FPGA-based Fault Emulation for Safety-Critical ICs
More Info
expand_more
Abstract
In 2022, there were over 26 million electric automobiles on the road, a 60% increase with regard to 2021 and more than 5 times the stock in 2018. As automobiles become more electric and systems get increasingly complex, the safety requirements get more stringent. In 2011, the International Organization for Standardization (ISO) established ISO26262 to provide guidance to the semiconductor industry on the development process of safety essential ICs for automotive applications.
When evaluating the safety of a system parallel to the normal functional operation, traditional Design-for-Test (DFT) techniques such as scan chain, Built-In Self-Test (BIST), Joint Test Action Group (JTAG), and boundary scan are no longer viable options for two fundamental reasons. Firstly, safety assessment in the context of automotive applications necessitates evaluation at an application level, going beyond the capabilities of these techniques, which are primarily designed for structural and functional testing. Secondly, during safety checks, it is imperative that the normal operation of the integrated circuit (IC) remains uninterrupted, as the chip is often deployed in critical, real-time systems. These traditional DFT methods, while effective during the IC manufacture and production before they are released in the market, fall short of addressing the dynamic and application-specific safety concerns that arise during the operational lifecycle of safety-critical systems in sectors like automotive engineering.
To address these challenges, fault injection has emerged as the necessary step for safety assessment. ISO26262 explicitly recognizes fault injection as one of the most popular techniques for evaluating a system's safety and determining its Automotive Safety Integrity Level (ASIL). The safety metrics are required for certification of a product with ASIL. Fault injection allows for the creation of realistic fault scenarios and the assessment of how the system responds to these faults during normal operation, aligning more closely with the dynamic and application-specific nature of safety-critical systems in fields of automotive engineering.
Currently, many EDA companies provide Failure Mode Effects and Diagnostic Analysis (FMEDA) platforms for IC safety evaluations. However, these tools are time-consuming and resource-intensive. Additionally, as IC designs become more intricate, there is a reliance on fault reduction techniques such as statistical sampling, which entails simulating only a mere 5% of the overall fault space. Thus, an FPGA-based fault emulation system emerges as a promising approach to expedite this process.
The novelty of this work was in designing a dedicated platform tailored for the evaluation of safety-critical systems for automotive applications such as Battery Management Systems (BMS). This platform can execute the safety sequences on the system to evaluate the safety mechanisms implemented in the design in the presence of random faults assuming the chip is in use in the car. Moreover, the fault emulation activity provides the evidence necessary for the certification of products with ASIL level. Furthermore, performing this activity during the development stage helps in designing the ICs with the highest level of safety. The proposed FPGA-based fault emulation system efficiently overcomes three key challenges: it decreases execution time dramatically provides a speed-up of 296x compared to the simulation method, optimizes resource utilization, eliminates the tool license cost, and removes the requirement for considerable fault space reduction. This platform can emulate a large fault population of up to one million faults in less than three hours.
Files
File under embargo until 22-09-2025