The autonomous cars are coming sooner than later, and that calls for a thorough understanding of functional safety and the complexities of compliance to standards such as ISO 26262. That was the thrust of the discussion at a session titled "Functional safety – Where Are We Going and How do We Get There?" held at Arm TechCon in San Jose on October 18, 2018.
The participants noted that companies large and small are pushing the limits of new technologies to replace the human driver with an electronic control system. That, in turn, mandates a huge upfront investment on the compliance with functional safety standards, particularly ISO 26262.
Ghani Kanawati, technical director at Arm, said that autonomous car systems are very much like other designs, except the key difference of safety and security requirements. And there are no reference designs like the ones available in mobile and data storage domains. Inevitably, that calls for a change in the safety culture. "Functional safety isn't merely another function; there are solid reasons why it's required in automotive designs."
Kurt Shuler, VP of marketing at Arteris IP, emphasized the need for sharing the functional safety-related knowledge to avoid the complexity associated with ISO 26262. He talked about fault models in relation to interpreting failure modes and how ISO 26262 quantifies failure modes. Here, as a design case study, Shuler explained how techniques like error correction code (ECC) could help implement functional safety in a chip's interconnect design.
Sunjay Pillay, CEO and founder of Austemper Design, now a Siemens business, started by acknowledging that ISO 26262 has done a great job in explaining the system-level details. But he also noted that there are variances in the interpretation of errors and failure modes. For that, he called for a tools-driven analysis of functional-safety mechanisms.
Arteris IP's Shuler agreed on the need to automate tools for streamlining the interpretation of failure modes and spotting both systemic and random errors. He also reiterated the need to verify and validate functional-safety mechanisms offered by all actors in the automotive supply chain to ensure end-to-end protection.
The participants ended the discussion on a common note: enforce safety culture and put in place people who genuinely believe in it. Have a few functional safety champions, as Shuler put it. But don't get obsessed with ISO 26262, Kanawati advised automotive design engineers on a lighter note.