INS N1880 Trends in Aviation and MCFA.Pdf

QorIQ PROCESSORS FOR SECURITY AND SAFETY IN AEROSPACE AND DEFENSE APPLICATIONS FTF-INS-N1880

MATTHEW SHORT ERIC BOST FTF-INS-N1880 MAY 19, 2016

PUBLIC USE AGENDA

• NXP Experience in Aerospace and Defense Applications • NXP Processors for A&D, Roadmap, Partners • Snapshot on Key Topics Related to Multicore • Review of Keys Factors for Using NXP in Aerospace and Defense − MCFA − Longevity & In-service Experience − Techno Related & Soft Errors Metrics − Collaterals − Good Practices for Safety and Certification − Others (export control) • Summary / Questions

1 PUBLIC USE #NXPFTF 1 PUBLIC USE #NXPFTF Session Introduction

• Title: QorIQ Processors for Security and Safety in Aerospace and Defense Applications

• Subtitle: NXP QorIQ advantages for Aerospace and Defense applications

• Abstract: This session will detail the key features and design advantages of QorIQ processors for safety and security computers in Aerospace and Defense applications. Target applications for QorIQ and QorIQ LS series solutions include avionics, airborne electronics, transportation signaling, autonomous vehicles, UAV and robotics. Get an understanding of certification stakes and learn about the available design collateral and support resources.

2 PUBLIC USE #NXPFTF Session Objectives

After completing this session you will be able to: − Select multicore processors from the NXP portfolio targeting Aerospace and Defense applications − Explain the advantages of NXP multicore to support safety. − Describe the capabilities of the products that will help you meet your design challenges for Aerospace and Defense applications and how they can provide you a with a competitive and differentiating advantage − Locate essential documentation and collateral

3 PUBLIC USE #NXPFTF NXP EXPERIENCE IN AEROSPACE AND DEFENSE APPLICATIONS

4 PUBLIC USE #NXPFTF NXP is Part of Aerospace and Defense History

Early portable Defense radio

Supplier of space applications from ground to sky!

2012

A Shuttle main engine in a ground test. The Controller can be seen mounted on the left side of the combustion chamber. (NASA photo 885338) The revised computer uses a Motorola 68000 32-bit microprocessor (credit : http://history.nasa.gov/computers/Ch4-8.html )

5 PUBLIC USE #NXPFTF NXP Experience in Aerospace and Defense Applications

• Since 1953, Motorola semiconductors, and now NXP Semiconductor has supplied electronics products for Aerospace and Defense applications.

Tactical gear with i.MX • #1 supplier of 32-bit processors to this industry applications processors

• We understand that “time-in-market” is as important as “time-to-market”

• Semiconductor solutions that: Avionic, flight computers and engine − Deliver performance management systems with QorIQ and − Meet embedded power budgets Qoriva solutions − Offer high levels of integration − Provide extended qualification − Deliver outstanding technical support

6 PUBLIC USE #NXPFTF Multicore for Avionics (MCFA) Working Group

• In order to better support our avionics customers in evaluating and/or integrating multicore processors into certified airborne systems, NXP has initiated a working group named Multicore for Avionics - (MCFA)

• Goals: − Define and generate « data package » including necessary data from NXP required in the certification process to be made available (under NDA) (Ap.Notes, IP reuse, test/validation, fault-tolerance, service experience …) − Behave as a forum for exchange and consolidation of common « Multicore & Certification » issues and guidelines − Constructive, collaborative and participative approach

• Participants: − Aero equipment suppliers acting as direct applicants in front of the certification authorities ie. who design complete systems HW+SW+applications. − Includes Airbus, BAE Systems, Boeing, CMC/Esterline, Dassault, ELBIT, GE Aviation, Hamilton Sunstrand, Honeywell, Rockwell Collins, Sagem, Thales, UTC and more … and NXP − Group is chaired by NXP, tasked and ruled by Exec. Committee

