

# APPLYING MBD AND MBSE FOR HIGH-LEVEL DESIGN AND VERIFICATION IN SPACE APPLICATIONS

EDHPC. 6<sup>TH</sup> OCTOBER 2023

JAVIER MORENO, RAUL REGADA, JUAN MANUEL RODRIGUEZ BEJARANO, Ph.D.

THALES ALENIA SPACE IN SPAIN

Date: 28/062022 Ref: EDHPC-2023 Template: 83230347-DOC-TAS-EN-009

#### PROPRIETARY INFORMATION

This document is not to be reproduced, modified, adapted, published, translated in any material form in whole or in part nor disclosed to any third party without the prior written permission of Thales Alenia Space. © Thales Alenia Space, 2020 All right reserved



# TABLE OF CONTENTS

BACKGROUND



TOOL EVALUATION

4

# DESIGN PROCEDURE

REAL USE CASES



Date: 28/062022 Ref: EDHPC-2023 Template: 83230347-DOC-TAS-EN-009

### PROPRIETARY INFORMATION

3

This document is not to be reproduced, modified, adapted, published, translated in any material form in whole or in part nor disclosed to any third party without the prior written permission of Thales Alenia Space. © Thales Alenia Space, 2020 All right reserved



# **BACKGROUND. 20 YEARS AGO**



### Code was designed / generated using UML based autocding C++ tools (Rational Rose)

Date: 28/062022 Ref: EDHPC-2023 Template: 83230347-DOC-TAS-EN-009

3

#### PROPRIETARY INFORMATION

This document is not to be reproduced, modified, adapted, published, translated in any material form in whole or in part nor disclosed to any third party without the prior written permission of Thales Alenia Space. © Thales Alenia Space, 2020 All right reserved



# **BACKGROUND. EVOLUTION**

///TAS in Spain has used Mathworks technology for nearly 30 years

- I Using Matlab/Simulink followed by Hand-Made Translation to RTL.
- Proven to be prone to errors.
- I Nearly impossible to manage in new high complexity designs.



#### PROPRIETARY INFORMATION

Date: 28/062022 Ref: EDHPC-2023 Template: 83230347-DOC-TAS-EN-009

This document is not to be reproduced, modified, adapted, published, translated in any material form in whole or in part nor disclosed to any third party without the prior written permission of Thales Alenia Space. © Thales Alenia Space, 2020 All right reserved



# **BACKGROUND. DRIVERS**

///DSP tools (Vivado HLS, HDL Coder, ...) tool has been used since 2016 -> well known

///Complexity in terms of operations and functionality has dramatically increased with the introduction of the latest FPGA devices (KINTEX, RTG4, VERSAL)

///MBD/MBSE allows to accelerate design and maintain & evolve into bigger designs
//MBD/MBSE allows to accelerate design and maintain & evolve into bigger designs
//Model-based design allows efficient implementations of DSP structures and arithmetic operations
//Model is easier to document, port and modify when compared to plain HDL code



5

#### PROPRIETARY INFORMATION

This document is not to be reproduced, modified, adapted, published, translated in any material form in whole or in part nor disclosed to any third party without the prior written permission of Thales Alenia Space. © Thales Alenia Space, 2020 All right reserved



# **EVALUATION PHASE**



### PROPRIETARY INFORMATION

This document is not to be reproduced, modified, adapted, published, translated in any material form in whole or in part nor disclosed to any third party without the prior written permission of Thales Alenia Space. © Thales Alenia Space, 2020 All right reserved







#### PROPRIETARY INFORMATION

This document is not to be reproduced, modified, adapted, published, translated in any material form in whole or in part nor disclosed to any third party without the prior written permission of Thales Alenia Space. © Thales Alenia Space, 2020 All right reserved

THALES ALENIA SPACE INTERNAL

<u>\_</u> 2

4

3 bo

1 Data in

2 Num\_in

um 1 Out

Discrete FIR Filter

→1 Data\_out



7

Date: 28/062022

Ref: EDHPC-2023

Template: 83230347-DOC-TAS-EN-009

# **4TH ORDER & 8TH ORDER POLIPHASE FILTER BANK**





### PROPRIETARY INFORMATION

This document is not to be reproduced, modified, adapted, published, translated in any material form in whole or in part nor disclosed to any third party without the prior written permission of Thales Alenia Space. © Thales Alenia Space, 2020 All right reserved

