Certification Strategy & Gap Analysis
ISO 26262 and ISO 21448, mapped to what you actually have.
Independent review of your safety and compliance approach: where the gaps are, what evidence is missing, and what to fix first to pass audits and de-risk timelines.
Turn autonomy engineering into an audit-ready certification plan
Certification rarely fails because of missing work. It fails because evidence, traceability, and assumptions do not line up. I review your system architecture, ODD, and safety concept, then map what is required for ISO 26262 and SOTIF into a pragmatic, staged plan that engineering teams can actually execute.
I translate a scattered set of documents into a single defensible argument: what the safety case claims, which claims are backed by real evidence, and which are backed by confidence. The output is a prioritized plan, not a document review, so the team knows what to fix first and why an assessor will accept it.
Scope of a certification gap analysis
- Safety case and argument structure. Assess whether a coherent safety argument exists, or whether there is a pile of artifacts with no line from hazard to evidence.
- Requirements traceability. Follow the chain from safety goals through functional and technical safety requirements down to implementation and test, and find where it breaks.
- Evidence completeness. Separate claims that are supported by artifacts from claims that are supported by confidence, and mark the cells that an assessor would reject.
- ISO 26262 work-product gaps. Check HARA, functional and technical safety concepts, and verification and validation artifacts against what the standard actually requires at your ASIL.
- SOTIF coverage under ISO 21448. Evaluate triggering conditions, the treatment of unknown and hazardous scenarios, and whether the validation target is argued rather than asserted.
- Assessor readiness. Name what an assessor will ask for and what you would currently be unable to produce, before the assessment makes that discovery for you.
How we work
- System and safety-concept intake. Understand the architecture, ODD, safety goals, and the certification narrative the program is currently telling.
- Standard mapping. Map ISO 26262 and SOTIF requirements onto the artifacts that exist today, so the gaps are concrete rather than generic.
- Gap analysis and prioritization. Rank each gap by certification impact and engineering effort, so scarce time goes to what actually blocks the audit.
- Staged certification plan. Deliver a defensible, executable roadmap with explicit evidence targets and the shortest path from here to a certifiable argument.