The document discusses a webinar on functional safety failure analysis, particularly for electronics and software systems, presented by Mohini Yadav from Mirabilis Design Inc. Key topics include failure identification and resolution in systems like brake models, showcasing the use of VisualSim for architecture exploration and performance analysis. The meeting also covers various types of failures including hardware, software, and network issues, along with the importance of ensuring functional safety and compliance with standards like SOTIF.

1. MEETING FUNCTIONAL SAFETY
FAILURE ANALYSIS, IDENTIFICATION AND RESOLUTION
OF ELECTRONICS AND SOFTWARE.
Presenter:
Mohini Yadav
Application Engineer
Mirabilis Design Inc.
Email: myadav@mirabilisdesign.com
Organizer:
Deepak Shankar
Founder
Mirabilis Design Inc.
Email: dshankar@mirabilisdesign.com

2. Logistics
2
All attendees are set on mute.
To ask a question, click on Arrow to the left of Chat and
type the question. Folks are standing by to answer your
questions. There will also be a time at the end for Q&A

3. MEETING FUNCTIONAL SAFETY
FAILURE ANALYSIS, IDENTIFICATION AND RESOLUTION
OF ELECTRONICS AND SOFTWARE.
Presenter:
Mohini Yadav
Application Engineer
Mirabilis Design Inc.
Email: myadav@mirabilisdesign.com
Organizer:
Deepak Shankar
Founder
Mirabilis Design Inc.
Email: dshankar@mirabilisdesign.com

4. Goal of the Meeting /Overview
Demo Model for Brake System.
 Functional Safety
Introduction to VisualSim
VisualSim Applications
Libraries in VisualSim
Failure Generation, Analysis and Solution
Types of Failures
What is SOTIF ?
Failure at System, Hardware and Software level

5. Basic Definitions
Architecture Exploration
◦ Optimize system specification to match requirements and
meet all the function requirements
◦ Specification: Processor speed, topology and arbitration
◦ Requirements: Timing, energy, cost, weight and efficiency
Performance Analysis
◦ Buffer size, utilization, throughput and response time
Power Measurement
◦ Peak and average power, energy and power/task
Functional Correctness
◦ Arbitration, software task scheduling and task graph
Failure Analysis
◦ Corruption of memory content, deadlocks, Processing units,
Incomplete execution due to unexpected termination.
Making Better Quality Products

6. Architecture Exploration of the Braking
System Latencies and
text display

7. VisualSim support for Functional Safety
Functional Safety is part of the overall safety that depends on
software, system and semiconductor components
operating correctly in response to its inputs.
• VisualSim provides
• Architecture exploration platform
• Simulation, analysis and reporting.
• FIR
• SOTIF
• The models are tested for different requirements, induced faults,
detections and resolution mechanisms.

8. Failure Analysis of Braking System
Latencies and
text display

9. About Mirabilis Design
Founded in 2003 and based in Sunnyvale, CA, USA
Development and support centers in US, India, China, Korea and Czech Republic
Focused on full system evaluation of electronics, semiconductors and software
40+ customers worldwide in Semiconductors, Aerospace, Computing and Automotive
VisualSim- Modeling and simulation software
Largest source of system modeling IP with embedded timing and power
100’s of man years experience in system design and exploration of digital electronics
Select the “Right” configuration to match customer request

10. Applications of VisualSim
Monte-Carlo simulation with random samples,
parameters, connectivity, traffic and use-cases
Models constructed with library of pre-defined
parameterized components
◦ Resource, custom development and HW/SW/NW
Graphical and hierarchical construction,
debugging and analysis of model
Batch-mode simulation for large-scale analysis
and experimentation
Interfaces to languages, simulators and
spreadsheets
10
Performance
Analysis
Power
Exploration
HW-SW
Partitioning
Failure
Analysis
Software
Network
Hardware
Validate and optimize your design quickly and accurately

11. Largest Systems-Level IP
Comprehensive implementation-accurate Library
Traffic
• Distribution
• Sequence
• Trace file
• Instruction profile
Reports
• Timing deadline
• Throughput
• Utilization
• Ave/peak power
• Statistics
Support
• Listeners
• Debuggers
• Tracers
• Assertions
Power
• State power table
• Power management
• Energy harvesters
• Battery
• RegEx operators
ARM SoC
• AHB/ APB/ AXI
• Corelink
• CoreConnect
ARM SoC
• Network-on-Chip
• Virtual Channel
• DMA
• Crossbar
• Serial Switch
• Bridge
Board-Level
• PCI/PCI-X/PCIe
• Rapid IO
• CAN-FD
• AFDX
• TTEthernet
• OpenVPX
• VME
• SPI 3.0
• 1553B
• FlexRay
Processors
• GPU, DSP, mP and mC
• RISC-V
• Nvidia- Drive-PX
• PowerPC
• X86- Intel and AMD
• DSP- TI and ADI
• MIPS, Tensilica, SH
ARM
• M-, R-, 7TDMI
• A8, A53, A72, A76
RTL-like
• Clock, Wire-Delay
• Registers, Latches
• Flip-flop
• ALU and FSM
• Mux, DeMux
• Lookup table
RTOS
• Template
• ARINC 653
• AUTOSAR
Stochastic
• FIFO/LIFO Queue
• Time Queue
• Quantity Queue
• System Resource
• Schedulers
• Cyber Security
Custom Creator
• Script language
• 600 RegEx methods
• Task graph creator
• Tracer
• C/C++/Java/Python
Storage
• Flash & NVMe
• Storage Array
• Disk and SATA
• Fibre Channel
• FireWire
Networking
• Ethernet & GiE
• Audio-Video Bridging
• TSN & IEEE802.1Q
• 802.11 and Bluetooth
• 5G
• Spacewire
FPGA
• Xilinx- Zynq, Virtex, Kintex
• Intel-Stratix, Arria
• Microsemi- Smartfusion
• Programmable logic template
• Interface traffic generator
Memory
• Memory Controller
• DDR DRAM 2,3,4
• LPDDR 2, 3, 4
• HBM, HMC
• SDR, QDR, RDRAM

12. Failure Generation, Analysis and Solution
Failure analysis is the process of collecting and analyzing data to determine
the cause of a failure, often with the goal of determining corrective
actions or liability.
F.I.R concept
Failure: The loss of a function under stated conditions.
Identify :The means or method by which a failure is detected,
isolated and the time it may take.
Resolve: Respond to the failure and return to normal operation.

