Posts Tagged ‘safety-critical’
Thursday, December 12th, 2019
Understandably, hardware designed for an aircraft, or indeed any safety critical application, must be robust. I also believe that all engineers wish to verify their designs as thoroughly as possible, anyway. However, there are limiting factors; most notably the high complexity of most designs. Since we are unable to discover and verify the design against all abnormal conditions, the main question is: when is robustness verification truly complete?
Random nature of robustness
Test scenarios for robustness verification always contain many input stability issues, such as erroneous values, lack or loss of value, unexpected timing and unpredicted toggling. Certainly there is a significant random factor but it should not lead us to oversimplify this part of verification by applying less or more advanced randomization methods only. The robustness of any design, and especially for projects where human lives are potentially at risk, cannot be achieved by inspecting the results of randomly generated scenarios. It must be part of the original design.
RTCA/DO-254
The “Design Assurance Guidance for Airborne Electronic Hardware” document does not explicitly address robustness testing. However, two supplements – “FAA Order 8110.105A” and the “EASA Certification Memorandum” – clarify that to demonstrate robustness, the applicant should also define the requirements-based testing. In other words, it is expected that abnormal operating conditions be captured and documented as derived requirements.
How many “robustness requirements” do we need?
Having extra requirements for robustness verification does not solve the problem stated above, so the question really is: how many “robustness requirements” will be enough?
(more…)
Tags: FPGA, safety-critical, verification
No Comments »
Monday, May 23rd, 2016
 The hardest part of DO-254 is not the requirements. It’s not the design. It’s not the verification.
We just wrapped up this year’s 3-day DO-254 Practitioner’s Course, and each year I learn something new. In this year’s training we had attendees from major aerospace companies including Curtiss Wright, Rolls Royce, Sierra Nevada Corporation, Thales and Woodward. It’s always a pleasure to meet the aerospace folks and learn about their projects, goals and challenges. This is the fifth year we’ve done these trainings and each time I pick up subtle points from the instructor showing his impressive expertise in the subject.
This year’s subtle point that I picked up is about the hardest part of DO-254.
The hardest part of DO-254 is the cultural change that needs to take place in order for the organization to successfully comply to DO-254. This can be the make or break of the project. It doesn’t matter if you have top-notch planning documents if no one will adhere to them. It doesn’t matter if you’ve written 1000+ page requirements document, but the verification engineers cannot use them because the requirements are not verifiable. It doesn’t matter if you have the best design standards if your designers would not abide by them. It doesn’t matter if you have the latest verification tools but no one in your team understands how to satisfy tool assessment and qualification. It doesn’t matter if you have the most comprehensive review checklists if your reviewers will not use them and document the review activities and results.
DO-254 is a collection of industry best practices and all of its processes are tightly integrated, but it doesn’t matter if you have the DO-254 processes tightly in place if your team members will not abide by them. The hardest part of DO-254 is the cultural change that needs to be embraced by all team members. The cultural change is what can get you.
Many organizations new to DO-254 are eager to jump on board and start applying DO-254 to their projects due to its high demand in the avionics industry. You might be ready to take the leap and make the cultural change yourself, but is the rest of your team and organization ready for the cultural change?
If you’d like to learn more, or register for next year’s class, call us at 1+702-990-4400 or email training@aldec.com.
For the rest of this article, visit the Aldec Design and Verification Blog.
Tags: do-254, FPGA, safety-critical, SoC and ASIC Prototyping, Traceability, verification
No Comments »
Tuesday, August 25th, 2015
 You have been developing FPGAs for a long time, and you know your designs from top to bottom. You know every interface protocol, configuration and optimization. You can visualize your timing diagram like you can visualize your upcoming vacation in Hawaii. You can manually write down your memory mapping accurately while under oath. You can pinpoint all CDC paths and emulate metastability in your mind. You are confident that your designs are fault-tolerant and will function as intended. You are the master of your domain.
But… can you bet your life on it?
Are you willing to bet your life on your designs? What about the lives of the thousands of passengers sitting on the airplanes where your FPGA design is installed? How certain are you that it won’t fail in the field? If it were to fail, can it resume normal operation safely and timely? Not just MOST of the time, but EVERY time?
(more…)
Tags: Aldec, do-254, DO-254 Compliance, do-254/cts, FPGA Design, FPGAs, Requirements Management, safety-critical, spec-tracer, Traceability
No Comments »
Wednesday, July 16th, 2014
 If they’re being honest, anyone who has verified an FPGA under strict DO-254 guidance will tell you that it is stressful. Show me an engineer on their first DO-254 project – and I’ll show you someone pulling out their hair and downing what is probably their 5th cup of coffee while these important questions weigh heavy on their minds:
Have we reviewed all FPGA requirements and validated derived FPGA requirements? Do we have a good record of the review activities?
Do I have a test for each functional FPGA requirement? What’s the status of the tests? How do I track the progress and document the results?
