Functional safety is quickly becoming the hot automotive term. Although people often use the term interchangeably with “quality,” the terms are distinctly different. And that distinction between “quality” and “functional safety” is important to recognize, especially when you’re talking with suppliers and collecting pertinent information to assess overall system risk.

First, let’s look at the recognized industry definitions for both terms:

    • Quality (low defective parts per million or DPM)
    • A measure of excellence or a state of being free from defects, deficiencies and significant variations … to improve quality, effort to eliminate the source of defects … *
    • Functional safety (the above definition plus detection and control)
    • Absence of risk due to hazards caused by the failure of Electrical / Electronic E/E systems during operation … to improve safety, detect faults and control failure … i.e. remove or eliminate uncertainty**

Let’s unravel these distinctions a bit. In the definitions above, quality refers to the fundamental design of the product and the test and yield processes that ensure the product can achieve as close to zero defects as possible

But functional safety focuses on two aspects: systematic and random fault coverage. The first aspect of functional safety, systematic fault coverage, ensures that the product is designed using well-defined processes and methodologies. This means that it doesn’t have failure modes that are systematic or inherently flawed due to poor methodologies used when the device was designed.

For example, a systematic fault could happen when a row decoder for DRAM is designed incorrectly. As result, the wrong memory location would be addressed because it was “systematically” designed incorrectly. There would be no resulting yield fallout from a quality perspective because the device is operating in the manner it was designed to, but not in the way it was intended.

The second aspect of functional safety, random fault coverage, ensures that — when a device is operating in a harsh environment where power supplies can be perturbed, or electromagnetic interference (EMI) in the system gets too great, or neutron flux causes a bit to flip — these events are detected. Unfortunately, all these events can and do occur.

While semiconductor devices, such as DRAM, are designed to be as immune to these types of activities as possible, a bit flip — where a logic level 1 may get reversed to a logic level zero or vice versa — may occur. While the situation is inevitable, it’s important to be able to flag such an event so that the system can make the right decision on how to address this failure. The response, as determined by the system designer, could range anywhere from initiating no system action to crippling the vehicle because the memory failure was associated with an electronics control unit (ECU) responsible for control over the vehicle.

As the industry leader in automotive, Micron has invested in developing leadership products that support functional safety. We refer to them as SAFER automotive memory since we are the only supplier in the industry with an ASIL-D, ISO 26262-compliant certified memory.

For more information about functional safety and our flagship SAFER memory, check out the following links on the Micron website:

* Based on ISO 26262 documentation.

** Detect and control can be at the level of supplier or system integrator.

Coming soon...The Micron SAFER automotive memory blog series provides insights on the role memory and storage play in Functional Safety. SAFER incorporates five key concepts: (S) Safest solution currently available in the industry, (A) Automotive mindset, (F) Fault coverage, (E) Engineering leadership, (R) Risk management. Each letter associated with SAFER will have a corresponding blog with associated content.