13. Types of failure
Hardware Failure: Loss of processing cores, limited storage,
reduced or loss memory device or bus overload/incorrect signals.
Software failure: Resource starvation, deadlocks, data overwrite.
Network failure: Network Congestion, misconfiguration, link loss
and network errors.
RTOS failure :Unable to achieve real-time deadlines, malicious
change in schedule table, and executes beyond time slots.
Power Failure: Both reduced and full power failure. Slower
processing speed, limited number of resources can be executing
concurrently.

14. F.I.R table For Brake Model
Failure Identify Resolve
Inconsistent Data Read_Data != Write_Data request will be sent to fetch
updated value
Core_1 fails Increase in load on available core Fair sharing of request between
available cores
Network Congestion Latency across the network
increases
Scheduling the arrival of packet as
per the network status
Power Failure Battery lifecycle drops by 20% Reduce lifecycle rate by
eliminating power request spikes
Unable to achieve Timing
Deadline
slot miss due to greater execution
time
Shut the slot and restart after
some time .

15. What is SOTIF?
• ISO/PAS standard: Safety of the intended functionality (SOTIF).
•Autonomy: Huge increase in functionalities relying on
advanced sensing, algorithms (ML), and actuation.
• SOTIF accounts for limitations and risks related to nominal
performance of sensors and software :
 inability of the function to correctly comprehend the situation and
operate safely.
Insufficient robustness of the function w.r.t sensor input variations
or diverse environmental conditions.

16. Brake Model with SOTIF Impact
Latencies and
text display

17. F.I.R table for Hardware Failure
Failure Identify Resolve
Core_5 unavailable Error message ,no response from
the corresponding core
Allocating the process to available
core
Core_1 fail Sudden increase in load on
available cores
Fair sharing of request between
available cores

18. Hardware FailureDynamicMapper1.xml
Two failure scenarios integrated with this model are :
1) Resource Unavailable-> Error generated, if the process is allocated to
the resource not used in the system.
for e.g.: The error will be generated if process1 is allocated to resource1
which is not present in the system.
2) Resource fail-> if one of the resource fails, the load must be balanced
among remaining resources, increasing timing deadlines and buffer usage
CPU
Cores
Task latency
while executing
on three
resources
When one
core fails
Graph 1
Graph 2

19. F.I.R table for Software Failure
Failure Identify Resolve
Inconsistent Data Read_Data != Write_Data request will be sent to fetch
updated value
Wrong Diagnostic Value Incorrect data fetch from memory request will be sent to fetch
updated value
Process Starvation Lower Priority packet will wait for
resource
Increase the priority of the lower
priority .

20. Software Failure
The model represents the read and write problem and how to resolve it.
Initially, data is read, then data is updated
the result will be analyzed by identifying the read data = write data
and if it is not, another request will be sent to fetch updated value.
So this model represents the failure, when the algorithm result change
due to the changes in memory value.
Incorrect Data
packets
Correct Data
packets
Read & Write
Problem

21. F.I.R table for Network Failure
Failure Identify Resolve
Network Congestion Latency across the network
increases
Scheduling the arrival of packet as
per the network status
Incorrect Routing Wrong destination address Providing correct destination in
the routing table
no path to final destination Wrong destination address Providing correct destination in
the routing table
Loss of network connection Disabled link Adding the link again

22. Failure without
resolution
Failure with
resolution
Network Failure ,
depicts
Congestion on
the Network
Congestion
at Node2
Network Failure
Flow 1
Flow 2
Red – Flow 1
Blue - Flow2

23. F.I.R table for Power Failure
Failure Identify Resolve
Power Failure Battery lifecycle drops by 20% Reduce lifecycle rate by
eliminating power request spikes
Spikes to high Threshold value is set to notify Optimize the application

24. Power Failure
This model represents the power consumed by the
Processor
Power captured using the PowerTable
Failures generated can be reduced amount of available
power, lowering battery lifecycle, additional power for
peak-loading and slower charging
Battery life
remaining after
some % of
reduction
Latency of task
with priority

25. F.I.R table for RTOS Failure
Failure Identify Resolve
Unable to achieve Timing
Deadline
slot miss due to greater execution
time
Shut the slot and restart after
some time .
Schedule Table changes Buffer allocation Reallocate the task equally so
that buffer overflow can be
prevented

26. RTOS Failure
Disabled slot
due to greater
execution
time of the
task
This model represents multiple tasks running at different slots in a processor
core.
If the timing deadlines of a particular slot exceeds the threshold, then that
slot will be disabled and restarted after the restart time.
The latency for all the tasks that are running for each of the slot is calculated.
Disabled slot information will be printed on the console window.

27. Functional Safety using VisualSim
Mirabilis Design provides model-based system analysis solution for architecture
exploration to meet
 requirements,
 optimize the specification,
 and test for functional safety and SOTIF.
This Webinar focuses on the functional safety analysis of a new or existing system
that is made up of
 software,
 semiconductors,
 sensors,
 networks ,
 and power systems..

28. Q&A