Cadence proves ISO 26262 conformity for its design tools
To obtain the desired ISO 26262 certificate, designers have to provide evidence that a possible malfunction in the tools used won’t compromise the safety of the product. Cadence had TÜV SÜD check their tools – the certification institution concluded that all the tools submitted for test can be used for designs targeting applications required to meet safety levels up to ASIL D, the highest safety level in the ISO 26262 system.
The functional safety it provided by Cadence includes a safety manual, a Tool Classification analysis (TCA) and a Technical Report. The safety manual describes a typical toolchain sub-flow as well as good development processes and procedure recommendations. The TCA contains the assessment of the TCL for multiple use cases, an analysis or failure modes and effects, measures to prevent or detect errors in tool output, and a justification for tool impact. In addition, it discusses the expected behavior of the tool under anomalous conditions. In the Technical Report, users find a conformation measure concerning the functional safety along with the auditor’s (TÜV Süd’s) statement that it has evaluated Cadence’s functional safety kit and found it conformant with ISO 26262.
For each tool in its product range, the documentation describes a number of use cases, error scenarios and error avoidance recommendations, explained John Brennan, Product Marketing Director for Cadence.
By offering the functional safety kit, Cadence is saving its customers a significant effort since under normal circumstances it would be the duty of the designer to submit all the related documentation to the safety assessment entity. Through their modular, flow-based approach, the functional safety kits allow customers to adapt the documentation to their specific working environment, effectively easing the process of submitting the documentation to the respective auditor.
Cadence-customer Infineon has cooperated with the tool vendor throughout the development phase of the documentation and therefore already had access to the offering during the certification process of its Aurix microcontrollers which typically are used in safety-relevant environments. The functional safety kit helped Infineon to “deliver microcontroller designs to the market on time and ensure that they meet the safety standards the automotive market demands,” commented Jörg Schepers, senior director, powertrain microcontrollers at the chipmaker.