An intro to RISC-V

As safety-critical systems become increasingly complex, the choice of processor architecture plays an important role in ensuring functional safety and system reliability. Consider an automotive brake-by-wire system, where sensors detect the pedal position, software interprets the driver’s intent, and electronic controls activate the braking system. Or commercial aircraft relying on flight control computers to interpret pilot inputs and maintain stable flight. Processing latencies or failures in these systems could result in unintended behaviors and degraded modes, potentially leading to fatal accidents.

The RISC-V architecture’s inherent characteristics—modularity, simplicity, and extensibility—align with the demands of functional safety standards like ISO 26262 for automotive applications and DO-178C for aviation software. Unlike proprietary processor architectures, RISC-V is an open standard instruction set architecture (ISA) developed by the University of California, Berkeley, in 2011. The architecture follows reduced instruction set computing (RISC) principles, emphasizing performance and modularity in processor design.

RISC-V is set apart by its open, royalty-free nature combined with a clean-slate design that eliminates the legacy compatibility constraints of traditional architectures. The ISA is structured as a small base integer set with optional extensions, allowing processor designers to implement only the features needed for their specific applications.

This article examines the technical advantages and considerations of implementing RISC-V in safety-critical environments.

Benefits for safety-critical industries

Traditional proprietary architectures, such as Arm, have served safety-critical industries well, but challenges around supplier diversity, customization needs, and safety certification requirements have driven interest in RISC-V.

The following sections describe characteristics of RISC-V that make it a viable option for safety-critical development teams.

Architectural independence

One fundamental challenge in developing safety-critical systems is mitigating supply chain risks. Traditional processor architectures require licensing agreements and create vendor lock-in, which impacts long-term system maintainability and cost.

RISC-V’s open model provides several advantages. The ability to work with multiple silicon vendors reduces single-point-of-failure risks in the supply chain. This is particularly important for long-lifecycle applications in aerospace and automotive, where systems may need to be maintained and supported for decades. When using RISC-V, manufacturers expand their options for semiconductor suppliers and development tool ecosystems, providing flexibility in responding to supply chain issues.

Customization to meet safety-critical requirements

RISC-V’s modular design philosophy allows silicon vendors and system architects to implement custom features at the hardware level. This capability helps address specific safety requirements across mission-specific applications certification standards such as:

• Custom error detection and correction.
• Hardware-level monitoring and diagnostic capabilities.
• Low-latency, deterministic execution features for real-time requirements.

Additionally, RISC-V silicon vendors have products supporting harsh environments, such as processors with radiation hardening and electromagnetic pulse (EMP) protection for space applications.

Memory management

One of RISC-V’s distinguishing features is its approach to cache memory management, helping developers of safety-critical applications requiring deterministic behavior. The ability to implement level 2 cache memory mapping as RAM gives developers greater control over system latency, a crucial factor in real-time safety-critical applications.

This capability addresses challenges covered in aviation safety guidelines like EASA AMC 20-193 and FAA AC 20-193. By providing better solutions for cache contention mitigation than traditional architectures, RISC-V supports more predictable execution timing—a critical requirement for safety certification.

Dissimilar redundancy

Safety-critical systems requiring design assurance level A (DAL-A) certification under DO-178C often implement redundancy to protect against common mode failures. RISC-V’s open architecture provides advantages in implementing dissimilar redundancy strategies:

• Implementation of different processor configurations within the same system.
• Diverse redundancy schemes using different vendor solutions.
• Using different architectures in mixed-criticality systems with varying levels of safety requirements.

Performance considerations

While RISC-V may not always match the raw performance metrics of modern Arm implementations, its architecture provides several advantages specific to safety-critical applications. The ability to implement custom instructions and hardware features allows optimization for specific safety requirements without compromising overall system performance.

Key performance-related features include:

• Deterministic execution paths for real-time applications.
• Custom instructions for safety monitoring.
• Efficient context switching for mixed-criticality systems.
• Configurable memory protection units to minimize stack and data corruption.

RISC-V’s development tool ecosystem

Over the years, the maturation of development tools and verification environments for RISC-V has expanded to cover the entire software lifecycle. For example, LDRA’s target license package (TLP) for RISC-V architectures supports development and on-target testing with multi-core code coverage analysis, worst-case execution time (WCET) measurement for AMC 20-193 compliance, requirements traceability, and integration with major RISC-V development platforms. This TLP makes RISC-V ready for safety and security.

Additionally, LDRA is highly integrated with RISC-V environments, supporting dynamic testing with hardware and commercial and open-source simulation environments, including silicon-level simulation. These environments support comprehensive hardware-accurate testing and verification to develop and test software as the hardware is developed.

Industry momentum around RISC-V

A growing number of safety-certified RISC-V IP cores offer designers pre-verified components that meet stringent safety requirements. Microchip, SiFive, CAST, and other vendors have released specialized RISC-V implementations with integrated safety features, fault detection mechanisms, and redundancy capabilities tailored for automotive and aerospace applications. Vendors such as Frontgrade Gaisler add to this with radiation-hardened microprocessors and IP cores for space-based systems.

The mix of industry support, technical guidelines, and certification tools creates a positive feedback loop that accelerates RISC-V adoption in safety-critical systems, making it increasingly attractive for organizations developing next-generation applications.

Jay Thomas, technical development manager for LDRA Technology, San Bruno, Calif., and has worked on embedded controls simulation, processor simulation, mission- and safety-critical flight software, and communications applications in the aerospace industry. His focus on embedded verification implementation ensures that LDRA clients in aerospace, medical, and industrial sectors are well grounded in safety-, mission-, and security-critical processes. For more information about LDRA, visit

 Related Content

• Standards, tools address coding and application errors in embedded software
• Software development model for the ISO/SAE 21434 standard
• How ‘shift left’ helps secure today’s connected embedded systems
• CES 2021: RISC-V’s journey from experimentation to commercial processors
• Accelerating RISC-V development with network-on-chip IP
• Developing safety critical ASICs for ADAS and similar automotive systems

The post Why RISC-V is a viable option for safety-critical applications appeared first on EDN.

Source link