The Rise and Fall of Synthesis Bugs in Safety-Critical FPGAs
IEC 61508 / ISO 26262 / EN 50128 / DO-254
FPGAs are the dominant hardware platform in low-volume, safety-critical applications, including aerospace and nuclear power plants. Modern FPGAs allow for the implementation of high performance designs with integrated safety mechanisms. This is driving adoption in additional industries, including automotive.
Functional safety standards require a rigorous development process to minimize the risk of introducing systematic faults. Some RTL issues may only reveal themselves as bugs in the synthesis netlist. Additionally, synthesis tools manipulate the design to map it into the fixed FPGA structure. These complex transformations present a high risk of introducing bugs.
Gate-level simulation and lab testing can only cover a tiny portion of the FPGA functionality and are likely to miss implementation bugs. Moreover, they are slow to run and challenging to debug.
This white paper presents an implementation signoff flow proving that the final FPGA netlist is functionally equivalent to the RTL model. Based on FPGA-specific, mature formal verification technology, the solution is exhaustive and efficient, catching many issues before synthesis starts.