As automotive electronics come with increasing levels of integration and complexity, the upcoming second edition of ISO 26262 will include a new section, Part 11, laying out guidelines for semiconductor development. Taiwan-based semiconductor suppliers looking to expand into the automotive sector should watch this important trend and take preemptive actions to capture market opportunities.
According to Gerhard Rieger, Vice President Functional Safety, TUV NORD, ISO 26262, first published in 2011, defines functional safety for automotive electronic and/or electrical (E/E) systems applicable throughout their lifecycle, ranging from the design concept to system, hardware and software development, production, operation and support. It has become a generally accepted and adopted standard worldwide. The second edition of ISO 26262 has included guidelines on the development of semiconductors to further address functional safety for their use in automotive electronics.
Ensuring functional safety and network security for automobiles
Rieger takes the automotive industry's self-driving car initiatives for example. In the future, people will be able to use their smartphone to control their vehicle to automatically come from the parking lot to pick them up. After they get into the vehicle, voice assistants can help them search for information while advanced driver-assistance systems (ADAS) help them get to their destination safely. The vehicle can also communicate with the road infrastructure via V2X networks and thereby steer clear of areas with heavy traffic or congestion caused by traffic accidents. After reaching their destination, they can use their smartphone to tell the vehicle to park itself, saving lots of time and effort.
Such a use scenario requires large-scale electronics systems with intricate software design. Among them, Internet of Vehicle (IoV) comprises in-vehicle communication, Internet connection and V2X communication with road infrastructure, other vehicles on the road and pedestrians. While IoV brings conveniences, it also consists of many communication nodes which may be vulnerable to cyber attacks. IoV systems must be protected against intrusions to ensure vehicle safety.
As the automotive industry continuingly goes digital, a growing number of electronic control units (ECU) and software applications are being used in an automobile with cloud computing increasingly being leveraged as well. These technological advances have significantly enhanced vehicle performance and user experience but connected cars also pose more security challenges. It is imperative that software, data and functions are safeguarded against unauthorized access and manipulation. Only through collaborative safety and security efforts by the entire automotive supply chain, including system integrators, IP developers and IP providers, can the automotive industry take advantage of opportunities arising from digitization and IoV developments.
According to Rieger, to protect ECU from unauthorized access, security implementations, such as using secure firmware to ensure secure boot for ECU, secure in-vehicle communication, ECU device protection and secure firmware burn-in, all play crucial roles. Furthermore, as more than 70% of automotive recalls are due to software-related issues, the ability to perform secure over-the-air (OTA) software updates will effectively resolve the problem.
For the automotive industry to go digital, it will have to overcome challenges in ECU protection and IoV network security. As such, it is essential to have an end-to-end solution that performs effective and secure OTA updates for ECU, including secure OTA software management with key control and protection, identity authentication and integrity guarantee on telematics system software.
Comprehensive services helping suppliers obtain certifications
Rieger emphasizes that functional safety and network security are instrumental to making self-driving cars a reality and a total solution is the key to minimizing risks for automotive electronics systems.
As automotive E/E systems increasingly integrate software functionality and communication capability, network security is becoming an important part of functional safety. Aside from the ISO26262 functional safety standard, ISO is also drafting ISO 21434 on cybersecurity engineering for road vehicles and plans to release it in 2019. ISO 21434 specifies requirements for cybersecurity risk management of cyber-physical systems and provides a framework and guideline for cybersecurity process to help suppliers check and assess cybersecurity risks and integrate cybersecurity designs in automotive systems.
Rieger advises that suppliers consider four different approaches when designing components conforming to the new ISO26262 requirements on semiconductors. For new components under development, suppliers can apply the Safety Element out of Context (SEooC) concept based on assumptions of target applications the element will be used for and safety objectives the element should reach. In the case of clear tier-1 supplier specifications, the "in context" approach can be followed. For existing components, suppliers should provide qualification of hardware components or proven in use argument pursuant to the requirements in Part 8.
To help suppliers establish a safety design process, TUV NORD offers comprehensive risk management concept and practice under the banner of "Security4Safety," which takes functional safety and network security requirements into consideration from the beginning stage of the development cycle.
TUV NORD provides a host of services for automotive qualifications, including personnel, process, product, trusted tool, trusted production and SEooC certifications. In addition, it offers analytical tools, such as the S4S risk analysis tool, failure modes, effects, and diagnostic analysis (FMEDA) tool, gap analysis and assessment tool. Leveraging these tools, TUV NORD helps customers analyze the gap between their existing process and ISO 26262 standard and then come up with a detailed implementation plan to eliminate the gap. Advanced Semiconductor Engineering, Lite-On and Quanta Computer are among those TUV NORD has helped obtain automotive certifications.
Take personal certification for example. TUV NORD implements a three-stage certification program for individuals - FSCAE (Functional Safety Certified Automotive Engineer), FSCAC (Functional Safety Certified Automotive Coordinator/Consultant) and FSCAM (Functional Safety Certified Automotive Manager). More than 500 individuals have received FSCAE certification in Taiwan. TUV NORD plans to offer similar certification programs with respect to automotive network security in the future.
Rieger thinks that more automotive standards will be established to keep up with advances in automotive development toward higher levels of autonomous driving to ensure safety in every aspect. It is no doubt functional safety and network security will become growingly challenging to suppliers across the automotive industry as future vehicles incorporate more artificial intelligence features. Suppliers will have to devote tremendous resources and costs to obtain certifications so as to embrace bigger opportunities. TUV NORD will continue to provide comprehensive consultation services to help suppliers cope with the latest automotive standards.
Gerhard Rieger, Vice President Functional Safety, TUV NORD
DIGITIMES' editorial team was not involved in the creation or production of this content. Companies looking to contribute commercial news or press releases are welcome to contact us.