In early 2018, the second edition of ISO 26262 automotive functional safety standard is due for release. At the time of writing, the draft international standard (DIS) version is out for comment and review. One significant change over the first version of the ISO 26262:2011 standard is part 11, which brings detailed information to support semiconductor manufacturers develop ISO 26262 compliant intellectual property (IP). In the first version, information available to semiconductor companies was limited. This forthcoming release brings more information to support semiconductor and silicon IP suppliers. Tips, recommendations and practical examples are provided.
A more detailed definition of transient faults is included, than was given in the original version of ISO 26262. There are many considerations documented regarding transient faults including α, β, neutron, or γ radiation sources.
Part 11 discusses the strengths and weaknesses of different reliability standards (SN 29500, IEC TR 62380 and FIDES) in relation to component package failure rates. It also addresses considerations relating to the device packaging and pins – topics that are not easily understood nor addressed to any great extent in the first version of ISO 26262.
However, there are certain areas that are still not well represented. Diagnostic coverage for analogue components, for example, is not defined in detail and there is a shortage of supporting information.
The analysis of multi-core components gives a good overview of simplistic multi-core applications and supports this with decomposition discussions. However, this section does not elaborate on the techniques such as software lock-step or loosely coupled lock-step, as these are deemed to be out with the scope of part 11. As microcontroller technology advances, we now have standard automotive devices with 3 or more cores. How these cores interact and are assessed in the context of functional safety requires a significantly more detailed evaluation than that given in part 11.
Part 11 has strengths and weaknesses and will benefit not only component manufacturers, but also hardware engineers in their understanding of automotive functional safety. In a third edition of the standard some of the weaker areas may also be enhanced.