ISO 26262 – This Changes Everything 2016-12-01T12:27:34+00:00
Conference:DVCLUB Europe: SAFETY (Nov 2016)
Speaker:John Brennan
Organisation:Cadence Design Systems, Inc.
Presentation Title:ISO 26262 – This Changes Everything
Abstract:ISO 26262 is an international standard for functional safety of electrical and/or electronic systems for production of automobiles, and is the first standard of its kind which will drive significant change in both EDA and silicon suppliers. Similar to it parent superset, IEC 61508, ISO 26262 is a risk-based safety standard – something EDA has not dealt with in the past. In simple terms, risk metrics are qualitatively assessed and safety measures are defined to avoid or control systematic failures, and to detect or control random hardware failures, or to mitigate their effects. This is metric driven verification (MDV) on steroids. With ISO 26262 moving into the spotlight for automotive functional safety, Cadence has seen more questions and confusion than answers, and discussions are emerging around the application of the standard to actual silicon designs for automotive systems. We know based on actual adoption in production environments – this standard will have a significant impact on us in terms of tools, methodology, metrics, documentation, traceability, process and ecosystem communication.

The good news is for most MDV environments, ISO 26262 is fairly manageable on the verification aspect. The bad news is that no matter how you cut it, this is more work and changes everything. ISO 26262 Part 5 is focused on product development at the hardware level, and specifies the safety activities during the phase of the automotive hardware development. In this phase, hardware safety design is planned, implemented, integrated, and tested.

To prove the safety integrity compliance in the hardware development process, quantitative evaluations on the hardware are required. These quantitative evaluations are new functional and safety metrics which need to be both statistical and measured, and both correlated to assessment results. The assessment results qualify a design with an Automotive Safety Integrity Level (ASIL) which ranges from ASIL-A (lowest) to ASIL-D (highest). In this tutorial, we will explain the scope of ISO 26262 and provide guidance on the most important attributes of the standard specific to the verification flow. Both the flow and the tool become certifiable assets and part of the safety integrity analysis. And emphasis will be placed on what needs to be done and why, versus how.

The talk will highlight functional safety measurements and its closely related functional verification counterpart, because as we have seen in production, when you augment the functional verification aspects with functional safety aspects, you minimize duplication of effort. Further, if you are able to utilize specialized built for purpose tools such as statistical calculators for planning purposes, formal for fault collapsing, and accelerators for measuring transient faults, flow productivity is substantially improved. Lastly, as users will attest, having the right tool support for ISO26262 can become an essential asset for verification of devices that are intended to be used in a safety critical application.

While not intended to be a cookbook, that would take several days, this talk will reflect on the interdependencies of the verification tools to the ISO 26262 standard, providing clear visibility on to what the new verification environments need to look like and why.

  • ISO 26262 defines a new aspect of verification – functional safety
  • Functional safety is not only important in automotive, but for consumer products where the cost of failure it too high
  • The technology and methodology enabling automation in this area is new, but tools are available today for developers
Speaker Bio:Product Management Director for Cadence Design Systems for the past 16 years, focused on verification and recently functional safety.

View the Presentation Materials:

The T&VS newsletters inform you about industry news, events and information from T&VS. No spam, we promise and it is always easy to unsubscribe.
We never share your information. Read our Privacy Statement
Interested in Formal Verification?
Then why not attend the TVS Formal
Verification Bootcamp training?
The 2-day Formal Verification Bootcamp is for design and verification engineers looking to enhance their knowledge of formal verification and to learn how to write effective assertions to find and fix bugs. The course is a mix of presentations and hands-on development exercises.
Bootcamp Enquiry Form
If you are interested in receiving additional information on the course then simply email Mike Bartley (TVS CEO and Course Leader) by entering your details below.
Interested in SystemC?
FREE SystemC UVM Library Now Available
The TVS SystemC UVM library closely mimics UVM but gives users a license free UVM-based verification environment.
Have your product requirements been successfully tested and implemented?
Find out how asureSIGN can help you implement a successful Requirements Driven Verification and Test Strategy by visiting asureSIGN or enter your details and we will be in touch.
Course Dates and Pricing
To receive additional information, including course dates and pricing, please contact our training team who will be happy to help.
Download Request
Please complete the following form then click 'submit' to access the download.
Presentation Request
Please complete the following form then click 'submit' to gain access to the presentations.
Please complete the following form and then click 'submit' to gain access to the download.
Did you get what you were looking?

Let the testing experts help. We will run a FREE QA assessment which will include our top 5 recommendations to help maximise your testing.