The flow can consist of these major steps:
1. Explore areas of the design where better fault detections are required
2. Introduce the right safety mechanisms into the design with safety synthesis
3. Validate the design changes with formal verification, and
4. Perform formal fault injection to measure the diagnostic coverage
FMEDA (Failure Mode Effect and Diagnostic Analysis) evaluates the safety architecture with its collection of safety mechanisms and calculates the safety performance of the system. In Part 5 of the ISO 262621 specification, a hardware architecture needs to be evaluated against the requirements for fault handling. It requires that the probabilities of random hardware failures are rigorously analyzed and quantified via a set of objective metrics. If any of the architectural metrics fail to meet the criteria defined for the product’s Automotive Safety Integrity Level (ASIL), design teams will be mandated to re-evaluate the component’s safety concept, improve the existing safety mechanisms, and if necessary introduce new safety mechanisms.
To improve diagnostic coverage, a practical approach is to incorporate a collection of safety mechanisms into the design so that the number and types of faults detected can be improved. This is best to be done at the register transfer level, where functional verification can be performed efficiently.