Xcelium Safety Certification Rounds Out Cadence Safety Solution

While fully autonomous driving may now be a distant dream, ADAS continues to be a very active industry driver as much for its safety advantages as for other features. Today in the hierarchy of SAE levels, SAE 2+ may represent the most active area of development rather than levels 3 through 5. This range of options still requires a human driver in the loop yet is bubbling with ideas and products: adaptive merging when entering or exiting a highway, further enhanced automatic emergency braking, driver monitoring systems (for when you aren’t paying sufficient attention), automated parking, intelligent rear- and side-view mirrors. All clever stuff which must also meet appropriate ISO 26262 safety standards, ASIL-A through ASIL-D according to the criticality of the application.

Increasing prominence of ASIL-D

ASIL-D is the most exacting standard, requiring for example better than 99% single point fault metric coverage, compared with say ASIL-B which will let you slide by with merely better than 90% coverage. For example, antilock brakes, self-steering and airbag deployment require ASIL-D coverage, whereas controls for brake lights and rear-view cameras may only require ASIL-B.

As systems become more complex and more highly integrated, an increasing number of SoCs now require some level of ASIL-D certification. This is triggered when a failure in such a system could be life-threatening or fatal, combined with a high risk of exposure since the system is used in the normal course of driving. Failures in aspects of a collision avoidance system would be an example. However, raising a whole SoC to ASIL-D is effectively impossible without abandoning pre-packaged IP and reuse methods. Instead, a “hybrid ASIL-D” approach has emerged. A “safety island” IP is certified to ASIL-D and charged with regularly testing and supervising other functions in the SoC, which are allowed to meet lower ASIL standards. The safety island provides ability to force selective IP reboots or isolation if needed while signaling driver alerts through a central control system.

This approach provides more flexibility in using a wider range of IP but adds more complexity to the certification strategy (the safety island IP must meet ASIL-D but the GPU IP perhaps only needs to meet ASIL-B for example). This mixture demands a clear safety plan from architecture onwards and a fault campaign to match that strategy in all its complexity. The Cadence MIDAS Safety Platform provides that management and control across digital and analog safety verification and safety mitigation implementation.

Xcelium Safety in the MIDAS platform

The Xcelium safety app builds on Xcelium native serial and concurrent fault simulation to provide a common mechanism both for debug and for high-throughput fault analysis. This is further accelerated through a combination of formal methods to filter out untestable or unobservable faults, and with machine learning methods to accelerate throughput on successive runs. The complete Xcelium safety system has been certified by TÜV-SÜD to be used in safety-related development for any ASIL level.

This Xcelium capability integrates with the MIDAS platform, an impressive answer to total SoC certification support from my perspective, managing FMEDA starting from early architectural analysis. This is tracked through fault campaign management across digital, analog, and AMS functions and insertion, optimization, and verification of safety mitigation techniques.

Support includes automotive Functional Safety Documentation Kits satisfying documentation requirements that the automotive component supplier must provide for their tools and flow to achieve ASIL certification. The kits also reduce effort required to evaluate tool use cases within each of the supplier’s automotive design projects and help automotive component suppliers avoid the costly efforts of tool-qualification activities.

Front-to-Back ISO 26262 compliance management for all ASIL levels or a mix of levels. Pretty impressive. You can learn more about Cadence Safety solutions HERE.