7 PUBLIC USE #NXPFTF Focus on Embedded Technologies

• Technology leadership in Safety Certification for Multicore − Founder of Multicore for Avionics (MCFA) working group − Trust Architecture Users Group (NXP led) − Secure, Trustworthy, Assured and Resilient Semiconductors and Systems (STARSS) • Product Longevity as a value − Proven commitment to longevity and support − 15 year life for QorIQ T series and LS series 28nm devices • Real embedded system design focus − Deterministic interconnect for multicore SoCs − Focus on minimizing SER, FIT, AE rates for product quality − Large temperature ranges for embedded and industrial designs • Security, Security and even more Security − Pervasive / Multifaceted − Balanced Need

8 PUBLIC USE #NXPFTF Security Is Multifaceted PRIVACY preventing eavesdropping

EXAMPLE System Load HIGH Encryption

AUTHENTICATION guaranteeing identity EXAMPLES System Load MED Passwords, PINs Key exchange

ACCESS CONTROL limiting use and communication

EXAMPLE System Load MED Access control lists

SYSTEM INTEGRITY AND AVAILABILITY ensuring data and code accuracy preventing service theft and denial, cloning EXAMPLES System Load LOW Platform trust Antivirus

9 PUBLIC USE #NXPFTF NXP PROCESSOR SOLUTIONS

10 PUBLIC USE #NXPFTF NXP Portfolio Applied in Aeronautic and Defense Applications

• The Processors − NXP delivers both system–on-a-chip (SoC) based on Power Architecture® and ARM® cores. − Specifically designed for telecom, portable devices, automotive and industrial markets. − Suitable for the aerospace and defense market, with integrated features that make them suitable for robust applications. − ECC & parity, safety & security blocks − Manufactured in large volume, providing confidence for ”in-service experience” • RF − NXP is #1 in RF Power − Broad portfolio of LDMOS, GaAs and GaN transistors, addressing the complete RF line-up − High ruggedness, efficiency and thermals − Strong customer support with applications circuits, reference designs and characterization services • Sensors − NXP sensors are designed for automotive applications, human interface and portable terminal. They also fulfill industrial needs. • Analog solution for managing & switching power − Serve as a companion to processors, addressing complex power-up sequence of multicore. Our solutions offer safety for power supply management

11 PUBLIC USE #NXPFTF Field Proven Power-based SOC Solutions

SBC, VPN, Base Band Unit Control

Switches & Routers P5040 • 2-4x e5500 P4080 • 1.5GHz • 8x e500 • 2MB L3 Cache Multi-Function • 1.5GHz • 10X GbE, 2X 10GbE Printers P4040 • 2MB L3 Cache • RAID 5/6, SATA • 4x e500 • 8X GbE, 2X 10GbE• eLBC • 1.5GHz • eLBC • 23W-33W Terminal P3041 • 2MB L3 Cache • 14W-16W Adapters, • 4x e500 • 8X GbE, 2X 10GbE P2040 • 1.5GHz • eLBC Access Points • SATA • 13W • 4x e500 • eLBC P2020 • 1.5GHz • 5X GbE,1X 10GbE • 1-2x e500 • 13W • 5X GbE Pin Compatible P1022 • 1.2GHz • SATA P1025 • 1-2x e500 • eLBC • 8.7W P1020/21 & P1010 P1020/21 • 1-2x e500 • 1.1GHz • 4.5-5W P2020 • LCD • e500 • 1-2x e500 • 667MHz • 1GHz • 800MHz • SATA • TDM or QE • PWR MGMT • TDM, • TDM or QE • eLBC • 3W FlexCAN • eLBC • 23x23 PBGA • SATA • 31x31 PBGA • 1.4W-1.7W • 1.3W-1.6W • 1.6W-2.5W

