dmap ip do254 white paper en
DESCRIPTION
Reverse engineering process for IP DO254 complianceTRANSCRIPT
Ref. WP_DMAP_01
Issue: A-2
Design Methods & Assurance Process Page 1/6
Technical publication www.dmap.fr
This document is the property of DMAP. Its content cannot be reproduced, disclosed or utilized without the company's written approval.
The contribution of reverse engineering in the Aerospace and Defense : The IP case’s.
James Bezamat, CEO DMAP
July 2010
Ref. WP_DMAP_01
Issue: A-2
Design Methods & Assurance Process Page 2/6
Technical publication www.dmap.fr
This document is the property of DMAP. Its content cannot be reproduced, disclosed or utilized without the company's written approval.
THE CONTRIBUTION OF « REVERSE ENGINEERING » IN THE
AEROSPACE AND DEFENSE : THE IP CASE’S
Context
The picture is clear: aerospace industry is becoming more and more depending of complex
embedded systems. In particular, the needs expressed in the segment of the electronics are
growing and require finding new means in the choice of implementation.
The needs of sustainable solutions to long-term (>25 years) - a specificity of aeronautic
market - leads naturally to the desire to control the content of each system, particularly
strategic components that are processor and their peripherals, but also associated functions
such as communications interfaces (AFDX, Ethernet and PCI bus).
Recent developments around FPGA devices can consider them as an industrial solution
compliant with the requirements of the aviation industry while giving access to complex
objects.
The cost, time and skills needed to develop systems more and more complex require new
solutions based on the integration of IP blocks, it's the only way to optimize and rationalize
this type of project.
In this favorable context, the SoC development and use of IP are now essential in the field of
complex systems for aerospace, as they are in most areas of electronics.
However, this economic reality cannot ignore the quality requirements of this industry and the
compliance with quality assurance standards that govern this type of development
(particularly the DO-254 for electronic objects including IP and SoC).
The current situation is disappointing: few IP "DO-254 certifiable" are actually available on
the market and the ability to integrate these objects quickly and reproducibly in a system, SoC
or SoPC is yet to be demonstrated.
Ref. WP_DMAP_01
Issue: A-2
Design Methods & Assurance Process Page 3/6
Technical publication www.dmap.fr
This document is the property of DMAP. Its content cannot be reproduced, disclosed or utilized without the company's written approval.
The reverse engineering approach
The solution closest to the expectations of certification authorities - expressed for example by
the DO-254 European User Group - go through an upgrading of existing IPs, this compliance
based mainly on reverse engineering type processes, perfectly controlled and recognized for
demonstrating the safety level of an IP.
But it is not enough to re-create documentation from a given code, or to complete a poorly
covering test-suite.
The expectations in terms of process assurance are well beyond the purely documentaries
aspect and should cover basic activities required in the case of a normal development (i.e.
configuration management, problem reports, documentary management, peer reviews,
progress reviews, independence, traceability ...).
.The recommendations of the DO-254 User Group, which advocates a flow adapted to the
approach reverse engineering, are perfectly clear: the flow must be very close to the life cycle
structure required by DO-254.
The flow of an IP development is realized by a certification package, demonstration and proof
of the capacity that the IP addresses all the criteria of DO-254. This package is the central
element of the integration of an IP in the user's flow.
This method makes sense only if it meets a number of criteria, pledges of its complete
success:
- Ability to demonstrate the reality of a design flow with expectations of the DO-254,
like other parts of the PLD or ASIC.
Ref. WP_DMAP_01
Issue: A-2
Design Methods & Assurance Process Page 4/6
Technical publication www.dmap.fr
This document is the property of DMAP. Its content cannot be reproduced, disclosed or utilized without the company's written approval.
- Available data after inventory and analysis will be used to fill gap by keeping them
(especially code) to preserve the service experience of the IP which is an additional
source of confidence that must be mobilized.
- The flow must be reproducible, independent of the IP and approved by the
certification authorities.
- The certification package must be consistent and based on design and support tools
with a demonstrated performance within the meaning of DO-254.
- The certification package must be designed to be easily integrated into an external
flow, the client's one, like IPs together make a SoC.
