Industrial Functional Safety
Functional Safety with Intel® FPGAs
Protect the people, products, company brand, and environment with Intel’s advantageous, high-performance, scalable, and reliable industrial functional safety solutions.
Intel’s comprehensive safety approach covers Intel® processors and Intel® FPGAs allowing customers to accelerate development while meeting safety-critical requirements.
There are many good reasons to put FPGAs at the heart of your safety-critical systems. These include:
- The flexibility of reconfigurable hardware to build bespoke safety architecture and customized implementation options.
- The ability to integrate standard (non-safety) and safety functions, to consolidate board components.
- The deterministic compute performance to implement intensive control, monitoring and diagnostic algorithms within latency requirements in truly independent, deterministic compute unaffected and uninterrupted by neighboring busy workloads.
- An Intel® library of Diagnostic IP to help provide the diagnostic coverage to catch random hardware failures with monitors, checkers, and soft lock-step processor cores.
- Intel's certified Tools and Methodology with step-by-step guidance from Intel’s TÜV-certified Functional Safety Data Package (FSDP) including FMEDA tools and certified data to calculate the required safety metrics required for certification.
- Long product lifetimes and a history proven-in-use at the heart of mission-critical systems.
To simplify and speed up your safety certification process, Intel worked closely with TÜV Rheinland* to provide an IEC61508 certified Functional Safety Data Package, which includes:
- Device family SKUs across four main device families certified for use in safety applications.
- Certified tools and methodologies, including all you need to calculate required safety metrics.
- Certified lockstep cores and diagnostic IP to build in the safety measures you need to help detect and mitigate dangerous faults.
- And the guidance to use all these effectively – including safety manuals, device data, reference material, and certificates to help get your design to certification.
Our customers have been using the package since 2010 for industrial applications certified for IEC61508, and it is now on its fifth major reversion, covering TÜV-certified FPGAs across four main device families.
Using the certification of tools and devices and the guidance in our certified Safety Integrity Level 3 (SIL3) Functional Safety Data Package, developers can shorten IEC 61508 development time and reduce certification risks across many safety-critical industrial applications, such as industrial servo and inverter drives, safety devices, and automation controllers. In addition, the Safety Separation Design Flow retains the FPGA benefit of quick upgrades/bug fixes while reducing the need for full design recertification.
The following figure shows a typical dual-channel SIL3 industrial "safe" system implemented with two FPGAs.
Contact your local Intel® FPGA representative for more information and access to the Functional Safety Data Packages, or example designs.
Partners
SafeFlex, Safety Reference Board
To further reduce customer design effort in safety designs requiring IEC 61508 certification up to SIL3 and IEC 13849 PLe Cat 4, Intel and NewTec have partnered to develop the SafeFlex functional safety reference board.
The board includes a reference design of a safety application, which can be adapted into the typical dual-channel SIL3 "Safe" System shown below, alongside documents describing the steps required to bring safety designs from initial development to end production.
Typical Dual-Channel SIL3 Industrial "Safe" System Implemented with Two FPGAs.
Contact NewTec for more information and to purchase the SafeFlex board.
Other Safety Design Examples
Efficient Motor Control Designs with Intel® FPGAs and SoC FPGAs
Designing motor control and motion control systems with Intel® FPGAs and SoC FPGAs can result in significant reduction in overall cost of ownership through:
- System Integration: Lower bill of materials (BOM), power consumption, and reliability challenges by integrating industrial networking, functional safety, encoder, and power stage interfaces and digital signal processing (DSP) control algorithms in a single device.
- Scalable Performance: Use a single scalable platform across entire product lines. Achieve higher performance with faster and more advanced control loops.
- Functional Safety: Reduce compliance time and effort. Intel is the first FPGA supplier to obtain qualification of our devices and tools under the Machinery Directive safety standard IEC 61508.
The Intel® Motor Control Development Framework enables you to easily create integrated, high-performance drive-on-a-chip motor control designs with Intel® FPGAs and SoCs. The framework comprises reference designs, software libraries, intellectual property (IP) cores, and a portfolio of motor control hardware platforms supporting the development of motor control systems in a single FPGA. Intel provides all the ingredients to add safety to these designs, using safe features such as our Nios® II Lockstep processors, and Safe Partitioning flow.
Functional Safety Data Package (FSDP) Ordering Process
Step 1: Please contact your local Intel sales representative to submit a purchasing order
Functional Safety Data Package ordering codes:
IP_ABG_SAFETYDP - US$10,000
IPR_ABG_SAFETYDP (Upgrade from previous version) - US$2,500
FSDP V1.0
- IP_ABG_SAFETYDP1
- IPR_ABG_SAFETYDP1
FSDP V2.0
- IP_ABG_SAFETYDP2
- IPR_ABG_SAFETYDP2
FSDP V3.0
- IP_ABG_SAFETYDP3
- IPR_ABG_SAFETYDP3
FSDP V4.0
- IP_ABG_SAFETYDP4
- IPR_ABG_SAFETYDP4
FSDP V5.1 (current version)
- IP_ABG_SAFETYDP5
- IPR_ABG_SAFETYDP5
Step 2: You will receive an email containing web access information once the processing order is processed, including logon information.
Step 3: Accept the license agreement & download the Functional Safety Data Package from My Intel. After accepting the license agreement, you will be able to download the FDSP.
A free evaluation license of the Industrial Functional Safety Data Package is also available. Please contact your local Intel sales representative to discuss.
FPGA-Based Functional Safety Case Study by Yaskawa
Yaskawa Electric selected multiple Intel FPGAs for use in its YRC1000 robot controller. The company also cut the amount of work needed for functional safety certification by adopting Intel’s IEC 61508-certified Functional Safety Data Package.
Automotive Functional Safety Data Package (AFSDP)
The automotive industry is a thought-leader in adding multiple active safety systems to reduce the risk of injury and harm. Adapted from the IEC 61508 functional safety standard, the ISO 26262 automotive electronic system safety standard helps you avoid systematic faults and also detect, control, and mitigate any random hardware faults that may cause a malfunction of the system.
As with our Functional Safety Data Package for industrial IEC 61508, we also worked with TÜV Rheinland, to create an Automotive Functional Safety Data Package, receiving qualification to ISO 26262 for a set of tools, devices, and IP.
AFSDP Ordering Process
Step 1: Please contact your local Intel sales representative to submit a purchasing order.
Automotive Functional Safety Data Package ordering code IP-ABG-ASAFETYDP2.
- 1st purchase: lifetime access to AFSDP version 2.0. - 5,000 USD
- Future version update / additional historic version - 1,250 USD
Step 2 & 3 - same as FSDP.
Resources
White Papers
- Developing Functional Safety Systems with TÜV-Qualified FPGAs
- Qualified Functional Safety Data Package
- FPGA-based Safety Separation Design Flow for Rapid IEC 61508 Certification
- Reducing Steps to Achieve Safety Certification
- 8 Reasons to Use FPGAs in IEC 61508 Functional Safety Applications
- A Validated Methodology for Designing Safe Industrial Systems on a Chip
- A Safety Methodology for ADAS Designs in FPGAs (PDF)