MICROSAR Safe: Safety According to ISO 26262 up to ASIL D - Compatible with AUTOSAR

TTTech has more than 10 years of experience in developing safety-relevant software modules used in aerospace, railway, off-highway machinery, and automotive systems. With this background, we developed a concept to separate critical and non-critical software parts in one ECU. Together with Vector Informatik, a leading supplier of automotive standard software with high reputation, we offer MICROSAR Safe.

MICROSAR Safe is the enhancement of the Vector Informatik AUTOSAR basic software with safety modules developed within the partnership. This MICROSAR solution enables the re-use of proven modules, together with TÜV-approved safety-relevant software modules developed according to ISO 26262 up to ASIL D, on one ECU.

Related Topics

Audi Chooses AUTOSAR Software from Vector Informatik and TTTech Automotive

More

Related Topics

Vector Informatik and TTTech Automotive to Partner in Development of Software for Electronic Control Units

More

Freedom From Interference

The key to cost-effective development of safety-relevant control units is to separate critical software modules from standard services. Thus, with MICROSAR Safe the costly development according to the requirements of ISO 26262 can be focused on a few modules, with all the services not participating in critical functions being developed at much lower cost or being adopted as a standard solution. To make such separation possible ISO 26262 identifies three aspects:

Protection Against Memory Access Faults

Memory protection separates different software components from each other. This means memory protection prevents one software component from unauthorized writing to the memory of another software component and thus from corrupting data.

Runtime Monitoring of Tasks

Runtime monitoring of tasks ensures that tasks and interrupt service routines have the computing time required for their execution. This is achieved by supervising the tasks. Task period, deadlines and correct program flow can be supervised with MICROSAR Safe.

End-to-End Data Protection

Data that is exchanged with critical functions is protected by checksums and message counters. This way the MICROSAR solution prevents critical functions from getting wrong input and the output of critical functions from arriving at the receiver in a corrupted way.

Protection of Safety-Relevant Software with MICROSAR Safe

The necessary monitoring functions are part of MICROSAR Safe, the AUTOSAR Basic Software solution. The proven standard components by Vector Informatik are extended with safety modules jointly developed by TTTech and Vector Informatik, thus forming a standard AUTOSAR solution that can be used in safety-relevant ECUs according to ISO 26262 up to ASIL D.

MICROSAR Safe offers specific safety modules than can be used individually or in combination with other modules:

  • SafeWatchdog guarantees freedom from interference for the program flow
  • SafeCom guarantees freedom from interference for communication
  • SafeContext guarantees freedom from interference for memory access