Obtaining Diagnostic Coverage Metrics Using Rapid Prototyping of Multicore Systems 2011-01-1007

With the introduction of the ISO26262 automotive safety standard there is a burden of proof to show that the processing elements in embedded microcontroller hardware are capable of supporting a certain diagnostic coverage level, depending on the required Automotive Safety Integrity Level (ASIL). The current mechanisms used to provide actual metrics of the Built-in Self Tests (BIST) and Lock Step comparators use Register Transfer Level (RTL) simulations of the internal processing elements which force faults into individual nodes of the design and collect diagnostic coverage results. Although this mechanism is robust, it can only be performed by semiconductor suppliers and is costly. This paper describes a new solution whereby the microcontroller is synthesized into a large Field Programmable Gate Array (FPGA) with a test controller on the outside. This platform can be used to inject faults into the internal state of the microcontroller while actual tests are running, such that real diagnostic capabilities of various mechanisms can be measured, and to check that reactions to these detected faults are handled as required.