ISO 26262 Automotive Functional Safety Verification

Automotive functional safety is a critical concern in today’s fast-moving automotive marketplace. Everything from autonomous braking systems to full self-driving vehicles present both great benefits as well as the potential for injury in modern vehicles.

ISO 26262 is a standard for defining processes that ensure safety in products of the auto industry. It defines Automotive Safety Integrity Levels (ASILs) for the design of electronic systems that go into automobiles. Fully documented safety flows are required of any vendor developing automotive SoC solutions in order to achieve ISO 26262 compliance.

Real Intent provides ISO 26262 verification solutions from its Intent-Driven Static Sign Off suite of verification products. TÜV SÜD, an independent accredited organization, has qualified Ascent Lint, Meridian CDC, and Meridian RDC recommended workflows for these tools resulting in a Tool Confidence Level rating of TCL 2 (“Suitability for Use”). TÜV SÜD‘s qualification is based on tool development process evaluation (per ISO 26262-8, cl 11.4.8) and tool validation (per ISO 26262-8, cl 11.4.9).

Third Party Certified Tool Flows

The tools below are now qualified as suitable for use in an ISO 26262 Section 5 process for development of hardware designs up to ASIL D.

  • Ascent Lint provides a broad spectrum of rules and is very simple and fast to use, making it ideal for proving ISO-26262 conformance. Ascent Lint provides over 580 static checks.
  • Ascent AutoFormal, a multimillion gate capacity formal linting tool, identifies RTL design bugs using formal sequential analysis, expanding on Ascent Lint’s syntax, semantic, and style checks.
  • Meridian CDC focuses on verification of clock domain crossing issues, including performing comprehensive multimode CDC. Meridian CDC checks add integrity to ISO-26262 compliance flows for designs with multiple clocks.
  • Meridian RDC performs comprehensive static analysis to ensure that signals crossing reset domains function reliably. Meridian RDC checks should be a part of any ISO-26262 compliance flow that has multiple resets.
  • Meridian DFT provides a comprehensive set of multimode design for testability (DFT) rules to rapidly identify RTL and gate-level DFT violations that affect testability and fault coverage. DFT is needed to achieve low defective parts per million and perform silicon defect diagnosis and should be a part of any ISO-26262 compliance flow.
  • iDebug is Real Intent’s common debugging platform, designed to quickly and confidently debug critical design issues.  Its database-driven debug methodology documents review actions by designers in support of ISO-26262 documentation requirements.