Part of the  

Chip Design Magazine


About  |  Contact

Archive for April, 2016

Trends in Hyper-Spectral Imaging, Cyber-Security and Auto Safety

Monday, April 25th, 2016

Highlights from SPIE Photonics, Accellera’s DVCon and Automotive panels focus on semiconductor’s changing role in emerging markets.

By John Blyler, Editorial Director

Publisher John Blyler talks with Chipestimate.TV executive director Sean O’Kane during the monthly travelogue of the semiconductor and embedded systems industries. In this episode, Blyler shares his coverage to two major conferences: SPIE Photonics and Accellera’s Design-Verification Conference (DVCon). He concludes with the risk emphasis in automotive electronics from a recent market panel. Please note that what follows is not a verbatim transcription of the interview. Instead, it has been edited and expanded for readability. Cheers — JB

O’Kane: Earlier this year, you were at the SPIE Photonic show in San Francisco. Did you see any cool tech?

Blyler: As always, there was a lot to see at the show covering photonic and optical semiconductor-related technologies. One thing that caught my attention was the continuing development of hyperspectral cameras.  For example, start-up SCiO prototypes a pocket-sized molecular scanner based on spectral imaging that tells you everything about your food.

Figure 1: SCiO Molecular scanner based on spectral imaging technology.

O’Kane: That sounds like the Star Trek Tricorder. Mr. Spock would be proud.

Blyler: It’s very much so. I talked with Imec’s Andy Lambrechts at the Photonics show.  They have developed a process that allows them to deposit spectral filter banks in both the visible and near infra-red range on the same CMOS sensor. That’s the key innovation for shrinking the size and – in some cases – the power consumption. It’s very useful for quickly determining the health of agricultural crops. And all thanks to semiconductor technology.


Figure 2: Imec Hyperspectral imaging technology for agricultural crop markets.

O’Kane: Recently, you attended the Design and Verification Conference (DVCon). This year, it was Mentor Graphic’s turn to give the keynote. What did the CEO Wally Rhines talk about?

Blyler: His presentations are always rich in data and trends slides. What caught my eye were his comments about cyber security.

Figure 3: Wally Rhines, CEO of Mentor Graphics, giving the DVCon2016 keynote.

O’Kane: Did he mention Beckstrom’s law?

Blyler: You’re right! Soon, the Internet of Things (IoT) will expand the security need to almost everything we do, which is why Beckstrom’s law is important:

Beckstrom’s Laws of Cyber Security:

  1. Everything that is connected to the Internet can be hacked.
  2. Everything is being connected to the Internet
  3. Everything else follows from the first two laws.

Naturally, the semiconductor supply chain want some assurance the chips are resistant to hacking. That’s why chip designers need to pay attention to three levels of security breaches: Side-Channel Attacks (On-Chip Countermeasures); Counterfeit Chips (Supply-chain security); and Malicious Logic Inside Chip (Trojan detection)

EDA tools will become the core of the security framework, but not without changes. For example, verification will move from its traditional role to an emerging one:

  • Traditional role: Verifying that a chip does what it is supposed to do
  • Emerging role: Verifying that a chip does nothing it is not supposed to do

This is a nice lead into safety-critical design and verification systems. Safety critical design requires that both the product development process and related software tools introduce no potentially harmful effects into the system, product or the operators and users. One example of this is the emerging certification standards in the automotive electronics space, namely, ISO 26262.

O’Kane: How does this safety standard impact engineers developing electronics in this space?

Blyler: Recently, I put that question to a panel of experts from the automotive, semiconductor and systems companies (see Figure 4). During our discussion, I noted that the focus on functional safety seems like yet another “Design-for-X” methodology, where “X” is the activity that you did poorly during the last product iteration, like requirements, testing, etc. But ISO 26262 is a compliant, risk-based safety standard for future automobile systems – not a passing fad.


Figure 4: Panel on design of automotive electronics hosted by Jama Software – including experts from Daimler, Mentor Graphics, Jama and Synopsys.

Mike Bucala from Daimler put it this way: “The ISO standard is different than other risk standards because it focuses on hazards to persons that result from the malfunctioning behavior of EE systems – as opposed to the risk of failure of a product. For purposes of liability and due care, reducing that risk implies a certain rigor in documentation that has never been there before.”

O’Kane: Connected cars are getting closer to becoming a reality.  Safety will be critical issues for regulatory approval.

Blyler: Indeed. Achieving that approval will encompass everything all aspects of connectivity, for example, from connected system within the automobile to other drivers, roadway infrastructures and the cloud. I think many consumers tend to focus on only the self-driving and parking aspects of the evolving autonomous vehicles.

Figure 5: CES2016 BMW self-parking connected car.

It’s interesting to note that connected car technology is nothing new. It’s been used in the racing industry for years at places like the Sonoma Raceway near San Francisco, CA. The high performance race cars are constantly collecting, conditioning and sending data throughout different parts of the car, to the driver and finally to the telemetry-based control centers where the pit crews reside. This is quite a bit different from the self-driving and parking aspects of consumer autonomous vehicles.

Figure 6: Indy car race at Sonoma Raceway.




Fit-for-Purpose Tools Needed for ISO 26262 Certification

Tuesday, April 19th, 2016

Both the product development process and third-party tool “fit-for-purpose” certification are needed for Automotive ISO 26262.

By John Blyler, Editorial Director

Recently, Portland-based Jama Software announced a partnership with an internationally recognized ISO 26262 automotive testing body to obtain ISO26262 “Fit-for-Purpose” certification.  This accreditation will assure automotive OEM and suppliers that the workflows they follow to define, build and test automotive related products in the Jama tool suits meet critical functional safety requirements.

When asked the name of the testing body issuing the “Fit-for-Purpose” certification, Jama’s co-founder Derywn Harris replied that the well-known organization could not be named until the certification was issued. Further, he emphasized that the certification was less for the designers and more for the compliance folks who define the process and obtain their own certification.

“This is the big difference between “fit for purpose” and having an actual certification. We will NOT be ISO 26262 certified,” he explained.

So how exactly does this certification help? Customers seeking ISO 26262 certification must make sure the tools they use and the use cases within those tools are evaluated to determine the Tool Confidence Level (TCL) level for each workflow. The TCL is a function of the Tool Impact (TI) measure, which indicates the possibility of a development system failure based on the cause of a tool problem and the Tool Error Detection (TD). The TD measures the likelihood of a tools problem detection and finding a suitable workaround.

In simple words, tool vendors must be sure their software process is fit-for-purpose for functional safety development in alignment with ISO 26262 (functional safety standard for passenger vehicles).

For example, let’s assume that a company uses Jama software for traceability of critical embedded hardware-software safety requirements and associated tests. This company will have to demonstrate how they are actually using this functionality in their workflow and apply a TCL level to that flow. That TCL number along with other risk-related measures will provide a level of confidence that the tools are fit for automotive safety-focused development.

Figure: Here’s an example of traceability showing both upstream and downstream trace relationships.

“While customers can do this themselves there are aspects of the tool development process they don’t have control of or visibility into,” notes Harris. “Hence they either need to audit the vendor or the vendor needs a certification. So, long story short, by Jama having a certification we save our customers time and cost.”

The traceability example is but one of many safety related system functions that companies may need to re-evaluate to gain ISO 26262 certification for their product development process. But traceability is a key process function needed for today’s robust design. Customers seeking ISO 26262 product certification are often blocked because the third-party tools they use are not ISO 26262 “fit for purpose” certified.