ADAS features and next-generation digital cockpit systems are no longer niche segment features but a mass-market requirement. With this increased adoption, one needs to have a set of guidelines to develop them to make sure they perform as required in case of a safety function as well as in HMI function. This blog gives a brief overview of the concept of functional safety along with automotive safety levels and provides deep insights into the process and best practices for achieving functional safety in automotive systems.
Vehicles today are being equipped with an increasing number of embedded systems either to make them a lot safer for users or to provide enhanced user experience. This exponential growth of the embedded systems in cars puts forth the challenge to everyone involved in the development supply chain to ensure that the system is failsafe and fool proof. To address this issue, the concept of functional safety is introduced in the development of such embedded systems that go into an automobile. This whitepaper gives an overview of functional safety associated with automotive ADAS and infotainment systems and how Tier1s and OEMs benefit from it. With reliance on software comes the challenges of safety that is making sure the system is not vulnerable to any threats. That’s the main reason why there are functional safety standards are designed for embedded systems developers in several industries.
Functional safety implementation is the concept of developing a safer product and a product that works in the way it is intended to. ISO26262 is the automotive safety standard which is created for electrical/electronic that serve safety applications in the automotive. It provides guidelines to all of all the suppliers, OEM, and semiconductor companies to create a safe product that can be used in the cars.
Features like a rear-view camera, a navigation system, a braking system and lane departure warning systems which are seen in modern cars, need to follow functional safety standards. Functional safety validation of the automotive software based on ISO26262 is a process of critical nature as it will protect from untended faults which might result in harm to human life. This means that systems must function correctly, with potentially unsafe faults detected and controlled to prevent a hazard.
For a safety-critical system, requirement management and traceability are a challenging problem especially when the number of electronic units is more such as in the automotive industry. All automotive application design processes should comply with safety standards (ISO 26262) which impose bi-directional traceability of requirements which is explained in brief in this document.
Cause of software malfunction
The major portion of many modern car systems is defined by their software. A large number of artifacts are produced in each phase of the development process. The complexity of the software is increasing proportionally to several requirements. Hence it is important to make sure to cover all possible states of the software behaviour.
System failure can be caused by hardware or the software module due to fault at requirement, design or the implementation phase. If proper development process or method is not followed or if improper testing is conducted, it may lead to unintended software behaviour and may trigger wrong indication/operation.
Automotive software development stages
While ensuring functional safety implementation in an automotive software development, we need to follow different levels/stages, each associated with a specification and attributes that needs to be followed.
- Software safety Specification
- Software Architecture design
- Software unit design and Implementation
- Software Unit verification
- Software integration and verification
- Testing of the embedded Software
Figure 1: Example of automotive embedded software development stage
Best practices for functional safety software development
Some of the best practices for developing functionally safe software include:
- Agile software development approaches or methods are best suitable for safety-related software development.
- Test-driven development can be used to improve the quality and functional testing of the requirement.
- A continuous Integration framework can be used for testing the software and regression test.
- Cyber Security is one of the most important factors that need to be considered.
- MISRA C coding guidelines for C programming.
- Bi-directional traceability shall be maintained from the requirement to test strategy.
With multiple embedded systems used in a modern car for various ADAS and human-machine interface function (IVI and digital cockpit), safety criticality of software development is paramount. To address this issue, functional safety standards are introduced and widely adopted. This ensures that safety standard is met right from the first stage of development. This not only streamlines the workflow but in an off case helps to trace back to the root cause of the system failure. Every system development workflow for safety critical automotive applications must follow the standard and the best practices outlined in this whitepaper and counter any risks due to software malfunction.