Safety Packages

A Safety Package is an Arm product that enables Arm IP to be used in safety-related systems for markets such as automotive, industrial, avionics and others. The Safety Package includes a set of documentation artifacts or evidence and any specific safety claims and results of certification activities that Arm holds for an individual IP. The documentation provides partners with information for the Arm IP in support of their safety argumentation and as evidence for safety assessors.

Components of the Safety Package include:

A Safety Manual

This document provides:

• The overview of the product
• The specification of any fault detection and reporting mechanisms included with the IP
• The Assumptions of Use
• The results of the assessment activities

Safety analysis reports

• As a minimum, the Safety Package includes a detailed Failure Mode, Effects, and Diagnostic Analysis (FMEDA) for the IP. The FMEDA provides a clear view of the failure modes for the different IP subblocks, their effects at the IP boundaries, and the coverage achieved by any safety mechanisms included with the IP.

• In addition to the FMEDA a Dependent Failure Analysis (DFA) is provided as applicable. This document analyses the source of common cause failures in the IP and the mitigation that either Arm or the customer should implement to address identified common cause failures.

Development Interface Report (DIR)

Arm delivers a standardized agreement using the DIR with partners. The DIR clarifies the ISO 26262 activities that Arm takes responsibility for, and provides a full view of the standard activities, work products, and mapping. Arm provides this standardized DIR instead of a specific Development Interface Agreement (DIA) for distributed development in accordance with ISO 26262:2018.

Arm defines three levels of functional safety support to our customers:

1. Minimum level (Evaluation enablement product, ISO 26262 Part 8 Clause 13, or Route 3s IEC 61508 Part 3)
   • Limited to certain legacy IP
   • No Safety Package provided, only evaluation checklist (Table 31 ISO 26262 Part 11 and supporting processes) on request
   • Aid the evaluation of the IP for the avoidance of systematic failures only
2. Standard level (Evaluation enablement product, ISO 26262 Part 8 Clause 13, or Route 3s IEC 61508 Part 3)
   • Applicable to some IP developed before 2018, see the Arm IP with Safety Packages table
   • Safety Package is provided with all its components
   • No independent assessment or certification is provided
3. Extended level (SEooC with safety claims)
   • Applicable to most and all future Automotive Enhanced products, see the Arm IP with Safety Packages table
   • Safety Package is provided with all its components
   • ASIL and SIL claims on the avoidance of systematic faults and hardware metrics depending on the product
   • Independently assessed and certified by a third-party assessor

Arm Software Test Libraries (STL) complement Arm functional safety technology. STLs are efficient assembly language routines that detect presence of permanent faults within a specific Arm processor. They are executed by the processor enabling self-testing of the IP at start-up and during application run time.

STLs are called through a C language Application Programmer Interface (API) enabling developers to quickly and easily schedule execution of the required tests. The STLs have been developed with a systematic development process aligned to ISO26262 ASIL D and IEC61508 SIL3. The STLs can be used to make a valuable contribution to Single Point Fault metrics, particularly in systems with ASIL B requirements.