12 PUBLIC USE #NXPFTF Industry-leading Power-based SOC Solutions

Core Network, Cloud Networking, Wireless

Enterprise, Campus, Line Cards T4240 • e6500 T4080 • 16-24 heavy • e6500 threads • 1.8GHz T2080 • 8 heavy threads • 1.8GHz • 4x10GbE, Branch Office, Industrial • e6500 • 2x10GbE, 12x1GE • 8 heavy threads T2081 12x1GE • 1.8GHz • e6500 • 4x10GbE T1040 • 8 heavy threads • e5500 • 1.8Ghz T1042 • 4 cores • 2x10GbE • e5500 • 1.5GHz T1020 Pin Compatible • 4 cores • 8-port GE T1022 • e5500 T1014 T1024 • 1.5GHz switch • e5500 • e5500 • e5500 • 2 cores • 2 cores • 1.5GHz • 1 core • 2 cores • Scaling from single core to 24 heavy threads • 1.4GHz • 1.4GHz • 1.5GHz • 8-port GE switch • Power <4W to <25W The industry’s most scalable pin compatible communication processor family • Performance 2 to 40Gbps

13 PUBLIC USE #NXPFTF Leading the 64-bit ARM Wave in Networking SDN, NFV, Cloud Networking, Storage

Access Gateway, WLAN, Intelligent Edge, vCPE

Industrial Firewall, LS2088A Managed Switches, Gateways, • Cortex-A72 Access Points • 4-8 cores LS2085A • DPAA2 • Cortex-A57 • 40G Pkt Remote Terminal, PLC, • 4-8 cores • 20G Crypto Low power Nodes LS1088A • DPAA2 • 20-35W • Cortex-A53 • 40Gbps Pkt • 1st 8x A72 ARM • 20Gbps Crypto LS1046A • 4-8 cores Next gen • 1.5GHz • 20-35W programmable • Cortex-A72 st • DPAA2 • 1 8x A57 ARM offload • 4 cores st • 20Gbps Pkt • 1 DPAA2.0 LS1043A • DPAA1 • 10Gbps Crypto • Cortex-A53 • 10Gbps Pkt LS1024A • 15-20W • 2-4 cores • 10Gbps Crypto LS1012A • Cortex-A9 st LS1021A • 10Gbps Pkt • 1 8x A53 ARM • Cortex-A53 • Cortex-A7 • 2 cores • 10-12W Next gen • 5Gbps Crypto st • 800MHz • 2 cores • 1.2GHz • 1 Value Tier A72 programmable • 5-10W • 2Gbps Packet • 1GHz • 2Gbps Pkt ARM for gateways offload st Pin Compatible • 1Gbps Crypto • 2Gbps Pkt • 2Gbps Crypto • 1 64-bit ARM and routers • 1-2W • 1Gbps Crypto • 3-5W processor for • Lowest power • 2W gateways and 64-bit ARM access points 14 PUBLIC USE #NXPFTF QorIQ LS1012A Block Diagram

• Single ARM Cortex-A53 processor NEW ARM − 1840 DMIPS / 2240 Coremark @ 800MHz Cortex-A53 − NEON Co-processor and DP FPU − 256 KB L2 cache with ECC 32KB 32KB L1-D L1-I • Memory Controller 6416-bit 64KB DDR2/3DDR3L − DDR3L up to 1000 MHz 256KB L2 SRAM Memory − 16-bit data bus, 1 chip select Controller

− High Speed Interconnect Secure Boot − 1x PCI Express Gen2 Trust Zone CCI-400 Coherent Interconnect − 1x SATA Gen3 Sec Monitor

− 1x USB 3.0 w/PHY Power Management − 1x USB 2.0 w/ULPI 2x SD 3.0/SDIO/eMMC SEC − Ethernet Packet Accelerator 2x I2C PPFE − 2x GbE (2.5G or 1G) 2x I2S, 5x SAI − Datapath QSPI, 1x SPI

− Packet Acceleration Engine (PPFE) 2x UART

SATA SATA 3.0

GbE GbE GPIO, JTAG 2.0 PCIe − Security acceleration engine (SEC) 1x USB3.0 + PHY − 2x SD 3.0/SDIO/eMMC 3-Lane 6GHz SERDES 1x USB2.0 − QSPI, 1x SPI, 2x UART, 2x I2C − 2x I2S, 5x SAI − Secure Boot, Trust Architecture, ARM TrustZone Samples Production − Advanced Power Management − Package: 10x10mm, routable in 4-layers April-2016 Q4-2016

