With cars driving autonomously on roads, functional safety assumes critical importance to avoid hazardous situations for humans in the car and on the road. ISO 26262 defines Automotive Safety Integration Level (ASIL) with level QM (Least) to ASIL-D (Highest) based on severity and probability of defect causing harm to human life. This paper explores functional safety requirements and solutions for software systems in autonomous cars in four broad aspects. The first aspect covers usage of redundancy at various levels to ensure the failure of one system does not affect the overall operation of the car. It explores the usage of redundancy via multiple sensors and diverse processing of data to arrive at functionally safe results. Based on the redundancy requirements, in the second aspect, an HW (SoC) and SW architecture is proposed which can help meet these requirements. It explores the definition of SW framework, task scheduling, and tools usage to ensure systematic faults are prevented at the development stage. Autonomous driving systems will be complex and expecting all software modules comply with the highest functional safety level may not be feasible. The third aspect explores the usage of freedom from interference (FFI) via HW and SW mechanisms like Firewalls, MMU to allow safe and non-safe sub-systems to co-exist and operate according to their specification. The final aspect covers usage of SW and HW diagnostics to monitor, detect, and correct random faults found at run-time in HW modules. It explores the usage of diagnostics features like ECC, CRC, and BIST to help detect and avoid runtime failures.
Kedar Chitnis, Mihir Mody, Pramod Swami, R Sivaraj, Chaitanya Ghone, M G Biju, Badri Narayanan, Yashwant Dutt, Aish Dubey, "Enabling Functional Safety ASIL Compliance for Autonomous Driving Software Systems" in Proc. IS&T Int’l. Symp. on Electronic Imaging: Autonomous Vehicles and Machines, 2017, pp 35 - 40, https://doi.org/10.2352/ISSN.2470-1173.2017.19.AVM-017