC 61508 defines a widely referenced Safety Integrity Level (SIL) classification.
Unlike other functional safety standards, ISO 26262 does not provide normative nor informative mapping of ASIL to SIL; while the two standards have similar processes for hazard assessment, ASIL and SIL are computed from different perspectives.
For a safety function operating in high demand or continuous mode of operation, SIL 1 is associated with a probability of dangerous failure limit of 10−5 per hour while SIL 4 is associated with a probability of dangerous failure rate limit of 10−9 per hour.
Unlike SIL, it is the case that both ASIL and DAL are statements measuring degree of hazard.
DAL E is the ARP4754 equivalent of QM; in both classifications hazards are negligible and safety management is not required.