The increasing demand for electrification of automotive systems with electronic control units (ECUs) is driven by automotive trends such as electro­ mobility and autonomous driving. However, the functional complexity of modern analog/-mixed-signal integrated circuits (ICs) causes an increasing risk from random hardware failures in the electronics. Even more for safety­ related applications, the presence of a hardware failure in the IC may have severe consequences for humans and environment. Safety-related ICs such as Smart Power ICs must ensure a safe operating state even in the presence of a random hardware failure. For this purpose, the ICs implement diagnos­tic capability by safety mechanisms which prevent random hardware failures from causing hazard. Recently, this topic has come to the focus of interest in semiconductor companies due to the advent of the functional safety stan­ dard for road vehicles, ISO 26262. The standard provides a framework of requirements which affects the whole development process of safety-related ICs due to which semiconductor companies face new challenges in terms of compliance. The pre-silicon functional verification is generally a crucial stage within the IC development. lt allows to detect functional misalignments between the circuit's required and actual behaviour before manufacturing. In this context, the standard explicitly requires a simulation-based method utilizing the fault injection technique. The purpose of this method is to evaluate the circuit in the presence of hardware failures in terms of diagnostic capability and compliance with functional requirements. Fault injection and simulation of analog/mixed-signal circuits has been a challenging task since the early 90s. This is mainly due to the lack of a generally accepted definition of fault coverage and corresponding fault models. Additionally, thorough fault simulation with the transistor-level netlist becomes infeasible for the top-level circuit. Moreover, commercially available computer-aided design tools do not yet offer a feature for automatizing the fault injection technique for analog/mixed-signal circuits. Thus, this task requires so far labour-intensive manual effort. In order to utilize the fault injection technique for pre-silicon safety-related functional verification of analog/mixed-signal circuits, the above mentioned challenges must be ad­dressed by an adequate methodology. The work presented in this thesis facilitates integration and automation of the fault injection technique in the electronic design automation tool Cadence® Virtuoso®. A fault model library is developed comprising diverse fault models which facilitate fault injection at different levels of abstraction of the circuit design. As an initial approach to safety-related verification, the informal safety analysis method Failure Mode, Effects and Diagnosis Analysis (FMEDA) is utilized to structure the safety-related verification plan. Subsequently, a hierarchical fault injection approach is presented for efficient toplevel verification by skipping redundant fault simulation runs. This approach is based on fast component-level fault simulations and the determination of functional equivalent faults. Functional fault equivalence is determined by a clustering algorithm which processes simulated component-level circuit responses in order to find similarities among the waveforms. Eventually, functional equivalent faults must not be simulated repeatedly for top-level verification. Finally, soft faults by means of parametric and soft-structural fault models are considered for fault injection with variable parametrization. Their effects in the circuit are evaluated by means of global sensitivity analysis. Sensitivity indices are calculated which quantify the contribution of each soft fault to the variability of the circuit response. The sensitivity indices are used to rank faults and identify non-influential soft faults. A statistical significance test is exercised in order to eliminate non-significant faults from the soft fault list. Moreover, the cumulative contribution of each soft fault to the variability of the circuit response is used to further eliminate soft faults by keeping only those in the soft fault !ist which account for most of the variability. Although this approach reduces the soft fault coverage, most of the output variability due to soft faults in maintained for the verification. Experimental results are presented for safety-related functional verification of an automotive high-voltage Lithium-ion cell balancing and monitor­ing module and a general purpose gate driver circuit which is a safety-related module of an automotive System-on-Chip (SoC). Finally, the work is concluded and an outlook is given.    «

The increasing demand for electrification of automotive systems with electronic control units (ECUs) is driven by automotive trends such as electro­ mobility and autonomous driving. However, the functional complexity of modern analog/-mixed-signal integrated circuits (ICs) causes an increasing risk from random hardware failures in the electronics. Even more for safety­ related applications, the presence of a hardware failure in the IC may have severe consequences for humans and environment. Safe...    »