Services  /  SVC / CERT

Certification Strategy & Gap Analysis

ISO 26262 and ISO 21448, mapped to what you actually have.

Independent review of your safety and compliance approach: where the gaps are, what evidence is missing, and what to fix first to pass audits and de-risk timelines.

Turn autonomy engineering into an audit-ready certification plan

Certification rarely fails because of missing work. It fails because evidence, traceability, and assumptions do not line up. I review your system architecture, ODD, and safety concept, then map what is required for ISO 26262 and SOTIF into a pragmatic, staged plan that engineering teams can actually execute.

I translate a scattered set of documents into a single defensible argument: what the safety case claims, which claims are backed by real evidence, and which are backed by confidence. The output is a prioritized plan, not a document review, so the team knows what to fix first and why an assessor will accept it.

Scope of a certification gap analysis

  1. Safety case and argument structure. Assess whether a coherent safety argument exists, or whether there is a pile of artifacts with no line from hazard to evidence.
  2. Requirements traceability. Follow the chain from safety goals through functional and technical safety requirements down to implementation and test, and find where it breaks.
  3. Evidence completeness. Separate claims that are supported by artifacts from claims that are supported by confidence, and mark the cells that an assessor would reject.
  4. ISO 26262 work-product gaps. Check HARA, functional and technical safety concepts, and verification and validation artifacts against what the standard actually requires at your ASIL.
  5. SOTIF coverage under ISO 21448. Evaluate triggering conditions, the treatment of unknown and hazardous scenarios, and whether the validation target is argued rather than asserted.
  6. Assessor readiness. Name what an assessor will ask for and what you would currently be unable to produce, before the assessment makes that discovery for you.

How we work

  1. System and safety-concept intake. Understand the architecture, ODD, safety goals, and the certification narrative the program is currently telling.
  2. Standard mapping. Map ISO 26262 and SOTIF requirements onto the artifacts that exist today, so the gaps are concrete rather than generic.
  3. Gap analysis and prioritization. Rank each gap by certification impact and engineering effort, so scarce time goes to what actually blocks the audit.
  4. Staged certification plan. Deliver a defensible, executable roadmap with explicit evidence targets and the shortest path from here to a certifiable argument.
Schedule an intro call All services
Related

More in services

SVC / RISK

Autonomy System Risk Evaluation

Structural risk in the architecture, not in the backlog.

SVC / SLAM

SLAM Structural Robustness Reviews

Where localization degrades before it fails loudly.

SVC / PERC

Perception Pipeline Validation Strategy

A safety argument for ML perception without ground truth.