FPGA Development Tools Qualification for ISO26262 - An Overview and guideline
Sharanbasappa, Prasanna Venkatesh B (HCL Technologies)
Introduction:
In ISO 26262 ASIL compliant development process, Tool Confidence Level (TCL) or Tool Qualification is one of the vital activities and a requirement which cannot be compromised. The ISO 26262 standard Part 8: “Supporting Processes” (Clause 11) clearly emphasizes on TCL.
Also in recent past, trend in automotive OEMs, Tier-1 and Tier-2 suppliers has been to combine various features in their product, which basically involves ‘different tools and methodology’ in the product development (Concept to Product).
Generally, the standard development tools and NEW development tools (Ex: Modeling, Analysis, Deigns, Verification, Validation etc.), tend to evolve in parallel to accommodate the product development cycle by targeting reduced development time, user-friendly, low cost etc. On the other hand, maturity, ERROR FREE and robustness of these tools cannot be compromised in development of a safe product.
Tool Confidence Level (TCL) – Overview:
The TCL is a decision process for a tool, determined with TI (Tool Impact) and TD (Tool error Detection).
At a high level, malfunction of a software tool could lead to the following,
- A bug introduces in the product
- Failed to detect the bug in the product (false negative)
In general Tool Impact and Tool Detection (also called as Tool error Detection) can be descried as,
- TI (Tool Impact) is a measure of possibility, where the product/design failure can happen due to a tool problem.
- TD (Tool Detection) which is a measure of possibility, where the product/design bug or malfunction was failed to get detected due to tool problem
The ISO 26262 standard does not provide any specific method for Tool Qualification. So the TCL determination for LOW, MEDIUM and HIGH is likely subjective. Also performing the Tool Qualification for all the tools used in the development cycle will be complex, time consuming and costly. Below figure1 shows the TCL classification process.
Figure1: Tool Qualification Process
Tool Qualification for FPGA development:
The growing complexity in FPGA Silicon, Interfaces, reduction in technology node, etc. has a coupled impact and pressure on the FPGA EDA development tools for “Functional Safety Compliance”. Typically, FPGA development uses different tool set in each stage (example: Simulation, Synthesis, Place and Route, Equivalence Check, on-Chip Debug etc.).
Also, FPGA device companies like Xilinx, Altera, Lattice, MicroSemi etc. has their own integrated EDA software tool flow which can do; Compile, Synthesis, Place and Route, Timing Analysis, Simulation etc. At the same time there are independent tools for Simulation, Synthesis and Debug from many leading EDA companies.
So to arrive at suitable TCL strategy, for the identified development tools and generating an evidence for “Tool Evaluation and Qualification Report” is essential. This TCL report document will be part of the product “Safety Case” repository and will be reviewed and accepted by customer’s Functional Safety Manager/Safety Audit Team.
Today most of the FPGA tool vendors understand the pain of functional safety certification process and the importance of the Tool Qualification. So many of the FPGA EDA tools are TÜV SÜD certified or TÜV Rheinland certified and many in process of certification. The figure2 explains the overview of the TCL process overview and below table provides guidelines for Tool Qualification Process.
Figure2: Software Tool Classification Analysis flow
TCL | Criteria/ Guideline |
Tool Qualification Planning |
|
Tool Qualification check guideline (Overview) | For Simulation tool:
For Synthesis and PNR tool:
|
Tool Classification |
|
Tool Qualification |
|
Tool Documentation | Software Tool Qualification Report
|
Summary:
Since different tools have different functions, a proper tool evaluation with vendor support and vendor supplied Functional Safety documentation (Safety Manual, Tool Classification Analysis and Technical Report from Functional Safety Auditor) is essential. Also tool evaluation based on adapting to one version of the tool for development will avoid tool related bugs. Moreover TÜV certified tool will enable in easy certification process and design with confidence.
|
Related Articles
- Managing the complexity of embedded software development through design automation tools
- Safety Integrity Level - an Overview for FPGA Engineers
- Embedded software development tools - a third way
- Automatic C-to-VHDL testbench generation shortens FPGA development time
- Validate hardware/software for nextgen mobile/consumer apps using software-on-chip system development tools
New Articles
- Quantum Readiness Considerations for Suppliers and Manufacturers
- A Rad Hard ASIC Design Approach: Triple Modular Redundancy (TMR)
- Early Interactive Short Isolation for Faster SoC Verification
- The Ideal Crypto Coprocessor with Root of Trust to Support Customer Complete Full Chip Evaluation: PUFcc gained SESIP and PSA Certified™ Level 3 RoT Component Certification
- Advanced Packaging and Chiplets Can Be for Everyone
Most Popular
- System Verilog Assertions Simplified
- System Verilog Macro: A Powerful Feature for Design Verification Projects
- UPF Constraint coding for SoC - A Case Study
- Dynamic Memory Allocation and Fragmentation in C and C++
- Enhancing VLSI Design Efficiency: Tackling Congestion and Shorts with Practical Approaches and PnR Tool (ICC2)
E-mail This Article | Printer-Friendly Page |