Functional Safety Left, Information Security Right: How Automotive SoCs Win the Smart Car Safety Upgrade Battle

Thanks to “Gaogong Intelligent Automotive” for their attention to Synopsys.
Currently, the global automotive industry is undergoing a major transformation. With the continuous increase in innovative applications in areas such as ADAS/autonomous driving and V2X, intelligent connected vehicles are becoming heavy-duty computers equipped with a central processing engine.
Behind this, the connectivity and complexity of intelligent connected vehicles are increasing, leading to a massive amount of driving data and sensitive information, and the potential security vulnerabilities are also on the rise.
Public data shows that a smart connected vehicle generates up to 10TB of data in a single day. This data not only includes information such as the facial expressions of passengers but also includes vehicle location, as well as environmental data inside and outside the vehicle.
Many industry insiders have stated that gateways, control units, ADAS/autonomous driving systems, various sensors, and in-vehicle infotainment systems all need to have protections against security vulnerabilities. Among these, automotive-grade SoC chips, as the core components of intelligent connected vehicles, require designers to anticipate every potential attack to prevent illegal access to embedded systems and data.
Synopsys believes that the security threats of intelligent connected vehicles must be addressed starting from automotive-grade SoCs. Integrating functional safety and information security features within automotive-grade SoCs helps minimize risks in automotive systems.
The Smart Car Safety Upgrade Battle Begins
Intelligent connected vehicles are becoming the largest smart mobile terminals, and the relevant service data surrounding people, vehicles, and scenarios is experiencing explosive growth. The demand for data processing is increasing, which not only requires automotive-grade SoC chips to provide more computing power but also to minimize failure rates as much as possible.
Data shows that a car currently typically has up to 150 ECUs installed and runs about 100 million lines of software code. This number is continuously expanding with the development of automotive intelligence and connectivity, and it is expected to reach 300 million lines of code by 2030. If the security capabilities of the chip itself are too weak, it will lead to security flaws in the firmware running on the chip or expose it to hacker attacks, posing serious safety threats to passengers and surrounding individuals.
Since last year, multiple departments have successively introduced opinions on strengthening the management of production enterprises and products for intelligent connected vehicles, regulations on automotive data security management (trial), and the new energy vehicle industry development plan (2021-2035), which require strengthening the management of automotive data security, network security, functional safety, and expected functional safety.
This means that while ensuring compliance with traditional functional safety, the requirements for network security, data security, and other safety aspects of intelligent connected vehicles have been elevated to a higher level.
To avoid these security issues, OEM manufacturers, industry organizations, and others have clearly stated that the safety of intelligent connected vehicles needs to be built on a secure chip foundation, requiring data protection and functional safety at the chip level.
According to “Gaogong Intelligent Automotive”, major international automotive companies such as BMW, Mercedes-Benz, GM, and Volkswagen, as well as domestic brands like Great Wall, SAIC, Geely, and BYD, have successively imposed functional safety development requirements on important control systems and made suppliers’ functional safety development capabilities and product functional safety capabilities one of the prerequisites for entering the supply chain.
Major automakers unanimously believe that ADAS functions such as automatic emergency braking and lane monitoring are all built on semiconductor components.Once automotive chips fail, it can cause disruptions in vehicle functions, such as sudden acceleration or inability to brake, which poses a threat to the lives of all passengers in the vehicle.
In addition, as automotive electronic and electrical architectures transition from distributed ECU architectures to centralized domain controller architectures, the design of automotive chips is becoming more complex than before, meaning that the safety requirements for individual chips are stricter than ever.
“Chips have become the center of functional safety and network security,” said an automotive industry insider. Automotive chips must consider where weaknesses may exist from the design stage. In addition to the system and random faults covered by the ISO 26262 functional safety standard, they must also be able to handle potential malicious attacks.
Data shows that automotive chips must meet key requirements for quality, reliability, and functional safety. Among them, ISO 26262, with its system risk level assessment standard ASIL levels, is the globally recognized automotive functional safety standard, covering the entire lifecycle of automotive products, including functional safety management, concept stage development, system stage development, hardware stage development, software development, and product reliability.
In fact, to address functional safety issues starting from chip IP, the International Organization for Standardization (ISO) added functional safety assessment guidelines for automotive semiconductors in 2018. Meeting all the requirements is extremely demanding for chip manufacturers.
Synopsys believes that automotive-grade SoCs must ensure safety and reliability throughout their entire lifecycle, avoiding catastrophic failures as defined by the ISO-26262 standard, and preventing systematic and random faults.
How to Address Safety Issues in Automotive-Grade SoC Design?
Due to the continuously evolving security threats, along with new standards and market requirements, chip designers are seeking a clear path to integrate protection and safety features into automotive-grade SoCs.
However, due to the high computing power requirements, the technical threshold for automotive SoCs is particularly high, and the design is extremely complex. It must consider compatibility with different underlying operating systems, software-hardware co-verification, as well as low power consumption and automotive-grade certification issues.
More importantly, functional safety (Safety) and information security (Security) have conflicting aspects during the design phase. Industry insiders indicate that overly relying on software to implement security features can lead to delays in control instructions, thereby affecting the realization of functional safety features. If functional safety features and protection features are added as unrelated functions to a single multifunction integrated circuit, it is challenging to find the best shortcut solution.
Taking ADAS chips as an example, previous design solutions often placed a dedicated independent chip responsible for device security management next to the ADAS chip. Nowadays, it is necessary to integrate the security components within the same ADAS chip. The challenge faced by chip designers is to meet the basic automotive-grade, ISO 26262 functional safety, performance, power consumption, and cost requirements while shortening the design and mass production cycles.
Functional Safety Left, Information Security Right: How Automotive SoCs Win the Smart Car Safety Upgrade Battle

