Optima-SA™: Optima’s Static Analysis Solution
In order to perform any ISO 26262 Random Safety Analysis, it is important to achieve an understanding of the various types of faults that need to be analyzed and handled. This requires a Static Analysis process.
Static Analysis can be performed in many ways, but the most common today is a manual effort to work through the various design components and understand which are the most vulnerable to various faults and which of those faults can have a significant impact to component operation. If Safety Mechanisms (SMs) are being used to eliminate the effect of specific faults, it is also important to understand which faults they trap.
Optima-SA, the Optima static analysis solution, automatically performs this characterization, generating a fault list that may then be used for analysis solutions.
Let us consider an example. The figure below shows a typical safety mechanism, a lock step monitor. This consists of a shadow circuit, which is a duplicate of the main master circuit. The outputs of both are compared on every clock cycle (i.e., in lock step with each other) and if a difference is detected on those outputs, a fault is declared.
Lock Step Safety Mechanism
There will be a logic circuit behind each output that will influence the output, the so-called “Cone of Influence,” or COI. It is assumed that if a fault has been detected, it will lie somewhere in this COI. The detection logic will also have an associated COI, and the fault may also be in this logic. The figure below shows how these COIs interact and the fault classifications that can exist within them.
Fault Classifications within the COI Intersection
From the static analysis for any Safety Mechanism, therefore, a series of faults and their classifications may be derived, as well as the fault list that requires further examination. The output of Optima-SA is below.
Optima-SA will also examine the fault list for optimizations that will aid further analysis. For example Fault Pruning is applied, where specific faults are analyzed together with adjacent faults to see if the detection of one of the faults also implies detection of the other. If so, the second fault may be pruned out of the fault list.
Finally, Optima-SA generates a fault list that may be passed to other tools. For example it may be read by the ANSYS Medini product and used for cataloging fault information.