›› 2015,Vol. 30 ›› Issue (2): 373-390.doi: 10.1007/s11390-015-1530-5

所属专题: 不能删除 Computer Architecture and Systems Computer Graphics and Multimedia

• Special Section on Selected Paper from NPC 2011 • 上一篇    下一篇

针对安全攸关应用的基于SRAM的FPGA系统:关于设计标准和方法的综述

Cinzia Bernardeschi1, Luca Cassano2*, Member, IEEE, Andrea Domenici1   

  1. 1 Department of Information Engineering, University of Pisa, Pisa 56122, Italy;
    2 Dipartimento di Elettronica, Informazione e Bioingegneria, Politecnico di Milano, Milano 20133, Italy
  • 收稿日期:2013-12-21 修回日期:2014-10-10 出版日期:2015-03-05 发布日期:2015-03-05
  • 作者简介:Cinzia Bernardeschi received her Laurea degree and Ph.D. degree in computer science in 1987 and 1996 respectively, both from the University of Pisa. She is an associate professor with the Department of Information Engineering of the University of Pisa. Her research interests are in the area of software engineering, dependable systems and application of formal methods for specification and verification of safety-critical systems. Her most recent work is related to the application of theorem proving and model checking techniques for fault simulation and reliability analysis of electronic circuits and systems.

SRAM-Based FPGA Systems for Safety-Critical Applications: A Survey on Design Standards and Proposed Methodologies

Cinzia Bernardeschi1, Luca Cassano2*, Member, IEEE, Andrea Domenici1   

  1. 1 Department of Information Engineering, University of Pisa, Pisa 56122, Italy;
    2 Dipartimento di Elettronica, Informazione e Bioingegneria, Politecnico di Milano, Milano 20133, Italy
  • Received:2013-12-21 Revised:2014-10-10 Online:2015-03-05 Published:2015-03-05
  • About author:Cinzia Bernardeschi received her Laurea degree and Ph.D. degree in computer science in 1987 and 1996 respectively, both from the University of Pisa. She is an associate professor with the Department of Information Engineering of the University of Pisa. Her research interests are in the area of software engineering, dependable systems and application of formal methods for specification and verification of safety-critical systems. Her most recent work is related to the application of theorem proving and model checking techniques for fault simulation and reliability analysis of electronic circuits and systems.

目前,因为只有大规模生产负担可以承担ASIC的设计成本,对于那些小规模生产的应用而言,FPGA技术正成为其主导技术。FPGA可被视为横跨硬件和软件的一种技术。对安全攸关系统的设计,只有少数标准给出了考虑FPGA技术特性的指导方法和建议。本文的主要贡献是概述了目前存在的设计标准。这些标准规范着安全攸关应用领域基于FPGA系统的设计和验证。此外,本文对关于该主题的重要的已发表研究报告和现有工业指南进行了综述研究,收集并报告了来自涉及FPGA设备使用的工业和研究项目的经验和教训。

Abstract: As the ASIC design cost becomes affordable only for very large-scale productions, the FPGA technology is currently becoming the leading technology for those applications that require a small-scale production. FPGAs can be considered as a technology crossing between hardware and software. Only a small-number of standards for the design of safety-critical systems give guidelines and recommendations that take the peculiarities of the FPGA technology into consideration. The main contribution of this paper is an overview of the existing design standards that regulate the design and verification of FPGA-based systems in safety-critical application fields. Moreover, the paper proposes a survey of significant published research proposals and existing industrial guidelines about the topic, and collects and reports about some lessons learned from industrial and research projects involving the use of FPGA devices.

[1] Cardells-Tormo F, Valls-Coquillat J, Almenar-Terre V, Torres-Carot V. Efficient FPGA-based QPSK demodulation loops: Application to the DVB standard. In Proc. the 12th Int. Conf. Field-Programmable Logic and Applications, Sept. 2002, pp.102-111.

[2] Mazzeo A, Romano L, Saggese G P, Mazzocca N. FPGAbased implementation of a serial RSA processor. In Proc. Conf. Design, Automation and Test in Europe, March 2003, pp.582-587.

