Freedom from Interference
The safety architecture forms the fundament for the coexistence of functions with different ASIL classifications. It shows the independent software elements and their interfaces. Compliance with this safety architecture is the basis for freedom from interference and assures functional safety.
Suitable Software Architecture According to ISO 26262
It is state of the art to allow several safety-relevant functions with different ASILs or QM classification to coexist on a common hardware. However, this requires a suitable software architecture to be in place for corresponding software projects according to ISO 26262. Compliance with the safety architecture is the basis for Freedom from Interference.
Axivion's architecture check ensures the consistent use of the defined interfaces and the selected communication mechanisms. Deviations from the architecture are immediately highlighted in the source text. This includes, among other things, unspecified function calls, overwriting of data or, more generally, reference to declarations not defined as interfaces.
Watch our webinar: Demonstrate Freedom from Interference by using Architecture Analysis?
Compliance with the Planned Interfaces Enables Freedom from Interference
This graphic shows a safety architecture with two ASIL partitions and one QM partition. Within the partitions, a more detailed architecture is indicated, but this is not relevant in the context of the analysis for Freedom from Interference. Here we are concerned with the interfaces between partitions of different criticality. These interfaces can be modelled in many ways. However, the execution of low-criticality code in the context of a higher-criticality partition presumably constitutes a violation of the safety case. Such dependencies violating the safety architecture are marked in the picture.
Without a check for compliance with the safety architecture such violations can only be detected late in the process with hardware and configured MPU/MMU. With the architecture analysis, these violations are immediately found as architecture violations. In contrast to dynamic testing on hardware, this check can also be integrated directly into the CI/DevOps pipeline.
Success Story - Schaeffler
The Schaeffler Group is a leading global supplier to the automotive and industrial sectors. Learn how they used Axivion Architecture Verification to demonstrate Freedom from Interference in a Mixed ASIL Approach according to ISO 26262.
Simplified Integration of a Safety System
If the software elements are additionally checked for compliance with a suitable coding guideline (e.g. AUTOSAR C++ 14 or MISRA) using static semantic analysis, programming errors that lead to undefined behaviour can also be largely excluded. This combination thus provides a strong argument for Freedom from Interference in Mixed ASIL systems.
These checks can be used early in the development process, during coding. In a partitioned system with memory protection, significantly fewer problems are thus to be expected in the late integration phases (e.g. MMU/MPU exceptions).
Read more about the coding guidelines supported by Axivion
This Might Interest You