Completing the Analysis

Replacing FMEA with Datapath Analysis for IP Designs (WP545)

Document ID
WP545
Release Date
2023-06-14
Revision
1.0 English

In this white paper, a mapping from the datapath analysis dataset created by the designer to a FMEDA is described. The functional safety engineer can map the datapath analysis dataset the designer compiled into an IP-level FMEDA after the IP is implemented in silicon. This logical boundary enables the system integrator to use each IP’s dataset in their system-level FMEDA required for standard compliance.

Table 1. Block 3 Tab with Percentage Raw Fit
Block 3 Registers ID TAG Fault Modes Fault Initiators Diagnostics Repeat Claimed DC Coverage Primary Function- Percent of Design Diagnostic - Percent of Design Diagnostic - Percent Raw FIT
External Connections Signal/Bus Name
1 s_axi_lite TOP_axi_lite_master Bus Write to incorrect address Address Write register corruption Parity   99.50% 3.00%
Control plane state machine corruption Redundancy   99.80% 0.40% 0.20%
Clocking corruption    
Driver/receiver failure    
Bus write with incorrect data Write data register corruption Parity   99.50% 0.05% 0.01%
Control plane state machine corruption Redundancy   99.80% 0.40% 0.20%
Clocking corruption    
Driver/receiver failure Loopback   90.00% 0.20% 0.03%
1 (cont'd)     Bus Read from incorrect address Read address register corruption Parity   99.50% 0.05% 0.02%
Control plane state machine corruption Redundancy   99.80% 0.40% 0.20%
Clocking corruption    
Receiver failure    
Bus read incorrect data Read data register corruption Parity   99.50% 0.05% 0.01%
Control plane state machine corruption Redundancy   99.80% 0.40% 0.02%
Clocking corruption    
Receiver failure Parity   99.50%
Bus hang Control plane state machine corruption Redundancy   99.80% 0.40% 0.20%
2 s_axi_lite_clk TOP_axi_lite_clk No clock Connection logic failure Supervision   90.00% 0.20% 0.10% 0.01%
Incorrect clock frequency Divider logic failure Supervision   90.00% 0.10% 0.01%
3 CLK TOP_CLK No clock Connection logic failure External watchdog Y  
Incorrect clock frequency Divider logic failure External watchdog  
4 axi_resetn TOP_axi_resetn Unintended reset assertion Connection logic failure Supervision Y  
Reset signal timing too short Divider logic failure Supervision  
Internal Signal Block Connections Signal/Bus Name ID TAG Fault Modes Diagnostics Repeat Claimed DC Coverage
1 b2_b3_signaling b2_b3_signal Incorrect data Driver/receiver failure Data parity Y  
Incorrect clocking Connection logic failure    
2 b3_b4_signaling b3_b4_signal Incorrect data Driver/receiver failure Data parity   99.50% 0.20% 0.10% 0.05%
Incorrect clocking Connection logic failure      
3 b3_b5_signaling b3_b5_signal Incorrect data Driver/receiver failure Data parity   99.50% 0.20% 0.10% 0.05%
Incorrect clocking Connection logic failure      
4 b3_b7_Signaling b3_b7_signal Incorrect data Data parity   99.50% 0.20%
Incorrect clocking   External watchdog 90.00%
Block Function Description ID TAG Fault Modes Diagnostics Repeat Claimed DC Coverage
Function block contains control register information which drives the operation of the DMA controller. Registers are written to via an external source into the AXI4-Lite slave interface REG_BLOCK Stored data corruption Single event upsets Data parity   90.00% 4.00% 0.50% 0.05%