Part of the  

Chip Design Magazine

  Network

About  |  Contact

Headlines

Headlines

Cadence Delivers TCL1 Documentation for ISO 26262 Standard

Gabe Moretti, Senior Editor

The goal of ISO 26262 is to provide a unifying safety standard for all automotive E/E systems.  The Draft document of the ISO 26262 standard was published in June 2009.  The first edition of the standard was published on 11 November 2011.  The standard is intended to be applied to electrical and/or electronic systems installed in “series production passenger cars” with a maximum gross weight of 3500 kg. It aims to address possible hazards caused by the malfunctioning behavior of electronic and electrical systems.  The standard ISO 26262 is an adaptation of the Functional Safety standard IEC 61508 for Automotive Electric/Electronic Systems.   The standard, comprised of ten sections, touches a significant portion of all modern automobiles (Figure 1).

Figure 1. Impact of ISO 26262 on automotive systems (courtesy of National Instruments)

The ten sections of ISO 26262 are:

  1. Vocabulary
  2. Management of functional safety
  3. Concept phase
  4. Product development at the system level
  5. Product development at the hardware level
  6. Product development at the software level
  7. Production and operation
  8. Supporting processes
  9. Automotive Safety Integrity Level (ASIL)-oriented and safety-oriented analysis

10. Guideline on ISO 26262

As the electronic systems in cars become more pervasive, the number of functions controlled by the standard increases.  As can be seen in Figure 2 the importance of ISO 26262 grows almost exponentially.

Figure 2. Electronic safety systems are increasing in both use and importance (Courtesy of Synopsys)

Contrary to the IEEE standards for EDA, for example, the automotive industry has an organization that can certify compliance to the standards.  TÜV SÜD is an international service corporation focusing on consulting, testing, certification and training.  At over 800 locations, primarily in Europe, North America, Middle East, Asia Pacific.  The organization is headquartered in Munich, Germany.

Cadence Support of ISO 26262

Cadence has delivered the industry’s first comprehensive Tool Confidence Level 1 (TCL1) documentation that is compliant with the automotive ISO 26262 standard. To be deemed compliant, TÜV SÜD, completed an evaluation and confirmed the TCL1 predetermination for the Cadence analog/mixed-signal tool chain and digital front-end design and verification flows.  Cadence expects that an evaluation of its digital implementation and signoff flow by TÜV SÜD will be completed by the end of the year. Once completed, more than 30 Cadence EDA tools will contribute to an ISO 26262 compliant development lifecycle.

The TÜV SÜD evaluation satisfies documentation requirements that the component supplier has to provide for their tools and flow. For the component supplier to achieve an ASIL certification, development tools must be formally assessed according to the ISO 26262 standard. The Cadence approach reduces the effort required to evaluate tool use cases within each of the supplier’s automotive design projects and avoids the costly efforts of tool qualification activities, which reduces complexity and saves time and money (Figure 3).

Figure 3 Impact of TCL1 (Courtesy of Cadence)

Dr. Anirudh Devgan, senior vice president and general manager of the Digital & Signoff Group and the System & Verification Group at Cadence remarked: “Through our close collaboration with TÜV SÜD, our automotive customers can create and verify automotive designs knowing that our tool flows have achieved compliance.  Also, because the Cadence flows have been evaluated by TÜV SÜD, our customers don’t need to spend extra time and money on the evaluation phase.”

TCL1 provides a high level of confidence that tools are safe to use, and automotive OEMs as well as tier 1 and tier 2 component suppliers require technology vendors to meet these stringent safety requirements for ASIL A through ASIL D projects. Cadence Automotive Functional Safety Kits provide flow-based solutions supported by modularized documentation, allowing customers to make adaptations for their specific tool environments and, thus, easing the process of submitting documentation to the auditor. The three flows are as follows:

  • Digital front-end design and verification flow: This flow goes from specification to RTL design, functional verification and functional safety. It includes well-known tools such as the Incisive Enterprise Simulator, Palladium Z1 enterprise emulation platform, Protium rapid prototyping platform, Incisive vManager solution, JasperGold applications, Genus Synthesis Solution and Conformal Equivalence Checker. 
  • Analog/mixed-signal design, implementation and verification flow: This flow brings transistor-level designs from creation and simulation through physical implementation and verification using the Cadence Virtuoso suite and the Spectre circuit simulation platform. The Cadence Virtuoso ADE Verifier provides design engineers with an integrated means to validate the safety specifications against individual circuit specifications for design confidence.
  • Digital implementation and signoff flow: This flow is currently undergoing the evaluation process. It covers RTL-to-GDSII implementation and signoff and includes the Cadence Innovus Implementation System and the Modus Test Solution for the implementation and signoff of automotive designs.

Third party certification is something EDA companies have not regularly sought, yet, in certain cases, it would have been, and would still be, beneficial to the electronic industry.  It would be simple enough, for example, to certify accurate and complete support to design languages’ Language Reference Manual (LRM) documents or support of all the synthesizable subset of a design language.  Cadence’s step is thus to be applauded and hopefully followed by other EDA vendors.

Tags: , , , , , , ,

Leave a Reply