Automotive Safety and Security in a Verification Continuum Context

Similar documents
Mentor Safe IC ISO & IEC Functional Safety

Integrating Functional Safety with ARM. November, 2015 Lifeng Geng, Embedded Marketing Manager

Virtualizer: Next-Generation Virtual Prototyping. Marc Serughetti Director Product Marketing Virtual Prototyping

Compliance driven Integrated circuit development based on ISO26262

``Overview. ``The Impact of Software. ``What are Virtual Prototypes? ``Competitive Electronic Products Faster

Functional Safety: ISO26262

Management of Functional Safety

Model-Driven Development for Safety-Critical Software Components

Does ESL have a role in Verification? Nick Gatherer Engineering Manager Processor Division ARM

Distributed Model Based Development for Car Electronics

Heterogeneous Compute in Automotive and IoT. May 31, June 1,

ISO : Rustam Rakhimov (DMS Lab)

Overview of the 2nd Edition of ISO 26262: Functional Safety Road Vehicles

Accelerating Xilinx All Programmable FPGA and SoC Design Verification with Blue Pearl Software

Functional Safety Methodologies for Automotive Applications

Rethinking SoC Verification Enabling Next-Generation Productivity & Performance

Overview of the 2nd Edition of ISO 26262: Functional Safety Road Vehicles

TLM-Driven Design and Verification Time For a Methodology Shift

TÜV SÜD Automotive GmbH. ISO Certificates for Tools Approach and Examples

AUTOSAR and ISO26262 compliant development by use of Libraries

Corporate Overview for Investors

Mastering Unexpected Situations Safely. Chassis & Safety Vehicle Dynamics

A Cost-Effective Model-Based Approach for Developing ISO Compliant Automotive Safety Related Applications

Hardware Simulator Performance Scaling to Meet Advanced Node SoC Verification Requirements

Test and Verification Solutions. Resistance is Futile: Learning to love UVM! Experts In Verification

Saber Automotive Overview

A Cost-Effective Model-Based Approach for Developing ISO Compliant Automotive Safety Related Applications

Address system-on-chip development challenges with enterprise verification management.

Erol Simsek, isystem. Qualification of a Software Tool According to ISO /6

Xcelium Parallel Logic Simulation

Smart Strategic Approach for Functional Safety Implementation. Chandrashekara N Santosh Kumar Molleti

Managing Functional Verification Projects

Safety cannot rely on testing

Functional Safety Implications for Development Infrastructures

EMC 2 Living Lab Automotive

High Level Synthesis with Catapult 8.0. Richard Langridge European AE Manager 21 st January 2015

EB Automotive ECU solutions AUTOSAR Basic Software Tooling Functional Safety Customization Services

Development of AUTOSAR Software Components with Model-Based Design

Automotive Electronics Reliability Flow Improving Electronics Quality for Automotive Systems

Brochure. About. Tools. Services. Where can we help? Our approach Why choose Rapita?

2 4 1 Revenue Information by Product Groups. 4 2 Revenue by Geographic Region. 7 4 Revenue and Contract Duration

SAFE an ITEA2 project / SAFE-E an Eurostars project. Contract number: ITEA Contract number: Eurostars 6095 Safe-E

Brochure Services. About. Tools. »» Where can we help? »» Unit/system testing. »» Multicore timing services»» Our approach

On-Chip Debug Reducing Overall ASIC Development Schedule Risk by Eric Rentschler, Chief Validation Scientist, Mentor Graphics

Brochure Services. About. Tools. »» Where can we help? »» Unit/system testing. »» Software verification services»» Our approach

Seite 1. KUGLER MAAG CIE GmbH

SeamleSS Implementation. based on ISO 26262

Deterministic Modeling and Qualifiable Ada Code Generation for Safety-Critical Projects

Development of AUTOSAR Software Components with Model-Based Design

Expanding the Reach of Formal. Oz Levia November 19, 2013

Implementation of ISO Adoption, Challenges, Efficient Application. Mike Staszel, Bonifaz Maag KUGLER MAAG CIE NA, Inc. May 13 th, 2014.

Functional Safety with ISO Principles and Practice Dr. Christof Ebert, Dr. Arnulf Braatz Vector Consulting Services

Achieving ISO Compliance in Silicon (And Beyond?)

