The use of electronic systems in safety critical environments, for example in automotive applications for driver assist systems and autonomous driving, requires a reliable operation of such electronic systems in order to avoid risks for persons depending on the operation of the electronic systems, for example passengers or other persons in case of automotive applications.
To increase safety, a measure often taken is to provide redundant circuits, i.e. to provide two or more circuits essentially performing the same function. When one of the redundant circuits fails, the other redundant circuit(s) is (are) still available. Moreover, failure of one of the redundant circuits is usually easily detectable as in case for example one of two redundant circuits fails, the output signals of the two redundant circuits will differ from each other. Another approach is to provide a first circuit to perform a certain function and a second circuit to monitor correct operation of the first circuit.
However, there is a kind of failures referred to also as dependent failures, which may lead to a simultaneous malfunction or failure of two redundant circuits, or may lead to a simultaneous failure of a first circuit to perform a certain function and a second circuit monitoring the first circuit. These dependent failures may in particular occur in cases where two or more redundant or otherwise related circuits are provided on a single substrate, for example integrated on a single substrate, as in this case the circuits are located close to each other, and are coupled via the substrate.