close By using this website, you agree to the use of cookies. Detailed information on the use of cookies on this website can be obtained on OneSpin's Privacy Policy. At this point you may also object to the use of cookies and adjust the browser settings accordingly.

Using Formal to Verify
Safety-Critical Hardware for ISO 26262

ISO 26262 white paper on safety-critical verification for automotive hardware

Over the past several years, automotive suppliers have made substantial investments to meet ISO 26262 requirements, often leading to significant increases in development costs. Maturing the application of the standard and moving towards systematic and automated development methods is critical to achieve and sustain success.

Thanks to ease-of-use and capacity advances, formal-based methodologies have achieved recent wide adoption in the industry. Formal verification is widely recognized as a powerful technique to uncover hardware design bugs that might otherwise escape simulation-based verification and lead to systematic failures. A key characteristic of formal tools is the ability to examine design behavior exhaustively, without the need for input stimuli, and prove that the design never deviates from its intended function, as specified by a property or assertion. Even for simple designs, simulation tools cannot achieve this level of precision. Formal tools have multiple applications for both systematic and random fault verification.

This white paper fosters an understanding of the general framework of the ISO 26262 standard, with particular focus on digital hardware development. It discusses how formal tools have addressed specific challenges in the efficient development of safety-critical hardware, significantly transforming both the quality and efficiency of the verification process, and streamlining the activities required to satisfy the ISO 26262 standard.

Ensure functional safety through our safety-critical verification solutions


Our marketing communications manager, McKenzie Ross, recently got behind the wheel of a Tesla Model X to discuss using formal to verify safety-critical designs that must be ISO 26262 compliant.

Fill in your details below to watch a presentation about safety-critical verification solutions for automotive hardware and the ISO 26262 standard. Our video provides an overview of the benefits of adding formal to your verification flow, while the companion white paper offers greater depth.


The ISO 26262 standard governs the development of safety-related electrical and/or electronic (E/E) systems within road vehicles. ISO 26262 imposes stringent requirements that encompass the entire life cycle of a system, from concept phase to development, production, and decommissioning. It addresses the overall safety management process and covers relations with suppliers and interfaces for distributed development. The risk of liability is a clear driver of the adoption of the ISO 26262 standard, but there is more at stake: vehicle recalls in the millions and malfunctions leading to fatal car accidents not only cause economic damage, but also diminish the brand image of the companies involved.

The standard specifies two types of component faults, which must be fully verified. Systematic faults are introduced during component development, either through human error or tool/methodology malfunction. Systematic faults are handled through rigorous verification and the careful tracking of specific device requirements. The standard also addresses random faults: those that occur during the actual operation of the device due to external effects. These faults must be safely handled by the circuitry within the device. This requires the use of fault handling capabilities built into the systems, which must in turn be verified to ensure that they will catch the vast majority of possible random faults.

Table of contents

  • Executive Summary 
  • Functional Safety Standards & Automotive Hardware 
  • Key Aspects of ISO 26262 
  • Systematic & Random Hardware Failures 
  • The Power of Formal Methods 
  • Avoiding Systematic Faults Using Advanced Verification Techniques
  • Safeguarding Against Random Hardware Faults—Safety Mechanisms & Their Verification
  • Fault Injection Techniques & Challenges
  • Formal Verification of Safety Mechanisms 
  • Formal Fault Propagation Analysis 
  • Future Challenges for Automotive Hardware 
  • Author 
  • References 

Get the ISO 26262 white paper instantly

Download the white paper to learn how OneSpin's safety-critical verification solutions can help to ensure functional safety for automotive hardware in compliance with ISO 26262.