THALES ALENIA SPACE INTERNAL



8





9

Ref: EDHPC-2023 Template: 83230347-DOC-TAS-EN-009

Date: 28/062022

### PROPRIETARY INFORMATION

This document is not to be reproduced, modified, adapted, published, translated in any material form in whole or in part nor disclosed to any third party without the prior written permission of Thales Alenia Space. © Thales Alenia Space, 2020 All right reserved



# **DESIGN PROCEDURE. SPACE CODING RULES**

/// Generated code has been evaluated and comply with Space coding rules.

- /// Generated code seems to be generated by a computer but:
- ✓ Systematic generation → Is predictable to read
- Generated RTL blocks names match with the Simulink design
- In general it is easy to integrate in a more complex design

|                                         |                       |                |                                                                                                                                                |                                                                                                                                                                                                                                                                                                                                |                                                                              |                                                           |           |              | HDL coding               | g standard: I                                                            | ndustry 👻                         |  |
|-----------------------------------------|-----------------------|----------------|------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------|-----------------------------------------------------------|-----------|--------------|--------------------------|--------------------------------------------------------------------------|-----------------------------------|--|
|                                         |                       |                |                                                                                                                                                |                                                                                                                                                                                                                                                                                                                                |                                                                              |                                                           |           |              | Report opt               | ions                                                                     |                                   |  |
|                                         |                       |                |                                                                                                                                                |                                                                                                                                                                                                                                                                                                                                |                                                                              |                                                           |           |              | 🔲 Do not                 | show passing                                                             | rules in coding standard report   |  |
| Clock settings                          |                       |                |                                                                                                                                                |                                                                                                                                                                                                                                                                                                                                |                                                                              |                                                           |           |              | Basic codir              | ng rules                                                                 |                                   |  |
| Reset type: Asynchronous                |                       |                | ▼ Rese                                                                                                                                         | <ul> <li>Reset asserted level:</li> </ul>                                                                                                                                                                                                                                                                                      |                                                                              | Active-high 🔹                                             |           |              | Check f                  | or duplicate na                                                          | ames                              |  |
|                                         | clock input port: clk |                |                                                                                                                                                | Clock enable input port:                                                                                                                                                                                                                                                                                                       |                                                                              | -                                                         |           |              |                          |                                                                          | rds in design names               |  |
| •••                                     |                       | _              |                                                                                                                                                |                                                                                                                                                                                                                                                                                                                                |                                                                              |                                                           |           |              | ice, entity name length  |                                                                          |                                   |  |
| Reset input port: reset                 |                       | _              | Clock inputs:                                                                                                                                  |                                                                                                                                                                                                                                                                                                                                | (                                                                            |                                                           | Minimum 2 |              |                          |                                                                          |                                   |  |
