The Final Verification Frontier: How We Battle-Hardened RISC-V for Space

Abstract

Breker Verification Systems partnered with Frontgrade Gaisler to battle-harden the NOEL-V fault-tolerant RISC-V core, ensuring its resilience against the extreme cosmic radiation and EMI found in space environments. This effort required advancing verification beyond functional correctness, focusing instead on system-level integrity and explicit fault-tolerance testing through fault injection and multi-dimensional corner-case exploration. The rigorous methodology developed for this zero-margin environment is anticipated to become the standard for safety-critical applications across the aerospace, automotive, and industrial sectors.

Report

Key Highlights

• Target Design: Breker verified the NOEL-V fault-tolerant, radiation-hardened RISC-V core designed by Frontgrade Gaisler for use in critical space missions.
• Verification Challenge: Verification for space must move beyond traditional functional testing to prove the system can withstand constant environmental hostility (cosmic radiation, single-event upsets, EMI).
• System-Level Integrity: The methodology focuses on system-level integrity, demonstrating that the entire system (core, cache, custom ECC, memory hierarchy) behaves predictably under highly stressed workloads, rather than verifying individual blocks in isolation.
• Corner-Case Exploration: Breker uses abstract models to synthesize multi-dimensional cross-product tests, effectively generating unpredictable and “strange corner cases” to torture test the design.
• Fault Tolerance as a Goal: Verification explicitly targets fault tolerance, requiring proof that mechanisms designed to detect, correct, or isolate errors (e.g., due to bit flips) function correctly under stress (following principles similar to DO-254 and ISO 26262).

Technical Details

• Verification Toolset: Breker’s SystemVIP portfolio provides scenario-based verification environments, including test suites for cores, SoCs, coherency, and security.
• Test Synthesis: Abstract models (graphs/flow charts) defining decision points and constraints are flattened into test sequences. These are combined across different concerns (memory ordering, privilege changes, security) to generate comprehensive coverage.
• Negative Testing: The process includes deliberate negative testing—stressing the design around the specification to find gaps in the implementation or integration that could lead to unexpected failures.
• Fault Injection/Simulation: Fault-based testing involves using a fault simulator to mimic a solar flare by walking through the chip’s nodes, registers, and memories, flipping bits one by one. Mutation analysis then checks if the testbench successfully catches every injected fault.
• RISC-V Customization: The approach handles RISC-V's configurability by allowing users to model custom instructions/features abstractly. These models are automatically cross-producted with standard tests to verify interactions with core logic (e.g., exception handling, memory behavior).
• Gaisler Features: Dedicated verification targets include Gaisler’s custom error-correcting code (ECC) algorithms (beyond standard BCH) designed to detect a wider range of error patterns, alongside hardware scrubbing logic.

Implications

• New Industry Standard: Techniques refined on space-grade designs like NOEL-V are driving what “good verification” means for the rest of the industry. This level of rigor is quickly moving from optional to mandatory for safety-critical markets.
• Expanded Applicability: The highly robust verification methodology is necessary for rapid adoption in sectors where failure is unacceptable, including autonomous vehicles (meeting ISO 26262), avionics (DO-254), rail, and critical infrastructure.
• Enabling RISC-V Flexibility: By seamlessly integrating verification for custom instructions and accelerators, this approach ensures that the fundamental strength of the RISC-V ISA—its configurability—does not introduce unforeseen systemic vulnerabilities.
• Trust and Reliability: Establishing system-level integrity and verifiable fault tolerance is essential for creating systems that are not only powerful but fundamentally trustworthy in environments that are increasingly complex and unpredictable.