Anatomy Of An Autonomous Vehicle Crash
By Ann Steffora Mutschler, Semiconductor Engineering
Accidents happen, but with self-driving cars a crash is only the beginning.
How all the pieces go together for traceability isn’t entirely in focus, though. Automotive OEMs are still trying to figure out what it means, how they are supposed to deploy this technology, and what it involves, observed Raik Brinkmann, president and CEO of OneSpin Solutions. “I have attended a few meetings at big car companies where people are discussing the methodologies of designing autonomous vehicles. Many of these companies are still in experimental stages and trying different things, so they are just beginning to understand the implications that it will have.”
One non-negotiable item is that safety has to be designed in, and according to the ISO 26262 standard, the way to approach functional safety from the chip level is a pretty well-known and well-established procedure, he said. “But when it comes to higher-level functions, like autonomous functions and machine learning-based decision making, engineers still have to learn how to translate those concepts and learn how to actually implement functional safety in these areas. This is something where people still are on a learning curve and experimenting with different approaches.”
Traceability is not just about semiconductors. It stretches back to design tools used to create those semiconductors. For this reason, there is a huge effort underway by tool providers to make sure their design and verification tool flows are certified by internationally-recognized testing body TÜV SÜD.
Joerg Grosse, product manager for functional safety at OneSpin, explained that while OneSpin’s customers may be the semiconductor companies, which are considered Tier 2 suppliers in the automotive ecosystem, they are getting a lot of requirements from the OEMs and Tier 1 suppliers to provide evidence that they did a good job during development of the ICs.
The ISO 26262 standard is also specific about this and includes the requirement to qualify the design and verification flow, he said. “It’s mostly about the flow rather than the individual tools. You always have to consider the tool inside the flow. What does it read? What does it write? Is the tool specifically certified? And is it certified for a given use case or within bounds similar to having a safety manual for your refrigerator or any other appliance?”