The importance of building functional safety into your design right from the start

All new Arm processors to have proven systematic capability for functional safety

The focus on functional safety IP is rapidly growing and we’re seeing this growth not just in automotive but in many other markets including, avionics, medical, industrial and railways, where systems need to efficiently identify and mitigate the occurrences of faults, and where more confidence is required with respect to the design practises employed for the development of IP.

Currently, there are many processors that are not designed with functional safety standards in mind and the use of these can lead to lengthy and costly qualification processes for safety relevant applications. Arm’s processors are designed to be used in a wide spectrum of devices in a range of markets, and so to ensure our IP is able to meet the functional safety requirements for each market and the needs of our customers, we are developing all our new processors to have proven systematic capability for functional safety. With Arm processors and ecosystem support, partners and system integrators will be able to build functional safety into their designs from the early stages of the product development.

Building a robust functional safety process

When designing functional safety related products, one must follow the so-called "product life cycle process". Such a process is often far more structured and formal compared to other standard development processes. For us to establish a reliable and comprehensive functional safety process in Arm, we ran gap analyses of the common development life cycle against guidelines included in a variety of functional safety standards. By running these analyses, we are able to identify areas of our development process that may require improvements. In support of standards such as ISO 26262 and IEC 61508, our gap analyses identified that the systematic and self-test capabilities had to be augmented.

The systematic capability of a project is the collection of practises and methodologies used during the life cycle of the project. Systematic capabilities are addressed by the Arm standard development process which was already a best-in-class development and verification process. The Arm functional safety process now adds formality and more robust supporting processes such as configuration management, change control and production of evidence that can be used to verify the systematic capabilities of the IP by auditors, and also ensure the long-term maintainability of project work products.

Arm also contributes to the diagnostic coverage of random hardware faults that can manifest themselves once the device has been released to production. In order to address this, we are adding Software Test Libraries (STLs) to complement our already feature-rich IP. These can be used in conjunction with our extensive range of CPUs targeted for use in safety systems. STLs have a common Application Programming Interface (API) that enables the developer to scale software stacks across multiple CPU systems with relative ease of integration. The libraries will be subject to safety assessment and certification, resulting in shorter time-to-market and confidence that the user’s systems will reach industry assessment requirements.

Train on tracks

How does Arm ensure its IP meets functional safety standard requirements?

A common point across different functional safety standards is a method called “process assurance”. Process assurance is a set of audits and assessments that are performed by independent roles or bodies to ensure that the necessary requirements are met for a specific project.

To ensure we meet the requirements of functional safety standards, we complete the following steps during our functional safety process;

  • Conduct independent verification reviews at every stage of the development life cycle
  • Use a combined verification approach made of formal and simulation verification
  • Instruct an independent functional safety audit to be conducted at least once in the product life cycle
  • Have a third party functional safety assessment take place which will certify the compliance of that project to the applicable requirements of the standard

Moving to this functional safety process has enhanced aspects of the normal development life cycle such as configuration practices, change management practices and traceability from requirements to verification to show completeness and correctness of implementation. As a result, bugs are now being addressed earlier in the life cycle, even before coding, as during verification reviews we may spot problems that can be fixed before implementation in RTL, saving verification cost.

What does this mean for customers?

Whether you run safety related products in markets like medical, automotive, railway, aerospace, nuclear or industrial, the benefits from the functional safety process are considerable throughout the supply chain.

1. Direct information for compliance

In the past, information for compliance would be reverse-engineered and also require additional low-level verification which was unnecessarily duplicated. Now information can be directly provided by Arm, leaving you with more time to focus on the integration of Arm IP within the system, from a functional safety aspect at a system level. Key to this activity is the attention to the recommendations, assumptions and requirements included in our safety documentation package, provided with our IP.

2. A gateway to new markets

Within the functional safety related community, techniques and methodologies tend to be shared and standardized. Arm designs feature-rich IP with state-of-the-art safety mechanisms such as Dual Core Lockstep (DCLS), STLs, bus protection and ECC which can all be used in a range of applications, opening gateways into new markets for customers who are now able to enjoy the renowned and industry-leading technology that made Arm successful in other non-safety relevant markets.

3. Access to a broad IP portfolio and support

We aim to support the broadest array of functional safety solutions in the industry by offering an extensive portfolio of IP along with customer support and guidance. Our ambition is to not only provide you with as many pieces of the safety concept “puzzle”, but also provide expert guidance on how to integrate these pieces with Arm’s range of tools and supporting material from our ecosystem partners.

4. Functional safety drive continual improvement

By instilling a strong safety culture across the company along with the robust methodologies that are required to support the multiple functional safety standards, the Arm product development life cycle has benefitted from process improvements that have resulted in improvements in quality, reliability and time-to-market.

Arm functional safety IP

What other ways is Arm supporting the functional safety process?

Arm is quickly expanding its portfolio in functional safety with the Arm Compiler (versions 5 and 6), STLs, Artisan Physical IP, Keil RTX5 real-time operating system (RTOS) and hand-tuned C library functions, which will all be assessed for functional safety and certified. To find out more about these and how Arm is supporting functional safety technology, read our last blog - Functional safety - Enabling safer systems with Arm technology.

With the importance of functional safety continuing to grow and potentially affecting new markets in the future, using IP with systematic capability for functional safety can offer faster time-to-market whilst also presenting opportunities to reach new markets in the future. Arm and its ecosystem is able to provide the broadest array of functional safety solutions in the industry by offering an extensive portfolio of IP along with customer support and guidance, helping you to build functional safety into your designs right from the start.

To find out more, please visit our functional safety page.

More on functional safety

Anonymous