Functional Safety Introduction
What is Functional Safety
Functional safety is a methodology that ensures systems operate at an acceptable level of safety. ISO 26262 is an automotive safety standard that defines the necessary criteria for vehicle system safety. By implementing safety mechanisms, vehicles can issue warnings and enter a safe state in the event of an abnormal condition, preventing injury to humans.
Who needs Functional Safety
Functional safety is not only the responsibility of car manufacturers, but also involves suppliers at all levels.
OEM/OBM: Original Equipment/Brand Manufacturer
Tier 1: Subsystem suppliers, e.g., ADAS
Tier 2: Module suppliers, e.g., cameras
Tier 3: Chip suppliers, e.g., power management ICs
Tier 4: Material suppliers, e.g., intellectual property (IP)
The system manufacturer is responsible for analyzing potential hazards to personnel caused by system failure. Considering a system comprises many components, it's important to include specific components that enhance functional safety. These functional safety components are designed to independently handle potential failures, reducing the need for the overall system to analyze and respond to random component failures.
Automotive Safety Integrity Level (ASIL)
An Automotive Safety Integrity Level (ASIL) shall be determined for each hazardous event based on the classification of Severity, Exposure, and Controllability — to determine a grade (from QM, A to D) by asking the following questions:
Severity class
|
Exposure class
|
Controllability class
|
| C1 |
C2
|
C3
|
| S1 |
E1
|
QM |
QM
|
QM
|
| E2 |
QM |
QM
|
QM
|
| E3 |
QM |
QM |
A |
| E4 |
QM |
A
|
B
|
| S2 |
E1 |
QM |
QM |
QM |
| E2 |
QM |
QM |
A |
| E3 |
QM |
A |
B |
| E4 |
A |
B |
C
|
| S3 |
E1 |
QM |
QM |
A
|
| E2 |
QM |
A |
B |
| E3 |
A |
B |
C |
| E4 |
B |
C |
D |
1. Severity
If a failure occurs, what are the consequences? Does it affect the driver, passengers, and/or people outside the vehicle? Severity is classified into the following levels:
- S1: Minor to moderate injuries
- S2: Severe injuries, but high likelihood of survival
- S3: Serious and fatal injuries
2. Exposure
How often is the system exposed to this particular environment or situation? Exposure is classified into the following levels:
- E1: Very rare (e.g., once a year)
- E2: Occasional
- E3: Frequent
- E4: Very frequent (encountered daily)
3. Controllability
If a failure occurs, how easily can people nearby or vehicle operators avoid injury and/or damage? Controllability is classified into the following levels:
- C1: Easily controllable (the driver can handle it easily)
- C2: Difficult but controllable (requires skill or experience)
- C3: Hard to control or uncontrollable (most people can hardly manage it)
4. ISO 26262 is divided into five levels
- QM (Quality Management): Applicable to levels that do not lead to vehicle safety hazards.
- ASIL A: The least stringent safety level.
- ASIL B: Covers conditions from minor to moderate.
- ASIL C: Includes moderate to severe conditions.
- ASIL D: The highest risk level, with the most stringent requirements, applicable to core systems related to personal safety.
Richtek Product Safety Levels Offered
Richtek has passed ISO 26262 ASIL D process certification, enabling us to provide product development and manufacturing services for automotive applications with the highest safety level processes. According to the ISO 26262 standard, we offer a variety of automotive functional safety integrity level (ASIL) product options to meet different application and customer safety requirements:
- QM (Quality Management): Suitable for automotive electronic products that do not involve safety hazards.
- ASIL A: Suitable for low-risk applications and basic safety requirements.
- ASIL B: Suitable for medium-risk applications that require enhanced safety mechanisms.
- ASIL C: Suitable for high-risk applications and critical automotive systems that require stringent safety design.
- ASIL D: The highest safety level, suitable for extremely high-risk applications that require the most rigorous safety protection.
Customers can select the most appropriate safety level products according to their actual needs, ensuring the safety and reliability of automotive systems.
| Safety Level |
Applicable Scope |
Richtek Product Support
|
| QM |
General automotive electronics |
✔ |
| ASIL A |
Basic safety requirements |
✔ |
| ASIL B |
Middle safety requirements |
✔ |
| ASIL C |
High safety requirements |
✔ |
| ASIL D |
Highest safety requirements |
✔ |
Richtek Functional Safety Product Feature
1. Built-In Self-Test (BIST):
The product features multiple built-in safety mechanisms that automatically perform self-checks, providing a high diagnostic coverage rate to ensure reliability and safety during every driving cycle.
2. Voltage Monitoring and Redundant Design:
The chip is equipped with reference voltage monitoring capabilities, enabling real-time detection of reference voltage stability. Through redundant reference voltage design, it effectively prevents chip instability, increased errors, or performance degradation caused by voltage abnormalities, ensuring stable system operation.
3. Clock Monitoring and Abnormality Warning:
The system clock is crucial for synchronizing all circuits and modules within the IC. The chip includes a clock monitoring mechanism that can instantly detect whether the clock signal deviates from the preset range. If an abnormality is detected, a warning is immediately triggered and chip operation is interrupted to prevent error propagation.
4. Independent Fault:
To enhance functional safety, the product is designed with an independent error output and interrupt reporting system. When an abnormality is detected, it can promptly issue error notifications, helping the system respond quickly, reduce accident risks, and ensure overall safety and performance.