TOKYO — Best practices for compliance to any standards start with documentation.
In a crucial step to help IC vendors design SoCs compliant to functional safety standards such as ISO 26262 in the automotive industry, ARM released Thursday (Jan. 22) a comprehensive safety document package for its Cortex-R5 processor.
Chris Turner, director of product marketing for CPU Group at ARM, told EE Times, “As cars are becoming more and more reliant on electronics and its software is getting more complex, the need for compliance to safety standards is paramount.”
By specifically documenting what’s inside the processing core and how to use it, “we can recommend to SoC designers how to manage various situations of safety functions more efficiently and correctly,” Turner explained.
System developers now have assurance that the Cortex-R5 processor serves safety-related applications because SoC developers have access to additional information required for demonstrating functional safety, said ARM.
Kevin Mak, senior analyst, automotive electronics service at Strategy Analytics, told us, “As far as I know, this Safety Package by ARM is the first such functional safety documentation presented as a ‘package.’”
The analyst explained, “The documentation enables silicon partners to know how their designs would work in respect to functional safety – without it, they will have to provide for documentation and design functional safety features into each new design in order to meet the requirements of ISO 26262.”
In short, “using pre-certified products and processes reduces the amount of time and effort a silicon SoC partner and its Tier One system customer has to spend on getting the overall system certified within ISO 26262,” he said.
To recap: New automotive standards such as ISO 26262, released in November 2011, are set up to give manufacturers a common means to measure and document the safety of an automotive system. Created for production automobiles, ISO 26262 provides a series of steps to manage functional safety and to regulate product development on system, hardware and software levels throughout the entire product lifecycle — from concept development through decommissioning.
This is easier said than done. The hard reality is that automotive engineers today are forced to juggle disconnected and disparate development tools and data across systems, software and hardware in designing cars. The challenges include a lack of process support and automation for the safety lifecycle, little reuse of global software development artifacts; disconnected hazard analysis and risk assessment.
The ISO 26262 standard, designed to address functional safety in car electrical and electronic systems, defines requirements for the entire development process. It includes strict requirements for process documentation, analysis and verification.
The information necessary for functional safety must travel along the entire supply chain, from processor cores, SoC designs and EDA tools to foundries and final systems, so that features for functional safety are verified, tested and analyzed at each step. The goal is for automotive manufacturers and suppliers to achieve safety compliance throughout the product development lifecycle.
ARM’s safety engineering
According to Turner, the emergence of ISO 26262 functional safety standards “was the trigger for ARM” to get heavily involved in documenting functional safety. With the hard work of initial, thorough documentation for the Cortex-R5 complete, ARM realized that it can be applied to safety functions in many sectors, among them medical, transportation, factory automation, robotics and aerospace. “Their language, history and evolution may differ, but the basic of electronics used in those applications remain the same,” said Turner.
ARM is no novice in safety development.
The company has included fault detection and control features in its processing cores for years, according to Turner. The ARM Cortex-R4 processor introduced in 2006 already contains “circuits to detect and correct both soft and hard errors in cache; memory protection, error correction, and dual core lock-step.”
To read more of this external content, go to: “Bit flip in Toyota case.”