Skip to Main Content
white paper

Navigating the intersection of safety and security

A complete package to automotive silicon suppliers.

Automotive ICs can be secure without needing to be safe, but a safety critical IC cannot be safe without also being secure. Addressing the intersection of safety and security in highly complex automotive SoCs is challenging even for veteran project teams.

This paper focuses on how these two domains intersect, what to consider when analyzing and implementing both safety and security architectures, and what’s needed to verify them. It presents a verification flow and methodology deployed on the Rambus RT-640 security IP. The Rambus security IP, combined with Siemens EDA’s functional safety tools, offers a complete package to automotive silicon suppliers.

Why automotive safety and security are essential today

Vehicle systems and the semiconductors used within them are some of the most complex electronics seen today.

In the past, electronics going into vehicle systems implemented flat architectures with isolated functions controlling various components of the power train and vehicle dynamics. These electronic systems communicated primarily through legacy bus interconnect protocols, like controller area network (CAN) and media-oriented systems transport (MOST) technologies.

To support the realization of Level 4 and Level 5 (L4/L5) autonomous driving, a massive restructure is underway. The software-defined vehicle, the automotive Ethernet, V2X connectivity, and domain controller units are just some of the new technologies required to realize L4/L5 capabilities.

Electronic systems exist for powertrain and vehicle dynamics, advanced driver assistance systems and automated driving, connectivity, infotainment, and in-vehicle experience. Often at the heart of these electronic systems is a complex, multi-island IC containing multi-core processing, dedicated artificial intelligence and machine learning engines, mixed-signal processing, and more. Whether it’s a complex system on chip or a mixed-signal IC sitting at a sensor edge, security and safety are essential. IC suppliers must build in the necessary safety and security prevention measures to ensure high quality and reliability throughout the operational life of the product.

Compared to other commercial silicon designs, chips for automotive use cases face much higher environmental challenges, like temperature, moisture, and physical abuse due to vibrations. Therefore, robust, fail-safe, and/or fail-operational systems are paramount in automotive designs. Safety and security are achieved through multiple engineering activities and practices.

Manufacturing-in automotive-grade CMOS nodes is one piece to this solution, but in addition to target technology, designers must design and verify their logic in a way that ensures the silicon will operate as intended, even under the assumption that failures in silicon can or will occur.

Share