Design Methods and Assurance Process IP upgrade for DO-254 compliance
DO-254 context RTCA/DO‐254 “Design Assurance Guidance for Airborne Electronic Hardware” is a standard that is currently being enforced by the Federal Aviation Administration (FAA) and by the European Aviation Safe Agency (EASA ) Now DO-254 is a worldwide standard for Civil Aviation industry, that is spreading into adjacent fields (defense, transportation, medical …) The purpose of DO‐254 is to ensure the appropriate level of safety of hardware parts of airborne embedded systems. DO-254 is based on design assurance, a specific design process involving planned and systematic actions used to substantiate that design errors have been identified and corrected such that the hardware satisfies the application certification basis. Focused on requirements and identified processes, DO-254 approaches must ensure a repeatable, structured, controlled, and well documented process, holding numerous internal reviews and external audits, and having thorough verification and validation throughout the process.
Aerospace and IP : challenges Using semiconductor IP blocks in a core-based design strategy is the most suitable response to the economical constraints involved in SoPC and complex hardware design. Given the increasing pressure from reduced time-to-market, high complexity, difficulty in carrying out exhaustive controls of non-functioning cases, final cost reduction, so, it is hardly surprising that design-for-reuse has become a source of revenue for hundreds of IP vendors worldwide, and one of the key productivity boosters in the semiconductor industry. For the aerospace market emerging technologies such as SoPC and IP becomes the easiest way to meet the technical and economic expectations of more and more complex electronic system. Despite the fact that IP is clearly inside DO-254 scope, major issues are hampering the introduction of these technologies in the aerospace business and that's why IP needs special attention before addressing this market.
DO-254 and IP : obstacles What are the main identified obstacles to IP and SoPC introduction to the aerospace market ? DO-254 certification objectives need the applicant to produce additional data regarding its IP. It requests to perform dedicated activities for the final integration into the top level design. The majority of these activities (requirements centric) are outside IP “standard” deliverable. The relative niche aerospace market along with the notoriety of a time consuming and heavy weight of documentation flow of the DO-254 creates a real barrier for standard IP providers. The impossibility to define a unique and stable DO-254 flow does not help outside stakeholder to enter this market. It's mainly due to the intrinsic nature of DO-254 as a guidance and not a norm ! Moreover, building an DO-254 compliant IP, requests a deep understanding of DO254-ED80 and other aviation software guidance, and a relevant background. The internal availability of a complete and robust DO-254 repository (templates, checklists, procedures, best practices, standards, tool guides,...) is a mandatory request.
DMAP solution : providing DO254-ready IP We offer a unique service to IP and SoC companies to address aerospace market and much more market where DO-254 is applicable. DO-254 guidance for IP shows that only 3 different approaches can be proposed to meet certification compliance for IP in a critical airborne electronic hardware: <ul><li>IP design life cycle : a classical DO-254 hardware design flow. We help companies to put in place new methods and design flows to start an IP development dedicated to aerospace market. Integration activities in customer flow must be carefully addressed.
IP service experience . This solution corresponds to a widely used IP, with a well-known deployment in aerospace applications. Access to confidential experience data from IP users is an unavoidable issue for such way of compliance. However, this approach can be used in complement with others methods to gain confidence credits during certification.
IP reverse engineering . This approach should be intensively used to upgrade existing IP that are of major interest for aerospace and defense companies. This is the safest and the easiest way to get a reliable level of design assurance for a such high reliable IP market. </li></ul>
Reverse engineering : DMAP approach Reverse engineering requires more than just producing the hardware life cycle data and may be focused with “building the quality into” the hardware item. That is, any reverse engineering approach proposed to certification authorities must demonstrate that it's addressing design assurance and not just creating hardware life cycle data. Above all, a clear reverse design planning activity must be produced and submitted to authorities. A such complex activity can’t be conducted to success without an extended team, based on close collaboration and a fluent “communication avenue” with all stakeholders: <ul><li>SoPC and IP sources (the IP/PLD provider initial design team)
The applicant to correctly evaluate the system safety requirements and application.
The certification authorities to continuously assess the compliance of the used method.
Tools solution providers to facilitate and increase the design assurance. </li></ul>