[3] Christophersen H B, Pickell W J, Koller A A, Kannan S K, Johnson E N. Small adaptive flight control systems for UAVs using FPGA/DSP technology. In Proc. the 3rd American Institute of Aeronautics and Astronautic (AIAA) Unmanned Unlimited Technical Conf., Workshop, and Exhibit, Sept. 2004, pp.1-8.

[4] Lédeczi Á, Völgyesi P, Maróti M, Simon G, Balogh G, Nádas A, Kusy B, Dóra S, Pap G. Multiple simultaneous acoustic source localization in urban terrain. In Proc. the 4th Int. Symp. Information Processing in Sensor Networks, April 2005, Article No. 69.

[5] Dobias R, Kubatova H. FPGA based design of the railway's interlocking equipments. In Proc. the Digital System Design EUROMICRO Systems, Aug. 31-Sept. 3, 2004, pp.467-473.

[6] She J, Jiang J. Application of FPGA to shutdown system No.1 in Candu. In Proc. the 6th American Nuclear Society Int. Topical Meeting on Nuclear Plant Instrumentation, Control, and Human-Machine Interface Technologies, April 2009, pp.1562-1573.

[7] Sterpone L, Violante M. Analysis of the robustness of the TMR architecture in SRAM-based FPGAs. IEEE Transactions on Nuclear Science, 2005, 52(5): 1545-1549.

[8] Sutton A. No room for error: Creating highly reliable, high-availability FPGA Designs, April 2012. http://www. synopsys.com / Solutions / IndustrySegmentSolutions/-MilAero/Documents/FPGA-high-rel.pdf, Nov. 2014.

[9] Sabena D, Sterpone L, Schölzel M, Koal T, Vierhaus H, Wong S, Glein R, Rittner F, Stender C, Porrmann M, Hagemeyer J. Reconfigurable high performance architectures: How much are they ready for safetycritical applications? In Proc. the 19th IEEE European Test Symp., May 2014.

[10] International Electrotechnical Commission (IEC). 61508-2 ed2.0: Functional safety of electrical/electronic/ programmable electronic safety-related systems — Part 2: Requirements for electrical/electronic/programmable electronic safety-related systems, April 2010. http://webstore. iec.ch/webstore/webstore.nsf/Artnum PK/43983, Nov. 2014.

[11] Bowen J P, Stavridou V. Safety-critical systems, formal methods and standards. Software Engineering Journal, 1993, 8(4): 189-209.

[12] León A F. Field programmable gate arrays in space. IEEE Instrumentation Measurement Magazine, 2003, 6(4): 42-48.

[13] Cercone J A, Beims M A, McGill K G. Verification and validation of programmable logic devices. In Proc. the 7th Military and Aerospace Programmable Logic Devices Int. Conf., September 2004.

[14] Habinc S. Lessons learned from FPGA developments. Technical Report, FPGA-001-01, Gaisler Research, Sept. 2002. http://microelectronics.esa.int/asic/fpga 001 01-0-2.pdf, Nov. 2014.

[15] Gibbons W, Ames H. Use of FPGAs in critical space flight applications — A hard lesson. In Proc. the Military and Aerospace Applications of the Programmable Devices and Technologies Conf., 1999.

[16] Söderberg A, Hérard J, Mortensen L B. Guideline for design and safety validation of safety-critical functions realized with hardware description language. Technical Report 578. http://www.nordtest.info/index.php/technical-reports/item/guideline-fordesign-and-safety-validationof-safetycritical-functions-rea lized-with-hardwaredescription-language-nt-tr-578.html, Nov. 2014.

[17] Kuon I, Tessier R, Rose J. FPGA architecture: Survey and challenges. Foundations and Trends in Electronic Design Automation, 2008, 2(2): 135-253.

[18] Kuon I, Rose J. Measuring the gap between FPGAs and ASICs. IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, 2007, 26(2): 203-215.

[19] International Electrotechnical Commission (IEC). 61508-3 ed2.0: Functional safety of electrical /electronic /programmable electronic safety-related systems — Part 3: Software requirements, April 2010.

