Reliability and Functional Safety Overview#
Reliability of DLP® Automotive Chipsets#
The reliability of a component is an essential factor in automotive applications. To support these applications, TI developed an automotive-qualified DMD based on the high-volume 7.6 μm pixel architecture.
The application report discusses the Development of DLP3030-Q1 and DLP553x-Q1 qualified DMDs for automotive applications.
Functional Safety Introduction#
Function Safety is the absence of unreasonable risk due to hazards caused by malfunction of electrical and/or electronic systems. Functional Safety is the ability of an electronic control system to:
Safely handle all input combinations (prevent systematic faults in HW / SW)
Safely handle faults due to use and degradation (handle probabilistic faults)
System must continue operating properly or transition to a safe state
The intent of the Functional Safety process is the prevention or mitigation of hazardous events, in order to avoid unreasonable risk by the creation of system architectural elements or to use external measures, that address:
fault detection and failure mitigation, transition to a safe state
fault detection and operator warnings to reduce the risk exposure
fault tolerance, where a fault does not lead directly to safety goal violation, maintaining the item in a safe state (with or without degradation)
Functional Safety can be achieved by using the following measures:
Development Process that:
Identifies the hazardous conditions that might arise from malfunctions in a system
Classifies the severity and coverage needed for hazards
Makes sure all hazards are addressed during system development
Qualitatively analyzes safety mechanisms
Technical Measures to:
Properly handle all inputs, even when there is a user error, or inputs are incorrect
Handle failures due to degradation or random faults over time
Report errors and/or transition the system to a safe state in the case of a failure
Functional Safety of DLP Automotive Chipsets#
DLP5530S-Q1 and DLP4620S-Q1 chipsets are Functional-Safety Quality-Managed (QM) devices. These chipsets are targeted at general-purpose functional safety requirements. This is called Safety Element out of Context (SEooC) development according to ISO 26262-10. In this case, the development is done based on assumptions on the conditions of the semiconductor component usage, and then the assumptions are verified at the system level. This method is also used to meet the related requirements of IEC 61508 at the semiconductor level.
TI recommends that this component is integrated into the system through the strategy of “evaluation of hardware element” (ISO 26262-8:2018 clause 13)
Figure 1. Functional safety classifications#
Target Applications and Typical Hazards#
Typical applications for the DLP4620S-Q1 chipset include an Augmented Reality (AR) HUD and Windshield Cluster. This section discusses some typical hazards in these applications and how this chipset can help minimize the risk of these hazards. For risk minimization, this chipset includes many Built-In Self Tests (BISTs). These are monitoring and diagnostic functions that are implemented in the chipset to detect and act upon failure conditions.
Well-known hazards in a HUD and Windshield Cluster include the following:
Corruption of image content such that it prevents the driver from seeing obstacles or traffic on the road ahead
Excessively bright LEDs that result in a very bright image that glares the driver, as shown in Figure 2
Figure 2. Restricted view of the driver due to a hazard#
Functional Safety Resources#
To aid the system integrator in the implementation of functional safety goals to achieve Automotive Safety Integrity Level (ASIL) and Safety Integrity Level (SIL) required by the application, the following documents are provided by TI:
1. Functional Safety Manual (FSM)#
The functional safety manual provides information needed by system developers to help in the creation of a functional safety system using the DLP Automotive chipsets. This document includes:
An overview of the chipset architecture
An overview of the development process used to decrease the probability of systematic failures
An overview of the functional safety architecture for the management of random failures
The details of architecture partitions and implemented functional safety mechanisms
FSM for DLP Automotive Chipsets can be found here:
2. Functional Safety Analysis Report (FSAR)#
The Functional Safety Analysis Report describes the device FMEDA, the assumptions made within, and the options for tailoring, and provides an example calculation of device functional safety metrics. This document includes:
Summary of failure rates (FIT) of the component.
Summary of functional safety metrics of the hardware components for targeted standards (for example IEC61508, ISO 26262, and so forth).
Quantitative functional safety analysis (also known as FMEDA, Failure Modes, Effects, and Diagnostics Analysis) with details of the different parts of the chipset, allowing for customized application of functional safety mechanisms.
Assumptions used in the calculation of functional safety metrics.
3. Failure Modes, Effects, and Diagnostics Analysis (FMEDA)#
The Failure Modes, Effects, and Diagnostics Analysis is a systematic method for identifying and analyzing potential failures in a system. It’s a critical step in the design and development of safe and reliable products. This document provides:
Breakdown of the device with pins, functional blocks, and memories, and safety relevance of each
Base failure rate of the chip (FIT, Safety Related FIT)
Diagnostic features available
Diagnostic coverage
Note
Contact TI DLP Applications Engineer for FSAR and FMEDA documents at E2E DLP Products forum.