Electrification of automobile by our power management ICs
"Failures" in Functional Safety
Functional Safety is based on the idea of preparing for the risk as failure occurs. If there are no failures in electronic parts and/or systems in the first place, it would have no trouble and would secure a safe condition in driving.
It is very difficult to make no electronic part failures and/or system failures. Therefore, parts makers are required to lower the failure rate.
In the system, the failure rate is reduced by measures such as defect monitoring and/or redundant circuits.
It is important to reduce the residual failure rate by raising the fault coverage rate for electronic components.
What can you imagine about failures of electronic components? We will explain "failure" in functional safety and electronic component failure rate.
Failure Classification
There are some kinds of failures, including a fatal failure that is described in "Functional Safety" section, and the others which are not fatal. The single-point failure of voltage detector which is added as a functional safety mechanism is not a fatal failure, for instance.
Failure Classification caused by various factors is defined in ISO26262. The four main classifications are shown below:
Failure Classification : ISO26262
-
SPF (Single-point Fault)There is no safety mechanism and it violates safety goal with single-point fault.
-
RF (Residual Fault)Since there is a safety mechanism but can not be covered, it violates the safety goal with a single-point fault.
-
MPF (Multiple-point Fault)By overlapping two independent faults, safety goal is violated for the first time.
-
LF (Latent Fault)Dual-point faults that can not be detected by a safety mechanism nor perceived by a driver
Failure Classification Chart
By increasing the fault coverage as much as possible, it needs to build safety mechanism that will not result in fatal failure by a single-fault.
Concept of Failure Rate
For automotive applications, there are four safety requirement levels (ASIL: Automotive Safety Integrity Level) from A to D for electronic parts. A is low, D is the highest request level.
| ASIL-A | ASIL-B | ASIL-C | ASIL-D | |
|---|---|---|---|---|
| SPF coverage | - | ≥ 90% | ≥ 97% | ≥ 99% |
| LF coverage | - | ≥ 60% | ≥ 80% | ≥ 90% |
| A fault that cannot be detected | < 1000 FIT | < 100 FIT | < 100 FIT | < 10 FIT |
- The failure rate 10 FIT (Failure In Time) is the probability that 10 electronic parts per 109 hours will malfunction (1 billion hours ≈ 110,000 years).
Semiconductor failure rate λ
The FIT is calculated from IEC TR 62380 standard model and defined from the following formula.
λ = λ die + λ package
λdie; By improving the internal circuit and increasing the coverage, the failure rate can be lowered.
λpkg; Countermeasures against open faults are important points to lower the failure rate, since open fault is calculated at 90% and short fault is calculated at 10%.
In order to lower the failure rate λ as a product, it is necessary to reduce all the failure rates.
Nisshinbo Micro Devices' Approach to Functional Safety
We can contribute to functional safety of in-vehicle equipment by reducing the failure rate of power management ICs.
Here is an example of measures to reduce package failure rate.
Examples of countermeasures to reduce package failure rate
Below are the measures to prevent wire open in the package;
- Connect two wires from one terminal
- Increase the number of terminals to 2 terminals
-
No Action
1 PAD, 1 terminal and 1 wire
If the open detection is 0%, the failure rate is added as it is.
-
Measures 1
2 PAD, 1 terminal and 2 wires
If one wire breaks due to a redundant failure, function retention is possible, but that failure can not be detected.
-
Measures 2
PAD, 2 terminal and 1 wire each
It is possible to hold functions when wires are redundant and only one fault has occurred, and fault detection is also possible by final test.
In measures 1 & 2, when the loss of function is two wires open failures, the idea of double failure is applied to the calculation of failure rate.
Nisshinbo Micro Devices is learning to master ISO 26262 functional safety standards. Furthermore, in order to improve the level of understanding, we collect requests and information from customers. With this, we are working to satisfy our customers of car manufacturers more than now.
