Tip / Sign in to post questions, reply, level up, and achieve exciting badges. Know more

cross mob

AURIX™ MCU: ISO 26262, fault classification of a HW element and associated HW architecture metrics definition – KBA236342

AURIX™ MCU: ISO 26262, fault classification of a HW element and associated HW architecture metrics definition – KBA236342

Infineon_Team
Employee
Employee
50 replies posted 25 likes received 25 replies posted

Version: **

Fault classification (according to ISO26262-5:2018):

Failure modes are classified based on the potential to violate a safety goal.

Infineon_Team_4-1667450805805.png

 

Infineon_Team_5-1667450830643.png

 


Figure 1   Example of flow diagram for failure mode classification

Among these five failure rate categories, three have a negative contribution as they correspond to the portion of a failure mode of a hardware element that may violate a safety goal in the absence of a safety mechanism:

Table 1  Fault classification

Faults

Description

Single-point faults

Faults with potential to violate safety goal (PVSG) and they are not covered by any safety mechanism.

Residual fault

Portion of a random hardware fault that by itself leads to the violation of a safety goal and is not controlled by the safety mechanism.

Multiple-point fault, Latent

Multiple-point faults are not detected by any safety mechanism nor perceived by the driver.

The two metrics are as follows:

1.Single-point fault metric (SPFM)

According to ISO 26262-5:2018,

The SPFM requirement applies to ASIL B, C, and D of the safety goal. Use the calculation in Figure 2 to determine the single-point fault metric.

Infineon_Team_3-1667450700027.png


Figure 2   SPFM calculation

In other words,

  • (SPF + RF) FIT (Failure In Time) < 1% of the total faiure rate (ASIL D).
  • Quality Managed (QM) parts are excluded from the calculation.
  • FIT is calculated based on the area [mm^2] of all involved HW elements (see Figure 3).
Infineon_Team_2-1667450637785.png

Figure 3    Failure rate contribution to SPFM

Table 2  Possible source for the derivation of the target SPFM value

 

ASIL B

ASIL C

ASIL D

SPFM

≥90%

≥97%

≥99%


 2. 
Latent-fault metric (LFM)

According to ISO 26262-5:2018,

The LFM requirement applies to ASIL B, C, and D of the safety goal. Use the calculation in Figure 4 to determine the latent-fault metric:

Infineon_Team_1-1667450523699.png


Figure 4  LFM calculation

In other words,

  • MPF, L FIT < 10% (MPF, DP + Safe + MPF, L) [ASIL D].
  • QM parts are excluded from the calculation (see NOTE 1 in Figure 4).
  • FIT is calculated based on the area [mm^2] of all involved HW elements (see Figure 5).

Where,

  • MPF, L is Multiple point faults latent
Infineon_Team_0-1667450435097.png

Figure 5   Failure rate contribution to LFM


Table 3  Possible source for the derivation of the LFM target value

 

ASIL B

ASIL C

ASIL D

LFM

≥60%

≥80%

≥90%

 

0 Likes
790 Views