- The certification package must guarantee the highest level of design assurance (DAL
A) to avoid the proliferation of sub-packages.
- The certification package must be implemented quickly with a maximum level of
quality and a limited additional cost.
- The certification package shall include a support for the integration and certification
audits.
Implementation and Outlook
We conducted an experiment around a single IP (an ARINC429_APB from ACTEL) and
we did the full exercise of the reverse engineering without concession or compromise.
The result is a complete package which includes the original source code which provides
significant added value. These results were obtained using well known tools, but also
open source tools, while avoiding a customization of flow, which remained fully
independent of the IP treatment.
Procedures, plans, checklists, standards have yielded a complete result in a limited time
with a high level of assurance process.
Beyond demonstrating the effectiveness of the method, this experience has allowed us
highlight the important deposits of productivity that remain to be explored to make it even
more attractive solution.
Moreover, the SoC approach would seem to make setting up a Complete IP library around
a standardized bus protocol (type AMBA), which creates gains of scale particularly
interesting on the verification aspect.
The current approach of DMAP is therefore to develop axes to reduce costs and delays
while maintaining-or improving-the quality of the product.
Ref. WP_DMAP_01
Issue: A-2
Design Methods & Assurance Process Page 5/6
Technical publication www.dmap.fr
This document is the property of DMAP. Its content cannot be reproduced, disclosed or utilized without the company's written approval.
This necessarily requires an increased use of powerful tools, including management tools
and process control and documentation generation tools.
The contribution of advanced methods of verification is considered essential in our
reflection and is part of the development priorities of the company. Despite the need to
move towards this type of tools for SoC design, DO-254 objectives (especially Annex B)
must be preserved and authorities’ approval must be sought before going deeper on this
way.
Agreements have been concluded between DMAP and CAD tool vendors and
management tools to facilitate their adaptation to the specific needs of this market. The
coherence and complementarity of these tools is an important component that we take in
the near future to propose a solution to global process management implemented in
structured electronic design projects.
Conclusion
It is now possible to propose the use of IP blocks in electronic hardware development
constrained by the DO-254, without compromising the requirements of standard and with
the support of certification authorities.
This introduction - required and desired - will be technically and economically possible
by relying on the tremendous catalog of existing blocks and on systematic approaches
like reverse engineering.
The approach that we are driving demonstrates the need for an approach fully developed
and controlled through a dedicated repository and by adding tasks automation more and
more efficient.
Of course, the development of new customized IP for the avionics field can also benefit
from this favorable environment, to minimize the overhead inherent in this adjustment.
Under these conditions, the development of SoPC and SoC will be done with all the
expected benefits in terms of time, of implementation and of independence which can be
legitimately expected by all the players.
Ref. WP_DMAP_01
Issue: A-2
Design Methods & Assurance Process Page 6/6
Technical publication www.dmap.fr
This document is the property of DMAP. Its content cannot be reproduced, disclosed or utilized without the company's written approval.
Who
Founder, Chief Executive Officer
James Bezamat co-founded DMAP in 2009, is a senior microelectronic expert with about 25
years in digital design targeting both ASIC and FPGA and team management, especially in
aerospace and defense domains. James is an expert in DO-254 related methods with 8 years’
experience in aerospace projects and familiar with the different approaches commonly used
in the major aircraft companies. he was involved in the definition of most of these strategies
with immediate practical application as a responsible assurance process manager and auditor.
James is also a recognized trainer in microelectronics design and DO-254 approach within a
lot of major companies. James spent 8 years as professor for a famous french institute. He
has a degree in Engineering at Centrale Lille (1983) and a PhD in microwave at Lille
University (1985).
Company Overview
DMAP is a startup company focused on high reliability semiconductor application domains.
DMAP has been founded in 2009 by two highly skilled engineers in the semiconductor area.
With more than 40 years of experience we are able to combine IP and SoC development for
ASIC and FPGA target with high reliability methods provided by the DO-254 guidance. High
reliable domains as aeronautic, medical, defense and space like others mass markets are
sensible to time-to-market constraints and a growing system complexity, that's why we offer
to IP vendors the opportunity to address new markets and to high reliable sub-contractor
community to buy DO-254 ready IP to speed up their development.