Like the automotive domain with its OEMs and Tier 1 and Tier 2 suppliers, the aerospace and defense domain also consists of many players, including prime contractors, subcontractors, and the broader defense industrial base ecosystem. Automotive design risk mitigation techniques, flows, and tools can enhance data exchange across the aerospace and government supply chain, while also improving development cycle efficiencies. One of the principal techniques involves functional safety analysis to identify the potential for random hardware faults.
The ISO 26262 standard for automotive functional safety defines the term “functional safety” as “the absence of unreasonable risk due to hazards caused by malfunctioning behavior of E/E (electrical/electronic) systems.” In the automotive world, the level of risk and its corresponding mitigation is denoted by an automotive safety integrity level (ASIL), with ASIL D being the most stringent. A design approach guided by functional safety standards presumes that faults will occur and proposes ways to react to these potential failures to ensure safe operation.
The aerospace and defense industry is no stranger to standards. For example, it has its own design assurance for airborne electronic hardware and software, DO-254 and DO-178. The space industry has standards like MIL-PRF-38535 for silicon devices to operate in space environments. The challenge lies in the breadth of systems that extend across aerospace and defense—satellites have different requirements than tanks, which have different requirements than radar systems, and so on. However, the industry is recognizing that the functional safety guidelines established for the automotive industry can be leveraged for development of fault-tolerant systems.
Aerospace and defense designers have long used safety and reliability mechanisms, including error correction code to identify and fix faults, parity and triple modular redundancy to mitigate faults, logic and memory built-in self-test (BIST) to monitor for faults. Now, they are starting to use ASIL B- and ASIL D-compliant automotive-grade IP to enable SoCs with greater levels of safety, security, quality, and reliability. ASIL strategies, while intended for ISO 26262 compliance, are relevant for aircraft safety as well as addressing radiation effects.
Synopsys has an automotive IP portfolio that is ASIL B- and ASIL D-compliant to protect against systematic and random hardware faults and is available for advanced process technologies. Additionally, Synopsys has a portfolio of IP cores for security, including TRNG, cryptography, trusted processing, and secure interfaces.