Automotive and Industrial

Systematic bug elimination and metrics on proper handling of random errors in the field

There is perhaps no more high-profile application of advanced ICs than autonomous vehicles. The public fascination with self-driving automobiles has led dozens of companies to pursue this field aggressively, and many of their solutions involve highly complex IC designs. Automotive applications also highlight the need for the complete spectrum of IC integrity. The requirement for functional reliability is clear; a missed systematic error (design bug) could easily result in injury or death to occupants of a vehicle or those nearby.

Automobile ICs must be able to handle random errors in actual use without compromising safety, so functional safety requirements are also high. Trust and security are equally important; the prospect of an adversary gaining control of a vehicle through an inserted hardware Trojan or exploitation of a security flaw is deeply frightening. Thus, the full range of IC integrity solutions is needed. Even those in the industry who don’t follow the technical details appreciate the huge liability risks involved.

Industrial applications, most notably nuclear power plants, have many similar characteristics to the automotive domain. There is strong motivation to eliminate systematic errors, survive random errors, and thwart adversary attacks. Another common aspect to industrial and automotive applications is the presence of established standards such as ISO 26262 for automobiles and other road vehicles, EN 50128 for railways, and IEC 61508 for industrial safety systems.

ISO 26262 is a widely cited example of a standard with precise requirements that directly drive robust IC verification flows. It divides errors into systematic errors in the design and random errors in the field. OneSpin’s Functional Reliability Solution leverages innovative formal technologies to span the full range of verification to eliminate systematic errors. The solution includes automatic checks in DV-Inspect™, automated formal analysis provided by multiple apps, and the full assertion-based verification capabilities of DV-Verify™. The exhaustive nature of formal means that it is possible to prove exhaustively that a design meets its specification.

Once the RTL design has been fully verified, OneSpin’s EC-ASIC™ and EC-FPGA™ use formal equivalence checking to ensure that the implementation through synthesis and place-and-route does not alter design functionality.