Model based design to improve the design efficiency of Functional safety of car specification level chips
Time:2023-07-29
Views:794
Author: Dr. Chen Xiaoting, MathWorks China
Today, with the rapid development of electrification, intelligence, and networking in automobiles, the number and types of chips used in automobiles are also increasing. Electrification has led the innovation of automotive electronic and electrical architecture, giving rise to centralized high computing power chips such as domain controllers and power chips such as IGBTs. Intelligentization introduces a variety of sensors and AI applications, driving the development of radar, laser radar, camera, intelligent cockpit, 5G Vehicle-to-everything and other modules, processors, memory chips, and AI computing chips.
Compared with consumer electronics chips, car specification chips need to meet more stringent working environment, more long-term quality assurance, and more stringent Functional safety requirements.
The Functional safety of the car specification level chip is designed
Functional safety requires that a safety system will not lead to safety system failure, personal injury or death, environmental pollution, equipment or production loss in case of random, systematic and common failures.
ISO 26262 is a widely accepted electronic Functional safety standard in the automotive industry, which provides specifications and design guidelines and runs through the entire development process of products from concept development, system, hardware and software development, production to scrap. As chips play an increasingly important role in automotive systems, ISO 26262 2018 adds 11 chapters of semiconductor guidelines, which regulate General-purpose technology covering fault modes, DFA for correlation failure analysis, fault injection, and specific requirements for semiconductor components such as digital, analog, storage, and programmable devices.
Complete simulation, sufficient verification, automated process reproduction, etc. are the general principles of Functional safety chip design methods recommended by ISO 26262 standard. MATLAB based on model design methodology can help engineers quickly and automatically practice ISO 26262 standard.
Establish an application level functional model of chip end customers‘ concern
Correct function is the basis of Functional safety. The functions of intelligent electric vehicle chips are professional, novel and complex, such as laser radar signal processing, ADAS video image processing, battery monitoring sensor measurement and control, high-voltage motor driver, etc., which requires a lot of functional modeling, simulation and analysis at the stage of chip design and development. One of the core values of model-based design methodology is modeling. Modeling work includes not only the internal function algorithm model of the chip, but also the construction of external components and environments required for testing these functions, such as ADAS NCAP test scenarios, controlled motor models, lithium battery pack models, and also the architecture analysis model of SoC chips, such as hardware/software partitioning, memory access, Bus contention, and so on.
MATLAB&Simulink and various toolkits provide modeling, simulation, and testing support for the development of various intelligent electric vehicle chips to meet the requirements of ISO 26262 for pre silicon functional testing.
MATLAB&Simulink and various toolkits provide modeling, simulation, and testing support for the development of various intelligent electric vehicle chips to meet the requirements of ISO 26262 for pre silicon functional testing.
The application level system model can help chip engineers ensure that the verification and signoff standards used to evaluate designs are consistent with the standards that the chip end customer is most concerned about.
"Quite a few of our customers are Tier 1 auto suppliers, and they are most concerned about the performance indicators in the specifications, such as signal to noise ratio (SNR) and Total harmonic distortion (THD) . Instead, they don‘t care much about some of the main indicators that most IC verification teams will care about, such as the test results of a single component, Code coverage results, and other hardware implementation level indicators. In addition, our clients use on-site testing and real driving scenarios to evaluate the complete radar system, while the IC validation team uses test graphics that differ significantly from real signals to evaluate individual RF, analog, and digital components. My team and I have defined and implemented a pre process methodology, which aligns our verification of IC design processes with the standards used by customers to evaluate IC design. We have developed a road test driving scenario for virtual on-site testing based on the Euro NCAP standards followed by many customers. The functional and performance indicators we generate (such as SNR) are the same as those used by customers to evaluate the IC components in their products—— NXP radar chip engineer. [1]
Simulatible models not only help improve the design, development, and validation of internal chips within the company, as well as the iterative optimization efficiency of next-generation products, but also serve early customers through virtual processors (vCPUs) to seize market opportunities.
Automated Functional safety verification
This is an era when robotics and AI technology began to prevail, and model based research and development processes and various automation tools embedded in the processes are increasingly being adopted by automotive and chip engineers.
The ISO 26262 Functional safety standard requires verification of the chip‘s functional and structural coverage drive. According to industry research results, verification during chip development takes up 50% of the time. Using automated tools to improve validation efficiency has become very meaningful.
Chip verification work is usually completed by chip verification engineers, who struggle with the communication flood between algorithm experts and RTL implementation engineers on a daily basis. Model based design can significantly improve the efficiency of chip verification. By moving the verification forward, the quality of chip algorithms can be improved, thereby reducing the number of iterations for algorithm, implementation, and verification; At the same time, transmitting simulated models through algorithms, implementations, and validations can also reduce many communication errors compared to transmitting documents.
