Functional safety rule checking for DO-254

Functional safety rule checking for DO-254

Technology News |
By Nick Flaherty

DO-254 is the state-of-the-art standard guiding the development of airborne hardware. The document defines a hardware design lifecycle with guidance on the activities and work products expected within each phase of the lifecycle.

One such activity is the definition of hardware design standards and DO-254 lists out types of designs standards but stops short of specifying specific rules. Siemens worked with the DO-254 user group to include suitable rules in its Quest Link hardware description language (HDL) code-checking and verification tool.

Section 10.2.2 introduces the concept of hardware design standards and defines it as the “rules, procedures, methods, guidance, and criteria” in the development of a hardware design. The FAA in the US recognized this and released Order 8110.105A which indicates the requirement for HDL coding standards. The order calls this out as a requirement for DAL A/B, and it is considered best practice for all designs.

Related articles 

“To prevent potentially unsafe attributes of HDLs from leading to unsafe features of the components, we must expect that, if they use an HDL, applicants define the coding standards for this language consistent with the system safety objectives, and establish conformance to those standards by HDL code reviews,” says section 6-2a of the standard.

HDL coding standards must be documented and code reviewed to ensure the standards are followed. The plan of record regarding the establishment and adherence to hardware design standards should be discussed and approved by the appropriate certification authority. This has been integrated into the Quest Lint tool.

While the order provides clarity around the need for HDL coding standards, it does leave a lot of room for interpretation. The languages themselves offer a lot of flexibility resulting in multiple coding styles that can result in the same HW circuit.

“As Mentor Graphics, Siemens was the first to implement these standards into an earlier linting tool, and Siemens has recently implemented the DO-254 ruleset into our next generation Questa Lint solution,” said Jake Wiltgen Functional Safety and Autonomous Solutions Manager at Siemens Digital Industries Software. “This built-in ruleset provides customers a launch point in the assessment of HDL design quality, leveraging the experience of industry practitioners.”

The checks within the ruleset serve several essential purposes, from catching design problems in HDL code that may not surface later in the lifecycle and which may not be detected using other verification activities to supporting error detection, containment, and recovery mechanisms.

The rules also enforce style and readability to improve code comprehension, portability, and reviews and are categorized into three types: Coding Practices (CP); Safe Synthesis (SS) and Design Review (DR).

“Questa Lint provides a fast check of your RTL, without waiting for a testbench, looking for completeness and consistency issues. Using syntactic, semantic, stylistic, and structural analyses, Questa Lint identifies issues when introduced, preventing issues from becoming more expensive to fix later,” said Wiltgen.

Other articles on eeNews Europe


If you enjoyed this article, you will like the following ones: don't miss them by subscribing to :    eeNews on Google News


Linked Articles