Contributions to the SIL 2 Radiation Monitoring System CROME (CERN RadiatiOn Monitoring Electronics)

CERN is developing a new radiation monitoring system called CROME to replace the currently used system which is at the end of its life cycle. As radiation can pose a threat to people and the environment, CROME has to fulfill several requirements regarding functional safety (SIL 2 forsafety-critical functionalities). This thesis makes several contributions to increase the functionality, reliability and availability of CROME. Floating point computations are needed for the signal processing stages of CROME to cope with the high dynamic range of the measured radiation. Therefore, several IEEE 754-2008 conforming floating point operation IP cores are developed and implemented in the system. In order to fulfill the requirements regarding functional safety, the IP cores are verified rigorously by using a custom OSVVM based floating point verification suite. A design methodology for functional safety in SRAM-based FPGA-SoCs is developed. Some parts of the methodology are applied to the newly developed IP cores and other parts were ported back to the existing system. In order to increase the reliability and availability of CROME, a new in-system communication IP core for decoupling the safety-critical from the non-safety-critical parts of the FPGA-SoC-based system is implemented. As the IP core contains mission critical configuration data and will have an uptime of several years, it is equipped with several single event upset mitigation techniques such as ECC for memory protection and fault-robust FSMs in order to increase the system’s reliability and availability. To make this IP core usable for the overall system, the existing Linux kernel and userspace software stack is adapted for it. Finally, some critical design weaknesses were found in the current system architecture. In order to remediate those weaknesses, an improved system architecture is proposed to be implemented in future design iterations.