[20] European Cooperation for Space Standardization (ECSS). Q-ST-60-02C space product assurance: ASIC and FPGA development, July 2008. http://everyspec.com /ESA/ECSS-Q-ST-60-02C 48182/, Nov. 2014.

[21] Radio Technical Commission for Aeronautics (RTCA). DO-254 design assurance guidance for airborne electronic hardware, April 2000. http://www.faa.gov/regulationspolicies/ advisorycirculars/index.cfm/go/document.information/ documentID/22211, Nov. 2014.

[22] International Organization for Standardization (ISO). 26262-5: Road vehicles — Functional safety — Part 5: Product development at the hardware level, November 2011. https://global.ihs.com/doc detail.cfm?document name=ISO%2026262-5, Nov. 2014.

[23] International Organization for Standardization (ISO). 26262-6: Road vehicles — Functional safety — Part 6: Product development at the software level, November 2011. https://global.ihs.com/doc detail.cfm?document name=ISO%2026262-6, Oct. 2014.

[24] European Committee for Electrotechnical Standardization (CENELEC). EN 50128: Railway applications — Communications, signaling and processing systems — Software for railway control and protection systems, November 2011.

[25] European Committee for Electrotechnical Standardization (CENELEC). EN 50129: Railway applications — Communications, signaling and processing systems — Safety related electronic systems for signaling, February 2003.

[26] Hilton A J, Townson G, Hall J G. FPGAs in critical hardware/ software systems. In Proc. the 11th ACM/SIGDA International Symposium on Field Programmable Gate Arrays, Feb. 2003, p.244

[27] Gomes L, Barros J P, Costa A. Modelling formalisms for embedded system. In Embedded Systems Handbook, Zurawski R (ed.), CRC Press, Boca Raton, FL, 2006, pp.134-168.

[28] Gupta S, Dutt N, Gupta R, Nicolau A. Spark: A highlevel synthesis framework for applying parallelizing compiler transformations. In Proc. the 16th Int. Conf. VLSI Design, Jan. 2003, pp.461-466.

[29] Conmy P, Pygott C, Bate I. A VHDL guidance for safe and certifiable FPGA design. In Proc. the 5th IET Conference on System Safety, October 2010, pp.1-6.

[30] Sterpone L, Reorda M S, Violante M. RoRA: A reliabilityoriented place and route algorithm for SRAM-based FPGAs. In Proc. PhD Research in Microelectronics and Electronics, Vol.1, July 2005, pp.173-176.

[31] Zarandi H R, Miremadi S G, Pradhan D K, Mathew J. SEUmitigation placement and routing algorithms and their impact in SRAM-based FPGAs. In Proc. the 8th Int. Symp. Quality Electronic Design, March 2007, pp.380-385.

[32] Huang W, Meyer F, Park N, Lombardi F. Testing memory modules in SRAM-based configurable FPGAs. In Proc. Int. Workshop on Memory Technology, Design and Testing, Aug. 1997, pp.79-86.

[33] Golshan S, Bozorgzadeh E. Single-event-upset (SEU) awareness in FPGA routing. In Proc. the 44th ACM/IEEE Design Automation Conf., June 2007, pp.330-333.

[34] Sterpone L, Battezzati N. A new placement algorithm for the mitigation of multiple cell upsets in SRAM-based FPGAs. In Proc. Conf. Design, Automation and Test in Europe, March 2010, pp.1231-1236.

[35] Graf J. Change detection platform for FPGA trust. In Proc. Government Microcircuit Applications and Critical Technology Conf., March 2011.

[36] Baumann R. Radiation-induced soft errors in advanced semiconductor technologies. IEEE Transactions on Device and Materials Reliability, 2005, 5(3): 305-316.

[37] Graham P, Caffrey M, Zimmerman J, Sundararajan P, Johnson E, Patterson C. Consequences and categories of SRAM FPGA configuration SEUs. In Proc. the 6th Military and Aerospace Applications of Programmable Logic Devices, September 2003.

