Today, the automotive industry is changing rapidly, and the design, use and sales models of cars are rapidly evolving. Driver safety technology, traffic congestion, environmental issues and the basic premise of the car as a means of transportation affect the development of a new generation of cars. To solve these problems, many automakers are trying to strengthen computing power to optimize vehicle control. The new standards issued by the European Union's New Car Safety Assessment Association (EuroNCAP) stipulate that safety assistance functions such as lane change support are necessary for obtaining a five-star safety rating.
This article refers to the address: http://
The number of in-vehicle processors has steadily increased in all market segments, currently averaging 40-50, while some high-end models already have nearly 120 processors. According to Semicast Research, by 2022, only the electronic control unit (ECU) components under the engine hood will reach a market size of nearly $86 billion, a compound annual growth rate of 7% compared to 2015. Semiconductor manufacturers will have the opportunity to tap a large barrel of gold in the automotive electronics arena.
High-tech chips can improve power system emissions, enhance safety, and use cellular networks to interconnect vehicles and road infrastructure. However, as the system becomes more complex, ensuring driver safety becomes even more critical, and it is necessary to create a more automated, systematic, and unpredictable solution – what we usually call “functional safety.â€
What is functional safety?
In short, the ultimate goal of functional safety is to ensure that the product operates safely and can continue to escort even if there is a problem. Based on this concept, ARM will ensure safety as a top priority, rather than simply follow the market direction, continue to strengthen research and development, and introduce more functional safety related products.
Standards are set in all walks of life to guide future development and limit minimum entry barriers. In the automotive electronics industry, this standard is ISO 26262, which defines functional safety as:
“avoid unreasonable risks due to electrical/electronic system failuresâ€.
Standards in different fields are not completely consistent. For example, IEC 61508 for electrical and electronic systems and DO-254 for aircraft electronic hardware have their own definitions. It is also worth noting that they all have specific terminology and provide engineering development guidance including target parameters. Therefore, it is important to determine the target market and develop a suitable process before starting product development, because modifying the R&D process midway will inevitably lead to inefficiency. Figure 1 shows the different application criteria for silicon IP. In actual operation, if you need to meet multiple sets of standards, you can seek common ground while reserving differences, first list exclusive requirements, and then implement general guidelines such as quality management;
Figure 1: Functional safety standards for silicon IP
In practice, the functional safety system must be certified by an independent evaluator to comply with all safety standards. To achieve functional safety, a fault mode with predictive capability is required. The system status is judged to be functionally complete, some functions are damaged, or the system must be shut down for restart or reset.
Not all faults can cause serious accidents immediately. For example, a car power steering system failure can lead to sudden false steering, but due to the natural time delay of electrical and mechanical design, the fault does not immediately have a consequence, which is usually a few milliseconds or more, as defined by ISO 26262. For fault-tolerant time intervals, the length of the interval depends on the type of potential accident and system design. Therefore, it is not difficult to understand that the higher the system security requirements, the more the failures that cause unsafe events should be avoided.
Ideally, functional safety does not affect system performance; but in real life, many of the current security measures can seriously affect system performance, power, and area (PPA). How to reduce the adverse effects on system performance and the increase of design and manufacturing costs under the premise of ensuring functional safety is a major problem faced by designers.
Why do you need functional safety?
The functional safety of chip IP has been a very small area, with only a few chip and system developers interested in automotive, industrial, aerospace and other similar markets. However, with the rise of various types of automotive applications in the past few years, the situation has changed dramatically. In addition to cars, there are many other industries that can benefit from the increase in electronic devices. Of course, ensuring functional safety is a major prerequisite. Medical electronics and aviation are two typical examples.
Automated driving has attracted the attention of many people in the past few years, but it has always been a fog; now, with the popularity of Advanced Driver Assistance Systems (ADAS) and rich media in-vehicle infotainment systems (IVI), despite the highly automated driving The times are still far away, but the prospects for self-driving cars have become clearer. UAVs with different sizes and shapes and the growing popularity of the Internet of Things are also areas where functional safety is a must. ARM technology will be a big boost.
ARM functional safety technology
As with other technology markets, emerging functional safety applications also require semiconductor drivers; this is not a piece of paper, and the ever-changing product innovations have already attracted the interest of ARM partners. Most functional security embedded systems require two core elements: security protection and real-time processing. The ARM Cortex-R series processors are tailored to this need to provide high-performance computing solutions for embedded systems to ensure high reliability. , high availability, fault tolerance, and/or powerful real-time self-determination capabilities. These features lay the foundation for the high security integrity of ADAS and IVI systems, enabling not only critical behavior processing, security-related outage events, communication with other systems, but also complex functions with low integration.
What is a malfunction?
Failures can be systemic (such as human factors in the specification and design process); they may also be related to the tools used. One way to reduce failures is to implement a rigorous quality control process that must include detailed planning, review, and quantitative assessment. Proper planning and use of tool certification is very important, and the ability to manage and track changes in requirements is equally critical. ARM's Compiler 5 compiler has been certified by TÃœV SÃœD to facilitate security R&D without the need for additional certification by the compiler.
There is also a type of failure called a random hardware failure. They may be permanent faults as shown in Figure 2, such as short circuits; they may also be soft faults due to natural radiation. This type of failure can be handled with solutions integrated in hardware and software, so system-level technology is equally important. For example, the Logic Built-in Self Test (BIST) can be applied to system startup and shutdown to distinguish between soft and permanent failures.
Figure 2: Type of fault
Responses
The choice and design of fault detection and control measures is a favorite part of the process designer because they can use both system-level and micro-architectural technologies. Establishing a Failure Mode Concept and Effects Analysis (FMEA) is a good place to start, listing all possible failure modes and the severity of their consequences. With this information and the designer's in-depth understanding of complex systems, the most serious failure modes can be identified and countermeasures designed.
There are many ways to deal with potential failures. Here are some of the most common techniques:
• Diversification checker: Use another circuit to check if the main circuit has failed. For example, the inspector can count interrupt controllers and keep track of the total number of interrupts caused by humans and systems.
Vacuum Ground Sewage Discharging System
Ground Sewage Discharging System,Semi Vacuum Drainage System,Indoor Vacuum Drainage System,Outdoor Vacuum Drainage System
CRRC SHANDONG CO., LTD. , https://www.crrcsd.com