In the final part of our ISO 26262 part 11 blog, we look at the additional information added to support semiconductor manufacturers assess dependent failures in integrated circuits.
The DFA section of part 11 provides guidelines for the identification and analysis of possible common cause and cascading failures between given elements, the assessment of their risk of violating a safety goal (or derived safety requirements) and the definition of safety measures to mitigate such risk if necessary. This is done to evaluate potential safety concept weaknesses and to provide evidence of the fulfilment of requirements concerning independence or freedom from interference identified during coexistence of elements analysis.
As in keeping with other parts of the second edition of ISO 26262, the definition of dependent failures initiators (DFI) has been significantly enhanced. Using 7 categories of potential causes, typical dependent failures are listed.
The process of analysing dependent failures is supported by workflow indicated in Figure 1. This workflow helps identify the main activities to understand the independence and freedom from interference when assessing the architecture and safety mechanisms.
As in the case in discrete circuits, the identification of the DFI is a key activity in assessing the ’quality’ of architecture. The checklists of typical dependent failures help steer teams in this activity, but also as indicated in Figure 1 this process can be enhanced by crosschecking dependent failure mechanisms identified during quantitative analysis i.e. hardware metrics from part 5 of ISO 26262.
As is always the case in such activities, the end goal is to verify the effectiveness of any safety mechanism identified and implemented during the process. Techniques such as fault tree analysis, FMEA, fault injection and design rules are listed.
The steps identified for DFA in part 11 are not only helpful for semiconductor designers, they also provide very useful additional information for designers of discrete circuits.