Interconnect Prominence In Fail-Operational Architectures

May 2nd, 2019 – By Kurt Shuler

How do you manage when a subsystem needs to reboot in an autonomous vehicle? 

When we in the semiconductor world think about safety, we think about ISO 26262, FMEDA and safety mechanisms like redundancy, ECC and lock-step operation. Once we have that covered, any other aspect of safety is somebody else’s problem, right? Sadly no, for us at least. As we push towards higher levels of autonomy, SAE levels 3 and above, we’re integrating more functionality into our SoCs, much of it involved in complex decision-making. Problems will happen in these complex systems, whether through transient faults or other causes, and not all of these can be corrected on-the-fly by those safety mechanisms I just mentioned. Sometimes, you have to reboot, the same way you reboot your phone, computer, or even your state-of-the-art TV when these misbehave.

For more information on SOTIF, please check out this video: http://www.arteris.com/blog/semiconductor-engineering-what-is-sotif

To read the entire article on the SemiEngineering page, please click here: https://semiengineering.com/interconnect-prominence-in-fail-operational-architectures/