Developing critical systems with PLD components

Understanding the roles that rigour and formality can have in the design of critical systems is critical to anyone wishing to contribute to their development. Whereas knowledge of these issues is good in software development, in the use of hardware -- specifically programmable logic devices (PLDs) and the combination of PLDs and software -- the issues are less well known. Indeed, even in industry there are many differences between current and recommended practice and engineering opinion differs on how to apply existing standards. This situation has led to gaps in the formal and rigorous treatment of PLDs in critical systems.In this paper we examine the range of and potential for formal specification and analysis techniques that address the requirements for verifiable PLD programs. We identify existing formalisms that may be used, and lay out the areas of contributions that academia and industry in collaboration can make that would allow high-integrity PLD programming to be as practicable as high-integrity software development.This paper also touches briefly on some important practical, technical, organisational, social, and psychological aspects of the introduction of formal methods into industrial practice for hardware and system design. It also provides an update and summary of the recent UK Defence Standard 00-56, as it relates to hardware.

[1]  Reiner W. Hartenstein,et al.  Field-Programmable Logic and Applications From FPGAs to Computing Paradigm , 1998, Lecture Notes in Computer Science.

[2]  Hoyt Lougee,et al.  SOFTWARE CONSIDERATIONS IN AIRBORNE SYSTEMS AND EQUIPMENT CERTIFICATION , 2001 .

[3]  Robin Milner,et al.  Calculi for Synchrony and Asynchrony , 1983, Theor. Comput. Sci..

[4]  C. A. R. Hoare,et al.  Communicating sequential processes , 1978, CACM.

[5]  Matti Tommiska,et al.  A fully pipelined memoryless 17.8 Gbps AES-128 encryptor , 2003, FPGA '03.

[6]  Mary Sheeran,et al.  A Tutorial on Lava: A Hardware Description and Verification System , 2000 .

[7]  Adrian J. Hilton,et al.  High integrity hardware-software codesign , 2004 .

[8]  Gérard Berry,et al.  The foundations of Esterel , 2000, Proof, Language, and Interaction.

[9]  Thomas Schubert,et al.  High-level formal verification of next-generation microprocessors , 2003, Proceedings 2003. Design Automation Conference (IEEE Cat. No.03CH37451).

[10]  Carlos Delgado Kloos,et al.  A refinement calculus for the synthesis of verified hardware descriptions in VHDL , 1997, TOPL.

[11]  Inmos Corp,et al.  Occam Programming Manual , 1984 .

[12]  Wayne Luk,et al.  Compiling Ruby into FPGAs , 1995, FPL.

[13]  Simin Nadjm-Tehrani,et al.  Development of Safety-Critical Reconfigurable Hardware with Esterel , 2003, FMICS.

[14]  Bev Littlewood,et al.  Validation of ultrahigh dependability for software-based systems , 1993, CACM.

[15]  M. F. Bowen Handel-c language reference manual , 1998 .

[16]  Adrian J. Hilton,et al.  Refining specifications to programmable logic , 2002, Electron. Notes Theor. Comput. Sci..

[17]  J. E. Barnes,et al.  Mathematical theory of synchronous communication , 1993 .

[18]  Sophie Tison,et al.  BHDL: circuit design in B , 2003, Third International Conference on Application of Concurrency to System Design, 2003. Proceedings..

[19]  Susan Stepney Incremental development of a high integrity compiler: experience from an industrial development , 1998, Proceedings Third IEEE International High-Assurance Systems Engineering Symposium (Cat. No.98EX231).

[20]  Nikil D. Dutt,et al.  SPARK: a high-level synthesis framework for applying parallelizing compiler transformations , 2003, 16th International Conference on VLSI Design, 2003. Proceedings..

[21]  Steve McKeever,et al.  Pebble: A Language for Parametrised and Reconfigurable Hardware Design , 1998, FPL.

[22]  J. D. Morison,et al.  Ella 2000: A Language for Electronic System Design , 1993 .

[23]  Luigi Carro,et al.  Reducing pin and area overhead in fault-tolerant FPGA-based designs , 2003, FPGA '03.

[24]  Susan Stepney CSP / FDR2 to Handel-C translation , 2003 .

[25]  Inmos Limited,et al.  Occam Programming Manual , 1984 .

[26]  Iso. Lotos,et al.  A Formal Description Technique Based on the Temporal Ordering of Observational Behaviour , 1985 .

[27]  H. S. Osborne,et al.  The international electrotechnical commission , 1953, Electrical Engineering.

[28]  Ieee Standards Board IEEE Standard hardware Description language : based on the Verilog hardware description language , 1996 .

[29]  James Inge Defence Standard 00-56 Issue 4: Safety Management Requirements for Defence Systems , 2007 .

[30]  Neil C. Audsley,et al.  Hardware implementation of programming languages for real-time , 2002, Proceedings. Eighth IEEE Real-Time and Embedded Technology and Applications Symposium.

[31]  John G. P. Barnes,et al.  High Integrity Software - The SPARK Approach to Safety and Security , 2003 .

[32]  Neil C. Audsley,et al.  Hardware implementation of the Ravenscar Ada tasking profile , 2002, CASES '02.

[33]  Adrian J. Hilton,et al.  High-Integrity Interfacing to Programmable Logic with Ada , 2004, Ada-Europe.

[34]  Jon G. Hall,et al.  Mandated Requirements for Hardware / Software Combination in Safety-Critical Systems , 2002 .

[35]  V.A. Carreno,et al.  A case-study application of RTCA DO-254: design assurance guidance for airborne electronic hardware , 2000, 19th DASC. 19th Digital Avionics Systems Conference. Proceedings (Cat. No.00CH37126).

[36]  John A. McDermid Defence Standard 00-56 Issue 3 , 2005 .

[37]  Uma Ferrell,et al.  RTCA DO-178B/EUROCAE ED-12B , 2000, Avionics.