(more…)
Tags: aviation, coverage, design, do-254, DO-254 Guidance, FPGA, HDL Design, Impact Analysis, Requirements-Based Verification, safety-critical, Testbench, Traceability, Validation, verification
No Comments »
Tuesday, June 24th, 2014
 If you attended the Monday Night Reception at DAC 2014, you were greeted with a blast of 80s pop music. If you then said to yourself, “I’d like to meet the genius behind that idea” – that would be me. A few weeks before DAC, our marketing manager came to me with the task of being the DJ for the Monday night reception. As soon as I heard “DJ” I envisioned turntables, cool headphones, disco lights and all the fame that follows. My dreams were dashed a few moments later when she explained that I would only have a PA and a laptop.
Undaunted, I resolved to be the best DJ in the history of DAC Monday Night Networking Receptions. The first challenge was finding music everyone would enjoy. I naturally settled on 80s pop as my genre. I had the brilliant idea of picking a few songs from each year and playing it as a progressive 80s timeline during the evening. I changed my mind when I realized that bright idea would require some serious manual research and work.
Did I give up? Of course not. I did what any good engineer would do – I found an easy (and smart) solution that did not require substantial extra effort – a bit like re-using verification ip’s instead of making them from scratch. This level of engineering genius is often mistakenly perceived as laziness, but I like to call it being smart. In fact I recently wrote a blog on the topic of working smart not hard.
For the rest of this article, visit the Aldec Design and Verification Blog.
Tags: Aldec, aldec 30th anniverssary, aldec 30th birthday party, dac 2014, dac chat, embedded, gopro hero3+ camera, Hardware Emulation, safety-critical, SoC and ASIC Prototyping, training, uvm, uvm methodologies, verification, vhdl verification using osvvm
No Comments »
Wednesday, November 20th, 2013
 As a DO-254 evangelist, I travel quite a bit attending conferences and meeting customers all over the world. One question I occasionally get from engineers is whether Aldec’s mil/aero verification solution, DO-254/CTS™, supports verification of FPGA designs with high speed interfaces (for example ARINC 818, LVDS, DDR3 or PCIe).
Depending where I’m at I’ll tell them, “Oui!” or “Hai!” or simply “You bet it does”. Occasionally I’ll respond, “화장실이 어디 있어요!” in hopes that someone will kindly direct me to the nearest restroom.
For the rest of this article, visit the Aldec Design and Verification Blog.
Tags: Aldec, arinc 818, arinc protocol for high bandwidth, aviation, avionics systems, c/c++ api, do-254, do-254/cts, FPGA, fpga designs, in-hardware verification results, low latency, mil/aero verification solution, safety-critical, uncompressed digital video transmission, waveform
No Comments »
Monday, September 16th, 2013
 It occurred to me that it has been a few months since we shared an update on HiPer Simulation A/MS. Following DAC 2013 and Daniel Payne’s posts at SemiWiki (post 1, post 2), we at Aldec and Tanner EDA have received many inquiries from the field, conducted a number of evaluations, and deployed our analog/mixed-signal (AMS) design flow with our first mutual customers. In this article, I’ll share more the mixed-signal simulation methodology and highlight some of Verilog-AMS use cases that we have seen in the field.
Digital & Analog HDLs
The Verilog and VHDL languages were designed to handle discrete signals, where the number of possible signal values is limited (e.g. 1, 0, X, Z). Whereas Verilog-A was designed to handle continuous-time (analog) signals, that can take any value from a continuous range at any point.
For the rest of this article, visit the Aldec Design and Verification Blog.
Tags: Aldec, analog, co-simulation, digital, hiper simulation a/ms, mixed-level simulation, mixed-signal, mixed-signal design approach, Riviera-PRO, safety-critical, simulation-based verification, tanner eda, transistor-level implementation, verilog-ams simulators, vhdl languages
7 Comments »
Wednesday, June 26th, 2013
 An Interview with FAA Consultant DER, Randall Fulton
A few weeks ago I had the opportunity to sit down with an avionics industry certification expert, FAA Consultant Designated Engineering Representative (DER), Randall Fulton. We began discussing common mistakes in DO-254 projects, and then branched out to many different areas including future of DO-254, industry engineering best practices, and his advice to organizations new to DO-254.
Louie: In your experience, what are the common mistakes in DO-254 projects?
Randall: Starting certification liaison activities and the SOI-1 planning audit after the design already exists. Many projects also need to read the additional guidance from the FAA in Order 8110.105 to understand the impact and be prepared to show the data to satisfy the Order. Organizations also underestimate the resources required for a project. This includes staffing as well as managing all the data. Another common area is not appreciating the impact of effective requirements writing skills.
(more…)
Tags: Aldec, compliance, do-254, FPGA, fpga interface, pld vendors, safety-critical, SoC, standards, verification
No Comments »
|
