| Both sides previous revisionPrevious revision | |
| en:safeav:hw:conventionalvalidationandverification [2026/04/22 09:22] – raivo.sell | en:safeav:hw:conventionalvalidationandverification [2026/06/17 12:39] (current) – tgrzejszczak |
|---|
| ====== Conventional Validation and Verification ====== | ====== Conventional Validation and Verification ====== |
| |
| {{:en:safeav:as:as:figure3d.jpg?700|}} | Hardware serves as the physical foundation upon which the entire autonomy stack is constructed, and a foundation that has not been rigorously verified remains merely an assumption. In the context of autonomous systems, the distinction between Verification and Validation (V&V) is essential: verification systematically asks whether the hardware was built correctly according to its technical specifications, while validation evaluates whether the right hardware was built to meet the needs of the mission under real-world, uncertain conditions. Traditionally, these processes have been bifurcated into Physics-Based Execution (PBE) paradigms, which rely on the continuity and monotonicity of the physical world, and Decision-Based Execution (DBE) paradigms, which characterize the unconstrained logic of digital software. As autonomous systems represent a deep integration of both, conventional V&V must address the hardware at the silicon, circuit, and system levels to link the technical implementation to the overriding governance and safety structures. |
| | |
| As discussed in chapter 2, all of these systems live under a governance structure where validation and verification technology links the technical world to the governance structure. Critical in enabling these processes is the domain of Electronic Design Automation (EDA). EDA refers to the software tools and workflows used to design, verify, and prepare semiconductor devices and electronic systems for manufacturing. At the chip level, the flow typically begins with system architecture and specification, followed by separate but converging analog and digital design streams. In digital design, engineers describe functionality using hardware description languages (HDLs) such as Verilog or VHDL, simulate for functional correctness, synthesize to logic gates, and perform place-and-route to create a physical layout. This is followed by static timing analysis, power analysis, signal integrity checks, and increasingly, formal verification and functional safety validation (e.g., ISO 26262 contexts). In analog/mixed-signal design, the flow is more device- and layout-centric: schematic capture, SPICE-level simulation (corner, Monte Carlo, noise, mismatch), layout with careful parasitic extraction, and iterative verification (LVS/DRC). At advanced nodes, the boundary between analog and digital blurs in mixed-signal SoCs, requiring tight co-simulation and cross-domain verification. | |
| | |
| Once the silicon design is complete, the flow extends to package design, which has become increasingly critical in advanced-node and heterogeneous integration contexts (e.g., chiplets, 2.5D/3D integration). Package EDA tools model signal integrity, power integrity, thermal behavior, and mechanical stress across substrates, interposers, and bumps. The package is no longer a passive carrier; it is an electrical extension of the die, affecting timing closure, power delivery, and high-speed interfaces (e.g., UCIe, HBM). Finally, at the PCB level, board design tools integrate schematic capture, component placement, routing, and multi-physics analysis (signal integrity, EMI/EMC, thermal). High-speed digital systems require co-design between chip I/O, package escape routing, and PCB stackup to maintain impedance control and timing margins. Modern EDA workflows increasingly emphasize cross-domain co-design—from transistor to board—because performance, reliability, and safety are emergent properties of the entire electronic system, not just the silicon alone. | |
| | |
| The Electronic Design Automation (EDA) industry is highly concentrated, with dominant global vendors controlling the majority of advanced semiconductor design workflows. Synopsys, Cadence Design Systems, and Siemens EDA (formerly Mentor Graphics) collectively provide end-to-end toolchains spanning digital implementation, analog/mixed-signal design, verification, IP integration, packaging, PCB design, and multi-physics analysis. Synopsys is particularly strong in digital synthesis, verification, and IP; Cadence has deep capabilities in custom/analog design and system analysis; and Siemens EDA is well known for PCB design, verification, and manufacturing integration. Beyond the “big three,” companies such as Ansys play a critical role in sign-off physics (signal integrity, power integrity, thermal, electromagnetics), while emerging players focus on AI-assisted design automation and specialized domains like photonics or chiplet integration. The high technical complexity, deep foundry integration (e.g., with TSMC, Samsung, Intel), and massive R&D investment required at advanced nodes create significant barriers to entry, reinforcing the industry’s oligopolistic structure. | |
