EMBEDDED DESIGN MEMORY
Complying with the
latest standards
How diagnostic data and operations are equipping Flash
memory ICs for the demands of the automotive safety
standard. By Anil Gupta
NOR Flash has been a
dependable technology in
vehicles for many years and is
used in various automotive systems.
In these applications, this non-volatile
memory provides storage capacity
for application code, offering reliable
operation and Read speed fast enough
to support Execute-in-Place (XiP), in
which a host processor runs code
directly from Flash, bypassing external
DRAM.
NOR Flash is also playing
an important role in emerging
implementations of the ADAS
(Advanced Driver Assistance Systems)
concept and in the next few years
more of a vehicle’s activity will be
controlled by electronics systems
containing Flash.
Flash is a component in systems
which are safety-critical - any
uncontrolled failure would have the
potential to render the vehicle unsafe
or uncontrollable.
To manage and minimise the
risk of systems failing to operate as
specified, the automotive industry
has implemented the ISO 26262
Functional Safety standard, and as
a result automotive systems OEMs
are looking for a new breed of Flash
ICs which can better support the
requirements of functional safety
design at the system level better.
These features are likely to be
seen both in serial NOR Flash – the
Flash memory type most often used
in embedded systems for boot code
storage – and in Single Level Cell
(SLC) NAND Flash.
Serial NAND is a valid alternative
to NOR Flash for code storage in
applications that do not require a very
high number of Program/Erase cycles,
and that do not need to implement
XiPand it is lower cost – a NAND Flash
bit cell is four times smaller than that
of a NOR Flash cell. Offering much
shorter Write-times than NOR Flash,
NAND Flash is a valuable technology
in systems that perform Over-The-Air
(OTA) software updates. With an onboard
Error Correcting Code (ECC)
engine and supporting high-speed
continuous/sequential Read capability
across page and block boundaries,
serial NAND is now being considered
by designers of automotive functional
safety applications alongside NOR
Flash.
Exposing diagnostic data to view
NOR Flash memory technology is very
reliable, and a device’s operating
lifetime is highly predictable. NOR
Flash ICs have proved their qualities
in the field, and automotive OEMs’
preference for the technology is based
on experience.
For perspective, the ISO 26262
standard specifies reliability and other
parameters in four ‘ASIL’ grades
(Automotive Safety Integrity Level).
The most stringent grade, ASIL-D
sets a maximum system-level failure
rate of <10 FIT (Failure In Time) – a
measure of the failure rate per billion
Figure 1: The Audi
pre sense 360˚
safety system
detects collision
hazards all around
the car and initiates
specific preventive
measures. (Image
credit: Audi)
device-hours. At the level of individual
components such as a NOR Flash IC,
this calls for a maximum failure rate of
far below 10 FIT.
Nevertheless, automotive
manufacturers’ ISO 26262 compliance
efforts call for a way to identify any
fault that could theoretically still occur
in a NOR Flash IC.
In the past, NOR Flash ICs were
supplied to automotive OEMs as
a memory ‘black box’. Functions
which maintained data integrity and
data retention were, in conventional
devices, inaccessible to the user. This
closed operation is in conflict with the
principles of functional safety, which
require the host system to monitor
component parts for faults, or for
irregular behaviour that indicates
a fault is likely to occur, and to
implement counter-measures aimed at
maintaining proper functioning.
This means that NOR Flash ICs
www.newelectronics.co.uk 24 March 2020 15
/www.newelectronics.co.uk