Empirical analysis of coherence for MPSoCs in avionics embedded critical systems

L'adopció de MPSoC complexos en sistemes crítics integrats en aviònica obliga a una anàlisi detallada de la seva arquitectura i comportament per facilitar la certificació. Aquesta anàlisi es veu obstaculitzada per la documentació insuficient i el comportament poc evident d'algunes característiques clau del maquinari. Concretament, l'objectiu d'aquest treball és el protocol de coherència de la memòria cau de MPSoC T2080 NXP perquè aquesta és una de les millors maneres d'accelerar l'intercanvi de dades. L'anàlisi del protocol de coherència de la memòria cau consisteix a fer hipòtesis amb el comportament esperat. Aleshores, amb els resultats dels experiments empírics, podem acceptar, negar o modificar la hipòtesi inicial.The adoption of complex MPSoCs in avionics embedded critical systems mandates a detailed analysis of their architecture and behavior to facilitate certification. This analysis is hindered by insufficient documentation and the unobvious behavior of some key hardware features. Specifically, the target of this work is the cache coherence protocol of MPSoC T2080 NXP because this is one of the best ways to accelerate the data exchanges. The analysis of the cache coherence protocol consists in making hypotheses with expected behavior. Then with the results of the empirical experiments, we can accept, deny, or modify the initial hypothesis.La adopción de MPSoC complejos en sistemas críticos integrados de aviónica exige un análisis detallado de su arquitectura y comportamiento para facilitar la certificación. Este análisis se ve obstaculizado por la documentación insuficiente y el comportamiento poco obvio de algunas características clave del hardware. Específicamente, el objeto de estudio de este trabajo es el protocolo de coherencia de caché del MPSoC T2080 NXP porque esta es una de las mejores formas de acelerar el intercambio de datos. El análisis del protocolo de coherencia de caché consiste en realizar hipótesis con el comportamiento esperado. Luego, con los resultados de los experimentos empíricos, podemos aceptar, negar o modificar la hipótesis inicial

SafeLS: Toward Building a Lockstep NOEL-V Core

Safety-critical systems such as those in automotive, avionics and space, require appropriate safety measures to avoid silent data corruption upon random hardware errors such as those caused by radiation and other types of electromagnetic interference. Those safety measures must be able to prevent faults from causing the so-called common cause failures (CCFs), which occur when a fault produces identical errors in redundant elements so that comparison fails to detect the errors and a failure arises. The usual solution to avoid CCFs in CPU cores is using lockstep cores, so that two cores execute the same flow of instructions, but with some time staggering so that their state is never identical and faults can only lead to different errors, which are then detectable by means of comparison. This paper extends Gaisler's RISC-V NOEL-V core with lockstep; and presents future prospects for its use and distribution.Comment: Abstract presented at the RISC-V Summit, June 2023, Barcelona (Spain

SafeLS: An open source implementation of a lockstep NOEL-V RISC-V core

Microcontrollers running safety-critical applications with high integrity requirements must provide appropriate safety measures to manage random hardware faults. For instance, automotive safety regulations (e.g., ISO26262) impose the use of diverse redundancy for items at the highest automotive safety integrity level (ASIL), ASIL-D. In the case of computing cores, this is realized with dual core lockstep (DCLS). The advent of the RISC-VISA has made open source hardware gain popularity. However, there are few industrial open source SoCs meeting the requirements of safety-critical systems, and, to our knowledge, none of them provides lockstep cores. This paper presents the realization of a RISC-V open source lockstep core based on Gaisler's NOEL-V core for the space domain, as well as its integration in the SELENE SoC that provides a complete microcontroller synthesizable on FPGA successfully assessed against space, automotive and railway safety-critical applications in the past.This work is part of the European Union’s Horizon 2020 Programme under project KDT Joint Undertaking (JU) under grant agreement No 101112274 (ISOLDE). This work has also been partially supported by the Spanish Ministry of Science and Innovation under grant PID2019-107255GB-C21 funded by MCIN/AEI/10.13039/501100011033.Peer ReviewedPostprint (author's final draft