ISO 26262 cuts electronics complexity risks: Pt. 2- Design for robustness

March 14, 2012 // By Ashish Goel, Sachin Jain, and Prashant Bhargava, Freescale Semiconductor
As discussed in the Part 1 of this series (requirements and assessment flow), safety is one of the key parameters that most of automotive companies are focusing on. Part I described the ISO 26262 standard and the related nomenclature. This part deals with looking into design solutions for increasing the safety/reliability of products, thus enabling automotive chip suppliers and their customers to deliver safer parts.

Design failures
According to ISO26262, a design should be robust enough to handle the random failures caused by harsh ambient conditions. It has been observed that the cosmic rays and alpha particles can produce enough charge inside a chip to change the state of one or more flip flops or temporary change in the net value. And due to aging, a flip flop may not be able to retain its values for long duration. These failures can be temporary in nature, like bit flipping or permanent because of wearing out of the device. Such failures can lead to a malfunction resulting in a violation of safety goals (damage incurred).

Courtesy of EE Times Automotive DesignLine.



