Addition to Automotive Safety Standard Means More Documentation, But Better Future for Self-Driving Cars

A new addition to ISO 26262 functional safety standard directly addresses semiconductor makers.

A new addition to the well-known ISO 26262 automotive safety standard will mean more design documentation work for engineers, but it will also ensure a better future for self-driving cars, an expert told Design News last week.

ISO 26262, Part 11 will require semiconductor makers and semiconductor IP providers to thoroughly document the design and test of the hardware and software they send to Tier One suppliers and manufacturers. The standard could result in thousands of more pages of documentation for time-strapped design engineers, but it will be important, not only for consumer safety, but for the legal protection of automakers, as well. “This is new and people will initially complain about it,” Kurt Shuler of ArterisIP told Design News. “But if you are working on an autonomous vehicle, you’ve got to do it.”

Kurt Shuler of ArterisIP: “It’s something we should all do to make our products better from a safety standpoint.” (Source: ArterisIP)

The new addition, expected to be approved in 2018, will spell out the role of semiconductor design teams. Aimed at chip makers and IP providers, Part 11 was a response to those who called for a more specific form of guidance for semiconductor design teams. It addresses potential failure methodologies, and instructs engineers on the right ways to document the diagnostic analyses of their products.

To date, there has been no specific form of functional safety guidance for semiconductor makers who provide products for the automotive supply chain. The new standard, three years in the making, aims to change that.

“Each person in the chain has to provide proof, through documentation, that they follow the ISO 26262 process,” Shuler said. “So if you’re a semiconductor supplier, you have to provide a stack of paper to the Tier One supplier, showing that you’ve followed the process. And then the Tier One sends that to the automaker, who will have half a million pages of paperwork for any given car.”

By participating in a voluntary standards process, automakers hope to avoid complex government regulation of the design process, Shuler added.

Shuler noted that some suppliers are preparing for the approval of the standard by hiring functional safety consultants who understand the safety systems and the standards. “Whether you’re an IP vendor or a chip vendor, you’re going to need to have a common understanding of your customer,” he said. “You’re going to have to have a documented agreement of what you’re going to give them. And you’re going to have to do your diagnostic analysis in a manner that’s useful to them.”

Such measures are necessary for today’s connected cars and autonomous vehicles because of the complexity of today’s safety systems, Shuler said. Many of today’s vehicles incorporate more than ten million lines of software code, which is more than a typical military aircraft.

Most companies have established their own design processes, Shuler said, but those processes may not necessarily be in compliance with the new standard. “The good news is that if you’re a company making a chip, or making the IP that goes into the chip, you probably already have pretty good processes,” he told us. “The bad news is that a lot of companies still don’t have the traceability and documentation required by ISO 26262.”

Shuler, along with Andrea Bondavalli of ResilTech S.R.L., will discuss the coming standard in a session titled, Fundamentals of ISO 26262 Part 11 for Semiconductors, at the October ARM TechCon Conference in Santa Clara, CA. During the session, Shuler and Bondavalli will step through a real case study involving fault injection into semiconductor IP, and they will discuss the changes to ISO 26262 due to autonomous driving considerations.

Much of the discussion will center on documentation, Shuler said. “It’s not just about making sure your widget works, or making sure your functional safety mechanism works,” Shuler told us. “It’s about following the process.”

The session will be held on October 24, at 4:30 p.m. in the Santa Clara Convention Center.

 


Arm TechCon logoArm Technology Drives the Future.  Discover more about the Automotive, Industrial & Functional Safety track at Arm TechCon. Oct. 24-26, 2017 in Santa Clara, CA. Register here for the event, hosted by Design News ’ parent company UBM.


 

Comments (0)

Please log in or register to post comments.
By submitting this form, you accept the Mollom privacy policy.
  • Oldest First
  • Newest First
Loading Comments...