29.d2s4-6-Nuclei Automotive RV Summit 20230821.pdf

《29.d2s4-6-Nuclei Automotive RV Summit 20230821.pdf》由会员分享，可在线阅读，更多相关《29.d2s4-6-Nuclei Automotive RV Summit 20230821.pdf（14页珍藏版）》请在三个皮匠报告上搜索。

1、Confidential 2023 Nuclei.All Rights Reserved.Confidential 2023 Nuclei.All Rights Reserved.2023-8-212Functional Safety-ISO 26262ASIL comes from Functional Safety,ISO 26262Absence of unacceptable risk due to hazards casue by malfunctioning behaviour of E/E(electrical/electronic)systems.Root causes for

2、 malfunctioning behaviour:Systematic errors(during specification,development,manufacturing,)Random hardware faults(during operation in the field)Foreseeable operational errors and misuse(during operation)Original from Mentor&NXPConfidential 2023 Nuclei.All Rights Reserved.2023-8-213ASIL DASIL CASIL

3、B(ASIL A)SPFM 99%97%90%60%not normativeLFM 90%80%60%n/aASIL LevelRandom hardware failure target values*)D 10-8 h-1 (10 FIT)C 10-7 h-1 (100 FIT)(B)10-7 h-1 (100 FIT)(A)10-6 h-1 (1000 FIT)not normative*Target values from ISO 26262-5Quantitative ASIL effect on IP designDetect/Control failureEffective s

4、afety mechanism to handle transient&permanent faultsVerification of safety mechansim to achieve target values from ISO 26262-5Confidential 2023 Nuclei.All Rights Reserved.2023-8-214Safety Mechanisms on CPU IP designMasterCoreShadowCoreCMPThe Dual-core lockstep cores executing the same code,then thei

5、r outputs and key internal states are compared every cycle;Any mismatch will generate a fault by the comparison unitDual-Core LockstepImplementing error correction code(ECC)on ILM,DLM,I/D-Cache with enhanced address and multi-bit error coverageSTLProviding STL(software test library)SRAM ECCRead/Writ

6、e CtrlECC GeneratorSRAMECC Check CorrectImplementing error detection code(EDC)on critical DFF.Selective coverage of architectural,pipeline or all DFF.DFF Parity/EDCComb logicParity/EDC GeneratorDFFs Parity/EDC CheckImplementing error detection code(EDC)on core boundary IOIO Parity/EDCOutput logicPar