Safety Critical Verification

Functional safety analysis and higher diagnostic coverage to meet certification requirements

The use of “fail-safe” electronic components in safety critical systems is now commonplace throughout many electronics industry sectors, including Automotive, Aerospace, Power Generation, Defense, and Medical devices. Governed by a range of regulatory standards, the verification of these systems, in general, must be proven to be as rigorous as possible. In addition, to guarantee the safe operation of these systems, safety mechanisms are integrated that ensure a reliable, deterministic reaction to random hardware failures when the device is operating in the field. These too must be verified to operate correctly and trap operational hardware faults.

The automotive market, governed by the ISO 26262 standard, demands a particularly rigorous development methodology. This requires the use of specific verification techniques, as well as a well-defined, thorough verification process. 

OneSpin’s Safety Critical Verification solution provides automated functional safety analysis and allows for higher diagnostic coverage to meet certification requirement more efficiently and accurately.

The need for Formal Safety Verification

It is hard to demonstrate that simulation-only verification solutions can provide the required degree of coverage necessary to guarantee safety. The exhaustive nature of formal verification solutions makes it a natural fit for these designs. However, additional capability must be included to prove design reliability and failsafe operation. Design reliability can be shown by utilizing advanced coverage techniques to demonstrate that any “systematic” bug in the design would indeed be detected by a series of assertions, executed on a formal platform.

OneSpin provides a complete formal verification solution ranging from rigorous verification, and qualification of the verification environment, all the way to the verification of safety mechanisms and diagnostic coverage.

Systematic and Random Errors

The OneSpin Safety Critical Verification Solution encompasses a range of formal tools and techniques that provide a complete verification flow to test for the presence of any systematic faults and that a high proportion of random faults will be detected and handled by the device. The solution includes advanced coverage techniques, fault injection and qualification, as well as a broad formal verification solution.

To validate safety mechanisms that trap and resolve “random” field problems, the ISO 26262 and other standards demand a quantitative analysis of random hardware failures and their outcomes. Part of this analysis comprises the injection of faults into the gate level models of integrated circuits to determine the single point and latent fault metrics (SPFM/LFM), which are eventually used to calculate the failure rate of a component. These gate level models can be complex and contain numerous possible fault scenarios.

OneSpin provides a formal solution to target these problems in the form of three Apps. The Fault Propagation App (FPA™) operates in the fault simulation flow to reduce the amount of tests required while increasing the quality of, and accelerating, the overall process. The Fault Injection App (FIA™) allows the injection of faults without change to the design code for then purpose of testing the fault handling components in the design. The Fault Detection App (FDA™) provides a fully automated fault metric, diagnostic coverage calculation and allows the detection of dangerous random faults or faults not detected by the safety mechanism. 

More Information:

OneSpin 360 Fault Propagation Analysis App

OneSpin 360 Fault Injection App

Video: DAC'16 Pavilion Panel - Steering Safety Innovation In Autonomous Car Electronics

Presentation: DO-254 – Formal Verification Solutions for AEH

White Paper: Using Formal to Verify Safety-Critical Hardware for ISO 26262

Safety Critical Hardware News

  • We check the web for relevant safety-critical news content and link directly to the source from here. Want to get your monthly recap of relevant news? - Just sign-up to our newsletter.

DVCon Europe 2016: Complete Formal Verification of a Family of Automotive DSPs

  • "Our verification approach is based on the verification methodology of [1,2], which is marketed under the name GapFreeVerification™ by OneSpin Solutions1 . This approach uses so called operational properties to construct complete formal specifications and includes methods to verify specification completeness."
  • "For portability and accessibility, we store tabular specifications in a standard spreadsheet format. The automatic translators of the tabular representation are implemented using Java Emitter Templates (JET) [5]. The operational properties 7 of core functionality are expressed in SystemVerilog assertions using Timing Diagram Assertion Library (TIDAL™) [13]. The properties of auxiliary clusters are written in plain SystemVerilog assertions. Design verification and completeness checks are performed with OneSpin 360 Design Verifier."

Understanding the Impact of Silicon Errors on Functional Safety Standards Compliance

  • "Recent years have seen increasing application of functional safety standards to semiconductor components. Unfortunately, semiconductor developers and functional safety engineers are rarely aligned in terminology or direction. This discussion will attempt to bridge the gap between the two domains by helping semiconductor developers understand how silicon errors are considered in current functional safety state-of-the-art." Karl Greb, Chief Safety Architect for the SafeTI Initiative at Texas Instruments.
  • "Electronic systems for use in in space applications must be 100% reliable. We apply formal verification to ensure the elimination of functional problems. OneSpin's leading formal technology is a corner stone giving us the confidence necessary to launch our IP cores into space and know they will always operate correctly.” Prof. Görschwin Fey, Department of Avionics Systems, Institute of Space Systems, German Aerospace Center
  • Full Presentation of KeyNote Speech at Silicon Errors in Logic - System Effects 2014

MicroSemi and OneSpin Solutions Target High-reliability Design Verification with Formal-based FPGA Equivalency Checking Solution

  • “The MicroSemi ProASIC3 FPGA is a core component of the Advanced Logic System (ALS), and use of the OneSpin 360 Equivalence Checker is an integral part of our FPGA development process for nuclear safety systems.” says Erik Matusek, Safety System Platform Manager at Westinghouse Electric Company, LLC

Get in touch!

Learn more about safety critical design verification with OneSpin

portrait of Jörg Grosse

Jörg Grosse, Product Manager Functional Safety

» Contact