You are currently viewing SemiWiki as a guest which gives you limited access to the site. To view blog comments and experience other SemiWiki features you must be a registered member. Registration is fast, simple, and absolutely free so please, join our community today!

  • Achieving ISO 26262 Certification with ASIL Ready IP

    According with McKinsey, “analysts predict revenue growth for advanced driver assistance systems (ADAS) to be up to 29 percent, giving the segment one of the highest growth rates in the automotive and related industries.” Design cycle in automotive segment is much longer than in segments like mobile, PC or consumer. If you expect to see ADAS powered or autonomous cars in the street in 2025, you need to start designing now, in 2018. That’s why rapid progress in the development of advanced driver assistance systems (ADAS) and autonomous driving technology is challenging the semiconductor industry to bring the rigorous safety standards used in the automotive industry to its design process.

    What Keeps the executives of Semiconductor awake at night?-1-aaasil-fmeda-min.jpg



    ADAS SoCs have to process increasing volumes of sensor data from many types of automotive sensors, driving the adoption of 64bit processing. Other trends in automotive semiconductor design include the use of:
    · Ethernet for managing large amounts of time-sensitive data traffic, and reducing point-to-point wiring
    · LPDDR4/4x, with data rates of at least 3.2Gbit/s, for faster DRAM operations
    · MIPI standards such MIPI Camera Serial Interface (CSI-2) and Display Serial Interface (DSI) for imaging and display applications
    · PCI Express for high-reliability chip-to-chip connectivity for 4G radios, future 5G radios, and external SSDs
    · 5G and IEEE standards such as 802.11p for real-time updates of maps and images to and from the Cloud, and vehicle-to-vehicle or vehicle-to-infrastructure communications
    · A shift from traditional 90nm, 65nm and 40nm processes to16nm, 14nm and even 7nm FinFET processes

    The above listed features could apply to various type of applications, but for the automotive segment, electronic system, integrated circuits and intellectual property functions (or design IP) must comply with specific safety, quality and reliability requirements.
    A failure mode effect and diagnosis analysis (FMEDA) report is generated by development teams to provide all the information about their adherence to ISO 26262 from a functional safety perspective.

    The ISO 26262 certification process must start from the very beginning of development process, and include multiple steps to complete the certification process, the Safety Plan.

    Safety Plan manages and guide execution of safety activities. At first, the designer must define a strategy to achieve functional safety and define work packages. Key milestones will be specified and mapped to safety life cycle. The required resources will be identified and planned, as well as specific roles and personal assignments. Functional safety should be verified as well as compliance with standards and standard processes. Procedures, methods and tools have to be defined and mapped to various project phases.

    FMEDA forms a critical part of the safety plan, providing a detailed report encompassing various steps and analysis, as shown in the above figure. It must include a fault injection analysis for both permanent and transient faults, so their impact can be assessed. FMEDA also considers all the possible failure and distribution modes to understand how the product will behave if a failure occurs and what sort of diagnostics the product implements to identify and communicate such failures to the system.

    Now the impact of the designated safety features can be defined in the FMEDA report. Safety features fall into three categories:


    • Protection mechanisms, such as protecting the interface between the various components, such as IP, in the SoC architecture; parity protection on the data path and configuration registers; and ECC protection for both writes and reads.
    • Replication mechanisms, which include duplicating or triplicating key modules and using voting logic to ensure redundancy.
    • Various, which includes parity checks for all the state registers, single-cycle pulse validity, various dedicated interrupts, and hot-state machine protection for bad states.


    In addition to meeting ISO 26262 functional safety requirements, automotive SoC development teams and the rest of the supply chain must adhere to automotive reliability and quality requirements.

    Any product, including IP, for an automotive application must meet the automotive reliability requirements defined by AEC-Q100. IP providers must make sure their IP meets the reliability targets of the application, which means exploring how a transistor or electromigration analysis might be affected by the defined temperature profile. IP providers must work with foundries to ensure that any special automotive rules are applied to their design.

    Any product development in the automotive supply chain must also meet automotive quality management requirements. In addition to having quality manuals and compliance reports, developers also need to create a design failure mode and effect analysis report that says that the SoC and its components meet the automotive quality management requirements.

    You can find a brochure about Synopsys DesignWare IP for automotive and the original article “Achieving ISO 26262 Certification with ASIL Ready IP” from Ron DiGiuseppe on Synopsys web site.

    By
    Eric Esteve from IPnest