LHP’s Safety Supervisor Software for Smart Vehicle Platforms

LHP’s Safety Supervisor Software for Smart Vehicle Platforms

Introduction

As the automotive industry accelerates toward smart vehicle architectures, the complexity of electronic, embedded systems and software continues to grow. With increasing levels of automation, edge computing connectivity, and electrification, ensuring functional safety at scale has never been more critical. To help OEMs and Tier 1 suppliers accelerate safety compliance and integration, LHP is proud to announce the availability of its Safety Supervisor Software, an ISO 26262 SEooC framework, designated Safety Ready by LHP and validated for certification readiness, supporting applications up to ASIL D.  Developed using LHP’s certified functional safety process (Learn more).

Why is this significant?

Partitioning safety-critical and non-safety software is a key challenge for OEMs and Tier 1 suppliers developing next-generation vehicle applications. The LHP Safety Supervisor Software accelerates this process with a ready-to-use framework that embeds functional safety considerations starting at the top left of the V-model, while allowing safety functions to expand as the development process progresses. As a framework designed for rapid prototyping during early hazard mitigation assessment, it helps teams define initial safety requirements with greater confidence. This early integration ensures that vehicle behavior and control applications align with industry standards, reducing late-stage hardware redesigns and providing a strong foundation for compliance in today’s interconnected and smart vehicle architectures.

How OEMs and Tier 1s Can Leverage the LHP Safety Supervisor Software

The LHP Safety Supervisor Software serves as a foundational functional safety framework designed for in-vehicle and embedded target environments, including automotive-grade high-performance compute (HPC) systems, platforms, and architectures. It is compatible with POSIX-compliant operating systems such as QNX and automotive-grade Linux distributions, which can serve as the foundation for Adaptive AUTOSAR implementations.

By providing a Safety Ready, ISO 26262-compliant layer, LHP’s Safety Supervisor Software removes the burden of implementing fundamental safety mechanisms from scratch, enabling OEMs and Tier 1 suppliers to accelerate safety integration while maintaining their focus on vehicle behavior, application control, and system design.

Understanding the LHP Safety Supervisor Software Architecture

The LHP Safety Supervisor Software is structured in layers, each providing essential safety functionality to support ISO 26262-compliant automotive applications. These layers work together to ensure real-time execution, fault tolerance, and reliable communication for safety-critical vehicle systems.

• Safety Framework – The foundation that provides the core runtime environment for executing safety-critical functions.
• LHP Safety Services – A collection of safety ready libraries that implement essential safety mechanisms as recommended by ISO 26262.
• Platform Services – System-level capabilities that manage communication, task scheduling, and inter-process coordination, enabling seamless integration with vehicle control applications.

The Safety Framework forms the foundational layer of the LHP Safety Supervisor Software, implementing a POSIX-compliant runtime environment optimized for deterministic execution on embedded HPC systems. This layer provides a structured execution context that enforces temporal and spatial isolation for safety-critical functions, implements redundancy management, and ensures compliance with ISO 26262 ASIL (Automotive Safety Integrity Level) requirements.

Key Safety Software Features:

• Task Scheduling
  The Safety Supervisor Software incorporates a task scheduling system that ensures tasks are executed in adherence to strict safety timing constraints. The scheduler implements priority-based preemption with configurable time slots, ensuring deterministic execution of safety-critical tasks. It provides guaranteed response times for high-priority safety functions while maintaining temporal isolation between tasks of different criticality levels.
• System Startup Test
  To ensure system integrity from the beginning, the Safety Supervisor Software includes a customizable start-up test profile that verifies critical system parameters and components before transitioning to full operation. This built-in diagnostic mechanism performs initial system health checks, validating essential hardware and software functions to detect faults early. The test profile can be expanded to accommodate specific requirements of the target control application.
• State Machine
  The Safety Supervisor Software integrates a state machine to manage operational states, ensuring the system responds appropriately to unwanted conditions and events. This framework includes fundamental states, such as initialization, normal operation, and a dedicated safe state, which the system transitions into when critical faults are detected. The state machine is designed to be scalable, allowing expansion to additional operational modes tailored to the specific needs of the target control application.
• Event and Fault Manager
  Safety Supervisor Software incorporates a fault manager that monitors the software framework and controls application tasks for anomalies. When a fault is detected, it is logged, categorized by event type, and stored in persistent memory, ensuring a comprehensive event history is preserved for diagnostics and analysis.
  
  To enhance fault traceability, the system captures a snapshot of relevant data at the moment of the error event, providing context for debugging and failure analysis. Fault events, along with their severity levels, are made available to both the application and interfacing external systems
• LHP Safety Services
  The Safety Servies provide a set of reusable safety libraries, accessible via APIs, that can be integrated across various targeted control applications. These libraries implement ISO 26262 Part 5-recommended safety mechanisms to enhance diagnostic coverage, potentially reducing the reliance on hardware-based safety measures. Available safety services include transmission redundancy, information redundancy, and timeout monitoring for TCP/IP protocols, ensuring robust communication integrity. LHP continues to expand this suite, working toward a comprehensive safety library solution aligned with ISO 26262 to further support automotive functional safety requirements.

Is LHP’s Safety Supervisor Software the Right Fit for Your Use Case? How to Get Started

The LHP Safety Supervisor Software is designed as a SEooC, making it adaptable to different vehicle use cases, features, and configurations. Beyond its baseline functionality, OEMs and Tier 1s can collaborate with LHP’s system engineers to evaluate custom integration needs. The framework is designed to integrate with modern software-defined vehicle architectures, supporting communication with cloud-based Vehicle Function Orchestrators and Telematics systems through standardized interfaces.

The Safety Supervisor Software is built to run on POSIX-compliant operating systems such as QNX and automotive-grade Linux distributions, which can also complement well the service-oriented architecture of Adaptive AUTOSAR. While hardware agnostic, the Safety Supervisor Software is designed with HPC platforms in mind and supports various deployment configurations, including bare metal, virtualized environments, and hypervisor-based architectures.

For more details, visit our website: LHP Systems & Software Development. To set up a session with our solutions architects for an "Ask Me Anything" discussion or to connect with our sales representatives, reach out here: Contact LHP.