| | |
| Physical testing of electronics spans wafer probe, packaged device qualification, board-level validation, and full system stress testing, and is supported by a concentrated set of global vendors. In semiconductor production test, automated test equipment (ATE) leaders such as Teradyne and Advantest dominate high-volume logic, memory, and SoC testing, enabling parametric characterization, functional verification, and speed binning at wafer and final test. For reliability and environmental stress—HTOL, temperature cycling, vibration, and humidity—chamber providers like ESPEC and Thermotron are widely used in automotive and aerospace qualification flows. Electrical measurement and compliance validation at the device and board level rely heavily on instrumentation from Keysight Technologies and Rohde & Schwarz, particularly for high-speed interfaces and RF systems. Inspection and failure analysis—critical for advanced packaging and heterogeneous integration—often leverage X-ray and acoustic microscopy systems from Nordson, as well as materials analysis platforms from Thermo Fisher Scientific. Together, these vendors underpin the physical validation layer that complements design verification, ensuring performance, reliability, and safety before deployment into mission-critical applications. | |
| | |
| | |
| | |
| |
| | A primary technical enabler for these processes is the domain of Electronic Design Automation (EDA), which encompasses the software tools and workflows used to design, verify, and prepare semiconductor devices for manufacturing. At the chip level, the V&V flow begins with architectural specification, followed by separate but converging digital and analog design streams. In the digital design flow, engineers utilize hardware description languages (HDLs) such as Verilog or VHDL to simulate for functional correctness, eventually synthesizing logic into gates and performing physical layout. This is accompanied by static timing analysis, power analysis, and signal integrity checks, which are increasingly mandated by functional safety standards like ISO 26262. Analog and mixed-signal design involves SPICE-level simulations, including corner, noise, and Monte Carlo analyses, to verify device-level performance before layout and parasitic extraction. At advanced semiconductor nodes, the boundary between these domains blurs, necessitating tight co-simulation and cross-domain verification within complex Systems-on-Chip (SoCs). |
| |
| | Complementing design-time verification is the physical testing of electronics, which spans from wafer probing to packaged device qualification and full system stress testing. This layer is supported by a concentrated set of global vendors providing Automated Test Equipment (ATE) for high-volume SoC testing and parametric characterization. To ensure long-term reliability in mission-critical applications, hardware must undergo rigorous environmental stress testing, including High-Temperature Operating Life (HTOL), thermal cycling, vibration, and humidity exposure. These tests are essential for meeting the stringent requirements of the automotive AEC qualification and the aerospace DO-254 standards. Furthermore, compliance with electromagnetic compatibility (EMC) and emissions standards, such as those defined by the FCC or IEC 61000, is mandatory across all domains to prevent hazardous interference between active sensors and high-speed processing units. |
| |
| | Despite the maturity of these conventional methods, the jump to autonomy introduces significant V&V challenges and risks. While traditional safety-critical standards like ISO 26262 focus on identifying failure mechanisms and building a safety argument against mechanical or random hardware faults, they are often insufficient for the functional insufficiencies of AI-driven systems. This gap is addressed by the Safety of the Intended Functionality (SOTIF) framework, which focuses on unknown scenarios and performance limitations rather than just hardware failure. A major limitation of conventional V&V is that it often overlooks the temporal and probabilistic nature of perception sensors; a hardware component may be "verified" to operate within its electrical specs but still "fail" at a system level if it provides stale or noisy data to a decision-making algorithm. Therefore, a credible V&V program must link these conventional hardware layers to the broader safety case, ensuring that every component matches its approved baseline and contributes to the overall evidence trail required for certification. For advanced practitioners, understanding this foundation is the prerequisite for exploring the more specialized sensor calibration and hardware-in-the-loop methodologies that define modern autonomous system validation |
| |
