June 12 - 14, 2018 | Sheraton Ann Arbor Hotel, Ann Arbor, MI

Agenda Day 3

9:00 - 9:40 Functional Safety applied to Semiconductors: overview of techniques and challenges for the mitigation of random hardware failures

When referring to Functional Safety applied to Semiconductors for automotive applications, usually the first solutions coming in mind to address random faults are those with highest effectiveness, e.g. like CPU lock-step, ECC, Logic BIST, etc.
More commonly, those well -understood solutions
are just one part of the story when one wants to address complex SoC’s: in fact, often less  conceptually “simple” techniques  and methodologies need to be adopted when faced with real-world constraints like silicon area and power consumption that prevents the duplication of all the logic.
This calls for the development of SW based self-tests,
adoption of assumptions of use, thorough analysis of fault propagation, uneven distribution of diagnostic coverage and other practical solutions. In this  talk we will go through those solutions, see the relation to each other and to an SoC development average constraints.
Oscar Ballan, PrincipalEngineer at Xilinx - Functional Safety Engineering Manager, Xilinx, USA

9:40 - 10:20 Exploring 'functional safety' (ISO 26262) and 'product safety' (IATF 16949)

What are the commonalities and the differences?
How to better understand these differences
Chanthachith Souvanthong, Corporate Functional Safety Manager, ON Semiconductor, Belgium

10:50 - 11:20 Panel discussion: Autonomy and SOTIF - how do these topics affect semiconductors?

Steer this discussion with your questions to our panel
of experts, and use this unique opportunity to further  the conversation on the scope of SOTIF.
Co-moderated by Jyotika Atavale, Intel, USA, and other experts from the day

11:20 - 12:00 Applying ISO 26262 in the context of SoC design

Impact of semiconductor failure on application using examples from vehicle traction.      - Deriving semiconductor safety requirements from application.
      - Functional safety metrics.
Semiconductor safety analysis
      - Fault models to be considered
      - Qualitative Analysis (Failure mode analysis and dependent failure analysis)
      - Safety Mechanisms at different levels – Application,      device and circuit level
      - Quantitative analysis
Emerging topics in semiconductor safety analysis
Prasanth Viswanathan  Pillai, Functional  Safety Architect, Texas Instruments, India

12:00 - 12:40 A Smart Interconnect Fabric for Enabling Advanced Autonomous Vehicle Systems

Examine the system level requirements for autonomous vehicle SoCdesigns
Explore the architectural challenges for next generation of autonomous transportation SoCs
Understand the functional safety needs for these SoCs
Rajesh Ramanujam, Product Marketing Manager, NetSpeed Systems, USA

14:00 - 14:40 Panel Discussion: Distributed developments: DIA

Join the interactive discussion as the panel of experts address the following questions:
- What is the best way to set it up to meet customer requirements but maintain IP?
- Supply agreement : how is this different from a general supplier agreement?
- What is current best practice?

14:00 - 14:40 Approach to Semiconductor Safety Analysis and its Related Challenges

Safety analysis by component level FMEDA
Challenges of customization based on consideration of safety goals
       o   FIT determination
       o   Safety related vs. Non-safety related
       o   Direct vs. indirect violation faults
Fault coverage verification and justification: Findingthe right balance between fault injection and expert judgement
Bartt Richards, Principal Technical Marketing Manager, Functional Safety, Renesas, USA

15:20 - 16:00 Case study: Evaluation of semiconductors as legacy parts and how ISO26262-8:2018 can help

Clause 13 describes a clear separation between systematic faults and random hardware faults as who`s responsibility it is to show suitability. The suitability concerning random hardware failures is usually proven by an FMEDA. The IC supplier has to ensure that the risk of a safety goal violation or any safety requirement due to a systematic fault is sufficiently low and acceptable. Contrary to the interpretation of the 1st edition of ISO 26262, the new upcoming 2nd edition of this standard allocates the evidence for suitability of random fault management to the integrator and therefore to the next higher level of design integration. Is this the rationale that products, which were not developed in compliance with ISO 26262, the necessity to perform a, e.g., FMEDA on IC level is not given any more? And does that also mean that the related safety manuals of such parts need to be adapted in future?
Mathias Kamp, Director Functional Safety Management,
ElmosSemiconductor AG, Germany
Karol Niewiadomski, Product Manager, Cyber Security Center of Competence for Functional Safety & Cyber Security, SGS-TÜV Saar GmbH, Germany 

16:30 - 17:10 Multi-core components

Applying ISO 26262 to complex high performance SoC– mainly reduced to FFI
Computation of diagnostic coverage for SW-based mechanisms such as loosely coupled lock step