| Oversampling factor:                    | 1                     |                | Cloc                                                                                                                                           | k edge:                                                                                                                                                                                                                                                                                                                        | Rising                                                                       |                                                           | •         |              | Maxim                    | um 32                                                                    |                                   |  |
| Additional settings                     |                       |                |                                                                                                                                                |                                                                                                                                                                                                                                                                                                                                |                                                                              |                                                           |           |              |                          |                                                                          | arameter name length              |  |
| General Ports                           | Coding styl           | e Coding stand | ards                                                                                                                                           | Diagnostics Float                                                                                                                                                                                                                                                                                                              | ing Point                                                                    | Target                                                    |           |              | Minimu                   | im 2                                                                     |                                   |  |
| Comment in header:                      |                       |                |                                                                                                                                                |                                                                                                                                                                                                                                                                                                                                |                                                                              |                                                           |           |              | Maxim                    | um 40                                                                    |                                   |  |
| Verilog file extension:                 |                       | .v             |                                                                                                                                                | VHDL file extension:                                                                                                                                                                                                                                                                                                           | .vh                                                                          | d                                                         |           |              | RTL descri               | ption rules                                                              |                                   |  |
| Entity conflict postfix: _block         |                       | _block         | Package postfix:                                                                                                                               |                                                                                                                                                                                                                                                                                                                                | _pl                                                                          | kg                                                        |           |              | for clock enable signals |                                                                          |                                   |  |
|                                         |                       | _rsvd          |                                                                                                                                                | Split entity file postf                                                                                                                                                                                                                                                                                                        |                                                                              | ntity                                                     |           |              | -                        | age of reset signals                                                     |                                   |  |
| Clocked process postfix: _process       |                       | process        | Split arch file postfix                                                                                                                        |                                                                                                                                                                                                                                                                                                                                | c a                                                                          | arch                                                      |           |              |                          | Detect usage of asynchronous reset signals     Minimize use of variables |                                   |  |
| Complex real part pos                   |                       | _re            |                                                                                                                                                | Split entity and a                                                                                                                                                                                                                                                                                                             |                                                                              |                                                           |           |              |                          |                                                                          | ments that set RAM initial values |  |
| Complex imaginary pa                    |                       | _              |                                                                                                                                                | VHDL architecture n                                                                                                                                                                                                                                                                                                            |                                                                              |                                                           | -11       |              | Check f                  | or conditional                                                           | statements in processes           |  |
