White Paper

Whitepaper: Building Safe and Secure Systems for Autonomous Platforms

Issue link: https://read.uberflip.com/i/1427516

Contents of this Issue

Navigation

Page 2 of 7

WHITE PAPER Building Safe and Secure Processing Systems for Future Autonomous Platforms mrcy.com 3 mrcy.com 3 Building artifacts for DO-254 and DO-178C The processes required to demonstrate the necessary likelihood of system design error are defined by standards DO-178C for software and DO-254 for hardware, both controlled by the Radio Technical Commission for Aeronautics (RTCA). For both standards, the strategy for design assurance is one of structure and scrutiny. Standards compliance requires accumulating evidence or "artifacts" to demonstrate each system component has been sufficiently assured against design errors. This evidence propagates through the design chain until achieving an aircraft/platform-level hazard protection assessment and impact analysis. To compress schedules and reduce certification complexity and program risk, modern safety-critical systems are built using certifiable components. These certifiable components and their safety-critical design artifact packages greatly simplify the task of achieving platform certification. Modern sensors and AI require powerful flight-ready computing. Mercur y 's 3U OpenVPX boards and mission computers with BuiltSAFEā„¢ bring the latest Intel processing capabilities to enable these high-performance airborne applications. Each DAL corresponds to the likelihood of error in a system. For DAL-A, the likelihood is one in a billion that any system design errors remain. Successive letter levels reduce design stringency by a factor of 100, until reaching DAL-E (no safety effect if a failure occurs). Shared Resource Mechanism System Bus Contention by multiple cores Contention by other devices: I/O, DMA, etc. Contention by coherency mechanism traffic Shared Cache Cache line eviction Contention due to concurrent access Coherency: Read delay due to invalidated entr y Coherency: Contention by coherency mechanism Local Cache Coherency: Read delay due to invalidated entr y Coherency: Contention by coherency mechanism read Translation Lookaside Buffers (TLBs) Coherency overhead Pipeline Stages Contention by parallel threads Undesired processor mechanisms that affect temporal determinism Design engineers and system developers must work together with commercial off the shelf (COTS) silicon manufacturers like Intel to understand processor behaviors to induce and guarantee mitigation of all potential failure conditions, thereby ensuring functional safety.

Articles in this issue

Links on this page

view archives of White Paper - Whitepaper: Building Safe and Secure Systems for Autonomous Platforms