Arteris Articles

SemiWiki: What are SOTIF and Fail-Operational and Does This Affect You?

Kurt Shuler, VP Marketing at Arteris IP, and Bernard Murphy (SemiWiki) discuss Safety of the Intended Function (SOTIF) in this latest SemiWiki blog:

What are SOTIF and Fail-Operational and Does This Affect You?

May 22nd, 2019 - By Bernard Murphy

Standards committees, the military and governmental organizations are drawn to acronyms as moths are drawn to a flame, though few of them seem overly concerned with the elegance or memorability of these handles. One such example is SOTIF – Safety of the Intended Function – more formally known as ISO/PAS 21448. This is a follow-on to the more familiar ISO 26262. 

When you’re zipping down a busy freeway at 70mph and a safety-critical function misbehaves, traditional corrective actions (e.g., reset the SoC) are far too clumsy and may even compound the danger. You need something the industry calls “fail operational”, an architecture in which the consequences of a failure can be safely mitigated, possibly with somewhat degraded support in a fallback state, allowing for the car to get to the side of the road and/or for the failing system to be restored to a working state. According to Kurt Shuler (Arteris VP of marketing and an ISO 26262 working group member), a good explanation of this concept is covered in ISO 26262:2018 Part 10 (chapter 12, clauses 12.1 to 12.3). The system-level details of how the car should handle failures of this type are decided by the auto OEMs (and perhaps tier 1s) and the consequences can reach all the way down into SoC design. Importantly, there are capabilities at the SoC-level that can be implemented to help enable fail operational.

For more information, please visit the Arteris IP AI package webpage: http://www.arteris.com/flexnoc-ai-package

Topics: SoC semiconductor semiwiki kurt shuler flexnoc ai package ISO PAS 21448 noc interconnect SOTIF (ISO 21448

Semiconductor Engineering: The Long and Detailed Road to Automotive Compliance

 Arteris IP's Kurt Shuler, Vice President of Marketing, comments in the latest Semiconductor Engineering article.

The Long and Detailed Road to Automotive Compliance

April 4th, 2019 - By Ann Steffora Mutschler

Bringing an engineering organization up to speed with automotive safety standards is a long and arduous process. 

Complexity on complexity
Things can get complicated very fast. Kurt Shuler, vice president of marketing at Arteris IP, said it is not uncommon in SOTIF applications to hear, “‘I’m going to do a system and it’s got cameras, and it’s got radars, and the radars have cameras, and there are sensors.’ It’s very complicated. People ask us how to protect against this and that, and how to ensure this thing works and what can be done in the interconnect to help with that. So we get pulled into these really high-level questions. And because an interconnect is configurable IP, and each customer’s design is totally different, we also get pulled into discussions around the process aspect to ISO 26262 when using configurable IP as opposed to a hard macro. These companies are asking us 1,001 questions about that, and it really is difficult. What we generally have to do is agree upfront that we are responsible for a specific part of the specification. And as a safety element out of context, we are responsible for this type of analysis and this kind of stuff; here are our assumptions of use and everything; and we agree on this. Any other insights we give to them is something we do to help them, but it’s not necessarily part of a contract or that’s required. The reason to have that agreement up front is because a lot of these companies are new to automotive, and we have a lot of experience, but we don’t want to be an ISO 26262 consultancy.”

For more information, please click and download this presentation; ISO 26262: What to expect from your chip or IP provider: https://www.arteris.com/download-iso-26262-what-to-expect-from-your-chip-or-ip-provider

Topics: SoC ISO 26262 automotive semiconductor engineering noc interconnect SOTIF (ISO 21448