June 11 - 14, 2018 | Sheraton Ann Arbor Hotel, Ann Arbor, MI

Agenda Day 3

8:30 - 8:50 Registration, welcome coffee and snacks

8:50 - 9:00 Opening address of the Conference Chairperson

Riccardo Mariani - Chief Functional Safety Technologist Intel
img

Riccardo Mariani

Chief Functional Safety Technologist
Intel

9:00 - 9:40 Functional Safety applied to Semiconductors: overview of techniques and challenges for the mitigation of random hardware failures

Oscar Ballan - Functional Safety Engineering Manager Xilinx
When referring to Functional Safety applied to Semiconductors for automotive applications, usually the first solutions coming in mind to address random faults are those with highest effectiveness, e.g. like CPU lock-step, ECC, Logic BIST, etc.
More commonly, those well -understood solutions are just one part of the story when one wants to address complex SoC’s: in fact, often less  conceptually “simple” techniques  and methodologies need to be adopted when faced with real-world constraints like silicon area and power consumption that prevents the duplication of all the logic. This calls for the development of SW based self-tests, adoption of assumptions of use, thorough analysis of fault propagation, uneven distribution of diagnostic coverage and other practical solutions. In this  talk we will go through those solutions, see the relation to each other and to an SoC development average constraints.

img

Oscar Ballan

Functional Safety Engineering Manager
Xilinx

9:40 - 10:20 A framework for analog fault-injection at the behavioral level

Renaud Gillon - Program Manager ON Semiconductor
A framework is proposed that allows to capture the failure modes of analog circuits for fault-injection simulations, whilst reducing the modeling burden and favoring automation and re-use. The framework relies on impedance transformation wrappers which change the behavior of a fault-free model to map that of specific failure modes. The wrapper-based approach applies to any conservative circuit-block model, whether transistor-level or behavioral. Failure modes can be triggered by setting parameters or using a dedicated signaling bus.
img

Renaud Gillon

Program Manager
ON Semiconductor

10:20 - 10:50 Refreshment break & Networking

10:50 - 11:20 Panel discussion: Autonomy and SOTIF - how do these topics affect semiconductors?

Riccardo Mariani - Chief Functional Safety Technologist Intel
Rahul Gulati - SoC Functional Safety Architect Qualcomm
Steer this discussion with your questions to our panel
of experts, and use this unique opportunity to further  the conversation on the scope of SOTIF.

img

Riccardo Mariani

Chief Functional Safety Technologist
Intel

img

Rahul Gulati

SoC Functional Safety Architect
Qualcomm

11:20 - 12:00 Applying ISO 26262 in the context of SoC design

Prasanth Viswanathan Pillai - Functional Safety Architect Texas Instruments
Impact of semiconductor failure on application using examples from vehicle traction.      - Deriving semiconductor safety requirements from application.
      - Functional safety metrics.
Semiconductor safety analysis
      - Fault models to be considered
      - Qualitative Analysis (Failure mode analysis and dependent failure analysis)
      - Safety Mechanisms at different levels – Application, device and circuit level
      - Quantitative analysis
Emerging topics in semiconductor safety analysis

img

Prasanth Viswanathan Pillai

Functional Safety Architect
Texas Instruments

12:00 - 12:40 Automating Functional Safety Analysis for Complex Automotive IP and SoCs

Shrenik Metha - Strategic Programs Director Synopsys
Challenges associated with complex IP and SoC FMEA/FMEDA analysis
• Automated FMEA/FMEDA-driven functional safety verification solution and fast fault injection engines
• Vision for comprehensive end-to-end flow
img

Shrenik Metha

Strategic Programs Director
Synopsys

12:40 - 13:40 Networking lunch

Clause 13 describes a clear separation between systematic faults and random hardware faults as who`s responsibility it is to show suitability. The suitability concerning random hardware failures is usually proven by an FMEDA. The IC supplier has to ensure that the risk of a safety goal violation or any safety requirement due to a systematic fault is sufficiently low and acceptable. Contrary to the interpretation of the 1st edition of
ISO 26262, the new upcoming 2nd edition of this standard allocates the evidence for suitability of random fault management to the integrator and therefore to the next higher level of design integration. Is this the rationale that products, which were not developed in compliance with ISO 26262, the necessity to perform a, e.g., FMEDA on IC level is not given anymore? And does that also mean that the related safety manuals
of such parts need to be adapted in future?
img

Karol Niewiadomski

Product Manager, Cyber Security Center of Competence for Functional Safety & Cyber Security
SGS-TÜV Saar GmbH

Mathias Kamp

Director Functional Safety Management
Elmos Semiconductor AG,

14:20 - 15:00 Approach to Semiconductor Safety Analysis and its Related Challenges

Bartt Richards - Principal Technical Marketing Manager, Functional Safety Renesas Electronics America Inc.
• Safety analysis by component level FMEDA
• Challenges of customization based on consideration of safety goals
• FIT determination
• Safety related vs. non-safety related
• Direct vs. indirect violation faults
• Fault coverage verification and justification: Finding the right balance between fault injection and expert judgement

img

Bartt Richards

Principal Technical Marketing Manager, Functional Safety
Renesas Electronics America Inc.

Our expert line of panelists from Tier Is and OEMs will get together to answer your specific questions about metrics and requirements and address additional topics of your choice.

img

Andre Kleyner

Global Reliability Engineering Leader
Aptiv

img

Lisa Clark

Functional Safety Manager
Sensata Technologies Inc.

Adnan Haider

Technical Specialist-Electronics
TRW Automotive Electronics

Scott Wendling

Technical Manager - Safety and Software,
Halla Mechatronics

15:40 - 16:10 Refreshment break & networking

16:10 - 16:30 Final Q&A Session

Address questions that came up during the conference days that can be collectively discussed by speakers and members of the audience.

16:30 - 16:40 End of conference and closing remarks of the Conference Chairperson

Riccardo Mariani - Chief Functional Safety Technologist Intel
img

Riccardo Mariani

Chief Functional Safety Technologist
Intel