[38] Wang J J, Cronquist B, McCollum J, Hawley F, Yu D, Chan R, Katz R, Kleyner I. Total dose and SEE of metalto-metal antifuse FPGA. In Proc. the 2nd Military and Aerospace Applications of Programmable Devices and Technologies Conf., September 1999.

[39] Rezgui S, Wang J J, Sun Y, Cronquist B, McCollum J. Configuration and routing effects on the SET propagation in flash-based FPGAs. IEEE Transactions on Nuclear Science, 2008, 55(6): 3328-3335.

[40] Normand E. Single event effects in avionics and on the ground. Int. Journ. High Speed Electronics and Systems, 2004, 14(2): 285-298.

[41] Carmichael C, Fuller E, Fabula J, Lima F D. Proton testing of SEU mitigation methods for the Virtex FPGA. In Proc. Military and Aerospace Applications of Programmable Logic Devices, September 2001.

[42] Alderighi M, Casini F, D'Angelo S, Pastore S, Sechi G, Weigand R. Evaluation of single event upset mitigation schemes for SRAM based FPGAs using the FLIPPER fault injection platform. In Proc. the 22nd IEEE Int. Symp. Defect and Fault-Tolerance in VLSI Systems, September 2007, pp.105-113.

[43] Aguirre M, Tombs J N, Muñoz F, Baena V, Torralba A J, Fernández-León A, Tortosa-López F. FT-UNSHADES: A new system for SEU injection, analysis and diagnostics over post synthesis netlist. In Proc. the 8th Military and Aerospace Programmable Logic Devices Int. Conf., September 2005.

[44] Sterpone L, Violante M. A new analytical approach to estimate the effects of SEUs in TMR architectures implemented through SRAM-based FPGAs. IEEE Transactions on Nuclear Science, 2005, 52(6): 2217-2223.

[45] Asadi G, Tahoori M B. An analytical approach for soft error rate estimation of SRAM-based FPGAs. In Proc. the 7th Military and Aerospace Programmable Logic Devices Int. Conf., Sept. 2004.

[46] Heron O, Arnaout T, Wunderlich H J. On the reliability evaluation of SRAM-based FPGA designs. In Proc. Int. Conf. Field Programmable Logic and Applications, August 2005, pp.403-408.

[47] Schulz S, Beltrame G, Merodio-Codinachs D. Smart behavioral netlist simulation for SEU protection verification. In Proc. the 9th European Conf. Radiation and Its Effects on Components and Systems, September 2008, pp.406-411.

[48] Calienes Bartra W, Reis R. SET and SEU simulation toolkit for LabVIEW. In Proc. the 12th European Conf. Radiation and Its Effects on Components and Systems, Sept. 2011, pp.829-836.

[49] Gutiérrez D G. Single event upsets simulation tool functional description. Technical Report, TEC-EDM/ DGG-SST2, European Space Agency, 2004. http://microelectronics. esa.int/asic/SSTFunctionalDescription1-3.pdf, Nov. 2014.

[50] Bernardeschi C, Cassano L, Domenici A, Sterpone L. Accurate simulation of SEUs in the configuration memory of SRAM-based FPGAs. In Proc. IEEE Int. Symp. Defect and Fault Tolerance in VLSI and Nanotechnology Systems, October 2012, pp.115-120.

[51] Bernardeschi C, Cassano L, Domenici A, Sterpone L. ASSESS: A simulator of soft errors in the configuration memory of SRAM-based FPGAs. IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, 2014, 33(9): 1342-1355.

[52] Kastensmidt F L, Carro L, Reis R. Fault-Tolerance Techniques for SRAM-Based FPGAs. Secaucus, USA: Springer-Verlag New York, Inc., 2006.

[53] IBM. SOI technology: IBM's next advance in chip design, January 2000. http://wwwibm.com/chips/bluelogic-/showcase/soi/soipaper.pdf, Oct. 2014.

[54] Calin T, Nicolaidis M, Velazco R. Upset hardened memory design for submicron CMOS technology. IEEE Transactions on Nuclear Science, 1996, 43(6): 2874-2878.

