editor's blog
Subscribe Now

Safe Processing

When we recently looked at software and hardware safety standards, much of the discussion was focused on process-oriented standards like DO-254 and DO-178. But we also mentioned some other standards without going into detail. And some of those operate on the concept of “safety integrity level,” or SIL.

The origin of this concept is IEC 61508, which establishes four SILs, numbered 1-4, with 4 indicating the “safest” level. The determination of SIL appears to be relatively complex and somewhat ambiguous since the specific failure modes must be identified for each individual system, and are not codified in IEC 61508. They involve both process considerations as well as the Probability of Failure on Demand, or PFD,  (or its inverse, the Risk Reduction Factor, or RRF).

It’s actually pretty easy to understand the PFD ranges for each SIL: it’s the maximum number of zeros after the decimal for the PFD (or the minimum number of zeros in the RRF). So SIL 1 applies to a PFD of 0.1 to 0.01 (or an RRF of 10 to 100); SIL 4 applies to a PFD of 0.0001-0.00001 (or an RRF of 10,000-100,000).

ISO 26262 has a similar concept for automobiles, referring to Automotive SILs, or ASILs.

Only systems can achieve a SIL level; components may tout a SIL level, but simply using such components (or a process known to have achieved a certain SIL level on a different product) is not sufficient to demonstrate that SIL level. So, for instance, when TI just announced their Hercules microcontrollers, they didn’t say that “these  microcontrollers conform to SIL x.” They listed a series of features that are specifically designed to help a designer achieve a desired SIL or ASIL.

Because these standards don’t call out specific functional requirements, only probabilities of failure and process requirements, the feature list itself can’t be expressly correlated with specifics of the standard. Again, they’re simply things that are known to allow the implementation of safer systems.

More details and the specific features can be found in TI’s release

Leave a Reply

featured blogs
May 21, 2019
Today's blog highlights the features of the new Multi-Test Editor that is now available in ADE Assembler. With this blog, we have come to the end of the mini blog series that covered a lot of... [[ Click on the title to access the full blog on the Cadence Community site...
May 20, 2019
The Loch Ness Monster? There’s that old, grainy picture. Big Foot? I’ve seen the video. UFO’s? Who knows? But micro, rugged industrial connectors? Come on, that’s really hard to believe … But, industrial electronics is Samtec'€™s largest sellin...
May 20, 2019
Next week – Wednesday 29 May – I am presenting a technical webinar, looking at multicore issue. In particular, we will be looking at a number of benefits of a multicore design including how it can help reduce certification costs and effort '€¦ Here is the abstra...
Jan 25, 2019
Let'€™s face it: We'€™re addicted to SRAM. It'€™s big, it'€™s power-hungry, but it'€™s fast. And no matter how much we complain about it, we still use it. Because we don'€™t have anything better in the mainstream yet. We'€™ve looked at attempts to improve conven...