15 PUBLIC USE #NXPFTF QorIQ LS1012A High Level Features

• Processor Complex • Packet Acceleration − 64-bit ARM Cortex-A53 up to 800 MHz − Packet Acceleration Engine . >2200 Coremarks under 2W . 2Gbps of PPPoE/NAT routing with 64B packets . NEON SimD / DP FPU . RSO/LRO offload . 32KB/32KB L1 Parity protected Cache & 256KB L2 Cache with ECC − Hardware Security Engine • Data Interfaces (up to 2x 6GHz SerDes Lanes) . 400 MB/s block mode encryption − 2x Gb Ethernet (2.5G/1G) . AES256 CBC, ECB, XTS − 1x USB3.0 w/PHY . XOR − 1x USB2.0 w/ULPI • Hardware/Silicon Security − 1x PCIe Gen2 (5 GHz) (x1) − Secure Boot, JTAG Blocking, 8Kb OTP Memory − 1x SATA-3 (6 GHz) − ARM TrustZone + Trust Architecture • Memory Interfaces − DRM compliance − QSPI (NOR flash) • Battery Operation − 1x SPI − Dynamic Frequency Scaling (DFS) with integrated power management − 2x SDIO 3.0 − USB charging − DDR3L-1000 MHz (16b) • Control I/Os − 2x I2C, 1x SPI − 2x UARTs − 5x I2S − Watchdog/Timers − 16 dedicated GPIOs, 6 PWM Capable

16 PUBLIC USE #NXPFTF Industry’s Leading ARM 64-bit Networking Solution: QorIQ LS2088A

General Purpose Processing Layer ARM A72 ARM A72 ARM A72 ARM A72 • 8x ARM A72 CPUs, 64b, 2.0GHz ARM A72 ARM A72 ARM A72 ARM A72 64-bit 48KB 32KB 48KB 48KB 32KB 48KB DDR2/3DDR4 ˗ 4MB Banked L2 cache 32KB L1-48KBI L1-D32KB L1-48KBI 32KB L1-48KBI L1-D32KB L1-48KBI Memory Controller • HW L1 & L2 Prefetch Engines L1-D32KB L1-48KBI L1-D32KB L1-48KBI L1-D32KB L1-48KBI L1-D32KB L1-48KBI • Neon SIMD in all CPUs L1-D L1-I L1-D L1-I L1-D L1-I L1-D L1-I 64-bit

2MB Banked L2 2MB Banked L2 1MB fetch

- DDR2/3DDR4 Platform Cache • 1MB L3 platform cache w/ECC 1MB Banked L2 1MB Banked L2 Memory Controller Pre • 2x64b DDR4 up to 2.4GT/s

Secure Boot Coherency Fabric Trust Zone Accelerated Packet Processing Unit Flash Controller IO MMU IO MMU IO MMU • 40Gbps Packet Processing Power Management 32-bit DDR4 • 20Gbps SEC- crypto acceleration SDXC/eMMC Buffer Queue Memory Controller DCE SEC 2x DUART Mgr. • 15Gbps Pattern Match/RegEx Accelerated L2 Switch 4x I2C Packet • 20Gbps Data Compression Engine SPI, GPIO, JTAG Buffer Processor WRIOP PME • 4MB Packet Express Buffer

Mgr. (APP) SATA3.0

2x USB3.0 + PHY SATA3.0

8x1/10 + 8x1

PCIe PCIe PCIe PCIe Express Packet IO Layer 8-Lane 10GHz SERDES 8-Lane 10GHz SERDES • Supports1x8, 4x4, 4x2, 4x1 PCIe Gen3 controllers • 2 x SATA 3.0, 2 x USB 3.0 with PHY Other Parametrics Datapath Acceleration Network IO • 37.5x37.5 Flipchip • SEC- crypto acceleration • Wire Rate IO Processor: • 1mm Pitch • DCE - Data Compression Engine ˗ 8x1/10GbE + 8x1G • 1292pins • PME – Pattern Matching Engine ˗ XAUI/XFI/KR and SGMII ˗ MACSec on up to 4x 1/10GbE NXP Delivers Industry’s Best Performance Efficiency ARM-64bit Networking Solution