| complex imaginary pe                    | are posenia           |                |                                                                                                                                                |                                                                                                                                                                                                                                                                                                                                |                                                                              |                                                           |           |              | Lenath                   | 1                                                                        |                                   |  |
|                                         |                       |                |                                                                                                                                                |                                                                                                                                                                                                                                                                                                                                |                                                                              |                                                           |           |              |                          |                                                                          |                                   |  |
| Enable profiv:                          |                       | onh            | General                                                                                                                                        |                                                                                                                                                                                                                                                                                                                                | tyle Co                                                                      | ding standards Dia                                        | gnostics  | Floating Poi | nt Target                |                                                                          | :hain length                      |  |
| Enable prefix:                          |                       | enb            | RTL An                                                                                                                                         | notations                                                                                                                                                                                                                                                                                                                      |                                                                              | ding standards Dia                                        | gnostics  | Floating Poi | nt Target                |                                                                          | :hain length                      |  |
| Pipeline postfix:                       |                       | _pipe          | RTL An                                                                                                                                         | notations<br>Verilog`timescale dire                                                                                                                                                                                                                                                                                            |                                                                              | ding standards Dia                                        | gnostics  | Floating Poi | nt Target                |                                                                          | hain length<br>resting depth      |  |
| Pipeline postfix:<br>VHDL library name: |                       | _pipe<br>work  | RTL Ani                                                                                                                                        | notations<br>Verilog `timescale dire<br>e VHDL configuration                                                                                                                                                                                                                                                                   | ectives                                                                      | ding standards Dia                                        | gnostics  | Floating Poi | nt Target                |                                                                          |                                   |  |
| Pipeline postfix:                       | de for mode           | _pipe<br>work  | RTL An                                                                                                                                         | notations<br>Verilog`timescale dire                                                                                                                                                                                                                                                                                            | ectives<br>os                                                                | ding standards Dia                                        | gnostics  | Floating Poi | nt Target                |                                                                          |                                   |  |
| Pipeline postfix:<br>VHDL library name: | de for mode           | _pipe<br>work  | RTL Ani<br>Use<br>Inlin<br>Conc<br>Emit                                                                                                        | Verilog `timescale dire<br>Verilog `timescale dire<br>e VHDL configuration<br>catenate type safe zero<br>time/date stamp in h                                                                                                                                                                                                  | ectives<br>os                                                                | Dia standards Dia                                         | gnostics  | Floating Poi | nt Target                |                                                                          |                                   |  |
| Pipeline postfix:<br>VHDL library name: | de for mode           | _pipe<br>work  | RTL Ani<br>Use<br>Inlin<br>Conc<br>Emit                                                                                                        | Notations<br>Verilog `timescale dire<br>e VHDL configuration<br>catenate type safe zero<br>time/date stamp in he<br>stomizations                                                                                                                                                                                               | ectives<br>os<br>eader                                                       | -                                                         | gnostics  | Floating Poi | nt Target                |                                                                          |                                   |  |
