Embedded computers are increasingly deployed in safety-critical applications. Designers then need get their products certified according to the respective standards, such as ISO 26262 for the automotive industry and IEC 61508 for industrial controls. In order to receive the certificate, design teams have to adhere strictly to the respective development process including the documentation of every single measure - in most cases a complex, awkward task. A crucial element in many electronic controls, the processor is pivotal for the application. In order to foster the acceptance of its Cortex-R5 architecture, microprocessor IP vendor ARM is now offering a "Functional Safety Package" that helps project managers to get their designs through the development and subsequent certification process. The document set is directed towards ARM's semiconductor partners, not to users at the embedded system level. This is because it is much easier for the latter ones to get their designs certified if already the processor used has achieved the respective certification. Thus, system developers have assurance that the Cortex-R5 processor can be used in safety-related applications such as electric power steering, advanced driver assistance systems (ADAS) or any system that can control the brakes.
The Cortex-R5 has a rich set of fault detection and control features to suit safety-relevant and safety-critical applications. These features include a memory protection unit, support for error correcting codes (ECC) in memories, and an optional dual-core lockstep (DCLS) configuration. In addition, the standard ARM compiler is now certified by TÜV SÜD, allowing for safety-related software development up to ASIL D (in the ISO 26262 nomenclature) or SIL 3 in the ISO 61508 world. The TÜV certification complements the existing ARM Compiler Qualification Kit.
The Cortex-R5 safety package contains a Safety Manual describing in detail the processor's fault detection and control features as well as information about integration aspects in silicon partner's device implementations. Another part of the content is a Failure Modes and Effects Analysis with a