Brochure Services. About. Tools. »» Where can we help? »» Unit/system testing. »» Software verification services»» Our approach

Project Summary. Acceptanstest av säkerhetskritisk plattformsprogramvara

Implementation of requirements from ISO in the development of E/E components and systems

Safety with Embedded Multicores. Glenn Farrall: Microcontrollers Infineon UK

ISO Software Compliance with Parasoft: Achieving Functional Safety in the Automotive Industry

Certifiable Production Code Development

TPT - QUALIFICATION. according to ISO Overview. Version 1.5

PREEvision 7.0. Roadmap and new Features. 3 th of March 2014

Automotive Functional Safety Standard ISO26262 and Design Verification Technology

ECE 699: Lecture 2. ZYNQ Design Flow

Next Generation Design and Verification Today Requirements-driven Verification Methodology (for Standards Compliance)

LS1021A. in Industrial Safety Systems

Model-Based Design for ISO Applications. April 2010

Available online at Procedia Engineering 45 (2012 ) Peter KAFKA*

HARDWARE PRODUCT ENGINEERING HCL ENGINEERING AND R&D SERVICES

Brochure Services. About. Tools. » Where can we help? » Unit/system testing. » Software verification services» Our approach

Model-Based Design Maturity: Benchmarking the Automotive Industry Vinod Reddy Manager, Consulting Services

Developing Safe Autonomous Vehicles for Innovative Transportation Experiences

Mentor Graphics Higher Education Program

HX5000 Design Flow and Infrastructure. Honeywell and Synopsys Enable Next Generation Rad-Hard ASICs

architecture (SAFE) Project Presentation SAFE project partners

Challenges in Automotive Software Development --- Running on Big Software

Transforming the future of mobility. Citi 2016 Global Technology Conference September 2016

Short company introduction. Outline. SW FMEA: introduction and motivation Proposed methodology Feedback from application Conclusion and next steps

Corporate Overview for Investors

Lessons Learned: How to Write Good Safety Plans. Henrik Thane Adj. Professor in Functional Safety, MDH SAFETY INTEGRITY AB

Verification vs. Validation

2010 The MathWorks, Inc. Model-Based Design for High Integrity Software and Hardware

AUTOSAR Automotive Open System Architecture

A Model-Based Reference Workflow for the Development of Safety-Critical Software

Consumer Electronics components and systems for automotive and industrial products: TRACE

Frontload the design, V&V and certification of software-intensive mechatronic systems by adopting the Digital Twin approach

Development of Safety Related Systems

9. Verification, Validation, Testing

VectorCAST Presentation AdaEurope 2017 Advanced safety strategies for DO178C certification Massimo Bombino, MSCE

IEC Functional Safety Assessment

Trends in Automotive Software Engineering

Modelling the Risk In Defence Engineering

ISO Compliance Using Approved Software Components for Road Vehicles

VHDL Introduction. EL 310 Erkay Savaş Sabancı University

Applying Model-Based Design to Commercial Vehicle Electronics Systems

Digital Design Methodology (Revisited)

Advancing Traffic Efficiency and Safety through Software Technology. EAST-ADL2 Overview

Good things come in small packages, We help good become better SEMICONDUCTORS HCL ENGINEERING AND R&D SERVICES

This project has received funding from the European Union s Horizon 2020 research and innovation programme under the Marie-Sklodowska-Curie grant

Agile in Braking Systems

Transcription:

Automotive Safety and Security in a Verification Continuum Context Accelerating the Development of Automotive Electronic Systems Jean-Marc Forey Automotive Functional Safety Professional Synopsys Inc. April 2017

Agenda Addressing the design challenges along the automotive electronic supply chain Requirements for SoC functional safety verification Functional qualification Functional safety fault simulation Summary 2017 Synopsys, Inc. 2

Automotive Opportunities for Semiconductor Companies Electronics cost per car doubled in the last 10 years - Today 40% of total cost Automotive Systems (Tier1/OEM) Powertrain EV/HEV (Emission) ADAS & Autonomous (Safety) Vehicle Living room (Mobility) Safe (ISO 26262), Secure and Connected Automotive Semis Many SoCs - vision, radar, gateways, vehicle dynamics, Increasing complexity and software ISO 26262 Compliance Lead customer collaboration 2017 Synopsys, Inc. 3

Key Automotive Challenges in the Supply Chain OEM Tier 1 SoC/MCU w/ right functionality and performance Increased complexity of ECU hardware and software content Semi Deliver more software w/ high quality Verify complex SoC/MCU functional, AMS, low power Deliver ISO 26262 compliance 2017 Synopsys, Inc. 4

Key Automotive Challenges in the Supply Chain and How Market Leaders are addressing them OEM Tier 1 SoC/MCU w/ right functionality and performance Collaborate on architecture definition Increased complexity of ECU hardware and software content Develop and test system and ECU software in virtual environments Deliver more software w/ high quality Verify complex SoC/MCU functional, AMS, low power Deliver ISO 26262 compliance Semi Start SW development earlier & validate using RTL Use unified verification technologies with fastest engines Fault injection/report for systematic & random failures 2017 Synopsys, Inc. 5