| Pipeline postfix:<br>VHDL library name: | de for mode           | _pipe<br>work  | RTL Ani<br>Use<br>Inlin<br>Conc<br>Emit<br>RTL Cus                                                                                             | Verilog `timescale dire<br>Verilog `timescale dire<br>e VHDL configuration<br>catenate type safe zero<br>time/date stamp in h                                                                                                                                                                                                  | ectives<br>os<br>eader<br>by aggreg                                          | -                                                         | gnostics  | Floating Poi | nt Target                |                                                                          |                                   |  |
| Pipeline postfix:<br>VHDL library name: | de for mode           | _pipe<br>work  | RTL Ani<br>Use<br>Inlin<br>Conc<br>Emit<br>RTL Cu:<br>RTL Cu:<br>Repr<br>Inlin                                                                 | Notations<br>Verilog `timescale direc<br>e VHDL configuration<br>catenate type safe zero<br>time/date stamp in h<br>stomizations<br>esent constant values                                                                                                                                                                      | ectives<br>os<br>eader<br>by aggreg                                          | -                                                         | gnostics  | Floating Poi | nt Target                |                                                                          | Nesting depth                     |  |
| Pipeline postfix:<br>VHDL library name: | de for mode           | _pipe<br>work  | RTL Ani<br>V Use<br>Inlin<br>Conc<br>Emit<br>Emit<br>RtL Cu:<br>Repr<br>Inlin<br>V Initia                                                      | verilog `timescale direc<br>e VHDL configuration<br>catenate type safe zero<br>time/date stamp in h<br>stomizations<br>resent constant values<br>e MATLAB Function blo                                                                                                                                                         | ectives<br>os<br>eader<br>by aggreg                                          | -                                                         | -         | Floating Poi | nt Target                |                                                                          | Nesting depth                     |  |
| Pipeline postfix:<br>VHDL library name: | de for mode           | _pipe<br>work  | RTL Ani<br>V Use<br>Inlin<br>Conc<br>Emit<br>Emit<br>Repr<br>Inlin<br>V Initia<br>RAM An                                                       | verilog 'timescale dire<br>e VHDL configuration<br>catenate type safe zero<br>time/date stamp in h<br>stomizations<br>resent constant values<br>e MATLAB Function bil<br>alize all RAM blocks                                                                                                                                  | ectives<br>os<br>eader<br>by aggreg<br>ock code                              | ates                                                      | : enable  |              | nt Target                | •<br>•                                                                   | Nesting depth                     |  |
| Pipeline postfix:<br>VHDL library name: | de for mode           | _pipe<br>work  | RTL Ani<br>Use<br>Inlin<br>Conc<br>Emit<br>RtL Cu:<br>Repr<br>Inlin<br>Inlin<br>Inlin<br>RAM An<br>No-rese                                     | Notations<br>Verilog ' timescale dire<br>e VHDL configuration<br>catenate type safe zerr<br>time/date stamp in h<br>stomizations<br>resent constant values<br>e MATLAB Function bi<br>alize all RAM blocks<br>chitecture:<br>tregisters initialization                                                                         | ectives<br>os<br>eader<br>by aggreg<br>ock code                              | RAM with clock                                            | : enable  |              | nt Target                |                                                                          | Nesting depth                     |  |
| Pipeline postfix:<br>VHDL library name: | de for mode           | _pipe<br>work  | RTL Ani<br>Use<br>Inlin<br>Conc<br>Emit<br>RTL Cu:<br>Repr<br>Inlin<br>Inlin<br>Inlin<br>RAM An<br>No-rese<br>RTL Sty                          | verilog 'timescale dire<br>e VHDL configuration<br>catenate type safe zerr<br>time/date stamp in hi<br>stomizations<br>resent constant values<br>e MATLAB Function bi<br>alize all RAM blocks<br>chitecture:<br>tr registers initialization<br>de                                                                              | ectives<br>os<br>eader<br>by aggreg<br>ock code<br>n:                        | RAM with clock<br>Generate an ex                          | : enable  |              | nt Target                |                                                                          | Nesting depth                     |  |
| Pipeline postfix:<br>VHDL library name: | de for mode           | _pipe<br>work  | RTL Ani<br>Use<br>Inlin<br>Conc<br>Emit<br>Emit<br>REPT<br>Inlin<br>RAM An<br>No-rese<br>RTL Sty<br>Use                                        | Notations<br>Verilog ' timescale dire<br>e VHDL configuration<br>catenate type safe zerr<br>time/date stamp in h<br>stomizations<br>resent constant values<br>e MATLAB Function bi<br>alize all RAM blocks<br>chitecture:<br>tregisters initialization                                                                         | ectives<br>os<br>eader<br>by aggreg<br>ock code<br>n:<br>dge" style          | RAM with clock<br>Generate an ex                          | : enable  |              | nt Target                |                                                                          | Nesting depth                     |  |
| Pipeline postfix:<br>VHDL library name: | de for mode           | _pipe<br>work  | RTL Ani<br>Use<br>Inlin<br>Conc<br>Emit<br>RTL Cu:<br>Repr<br>Inlin<br>Inlin<br>Inlin<br>RAM An<br>No-rese<br>RTL Sty<br>Use<br>Minin          | verilog ' timescale dire<br>e VHDL configuration<br>catenate type safe zerr<br>time/date stamp in h<br>stomizations<br>esent constant values<br>e MATLAB Function bi<br>alize all RAM blocks<br>chitecture:<br>tregisters initialization<br>de<br>"rising_edge/falling_ed                                                      | ectives<br>os<br>eader<br>by aggreg<br>ock code<br>n:<br>dge" style          | RAM with clock<br>Generate an ex                          | : enable  |              | nt Target                |                                                                          | Nesting depth                     |  |
| Pipeline postfix:<br>VHDL library name: | de for mode           | _pipe<br>work  | RTL Ani<br>Use<br>Inlin<br>Conc<br>Emit<br>RTL Cu:<br>Repr<br>Inlin<br>Inlin<br>Inlin<br>RAM An<br>No-rese<br>RTL Sty<br>Use<br>Minii<br>Scala | Verilog ' timescale dire<br>e VHDL configuration<br>catenate type safe zerr<br>time/date stamp in h<br>stomizations<br>esent constant values<br>e MATLAB Function bi<br>alize all RAM blocks<br>chitecture:<br>tregisters initialization<br>de<br>"rising_edge/falling_ee<br>mize intermediate sign                            | ectives<br>os<br>eader<br>by aggreg<br>ock code<br>n:<br>dge" style          | RAM with clock<br>Generate an ex                          | : enable  |              | nt Target                |                                                                          | Nesting depth                     |  |
| Pipeline postfix:<br>VHDL library name: | de for mode           | _pipe<br>work  | RTL Ani<br>V Use<br>V Inlin<br>V Conc<br>Emit<br>RTL Cu:<br>Repr<br>Inlin<br>V Initia<br>RAM An<br>No-rese<br>RTL Sty<br>Use<br>Minii<br>Scala | Verilog ' timescale dire<br>e VHDL configuration<br>catenate type safe zere<br>time/date stamp in hi<br>stomizations<br>essent constant values<br>e MATLAB Function bli<br>alize all RAM blocks<br>chitecture:<br>tt registers initialization<br>de<br>"rising_edge/falling_ee<br>mize intermediate sign<br>arize vector ports | ectives<br>os<br>eader<br>by aggreg<br>ock code<br>n:<br>dge" style t<br>als | ates<br>RAM with clock<br>Generate an ex<br>for registers | s enable  |              | nt Target                |                                                                          | Nesting depth                     |  |

