29 - 30 October, 2019

Holiday Inn Munich City Centre

Munich, Germany

Event Details

MP Associates, Inc.
TUESDAY October 29, 14:15 - 15:45 | Forum 6
Tutorial 11: Unified Functional Safety Verification Platform for ISO 26262-Compliant Automotive Designs
Joerg Richter - Synopsys, Inc.
Joerg Richter - Synopsys, Inc.

Automotive has evolved into one the fastest growing parts of the worldwide semiconductor industry, and automotive semiconductor content is exploding, driven by many advanced SoCs powering autonomous drive, infotainment, and vehicle communication systems. The “traditional” automotive electronics are not standing still either, with advanced drivetrains and sophisticated safety and ADAS systems creating demand for even-larger and more integrated SoCs.

As automotive electronic systems become ever more complex, the potential impact on the safety of vehicle’s occupants and bystanders becomes a critical consideration for these systems. ISO 26262, the functional safety standard for road vehicles was created to guide the development of electrical and electronic systems for automobiles, and was recently released in a 2nd edition. IPs and SoCs, being part of an automotive system, are considered a Safety Element out of Context (SEooC), and should comply with all relevant guidelines and requirements for their development and manufacturing in the standard.

Specifically, for Hardware development, two classes of safety failures need to be addresses: systematic faults, which are incorrect implementation of the safety design functionality, and random faults, which are hardware failures which occur over time during operation. State-of-the-art functional verification techniques and flows are required to avoid the systematic faults, while a safety architecture with safety mechanisms is required to monitor and detect the occurrence of random faults.

The random faults analysis process starts with FMEA (Failure Mode Effect Analysis) and continues to FMED(Diagnostic)A for estimating the ISO 26262 metric for: -

  • SPFM – Single Point Fault Metric 
  • LFM – Latent Fault Metric - PMHF
  • Probabilistic Metric for (Random) Hardware Failures

The ISO 26262 metric estimation needs to be validated with fault injection. A new process - Functional Safety Verification – is providing the measurement of the Diagnostic Coverage of the Safety Mechanisms, as well as fraction of safe faults for each Failure Mode in the FMEDA. To achieve the needed functional safety Verification in shortest amount of time, there are two needs emerging in the industry:

  1. An easy transition from Functional Verification to Functional Safety Verification. Viewed differently, need for Functional Safety Verification methodologies to “co-exist” or extend Functional Verification methodologies.
  2. Various technologies like static, formal, simulation and emulation must be combined in a unified functional safety platform to enable a “one-view” of Functional Safety Verification This tutorial will provide a practical, hands-on overview of the following:
  • ISO 26262 considerations for SoC and IP design verification, customer insights and today’s challenges
  • Unique challenges for automotive SoC and IP verification engineering teams
  • Best practice methodologies for functional safety verification
  • Unified functional safety platform with
  • FMEA (Failure Mode Effect Analysis) planning to FMED(Diagnostic)A management
  • Static methods to estimate fault and diagnostic coverage
  • Formal methods to prune the fault set
  • Fault injection testing with simulation and emulation
  • back annotation of diagnostic data into the FMEDA
  • Conclusions and QA

Thank you to our Sponsor