Issue link: https://read.uberflip.com/i/1382624
WHITE PAPER Evaluating Safety-Certifiable Computing For Tomorrow 's Avionics mrcy.com 4 SMART INITIATORS NON-SMART INITIATORS TARGETS NUMBER OF INTERFERENCE PATHS Number of Cores Master I/O Number of DMA Slave I/O Numbers of memories (DDR, flash) 2 0 1 2 PCIe 2DDR 424 2 0 1 2 PCIe + 1 CAN 2DDR 93S 2 1 PCIe 1 2 PCIe + 1 CAN 2DDR 5,6I5 4 0 1 2 PCIe 2DDR 10,624 4 0 1 2 PCIe + 1 CAN 2DDR 33,69S 4 1 PCIe 1 2 PCIe + 1 CAN 2DDR 5,2S6,575 8 0 1 2 PCIe 2DDR 6,640,624 8 0 1 4 PCIe + 1 CAN 2DDR 838,860,799 8 1 PCIe 2 4 PCIe + 1 CAN 2DDR 335,544,3l9,999 12 0 1 2 PCIe 3DDR 56,596,340,73S 12 0 1 4 PCIe + 1 CAN 3DDR l8,3S7,919,87l,264 12 1 PCIe 1 4 PCIe + 1 CAN 3DDR 10,739,383,124,690,000 Chart from FAA Technical Report DOT/FAA /TC-16/51 showing number of inference path increasing with number of cores and interfaces. Certifying CPUs beyond 8 cores doesn't seem practical because of the number of interference paths. Mercur y 's goal was to limit CPU selection to four cores (highlighted in green) to limit certification program risk. CAN = controller area network EVALUATION DECISION FOR HIGH PERFORMANCE Mercur y selected the multi-core Intel processor family for higher per formance application requirements over the high-core-count ARM processors (greater than 4 cores). Using the five criteria listed earlier in this paper, we determined the Intel family has a superior set of advantages. Digital convergence and complex applications are both suppor ted by Intel 's nearly 2× per formance per core advantage over ARM as seen in Figure 2. This reduces the number of cores needed for new programs, with a corresponding reduction in safety-cer tification complexity. In comparison, a 16-core ARM processor delivers nearly the same per formance as a 4-core Intel processor, but would be nearly impossible to cer tify because of the number of inference paths. ARM-based cer tifiable computing is suited for lower power, lower per formance individual applications. Safe and secure processing in avionics also points to Intel. Combining cybersecurity with safety certification is a challenge for any processing architecture, but Intel gets the nod based on the sheer volume of mature security options available. For example, Intel® Boot Guard and TXT verifies booting firmware was not modified ATOM VS. ARM Intel ATOM® is the name for a family of ultra-low voltage microprocessors that use the x86-64 instruction set Atom SoCs (System on a Chip) have the smallest power requirements on the market in the <50K DMIPS per formance range, and are optimal for low-per formance avionics processing. Advanced RISC Machines (ARM) is a family of Reduced Instruction Set Computing (RISC) architectures for computer processors. Arm Holdings, a British Company *, develops the ARM architectures but does not fabricate the processors; the architectures are licensed to a variety of companies around the world who design their own processing chips using the ARM architectures. Companies fabricating ARM chips include AMD, AppliedMicro, Broadcom, Calxeda, HiSilicon, Rockchip, Samsung and STMicroelectronics. ARM Holdings is currently owned by the Japanese holding company Softbank. *In September 2020, NVIDIA announced their plan to acquire ARM Holdings.