Automotive safety systems must be able to handle all malicious attacks that occur without warning during the system lifecycle. In this regard, designing high-quality security protections for automotive SoC systems is particularly important. The most robust approach is to integrate a hardware security module (HSM) within the SoC chip.

Omar Cruz

ARC Processor IP Product Marketing Manager

Synopsys

Synopsys is the first company to launch an ASIL D dual-core lockstep processor and safety manager architecture. Under the requirements of the automotive quality management system process, we fully considered hardware random faults, AEC Q100 reliability testing, etc., when developing IP. The ASIL D compliant DesignWare® ARC® SEM130FS safety and protection processor IP can help designers protect safety-critical systems from software, hardware, and side-channel attacks while also offering high performance and low power consumption advantages.

It is understood that the DesignWare® ARC® and EV processors have been optimized to provide the best PPA (Performance/Power/Area) for embedded SoCs, allowing designers to optimize the performance, power, and area of each processor instance on their SoC by implementing only the required hardware.

At the same time, the DesignWare ARC SEM130FS processor and DesignWare ARC functional safety processor not only provide the processor IP itself but also offer SoC developers an ASIL-D certified compiler and a comprehensive set of functional safety documentation, greatly simplifying the SoC certification process:

  • Quality manual of the Synopsys IP Business Unit’s Quality Management System (QMS)

  • Design Failure Mode and Effects Analysis (DFMEA), focusing on avoiding potential system failures

  • Failure Modes, Effects, and Diagnostic Analysis (FMEDA) focusing on assessing random hardware failure (including permanent and transient failure) metrics

  • Safety manual, describing applicable scenarios, internal and external safety mechanisms, and assumptions of use

  • Related Failure Analysis (DFA), covering common failures and cascading failures (if applicable)

  • Safety case report, indicating the evidence reference that Synopsys will use internally for review and evaluation

  • ISO 26262 assessment report covering ASIL B random hardware failures and ASIL D systematic failures

In addition, the ARC SEM130FS safety and protection processor simplifies the development of safety-critical applications and accelerates the ISO 26262 certification of automotive SoCs by providing ASIL-D compliant solutions and all necessary hooks and safety mechanisms required in automotive environments. This includes the following key features:

  • Pre-validated dual-core lockstep processor: Security implementation based on low-power SEM safety processor

  • Safety monitor: Provides monitoring to ensure that the main core and shadow core remain in lockstep operation

  • Error detection and correction logic (ECC): Handles data and address errors on tightly coupled memory

  • Integrated watchdog timer: Enables countermeasures to help recover from deadlock situations

In simple terms, chip manufacturers only need to adopt the DesignWare ARC SEM130FS processor and the DesignWare ARC functional safety processor to quickly complete the functional safety certification of automotive SoC products.