Most Comprehensive Solution for the Supply Chain Right SoC/MCU Accelerate ECU Hardware and Software OEM Tier 1 Platform Architect MCO Saber Virtualizer/VDK Collaboration Enablement Semi Software Avail. & Quality Virtualizer/VDK ZeBu Virtual Prototyping Accelerate Hardware Verification Static & Formal Planning & Coverage Debug Simulation Emulation Prototyping ISO 26262 Compliance Certitude Z01X HAPS VIP, Models & Databases Verdi 2017 Synopsys, Inc. 6

Requirements for SoC Functional Safety Verification 2017 Synopsys, Inc. 7

What is Functional Safety in ISO 26262? Absence of unacceptable risk due to hazards caused by malfunctioning behavior of electrical and/or electronic systems. Organization View Lifecycle Flow View 2017 Synopsys, Inc. 8

ISO 26262 Safety Principles Prevent / Eliminate Bugs Avoid Systematic Faults Design Bugs (Permanent Faults) Control Failures Control of Systematic Faults Bug Escapes (Permanent Faults) Control of Random Faults H/W Failures (Permanent or Transient Faults) Implementation: Use best practice/certified design flows Verification & Validation: Use best-in-class Functional Verification methodology Implementation: Deploy comprehensive Safety Mechanisms Verification & Validation: Follow ISO 26262 recommendations for ASIL level Development & Manufacturing Delivery In Operation Lifecycle of Component / Automobile 2017 Synopsys, Inc. 9

Functional Safety Verification Solution Chip Requirements Safety Goals Requirement Management APIs Architecture Safety Mechanisms Prototyping Verification Plan Safety Plan Traceable Verification Testbench + HDL + IP / VIP IP Safety Certification Automotive Protocols & Memory VIP Simulation Fault Modeling & Injection Static/Formal Emulation* Fault Injection & Simulation for Automotive Safety Verification Tapeout FMEDA Report Customized Safety Reports / Doc * Future Work 2017 Synopsys, Inc. 10

Functional Verification is Essential Starting Point Prevent / Eliminate Bugs Avoid Systematic Faults Design Bugs (Permanent Faults) Implementation: Use best practice/certified design flows Verification & Validation: Use best-in-class Functional Verification methodology Synopsys Functional Verification Technology Platforms Many technologies must be used to ensure the highest functional verification quality Early software bring-up enables faster and more complete verification Verification quality analysis provides objective measure of functional verification effectiveness (fault coverage) 2017 Synopsys, Inc. 11

Functional Verification Quality Analysis with Certitude Activation Bug Propagation Detection Certitude Functional Qualification Solution Test Cases Design Under Verification Compare Inject and qualify systematic faults at architecture, system, and RT level Expected Results Functional Verification Environment Ensure complete verification, and functional correctness of design VCS VC Formal Natively integrated with VCS, and works with VC Formal, and C/C++/SystemC flows Merge Unified dynamic and property verification report Measure the quality (fault coverage) of your functional verification environment 2017 Synopsys, Inc. 12

Functional Safety Verification Verify Control of Hardware Failures ASIL Control Failures Control of Systematic Faults Bug Escapes (Permanent Faults) Control of Random Faults H/W Failures (Permanent or Transient Faults) ASIL B ASIL C ASIL D Single Point Fault Metric (SPFM) >= 90% + >= 97% ++ >= 99% ++ Latent Fault Metric >= 60% + >= 80% + >= 90% ++ Implementation: Adopt state-of-the-art Safety Mechanisms Verification & Validation: Follow ISO 26262 recommendations for ASIL level Hardware failures are modeled as both systematic and random faults (which may be permanent or transient) ISO 26262 recommends fault injection testing to verify the effectiveness of the Safety Mechanisms Results and reports from fault injection testing are essential for ISO 26262 work products 2017 Synopsys, Inc. 13

Functional Safety Verification Implement and Confirm Quality of Safety Mechanisms (SM) Example Define Failure Mode and Effects Analysis (FMEA) for device Implement Safety Mechanisms to protect against failures ISO 26262 does not specify what Safety Mechanism to choose Dual-Core Lockstep Software Test Libraries ECC Memory Protection Custom Safety Mechanisms 2017 Synopsys, Inc. 14

