As with many high value markets, advancement comes in waves. When meeting a new challenge, the initial response is to piece together a methodology using existing technologies. As the size of the market becomes established, new players will be attracted who will innovate different approaches, creating a second wave of tools. We are witnessing this evolution in the automotive space today, as next-generation fault analysis, formal verification, test suite synthesis and other approaches become apparent
What is fascinating about this evolution is that this second wave will also enable opportunities that were either out of reach or unimaginable, having a dramatic impact on design quality and functionality. This article will both look at the improvements-on-offer to the automotive verification core methodology, as well as discuss potential new opportunities.
Fault simulation glass ceiling
The ISO 26262 Automotive Functional Safety Standard defines specific risk tolerance levels required in electronic automotive devices. To achieve the maximum “ASIL-D” rating a very high degree of tolerance is required. This is specified in terms a general Failure-in-Time (FiT) metric of less than 10 failures in 1 billion hours of operation, as well as the “Single Point Fault Metric” greater than 99% and the “Latent Fault Metric” (LFM) to be greater than 90%.
To ensure that a device can meet these stringent goals, safety mechanisms are inserted that eliminate the vast majority of these random faults that occur naturally during device operation. The fault tolerance of the device must be tested prior to fabrication, to ensure these safety mechanisms are doing their job. In ISO 26262 nomenclature, this is known as the Failure Mode Effect and Diagnostic Analysis (FMEDA) process. Today, the only way to measure the required fault metrics is to use traditional Fault Simulation.