ADAS need to meet specific functional safety requirements. In 2011, the ISO26262 standard for passenger vehicles up to 3.5 tons was introduced to minimize the risk of a malfunctioning system to create a dangerous situation. This standard tries to address the reduction of systematic faults by implementing a rigorous design process as well as detection of random hardware faults during the application execution.
The developer of an application defines specific safety goals and assigns a specific Automotive Safety Integrity Level (ASIL) to each of the goals. The highest ASIL for an application usually defines the requirements to which the development and operation up to end of life of each component has to adhere. Figure 1 shows the current range of ASILs, seen from customer requirements, to which ADAS have to comply.
Figure 1. ADAS ASIL Market Requirements
ASIL-B is the lowest level in the market, but some applications require up to ASIL-D for certain functionality. With an increased ASIL come more stringent requirements. Also generalizing an ASIL on the component or even item (system) level may introduce unnecessary complexities in a specific implementation and can have impact on the cost and schedule of the development. Analyzing the system concept and the derived safety concept and requirements may make it possible to split the application into several different steps with varying ASILs and thus make it easier and more efficient to implement.
For example, a front camera application uses a single image sensor often found in ADAS. Figure 2 shows a high-level block diagram of the system.
Figure 2. High-Level Mono Front Camera ADAS
An image sensor is connected to the image processor, which, for example could be the Altera Cyclone V SoC. The signal processing chain and data flow is split into four parts. First, perform low-level processing on the pixel level by transforming the image into a more useful representation. Then perform mid-level processing on a line or block