lp header

Functional Safety IC Design Solution


The Agnisys solution enables semiconductor designers to create products that satisfy functional safety standards such as ISO 26262 for automobiles and road vehicles and IEC 61508 for safety critical manufacturing.

Benefits of a Functional Safety Solution

A functional safety solution for IC design provides benefits for semiconductor designers. The certification process of any product is extensive, so using our certified design and verification tools provides three major benefits:

  • It reduces the time for your product certification

  • It supports high-reliability design automation from a design specification

  • It shortens the time for verification of the functional safety elements in the design

The IC Designer’s Guide to Automated Specification of Design, Verification, and Validation for Better Products

There are multiple causes for designs being wrong, but some of the most common are related to the design specifications and how they are distributed and maintained throughout the product development lifecycle. Learn how to address this issue by reading this guide. 


What Is Functional Safety?

A functionally safe design is able to continue operation or move to a safe state in the presence of faults such as alpha particle hits and silicon aging effects. Safety design requires added logic, known as safety mechanisms, to detect errors and take corrective action. This logic must work in real time even during chip deployment in the field, and must extend through the complete silicon lifecycle. Teams developing safety-critical designs must follow a strict methodology to ensure that the result meets the safety requirements of standards such as ISO 26262 and IEC 61508.

Automotive Functional Safety

Automobiles and other road vehicles present particularly challenging environments for electronic designs. Environmental conditions, temperature and humidity extremes, and vibration all make a fault far more likely than in a server protected in a climate-controller building. ISO 26262 is the primary standard for automotive functional safety, setting a high bar for designers. It defines the FMEDA (Failure Modes, Effects and Diagnostic Analysis) required to meet the requirements of the standard. It also defines the Automotive Safety Integrity Level (ASIL), a risk classification scheme based on traditional SIL safety analysis. It provides the framework for safety management during the development of chips for automotive use.

Components of a Functional Safety Solution

An effective functional safety solution from a tool provider must include three components:

  • Certification by an independent testing organization that the solution meets the requirements of the relevant standards

  • A tool qualification kit that allows users to certify their chip development flow without having to quality the design and verification tools used in that flow

  • An automated way to insert into the design safety mechanisms compliant with the relevant standards

IDesignSpec™ Tool Qualification Kit (TQK)

It is essential for customers embarking on a functionally safe design to go through the pre-qualification of the IDesignSpec Suite using this Tool Qualification Kit (TQK). It is a comprehensive, structured approach for validating the tool’s behavior and its expectation as per the ISO 26262 and IEC 61508 safety standards. The important constituents of the TQK are the ISO ISO 26262 and IEC 61508 Certificate, a Safety Manual, and a Validation Kit.

IDesignSpec ISO 26262 Compliance

Part of applying ISO 26262 to the IP and system-on-chip (SoC) development process is qualifying the electronic design automation (EDA) tools used. The complete Agnisys IDesignSpec Suite of products has been certified by the internationally recognized testing organization TÜV SÜD to have achieved the stringent tool qualification criteria defined in ISO 26262, compliant to the highest safety integrity levels of ASIL D and TCL1. The IDesignSpec Suite is classified as T2 offline-tool, suitable to be used in safety-related development according to IEC 61508.

The safety certification means that your IP and SoC developers do not have to take any additional steps to qualify or certify the Agnisys products in your flow.

Automatic Generation of Safety Mechanisms

Agnisys helps designers meet the requirements of standards such as ISO 26262 and IEC 61508 by automatically generating the safety logic to detect and report faults. Based on user specification, IDesignSpec GDI or IDS-Batch CLI can generate the following types of safety logic included within your RTL design:

  • Adding a parity bit(s) to detect a changed value

  • Calculating and checking a cyclic redundancy check (CRC) to detect a changed value

  • Using single error correction double error detection (SECDED) to both detect and correct a changed value

  • Implementing triple modular redundancy (TMR) so that two correct values will “outvote” an incorrect value

  • Adding error injection and checking to the generated logic

The same safety mechanisms can be used to support a wide range of safety standards beyond ISO 26262 and IEC 61508, including DO-254 for aerospace, IEC 62304 for medical devices, and ISO 13849 for industrial equipment and industrial automation.