Considerations for ensuring functional safety in safety-critical applications during implementation and verification of IP cores
Philipp Jacobsohn, Senior Staff Applications Engineer, SmartDV
Companies creating products with stringent functional safety requirements often request certification of third-party components, such as IP cores. Various industry standards define both the allowed probability of failure and the range of use. The context of use drives the required safety level: for example, automotive safety systems require far higher integrity than infotainment.
The common automotive standard is
ISO 26262-1:2018
(ISO 26262), a subgroup of IEC 61508. IEC 61508 defines SIL 0–4; ISO 26262 uses ASIL A–D. Higher levels require stricter safety measures (ASIL D is most stringent in automotive).
Use case dictates requirements and categorization. Define strategies to prevent failures, minimize probability, or react to errors. Distinguish between systematic errors (development/verification gaps) and random errors (external influences). High-integrity applications may need error-tolerant implementations and must verify both nominal circuit behavior and the error-detection/correction logic itself.
Compliance typically requires certification via an independent organization (e.g., TÜV SÜD). The process is intricate and resource-intensive. In most cases, certifying individual IP cores is not practical because they are used within larger systems.
Even if only the final product is certified, each component must meet system-level requirements. Subcomponents should be implemented under strict rules and with safety-relevant end uses in mind. For ISO 26262, the key stages are:
- Detailed planning of functional safety requirements
- Hazard and failure-mode analysis
- Implementation informed by those analyses
Verification and validation then follow.
Certification demands meticulous documentation (tools used, verification methodology, error coverage, etc.) and freezes the qualified product and tool versions. The rigor is substantial—but the payoff can be increased customer confidence and better products.
When a project requires IP with certification or safety-related collateral, select an IP supplier with deep safety experience and proactive support. Doing so can alleviate stress amid the rigors of safety-critical development.
About Philipp Jacobsohn
Philipp Jacobsohn is Senior Staff Applications Engineer at SmartDV, supporting users of design IP and VIP in North America and Europe. Prior to SmartDV, he held roles at J. Haugg, Synopsys, Synplicity, Epson Europe Electronics, Lattice Semiconductors, EBV Elektronik, and SEI-Elbatex. Philipp is based in Switzerland.