17 PUBLIC USE #NXPFTF S32V230 Family of Processors for ADAS Systems

Features • Targets ISO 26262 ASIL B applications • Quad ARM Cortex®-A53 cores running at 1GHz • Dual APEX-2 image cognition engines enabled by Open CL (optional) • Hardware security encryption • 3D GPU (Vivante GC3000) (optional) • MIPI CSI2 and parallel image sensor interfaces • 4MB on chip system RAM • Embedded image signal processing for HDR, color conversion, tone mapping, etc. • -40C to 125C (junction temperature) operation http://www.NXP.com/webapp/sps/site/prod_summary.jsp?code=S32V230 • Available in 17 x 17 FC-BGA

18 PUBLIC USE #NXPFTF Software Products and Services Development Tools Runtime Products Visit us in the Tech Lab – #247 • VortiQa Software • CodeWarrior Solutions Accelerate Customer Time-to-Market

Deliver Commercial Solutions Integration Software, Support, Reference Services Services and Solutions • Security • IOT Consulting Gateway • Hardened Simplify Software Engagement with NXP • OpenWRT+ Linux

Linux® Services Create Success! • Commercial • Performance Tuning Support

19 PUBLIC USE #NXPFTF SNAPSHOT ON KEY TOPICS RELATED TO MULTICORE

20 PUBLIC USE #NXPFTF Remarks on High-End Multicore COTS

• Generally speaking .. High-End Multicore CPUs COTS SoCs have NOT been designed specifically for safety critical applications − eg. NXP QorIQs first target Networking as short-return high-volume market • Nevertheless, non-safety critical applications/markets using HE SoCs require very high level of reliability, in the sense of: − Error protection − Determinism (particularly in stressed / loaded conditions)

21 PUBLIC USE #NXPFTF Common Use-Case for Robust Partitioning of Multicore

• Robust Partitioning refers to both SW Partition A Partition B spatial and temporal aspects (or

App App resource and Time) Appli Appli • at HW level, Spatial can be controlled

thru some well defined and quite OS/Kernel OS/Kernel straightforward mechanisms (MMU, IO-

MMU, 3-level hierarchy) Hypervisor • Temporal Partitioning in essence HW cannot be addressed just thru CORE CORE MMU MMU

straightforward hardware mechanisms Memor Memory Config y IOMMU IOMMU • Spatial and Temporal partitioning are Shared Sys. Mem I/Os I/Os I/Os not directly linked in the sense one Sys. Memory does not imply the other

22 PUBLIC USE #NXPFTF Interferences in a Multicore SoC

• Some sub-domains in the SoC can provide CORE Local CORE Local ‘’natural’’ determinism Mem Mem MMU MMU − eg. core to cache/local memory Shared MEM • Disabling some optimization features can limit contentions M E • (HW coherency/snooping, stashing) Interconnect M Ctrlr IOMMU IOMMU IOMMU • Usage Domain restriction with SW enforcement to ease temporal analysis Config & I/O / DMA I/O / DMA Control • Tests / measurements • High-End Multicore SoCs generally provide more means for monitoring (thru supplier & tool partners)

+ when required SoC supplier assistance

23 PUBLIC USE #NXPFTF REVIEW KEYS FACTORS FOR USING NXP MPUS IN AEROSPACE AND DEFENSE

24 PUBLIC USE #NXPFTF Key Factors for Aerospace & Defense

• Quality & Qualification − Application / Qualification Tiers − Temperature Range • Longevity • In-service experience • Architecture advantage − Memory protection (Parity, ECC on caches and SRAM) − Safety & Security functions − Support of Power and ARM cores • Documentation & Technical collateral • Technical support • Ecosystem and Partners − incl. Boards, SW/RTOS, Debug, Packaging and extended. Qualification • NXP’s commitment to the Aerospace and Defense market • http://www.NXP.com/files/32bit/doc/brochure/PWRARBYNDBITSSKD.pdf

