Safety Arguments for use of an Ada to FPGA Compiler

In this paper the use of Field Programmable Gate Arrays (FPGAs) has been investigated as an alternative target device for safety-critical software to the use of traditional microprocessor (e.g. Von Neumann-based architectures). FPGAs are a desirable alternative in comparison to microprocessors for reasons including: ease of analysis in comparison to modern microprocessors such as the PowerPC, and the obsolescence problems with using short-lifetime microprocessors in long lifetime systems. The work in this paper uses the Goal Structuring Notation to decompose the safety claims for FPGA-based systems. It then considers how the necessary evidence can be gathered. The results of this work are the following three contributions. Firstly, we identify the necessary evidence required to justify that the resulting FPGA-based system is of sufficient integrity. Secondly, we identify techniques that can be used to gather the required evidence. Thirdly, we show the relation to the evidence currently gathered for microprocessor-based systems and the guidance given by the Safety and Security Annex for the Ada programming language.