On the chip model, engineers can use Simulink CoverageTM to measure the test coverage in the chip model and generated code, identify missing tests or unexpected features, and view the coverage results on charts; Or use Simulink Design VerifierTM to identify chip design errors using Formal methods, find hard to find dead logic and design defects, automatically generate test vectors to analyze missing coverage, and formally prove that the design meets the requirements.
To accelerate the design and implementation of the IP core for image processing in automotive display chips, Reza engineers have adopted MATLAB
Rapid prototyping and RTL automation generation
In order to cope with increasing competitive pressure, chip manufacturers are shortening their delivery schedules; On the other hand, even as designs become increasingly complex, customers‘ expectations for quality and performance are also increasing. Many companies have found that traditional design methods, where teams perform document based validation of specifications and produce multiple prototypes before the final production version, are no longer able to keep up with the current pace of the industry.
After the model is fully validated, HDL Coder can automatically generate comprehensive VHDL or Verilog code that meets industry coding standards from the model, automatically achieving FPGA in the loop prototype verification. It can also reuse the testing motivation and framework in the model by automatically generating SystemVerilog or UVM testing environments, greatly improving the efficiency of chip RTL development. MathWorks ASIC/FPGA workflow supports the ISO 26262 Functional safety standard. HDL Coder is an ISO 26262 certified development tool.
We have been researching the use of Simulink MBD for ASIC development since 2014. Silicon validation has proven zero bugs in automatically generated code. "Experience sharing from Allegro Microsystems. [3] Allegro has adopted a model based mixed signal IC design process for developing high integrity automotive sensor chips.
Confirm the Functional safety of chip bottom software
The chip operation also needs software support, and the car specification level chip manufacturer needs to provide customers with hardware and underlying software that meet Functional safety requirements. The underlying software is even an essential part of Functional safety to help avoid system hardware failures and detect and control random hardware failures, such as FMEDA, clock monitoring, power monitoring, ECC protection of RAM/ROM. In more cases, low-level software helps automotive OEMs and developers build safety certified applications, such as AUTOSAR MCAL, firmware, sensor drivers, safety monitoring, and safety certified library.
PolyspaceTM can verify that the chip bottom software conforms to ISO 26262 Functional safety. Polyspace is a code level static analysis and validation tool based on the principle of abstract interpretation. It uses formal analysis methods and can perform exhaustive analysis of code without the need for test cases. Completely distinguish problematic and non problematic calculation operations in the code through color, making it easier for underlying software engineers to focus on the problem.
Elektrobit develops AUTOSAR basic software to help bridge chip manufacturers and automotive manufacturers. Ensuring compliance with the ISO 26262 Functional safety standard for road vehicles involves proving that the design meets safety requirements, that the architecture accurately reflects the design, and that the architecture is correctly implemented. Elektrobit engineers used Polyspace Code ProverTM to complete the time-consuming third phase [4]. Polyspace‘s Formal methods kernel also helps Elektrobit verify highly configurable software, freeing it from the time-consuming method of thousands of times of Bounds checking. They also use parallel problems to prove that unnecessary Mutual exclusion can be reduced to improve the performance of software.
Serving customers in the automotive industry with half the effort and twice the result
The automotive industry widely adopts the Model Based Design development process, and automotive chip manufacturers provide efficient, high-performance, and safety certified hardware support packages based on Simulink for their own chips, which can better serve customers. Typical examples include Infineon Aurix high-performance MCU support package, NXP model-based design toolbox, etc. These support packages can deploy Simulink algorithm generation code optimized for chip optimization onto the chip, effectively cutting the algorithm into heterogeneous hardware architectures, configuring and generating all necessary underlying software, using processors for testing in the loop PIL, generating startup points for testing code on Synopsys Virtualization and hardware, etc., thereby helping automotive industry engineers shorten project development cycles.
Summary
Vehicle specification level chips need to meet the requirements of the automotive Functional safety standard ISO 26262. MATLAB based on the model design method helps the chip development process meet the general criteria of the Functional safety standard, including complete simulation, full verification, automated process reproduction, and provides a series of tools to improve the quality and efficiency of the chip system and functional modeling, verification automation, prototype and RTL implementation, underlying software verification and other processes. At the same time, future customers of automotive grade chips - automotive industry engineers - are widely using model based design methods to develop intelligent electric vehicle applications.
|
Disclaimer: This article is transferred from other platforms and does not represent the views and positions of this site. If there is any infringement or objection, please contact us to delete it. thank you! |
Business consulting
13823761625
Mail me