editor's blog
Subscribe Now

Safe Processing

When we recently looked at software and hardware safety standards, much of the discussion was focused on process-oriented standards like DO-254 and DO-178. But we also mentioned some other standards without going into detail. And some of those operate on the concept of “safety integrity level,” or SIL.

The origin of this concept is IEC 61508, which establishes four SILs, numbered 1-4, with 4 indicating the “safest” level. The determination of SIL appears to be relatively complex and somewhat ambiguous since the specific failure modes must be identified for each individual system, and are not codified in IEC 61508. They involve both process considerations as well as the Probability of Failure on Demand, or PFD,  (or its inverse, the Risk Reduction Factor, or RRF).

It’s actually pretty easy to understand the PFD ranges for each SIL: it’s the maximum number of zeros after the decimal for the PFD (or the minimum number of zeros in the RRF). So SIL 1 applies to a PFD of 0.1 to 0.01 (or an RRF of 10 to 100); SIL 4 applies to a PFD of 0.0001-0.00001 (or an RRF of 10,000-100,000).

ISO 26262 has a similar concept for automobiles, referring to Automotive SILs, or ASILs.

Only systems can achieve a SIL level; components may tout a SIL level, but simply using such components (or a process known to have achieved a certain SIL level on a different product) is not sufficient to demonstrate that SIL level. So, for instance, when TI just announced their Hercules microcontrollers, they didn’t say that “these  microcontrollers conform to SIL x.” They listed a series of features that are specifically designed to help a designer achieve a desired SIL or ASIL.

Because these standards don’t call out specific functional requirements, only probabilities of failure and process requirements, the feature list itself can’t be expressly correlated with specifics of the standard. Again, they’re simply things that are known to allow the implementation of safer systems.

More details and the specific features can be found in TI’s release

Leave a Reply

featured blogs
Nov 13, 2019
At the third stroke of midnight on 30 September 2019, Australia's talking clock fell silent....
Nov 13, 2019
By Elven Huang – Mentor, A Siemens Business SRAM debugging at advanced nodes is challenging. With pattern matching and similarity checking, Calibre tools enable designers to more quickly and precisely locate SRAM modification errors and determine the correct fix. Static...
Nov 13, 2019
Decisions, Decisions … I may be in the market for a new car in the near future. Unless you'€™ve got a strong preference (and most car buyers DO have a strong preference, IMO), choosing a vehicle is a series of trade-offs.  Fuel efficiency vs. horsepower. Functionali...
Nov 13, 2019
One of the big trends that has been happening somewhat below the radar is the growth of various forms of 3D packaging. I noted this at HOT CHIPS in summer, when a big percentage of the designs were... [[ Click on the title to access the full blog on the Cadence Community sit...
Nov 8, 2019
[From the last episode: we looked at the differences between computing at the edge and in the cloud.] We'€™ve looked at the differences between MCUs and SoCs, but the one major thing that they have in common is that they have a CPU. Now'€¦ anyone can define their own CPU ...