Building safety into automotive silicon

Robert Bielby | February 2021

Safety-critical automotive applications, by their very nature, have an inherent need for both high reliability and safety. While functional safety requirements have historically been addressed by the automotive Tier 1s and OEMs, with the increasing system-level complexity and electronics associated with today and tomorrow’s vehicle, it is clearly becoming a greater focus for semiconductor suppliers.

Semiconductor suppliers — including memory suppliers — are offering enhanced support to help automotive Tier 1s and OEMs in their functional safety efforts. In November, Micron released a video, “Questions to Ask Your Memory Supplier About Functional Safety for DRAM” in which we outlined the increasing role that memory plays in affecting the overall safety level and issues to consider when developing a safety strategy.

ISO 26262 defines functional safety as the “absence of unreasonable risk due to hazards caused by malfunctioning behavior of electrical/electronic systems.” Malfunctions are classified into two failure types:

  • Systematic failures: These are failures that occur in a deterministic manner — typically introduced during product design or development. These failures are generally addressed by adopting well-documented processes and methodologies, including safety planning, safety concept documentation, requirements traceability, proactive safety analysis tools, robust verification, operational procedures and other associated factors.
  • Random failures: These are failures that appear arbitrarily during the lifetime of a device. Random failures can be further classified in two categories: transient faults (single-event upsets or soft errors) or permanent faults (hard errors such as stuck at a logic level). These types of failures are generally addressed by introducing safety mechanisms that help identify these faults, enabling the system to take the proper actions, including correcting the fault or enabling the system to maintain a safe state.

Several safety mechanisms are employed at the hardware and system levels:

  • Redundancy: This mechanism can typically be implemented at the hardware level.
  • Cyclic redundancy check: This mechanism is typically used for error detection.
  • Error correction code: This mechanism is generally used for both error detection and correction.
  • Built-in-self-test: This mechanism provides additional circuitry that verifies accurate device operation, either continuously or during power-up.

The effectiveness of the safety mechanisms used to detect random failures in time (FIT) and the likelihood of risk are measured by the various metrics, including single-point fault metric (SPFM) and latent fault metric (LFM). These metrics are used to measure the functional safety of a given hardware component.

ASILs establish safety requirements for automotive components

ASIL refers to the Automotive Safety Integrity Level, a risk-classification system defined by the ISO 26262 standard for the functional safety of road vehicles. ASIL A systems have the least stringent level of safety reduction, whereas ASIL D is the most stringent. Because higher ASIL levels typically imply increased levels of cost and complexity, the required ASIL level for a given system scales in direct correlation to the impact of a that system’s failure on the operation of the vehicle.

For hardware systems, the ASIL requirements identify the requisite values for the failure metrics as shown in the table below.

ASIL                                Failure Rate(FIT                              LFM                                 SPFM                                   
A                                < 1,000                                 —                                 —                                   
B                                < 100                              ≥ 60%                              ≥ 90%                                
C                                < 100                              ≥ 80%                              ≥ 97%                                
D                                < 10                              ≥ 90%                              ≥ 99%                               

Micron announces industry-leading portfolio of auto-qualified solutions for safety

Given our intimate understanding of the automotive market and the role and importance of memory in safety applications, Micron is pleased to announce our industry-leading portfolio of safety-based solutions. These solutions underscore our 30-year commitment to delivering leadership solutions to the automotive market. They also reflect an extensive series of investments across many facets of Micron that have been made over the past two years to address the emerging need for safety-compliant solutions:

  • Forming a dedicated functional safety office staffed with industry safety veterans
  • Adopting ISO 26262-compliant processes and methodologies across Micron
  • Establishing a team of safety experts, including system architects and applications engineers for consultation support
  • Introducing the industry’s first independent assessment by industry-leading safety experts, exida, that Micron’s automotive LPDDR5 is suitable for safety systems up to and including ASIL D
  • Obtaining a supplier-performed hardware evaluation report, per ISO 26262-8 clause 13
  • Conducting extensive functional safety analysis and collateral to greatly simplify customer analysis

Micron’s JEDEC-compliant LPDDR5 is the first product within our broader automotive-compliant memory and storage portfolio to be deemed suitable for safety systems at any ASIL level. System integrators are ultimately responsible for justifying that all electronic components and subsystems are suitable for safety-related systems; Micron as the memory developer is in a position of expertise and design data availability to support system integrators in that justification. Micron’s LPDDR5 product is accompanied with product-safety documentation collateral, including a hardware evaluation report by the first industry supplier, as well as safety application notes and analysis reports. In addition, the safety-compliant LPDDR5 memory family contains a unique and innovative “safety engine,” which enables significant system-level, power, performance and cost benefits to be realized. Micron safety solutions better allow system integrators to ensure that the DRAM is free from systematic failures while providing significant improvements in system performance, power, cost and availability.

It is only through Micron’s extensive understanding of DRAM, the automotive market and associated architectures, and functional safety that Micron can deliver this innovative product family. The first automotive-qualified package configurations are available now, and the product is in high-volume manufacturing at our fabrication facilities.

A leading independent functional safety expert, exida, provides this comment: “Functional safety is essential to the development of advanced automotive systems, but to date, memory has had a somewhat neglected commercial off-the-shelf existence,” said Alexander Griessing, chief operating officer and principal safety expert at exida. “Micron has launched its industry-leading automotive LPDDR5 with a laser focus on ISO 26262, setting a new standard for the rest of the memory industry. This increased attention to functional safety will benefit all, from automakers to consumers who need advanced, safe vehicles.”

Learn more

Pay close attention to this space to learn more about safety, including additional details of Micron’s safety solutions portfolio. You can learn more about this hardware evaluation report and Micron’s industry-leading functional safety support here:

Sr Director, Automotive Systems Architecture, EBU

Robert Bielby

Robert Bielby, senior director of Automotive Systems Architecture and Segment Marketing, is responsible for the strategy, marketing and product definition for Micron’s Automotive Division business group. Before joining Micron, Robert spent more than 30 years in systems, semiconductor and solutions businesses holding various engineering and executive roles at Kodak, Altera, LSI Logic, and Xilinx. Robert brings a wealth of experience at the system level in architecture, strategy, vertical marketing and product planning. Robert has authored multiple articles on broad industry topics and holds more than 40 patents in the areas of channel coding, digital signal processing, and programmable logic devices.