Definition and Failure Management of Highly-Integrated, Safety-Critical Systems

The current trend toward electronic system integration will soon bring active and passive safety systems together inside a single electronic control unit. The processing capability of microcontrollers and digital signal processors make it feasible to integrate many systems together on a single chip or fewer chips than before. Increased integration however, can increase the consequences and reactions to common mode failures. Failure mode management associated with this type of integration will be critical to provide the expected benefits while balancing the failure effects on these traditionally isolated systems.

This paper examines tradeoffs that can occur when various active and passive safety systems are integrated together. Alternative designs are compared and the effects of various failure modes are analyzed. The impact of the upcoming functional safety standard for the automotive industry (ISO 26262), cooperation required between competitors, and the need for vehicle manufacturers to define system details normally left to the Tier 1 supplier is discussed.