Functional safety is a trend that is increasing in automotive and industrial applications. For example, applications may be required to comply with a particular Safety Integrity Level (SIL). A SIL is defined as a relative level of risk-reduction provided by a safety function, or to specify a target level of risk reduction. In the European Functional Safety standards based on the IEC 61508 standard, four SILs are defined, with SIL 4 being the most dependable and SIL 1 being the least. The road vehicles functional safety standard IOS26262 defines four safety levels (ASIL A through D) that provide four different levels of system integrity. For example, an ASIL D level of integrity may be required for an electronic steering control system in a vehicle, where failure of the system could have fatal consequences.
A common way to implement functional safety requirements on, for example, a microcontroller device (MCU) is to implement specific hardware circuits that provide additional monitoring of the underlying microcontroller circuits (e.g. monitoring of the CPU) and software, thereby increasing the likelihood of a hardware or software error being caught.
However, such a requirement for functional safety is not common place in all applications, and it is often the case that a device, such as a microcontroller device, may be suitable for applications both with and without functional safety requirements. As some industrial/automotive and general purpose microcontroller architectures become more similar, there is a significant benefit to enable the re-use of, for example, a general purpose microcontroller (that typically does not require functional safety) in industrial and automotive markets that require functional safety by adding functional safety features.
However, functional safety can place a lot of additional requirements onto silicon design, and result in unnecessary unit overheads in terms of cost and power. If this is carried into markets that have no safety requirements, this adds unnecessary cost. As such, it is undesirable to implement functional safety into devices to be used for applications that do not require functional safety, since the additional costs can make it difficult to achieve competitively priced devices. However, not implementing functional safety into such devices prevents these devices from being used for applications that require functional safety.