With the surge in demand for autonomous and controllable chips in safety-critical fields such as autonomous driving and aerospace, the open-source instruction set architecture RISC-V is triggering an industry revolution. EDN's latest in-depth analysis points out that RISC-V, with its unique architectural advantages, is breaking the monopoly pattern of traditional closed ecosystems. Article by Jay Thomas is a Technology Development Manager at LDRA Technology based in San Bruno, California. He has extensive experience in embedded control simulation, processor simulation, aviation safety-critical flight software, and communications applications, with a focus on embedded verification implementations to help LDRA customers in the aerospace, medical, and industrial sectors follow safety, mission-critical, and safety-related processes. This article will refine the core ideas of the article and take you to quickly understand how RISC-V breaks through in the functional safety track.
In a world where safety-critical systems are becoming increasingly complex, the choice of processor architecture is critical to ensuring functional safety and system reliability. Safety-critical systems, such as automotive brake-by-wire systems and commercial aircraft flight control systems, require high processing delays and fault tolerance, which can lead to serious accidents if they occur. Against this backdrop, RISC-V architectures are becoming a strong choice for safety-critical applications due to their unique advantages.
Born in 2011 and developed by the University of California, Berkeley, the RISC-V architecture is an open standard instruction set architecture (ISA). It follows the principles of Reduced Instruction Set Computing (RISC) and is modular, simple, and scalable, which are highly aligned with the requirements of functional safety standards such as ISO 26262 for the automotive industry and DO-178C for aerospace software. Unlike traditional proprietary processor architectures, RISC-V is open and royalty-free, and its design is not bound by legacy compatibility with legacy architectures, and the ISA consists of a small basic integer set and optional extensions, allowing processor designers to choose the functionality they need, providing maximum flexibility.
The advantages of RISC-V in safety-critical industries are significant. In terms of architecture independence, the licensing protocol and vendor lock-in of traditional proprietary architectures will affect the long-term maintenance and cost control of the system. RISC-V's open model allows for collaboration with multiple silicon suppliers to reduce the risk of a single point of failure in the supply chain, which is significant for long-life cycle industries such as aerospace and automotive, where manufacturers have the flexibility to respond to supply chain issues.
The ability to customize is another highlight of RISC-V. Its modular design philosophy allows silicon vendors and system architects to add custom capabilities at the hardware level, such as custom error detection and correction, hardware-level monitoring diagnostics, and low-latency, deterministic execution for real-time needs. In addition, some RISC-V silicon vendors are suitable for harsh environments, such as radiation-hardened, EMP-resistant processors designed for space applications.
Figure: Why RISC-V excels in safety-critical areas
In terms of memory management, RISC-V maps L2 cache to RAM, allowing developers to better control system latency, which gives developers an advantage over traditional architectures in handling cache contention issues, meets aviation safety guidelines, and helps achieve predictable execution times and meet security certification requirements.
For safety-critical systems that require DO-178C Design Assurance Level A (DAL-A) certification, the RISC-V open architecture offers the advantage of implementing heterogeneous redundancy strategies, with different processor configurations within the same system, diverse redundancy from different vendors, and different architectures in mixed-critical systems.
In terms of performance, while RISC-V may not have the same raw performance metrics as modern Arm architectures, it can be optimized for specific security needs through custom instructions and hardware features, enabling deterministic execution paths for real-time applications, custom instructions for security monitoring, efficient context switching for mixed-critical systems, and configurable memory protection units to prevent stack and data corruption.
RISC-V's ecosystem of development tools is maturing across the entire software lifecycle. For example, LDRA's Target License Package (TLP) for the RISC-V architecture supports development and target test functions such as multi-core code coverage analysis, worst-case execution time (WCET) measurement, meets AMC 20-193 compliance requirements, integrates with mainstream RISC-V development platforms, and performs dynamic testing in hardware and simulation environments to ensure comprehensive testing and validation of software and hardware development.
Today, more and more safety-certified RISC-V IP cores are available on the market, with vendors such as Microchip, SiFive offering products that integrate security features, fault detection mechanisms and redundancy capabilities, and Frontgrade Gaisler also offers radiation-hardened microprocessors and IP cores for space systems. Industry support, technical guidance, and certification tools complement each other to accelerate the adoption of RISC-V in safety-critical systems.