25 PUBLIC USE #NXPFTF On Product Specifications

• Once a COTS device has reached qualification, a lot of technical information is public and available directly from www.nxp.com − including the Reference Manuals and Data-sheets for all SoCs in full production

• Some technical information are not publicly disclosed − Errata description (NDA) − Some technical details provided selectively depending on customers and/or applications (NDA and in some cases service agreement) − Some information restricted due to Intellectual Property concerns and/or non-user applicable purpose.

26 PUBLIC USE #NXPFTF Quality & Qualification

• At NXP we are committed to provide the highest levels of product quality, delivery and service, as viewed through the eyes of our customers. • NXP Quality home page − http://www.NXP.com/webapp/sps/site/homepage.jsp?code=QUALITY_HOME • Quality Policy handbook − http://www.NXP.com/files/abstract/misc/CPA_QA_HANDBOOK.pdf • Quality Excellence as Seen Through the Eyes of the Customers − http://www.NXP.com/webapp/sps/site/training_information.jsp?code=WBNR_FTF10_F0861 • Building Robust Products: NXP Product Package Mechanical Reliability Testing and Reporting − http://www.NXP.com/webapp/sps/site/training_information.jsp?code=WBNR_FTF11_ENT_F0557 • Ask for Qualification reports (incl. Test/Validation results)

27 PUBLIC USE #NXPFTF Summary

• NXP stands by a proven track record in Aerospace and Defense applications • NXP guarantees long term product supply • NXP offers technical support and design documentation for a variety of applications • NXP offers the broadest portfolio of solutions from microcontrollers to super computer-type processors • NXP is a “Best in Class” supplier for Aerospace and Defense applications

28 PUBLIC USE #NXPFTF

ATTRIBUTION STATEMENT

NXP, the NXP logo, NXP SECURE CONNECTIONS FOR A SMARTER WORLD, CoolFlux, EMBRACE, GREENCHIP, HITAG, I2C BUS, ICODE, JCOP, LIFE VIBES, MIFARE, MIFARE Classic, MIFARE DESFire, MIFARE Plus, MIFARE FleX, MANTIS, MIFARE ULTRALIGHT, MIFARE4MOBILE, MIGLO, NTAG, ROADLINK, SMARTLX, SMARTMX, STARPLUG, TOPFET, TrenchMOS, UCODE, Freescale, the Freescale logo, AltiVec, C 5, CodeTEST, CodeWarrior, ColdFire, ColdFire+, C Ware, the Energy Efficient Solutions logo, Kinetis, Layerscape, MagniV, mobileGT, PEG, PowerQUICC, Processor Expert, QorIQ, QorIQ Qonverge, Ready Play, SafeAssure, the SafeAssure logo, StarCore, Symphony, VortiQa, Vybrid, Airfast, BeeKit, BeeStack, CoreNet, Flexis, MXC, Platform in a Package, QUICC Engine, SMARTMOS, Tower, TurboLink, and UMEMS are trademarks of NXP B.V. All other product or service names are the property of their respective owners. ARM, AMBA, ARM Powered, Artisan, Cortex, Jazelle, Keil, SecurCore, Thumb, TrustZone, and μVision are registered trademarks of ARM Limited (or its subsidiaries) in the EU and/or elsewhere. ARM7, ARM9, ARM11, big.LITTLE, CoreLink, CoreSight, DesignStart, Mali, mbed, NEON, POP, Sensinode, Socrates, ULINK and Versatile are trademarks of ARM Limited (or its subsidiaries) in the EU and/or elsewhere. All rights reserved. Oracle and Java are registered trademarks of Oracle and/or its affiliates. The Power Architecture and Power.org word marks and the Power and Power.org logos and related marks are trademarks and service marks licensed by Power.org. © 2015–2016 NXP B.V.

30 PUBLIC USE #NXPFTF