An Automated Formal Verification Flow for Safety Registers

Automotive microcontrollers support an increasing number of safety applications and include various safety mechanisms in order to meet the ISO 26262 standard. Derivatives of product families address different market segments and customers with individual safety requirements. Thus flexibility is needed to adjust the overhead introduced by extra safety circuitry to the actual configurations and safety requirements of the individual product. This paper presents a comprehensive formal verification methodology for safety-critical registers. Distinct sets of a relatively small number of black-box and white-box register properties, which call macros generated from XML register specifications with safety tags, allow the depth of automatic register verification to be progressively increased by inserting more and more design-specific data. This systematic and highly automated formal verification approach, which includes formal fault injection, not only saves functional and safety verification efforts, but also yields evidence for ISO 26262 compliance. Keywords—formal verification; special function register; safety register; safety verification; ISO26262