Undeniably, under the broader context of automotive electrification, intelligence, and connectivity, the electronic and electrical architecture of the entire vehicle is evolving from distributed to centralized architectures. Consequently, the risks arising from electronic and electrical failures are increasing, and functional safety is receiving more attention.

For instance, in the automotive chip field, in addition to the AEC-Q reliability testing standards for automotive electronic components, meeting the stringent functional safety standards of ISO 26262 ASIL certification has become the entry rule for automotive supply chain manufacturers.

“Safety and reliability are the core elements that are inseparable in future vehicles,” Omar Cruz stated. As the key brain of automotive-grade SoC systems, the safety manager monitors and manages system faults and real-time failures within the SoC system, helping chip manufacturers meet ASIL-D level functional safety certification.

Synopsys’s DesignWare IP solutions can be used for in-vehicle infotainment systems, advanced driver assistance systems (ADAS), gateways, and mainstream microcontrollers (MCUs), ensuring high quality and reliability for automotive applications.

It is worth noting that Synopsys’s complete set of solutions can provide the driving force for all innovations in the digital age.Among these, Synopsys primarily provides three core advantages in the development of the entire automotive industry, accelerating automotive innovation comprehensively.

For example, by optimizing SoC and E/E architectures, it helps developers create differentiated safety SoC chips throughout all stages from early design requirements to final product launch, thereby ensuring that software-defined vehicles reduce potential design errors during development and verification, accelerating mass production.

At the same time, deploying safety software on vehicles, while meeting the complex automotive quality system requirements, continuously adapts to changes in software safety for automotive applications, avoiding future safety recalls and effectively protecting brands.

Functional Safety Left, Information Security Right: How Automotive SoCs Win the Smart Car Safety Upgrade Battle

In the future, intelligent connected vehicles, especially those with autonomous driving capabilities, will continuously upgrade their automotive data security, network security, software upgrades, functional safety, and expected functional safety management.

From chip IP, automotive-grade SoC design implementation and verification to the deployment of automotive electronic and electrical architecture and intelligent connected vehicle safety software, Synopsys can provide complete information security protection for vehicle safety and innovative solutions. The competitive advantages in the future automotive market are already very apparent.

Related posts

  1. Comprehensive Node.js Resource Compilation
  2. Understanding The Dark Web, Data Leaks, and International Queries
  3. Rapid Development of Embedded System Simulation for Automotive Controllers
  4. Arm AE IP: Significantly Reducing Automotive Software Development Time
  5. The Role of Embedded Software in Electric Vehicles: Ensuring Quality in Development with ASPICE 4.0 Certification
  6. Validating MCU DPHY+CSI2 Driver: A Comprehensive Guide
  7. Understanding Automotive System-on-Chip (SoC): ARM’s Business Model and CPU Microarchitecture Overview
  8. Software-Defined Cars: Computing Architecture and Technology by Dr. Shu Jie from ARM
  9. ISP Optimization Research for Computer Vision/Deep Learning Automotive Applications
  10. Comprehensive Guide to ARM Cortex-A Programmer Guide
  11. Open Source ESP32C3FH4 Core Board Design
  12. SOC Estimation Methods for Electric Vehicle Batteries
  13. How to Implement Functional Safety in Embedded Systems
  14. Choosing Between µCOS and FreeRTOS: A Comprehensive Guide
  15. The Importance of Mobile Processor Cores: A Deep Dive
  16. How to Modify Front and Rear Camera Settings on Android 11
  17. Innovations in the Post-Moore Era: Implementing Tiny YOLO V4 on MYIR FPGA to Empower AIoT Applications
  18. Understanding Disassembly Files in Cortex-M Development
  19. Review of Recent High-Power SoCs

Leave a Comment