Fault Simulation for Functional Safety Without Safety Mechanism Strobe observation points Eliminate non-observable faults OBSERVATION POINTS With Safety Mechanism Strobe diagnostic point Use only faults detected w/o S.M. DUT F1 STOP Safety Mechanism DIAGNOSTIC POINT PASS/FAIL? F2 F3 2017 Synopsys, Inc. 15

General ISO 26262 Functional Safety Verification Flow Safety Plan FMEA Safety Verification Plan 2. Fault Injection Campaign Safety Verification Plan Annotated with Fault Coverage Design Failure Mode Analysis Failure Mode to Safety Mechanism Mapping Fault Injection & Fault Simulation Fault Injection Campaign Results Reporting 1. Failure Mode Effects Analysis Results Analysis & FMEDA Annotation FMEDA Metrics 3. Calculate Metrics & Export Work Products 2017 Synopsys, Inc. 16

ISO 26262 Functional Safety Verification Flow Task View Initial FMEA Process Decompose Design Assign Failure Modes Run Fault Campaign Calculate Metrics & Export Work Products Gather and assess fundamental data related to design, safety goals and failure modes Decompose the design into manageable sub-blocks Associate sub-blocks with failure modes, safety mechanisms and other details Execute fault simulations to determine Diagnostic Coverage for the specified failure modes and safety mechanisms Calculate metrics and generate FMEA/FMEDA work products and other reports ASIL determination Design description, block diagram FIT rate information Initial list of Safety Goal Violations (device-level) Initial list of Failure Modes (block-level) List of Safety Mechanisms in place to mitigate failures First estimates of Diagnostic Coverage Based on function, structure, impact on safety Assign size and area information Assign FIT rates Associate blocks with Failure Modes Associate Failure Modes with Safety Mechanisms Specify Failure Mode / Safety Goal Violation relationships Identify fault types (permanent, transient) to be run Assign Failure Mode distributions (expert judgment) Refined estimates of Diagnostic Coverage Calculate preliminary metrics Select target Failure Mode Extract fault list Identify work load(s) to match use case Run fault simulation to calculate Diagnostic Coverage Iterate as needed Back-annotate Diagnostic Coverage to FMEDA Calculate metrics based on real data Output in standard and customers required formats and system inputs 2017 Synopsys, Inc. 17

Concurrent Fault Simulation vs. Parallel Simulation Parallel Simulation Technology One fault per simulation Good Machine Z01X Concurrent Simulation Technology Thousands of faults in a single simulation Orders of magnitude faster than parallel Z01X Distributed Simulation Technology Parallelize concurrent algorithm through LSF/SGE Automatic dynamic fault distribution b 1 Faulty Machine Faulty Machine Good Machine Differences b 2 Faulty Machine Differences b 1 b 0 b 1 b 0 b 1 Faulty Machine Faulty Machines b 0 Faulty Machine 2017 Synopsys, Inc. 18

Synopsys Z01X Fault Simulation Solution Order(s) of magnitude faster than competitive solutions Optimized concurrent fault simulator (200M+ primitives) Verilog (1995, 2001 & 2005) and SystemVerilog (partial) support RTL, gate and switch-level fault simulation In use at leading automotive suppliers; over 10 years experience in Functional Safety Z01X Is The Industry s Leading Fault Simulation Solution for Functional Safety Verification 2017 Synopsys, Inc. 19

Summary Synopsys Extends Lead in Functional Safety & Security Verification with Addition of Key Technology for ISO 26262 Compliance Acquires Leader in Fault Simulation - WinterLogic Mar 2, 2016 Systemic complexity growth in automotive electronics is driving need for unified functional verification and functional safety verification. Fault injection for random failure is a key element of the verification process and needs to complement a strong functional verification approach. Fault solution must support concurrent and distributed simulation as well as provide traceable verification. Synopsys provides the fastest solution for automotive functional safety verification Synopsys Extends VIP Portfolio for Automotive Applications Native SystemVerilog VIP & Source Code Test Suites for CAN 2.0/FD/TT, LIN, FlexRay & Ethernet AVB Apr 5, 2016 Synopsys Verification Solution Certified for Most Stringent Level of Automotive Safety Measures Defined by ISO 26262 Certified for Highest Tool Confidence Level (TCL1) May 10, 2016 Synopsys Accelerates Development of Safety-Critical Products with Design Solutins for ARM Cortex-R52 High speed Z01X and Certitude fault simulation help assure functional safety for automotive safety standards Sep 19, 2016 Mobileye Adopts Key Synopsys Automotive Functional Safety Verification Solution to Enable ISO 26262 Compliance of its Next-Generation ADAS SoCs Mobileye Adopts Z01X Functional Safety for EyeQ4 Nov 21, 2016 2017 Synopsys, Inc. 20

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback