The term functional safety (FuSa) is defined by ISO 26262 as the absence of unacceptable risk due to hazards caused by malfunctioning behavior of E/E (electrical and/or electronic) systems.
Related to hardware elements, the goals are to prevent systematic design failures and detect and control random hardware faults. Systematic faults occur during the development and manufacturing phases of the automotive design lifecycle. Random hardware faults appear during the lifetime of the hardware component in operation and are caused by random defects or aging.
Systematic faults are assessed qualitatively using safety analysis techniques such as FMEA (failure mode and effect analysis). Preventing systematic faults requires a systematic design approach following well-trusted design principles, verification and test.
Random hardware faults are assessed quantitatively using FMEDA (failure mode, effect and diagnostic analysis) to prove that the design achieves target ASIL (automotive safety integrity level). Random hardware faults are classified as either permanent faults, such as opens or shorts, or transient faults, such as temporary bit flips due to ionized radiation. They are detected and mitigated by safety mechanisms. There are a variety of hardware FuSa mechanisms such as techniques that leverage redundancy and comparators or majority voters such as dual core lockstep (DCLS) and triple mode/modular redundancy (TMR), or built-in self-tests (BIST) such as Logic BIST (LBIST) or Memory BIST (MBIST).