[55] Carmichael C, Fuller E, Blain P, Caffrey M. SEU mitigation techniques for Virtex FPGAs in space applications. In Proc. Military and Aerospace Programmable Logic Devices Int. Conf., September 1999.

[56] Gokhale M, Graham P, Johnson E, Rollins N, Wirthlin M. Dynamic reconfiguration for management of radiationinduced faults in FPGAs. In Proc. the 18th Int. Parallel and Distributed Processing Symp., April 2004, pp.28-38.

[57] Heiner J, Collins N, Wirthlin M. Fault tolerant ICAP controller for high-reliable internal scrubbing. In Proc. IEEE Aerospace Conf., March 2008.

[58] Hammarberg J, Nadjm-Tehrani S. Formal verification of fault tolerance in safetycritical reconfigurable modules. Int. J. Softw. Tools Technol. Transf., 2005, 7(3): 268-279.

[59] Andrashov A, Kharchenko V, Sklyar V, Siora A, Reva L. Verification of FPGA-based NPP I&C systems: General approach and techniques. In Proc. the 19th Int. Conf. Nuclear Engineering in Osaka, October 2011.

[60] Traub M, Sander O, Rathner A, Becker J. Generating hardware descriptions from automotive function models for an FPGA-based body controller: A case study. In Proc. MathWorks Automotive Conf., April 2008. http://www.mathworks.it/automotive/macde2008/proceedings/ day2/ 04daimlergenertinghwdescriptionswithhdlcoderpaper. pdf, Oct. 2014.

[61] Osterloh B, Michalik H, Habinc S, Fiethe B. Dynamic partial reconfiguration in space applications. In Proc. NASA/ESA Conf. Adaptive Hardware and Systems, July 29-August 1, 2009, pp.336-343.

[62] Bernardeschi C, Cassano L, Domenici A. SEU-X: A SEU un-eXcitability prover for SRAM-FPGAs. In Proc. the 18th IEEE Int. On-Line Testing Symp., June 2012, pp.25-30.

[63] Bernardeschi C, Cassano L, Domenici A, Sterpone L. Unexcitability analysis of SEUs affecting the routing structure of SRAM-based FPGAs. In Proc. the 23rd ACM Int. Conf. Great Lakes Symp. VLSI, May 2013, pp.7-12.
No related articles found!
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
[1] 卢学妙;. On the Complexity of Induction of Structural Descriptions[J]. , 1987, 2(1): 12 -21 .
[2] 张钹; 张铃;. Statistical Heuristic Search[J]. , 1987, 2(1): 1 -11 .
[3] 孟力明; 徐晓飞; 常会友; 陈光熙; 胡铭曾; 李生;. A Tree-Structured Database Machine for Large Relational Database Systems[J]. , 1987, 2(4): 265 -275 .
[4] 林琦; 夏培肃;. The Design and Implementation of a Very Fast Experimental Pipelining Computer[J]. , 1988, 3(1): 1 -6 .
[5] 孙成政; 慈云桂;. A New Method for Describing the AND-OR-Parallel Execution of Logic Programs[J]. , 1988, 3(2): 102 -112 .
[6] 张钹; 张恬; 张建伟; 张铃;. Motion Planning for Robots with Topological Dimension Reduction Method[J]. , 1990, 5(1): 1 -16 .
[7] 姚荣; 康泰; 陈廷槐;. Algorithms for the Determination of Cutsets in a Hypergraph[J]. , 1990, 5(1): 41 -46 .
[8] 孙昱东; 谢志良;. Macro-Dataflow Computational Model and Its Simulation[J]. , 1990, 5(3): 289 -295 .
[9] 王鼎兴; 郑纬民; 杜晓黎; 郭毅可;. On the Execution Mechanisms of Parallel Graph Reduction[J]. , 1990, 5(4): 333 -346 .
[10] 周权; 魏道政;. A Complete Critical Path Algorithm for Test Generation of Combinational Circuits[J]. , 1991, 6(1): 74 -82 .
版权所有 © 《计算机科学技术学报》编辑部
本系统由北京玛格泰克科技发展有限公司设计开发 技术支持:support@magtech.com.cn
总访问量: