The special steering Disconnected
mode was called Control
mode, which is too general, and does not hint about the actual purpose.To prevent this kind of accidents, check the following features:
The special steering Disconnected
mode was called Control
mode, which is too general, and does not hint about the actual purpose.
Guidelines for terminology validation
If the
mode is
implicit, the
machine cannot check if it complies with the
situation .
Guidelines for designing
mode selectors
If the
functional unit cannot report on its state, the
cannot check if it complies with the active
state .
Guidelines for state elicitation
The
system did not identify the
exceptional scenario because the primary
mode sets was implicit.
Guidelines for assuring
scenario consistency
Updated on 12 Jun 2016.