Flash memory and the demands of the automotive functional safety

April 18, 2018 // By Anil Gupta, Winbond
NOR Flash has been a dependable technology in vehicles for many years, and today is used in various automotive systems, including the instrument cluster and in infotainment and telematics systems. In these applications, this non-volatile memory provides storage capacity for application code, offering the advantages of reliable operation and Read speed fast enough to support Execute-in-Place (XiP), in which a host processor runs code directly from Flash, bypassing external DRAM.

NOR Flash is also playing an important role in emerging implementations of the ADAS (Advanced Driver Assistance Systems) concept, which in cars available today is already performing semi-autonomous highway-driving functions such as adaptive cruise control and lane-keeping. The pace of development in autonomous driving technology is extremely fast, and so in the next few years more and more of a vehicle’s activity will be controlled by electronics systems containing Flash.

In ADAS, as well as in the instrument cluster and elsewhere, Flash is a component in systems which are safety-critical: any uncontrolled failure of such a system would have the potential to render the vehicle unsafe or uncontrollable. To manage and minimise the risk of systems failing to operate as specified, the automotive industry has implemented the ISO 26262 Functional Safety standard, which:

  • imposes a requirement at the design stage to perform rigorous analysis of the ways in which a system’s designed functions can fail
  • specifies very low maximum failure rates for complete systems
  • requires systems to have the ability to detect functional failures reliably and quickly
  • requires systems to put in place robust means to survive safely, and recover from, any foreseeable functional failure

Fig. 1: the virtual instrument cluster in a 2014 Audi TT. NOR Flash is widely used
to enable instant display of essential cluster information at start-up.
(Image credit: Robert Basic under Creative Commons licence.)

Automotive systems OEMs are therefore starting to demand a new breed of Flash ICs which can support the requirements of functional safety design at the system level better than previous generations of devices. This article studies the mode of operation of conventional NOR Flash ICs, and explains the features that new automotive serial Flash products will need to offer if they are to fully support system designers’ efforts to comply with the ISO 26262 standard.

Design category: