Agenda Day 3
9:00 - 9:40 Functional Safety applied to Semiconductors: overview of techniques and challenges for the mitigation of random hardware failures
When referring to Functional Safety applied to Semiconductors for automotive applications, usually the first solutions coming in mind to address random faults are those with highest effectiveness, e.g. like CPU lock-step, ECC, Logic BIST, etc.
More commonly, those well -understood solutions
are just one part of the story when one wants to address complex SoC’s: in fact, often less conceptually “simple” techniques and methodologies need to be adopted when faced with real-world constraints like silicon area and power consumption that prevents the duplication of all the logic.
This calls for the development of SW based self-tests,
adoption of assumptions of use, thorough analysis of fault propagation, uneven distribution of diagnostic coverage and other practical solutions. In this talk we will go through those solutions, see the relation to each other and to an SoC development average constraints.
Oscar Ballan, PrincipalEngineer at Xilinx - Functional Safety Engineering Manager, Xilinx, USA
9:40 - 10:20 Exploring 'functional safety' (ISO 26262) and 'product safety' (IATF 16949)
•What are the commonalities and the differences?
•How to better understand these differences
Chanthachith Souvanthong, Corporate Functional Safety Manager, ON Semiconductor, Belgium
10:50 - 11:20 Panel discussion: Autonomy and SOTIF - how do these topics affect semiconductors?
Steer this discussion with your questions to our panel
of experts, and use this unique opportunity to further the conversation on the scope of SOTIF.
Co-moderated by Jyotika Atavale, Intel, USA, and other experts from the day
11:20 - 12:00 Applying ISO 26262 in the context of SoC design
•Impact of semiconductor failure on application using examples from vehicle traction. - Deriving semiconductor safety requirements from application.
- Functional safety metrics.
•Semiconductor safety analysis
- Fault models to be considered
- Qualitative Analysis (Failure mode analysis and dependent failure analysis)
- Safety Mechanisms at different levels – Application, device and circuit level
- Quantitative analysis
•Emerging topics in semiconductor safety analysis
Prasanth Viswanathan Pillai, Functional Safety Architect, Texas Instruments, India
12:00 - 12:40 A Smart Interconnect Fabric for Enabling Advanced Autonomous Vehicle Systems
•Examine the system level requirements for autonomous vehicle SoCdesigns
•Explore the architectural challenges for next generation of autonomous transportation SoCs
•Understand the functional safety needs for these SoCs
Rajesh Ramanujam, Product Marketing Manager, NetSpeed Systems, USA
14:00 - 14:40 Panel Discussion: Distributed developments: DIA
Join the interactive discussion as the panel of experts address the following questions:
- What is the best way to set it up to meet customer requirements but maintain IP?
- Supply agreement : how is this different from a general supplier agreement?
- What is current best practice?
14:00 - 14:40 Approach to Semiconductor Safety Analysis and its Related Challenges
•Safety analysis by component level FMEDA
•Challenges of customization based on consideration of safety goals
o FIT determination
o Safety related vs. Non-safety related
o Direct vs. indirect violation faults
Fault coverage verification and justification: Finding•the right balance between fault injection and expert judgement
Bartt Richards, Principal Technical Marketing Manager, Functional Safety, Renesas, USA
15:20 - 16:00 Case study: Evaluation of semiconductors as legacy parts and how ISO26262-8:2018 can help
Clause 13 describes a clear separation between systematic faults and random hardware faults as who`s responsibility it is to show suitability. The suitability concerning random hardware failures is usually proven by an FMEDA. The IC supplier has to ensure that the risk of a safety goal violation or any safety requirement due to a systematic fault is sufficiently low and acceptable. Contrary to the interpretation of the 1st edition of ISO 26262, the new upcoming 2nd edition of this standard allocates the evidence for suitability of random fault management to the integrator and therefore to the next higher level of design integration. Is this the rationale that products, which were not developed in compliance with ISO 26262, the necessity to perform a, e.g., FMEDA on IC level is not given any more? And does that also mean that the related safety manuals of such parts need to be adapted in future?
Mathias Kamp, Director Functional Safety Management,
ElmosSemiconductor AG, Germany
Karol Niewiadomski, Product Manager, Cyber Security Center of Competence for Functional Safety & Cyber Security, SGS-TÜV Saar GmbH, Germany
16:30 - 17:10 Multi-core components
•Applying ISO 26262 to complex high performance SoC– mainly reduced to FFI
•Computation of diagnostic coverage for SW-based mechanisms such as loosely coupled lock step