Professional Documents
Culture Documents
Minimize! Safeguard!
ARP-4754/ED-79
Software Development
Process Hardware Development
Process
B:
Description of Software Architecture
Evidence of any system Verification
Activities Performed
Any Limitation to use
Configuration Identification Data
Data to Facilitate Integration
Software Verification Activities to be
performed by System Processes
C:
HW/SW Integration Requirements
Coordination and Feedback
Identified HW/SW Incompatibilities
D:
Information Flow Between System
and Hardware Life Cycle Processes
Hardware/Software
Integration Verification
Hardware/Software
Integration Verification
Hardware/Software
Integration Verification
Hardware/Software
Integration Verification
Integration of Pre-tested
Components
Must
• Get from A to B
• With minimal time and fuel
• SAFELY!
Copyright T&VS Limited | Private & Confidential | Page 17
The V&V Challenge
Active Monitor
Passive
Constrained Software
Formal Under
Random
Model Test
Input
List Software
Lists
Generator Under Test
Constrain towards
• Empty lists Coverage
• Equal values
• Reverse ordering
Metrics
• Empty List
• Reverse ordered
• Error cases (mix integers, floats, ascii
• etc
Copyright T&VS Limited | Private & Confidential | Page 20
Example Constrained Random Inputs
Requirements coverage
“Cross-product” coverage
[O Lachish, E Marcus, S Ur and A Ziv. Hole Analysis for Functional Coverage Data. Design Automation
Conference (DAC), June 10-14, 2002, New Orleans, Louisiana, USA.]
Situation coverage
[R Alexander et al. Situation
coverage – a coverage criterion
for testing autonomous robots.
University of York, 2015]
22
Copyright T&VS Limited | Private & Confidential | Page 22
Example Checkers
Always safe
• Do not get too close to other objects
• Requires some level of modelling
Minimise resources
Hardware/Software
Integration Verification
P1 P2 10 01
01
20 11
02
02
e11 e2 1
30 21 12 03
03
64
55
55
65
65
Shared Memory
Lock(M) Lock(N)
Lock(N) Lock(M)
Unlock(N) Unlock(M)
Unlock(M) Unlock(N)
Philosophy
Modify the program so it is more likely to exhibit bugs (without
introducing new bugs – no false alarms)
Minimize impact on the testing process (under-the-hood technology)
Reuse existing tests
Criterion 7
IOB SYN-sequence
Criterion 5 Criterion 6
IO SYN-event SYN-sequence
Criterion 4
SYN-event
Criterion 2 Criterion 3
rcv-statement snd-sequence
Criterion 1
Channel
Hardware/Software
Integration Verification
Model Checking
• Requirements of a design are expressed in a formal
mathematical language
• Tools are used to analyze whether there is a way that a model
of the design fails to satisfy the requirements
Hardware/Software
Integration Verification
Hardware Block
Untrusted
(Wireless
Radio)
Critical
(Insulin pump)
Input Output
Hardware Block
Untrusted
(Unknown IP)
Secret
(HW Key)
Input Output
Data FIFO
Channels Key’
PID3
Crypt
PID2
Key
Cached Match
Next Packet PID0
Key
Encoder Packet Match
Candidate Comp-
PID1
Router arator
PID1
Cand-
PID0
idate
PID2
PID3
Key Data
Memory Channels
• Identify secure signals [sources] we are concerned about (typically not many)
• [Auto] identify all the places it might be able to reach (typically hundreds or
thousands – ALL the outputs, or top level signals of the block)
• Confirm that signal can ONLY reach the places it’s supposed to, and not anyplace
where the bad guys could steal it.
• No way to directly specify this in SVA! Copyright TVS Limited | Private & Confidential | Page 48
System Development Process
• Hardware/Software co-
simulation
Hardware/Software
Integration Verification
Driver Driver
DPI
90% of
code to
Test DPI Driver Driver cover error
conditions
DPI DPI
Test RTL
bench Simulation
Inject
error RTL
conditions
Copyright TVS Limited | Private & Confidential | Page 51