### PROPRIETARY INFORMATION

This document is not to be reproduced, modified, adapted, published, translated in any material form in whole or in part nor disclosed to any third party without the prior written permission of Thales Alenia Space © Thales Alenia Space, 2020 All right reserved

THALES ALENIA SPACE INTERNAL



General Ports Coding style Coding standards Diagno

- Choose coding standard

10

Date: 28/062022

Ref: EDHPC-2023

Template: 83230347-DOC-TAS-EN-009

# **DESIGN PROCEDURE. HDL CODER USAGE DECISION**

### /// Simplified (and not exhaustive) multiple-criteria decision analysis



11

#### PROPRIETARY INFORMATION

This document is not to be reproduced, modified, adapted, published, translated in any material form in whole or in part nor disclosed to any third party without the prior written permission of Thales Alenia Space. © Thales Alenia Space, 2020 All right reserved



# **AUTOCODING PROCEDURE**

# ///Specific Rules for VHDL Automatic Generation Tools cover:

### Automatic Generation Tools project management

- Organization of project data
- Version Control Management

### Automatic Code Generation workflow

Project classification, review milestones, required documentation, roles,...

### **I** Validation and Verification Procedure

From SRR to the final delivery

### **/** Well practices & General Reliability Rules

- Clocking
- Specific unit-testing of SEU mitigation techniques, such as TMR or ECC+scrubbing
- Use of specific Simulink features

Date: 28/062022 Ref: EDHPC-2023 Template: 83230347-DOC-TAS-EN-009

12

#### PROPRIETARY INFORMATION

This document is not to be reproduced, modified, adapted, published, translated in any material form in whole or in part nor disclosed to any third party without the prior written permission of Thales Alenia Space. © Thales Alenia Space, 2020 All right reserved





# **VALIDATION & VERIFICATION DURING THE FW LIFE CYCLE**



#### PROPRIETARY INFORMATION

This document is not to be reproduced, modified, adapted, published, translated in any material form in whole or in part nor disclosed to any third party without the prior written permission of Thales Alenia Space. © Thales Alenia Space, 2020 All right reserved









# PHASER ADC DEMOSTRATOR

#### PROPRIETARY INFORMATION

This document is not to be reproduced, modified, adapted, published, translated in any material form in whole or in part nor disclosed to any third party without the prior written permission of Thales Alenia Space. © Thales Alenia Space, 2020 All right reserved

THALES ALENIA SPACE INTERNAL



Date: 28/062022 . Ref: EDHPC-2023 Template: 83230347-DOC-TAS-EN-009

14



## PRODIGE PRODUCT FAMILY

- UHF Transparent proessor
  - C Band Hybrid processor
- Ka/L Band Transparent processor



# **QPSK spread-spectrum demodulator**

 Date:
 28/062022

 /// 15
 Ref:
 EDHPC-2023

 Template:
 83230347-DOC-TAS-EN-009

#### PROPRIETARY INFORMATION

This document is not to be reproduced, modified, adapted, published, translated in any material form in whole or in part nor disclosed to any third party without the prior written permission of Thales Alenia Space. © Thales Alenia Space, 2020 All right reserved



# CONCLUSSIONS

### Background in TAS in Spain

Usage of MBD /MBSE from more than 20 years

### Successful tool evaluation

HDL Coder was selected as the most mature tool for MBD

### **Design Procedure at TAS in Spain**

Standard procedure for MBD / MBDE approved by Quality and design authorities

### **Real Use Cases**

R&D and commercial projects results have demonstrated the solidity of the procedure

### **Future work**

To standardize the use in non commercial missions (ECSS / Guidelines for scientific or observation missions)

5

16

3

4

### PROPRIETARY INFORMATION

This document is not to be reproduced, modified, adapted, published, translated in any material form in whole or in part nor disclosed to any third party without the prior written permission of Thales Alenia Space. © Thales Alenia Space, 2020 All right reserved



We believe in Space as humankind's new horizon to build a better, sustainable life on Earth

# SPACE FOR LIFE

 Date:
 28/062022

 /// 17
 Ref:
 EDHPC-2023

 Template:
 83230347-DOC-TAS-EN-009

#### ROPRIETARY INFORMATION

This document is not to be reproduced, modified, adapted, published, translated in any material form in whole or in part nor disclosed to any third party without the prior written permission of Thales Alenia Space. © Thales Alenia Space, 2020 All right reserved



### THALES ALENIA SPACE IN SPAIN C/Einstein, 7 (P.T.M.) 28760 Tres Cantos Madrid - SPAIN

Tel.: (+34) 91 807 79 00 Fax: (+34) 91 807 79 99 E-mail: comunicacion.espacio@thalesaleniaspace.com http://www.thalesaleniaspace.com

Bienvenido

THALES

#### PROPRIETARY INFORMATION

This document is not to be reproduced, modified, adapted, published, translated in any material form in whole or in part nor disclosed to any third party without the prior written permission of Thales Alenia Space. © Thales Alenia Space, 2020 All right reserved

THALES ALENIA SPACE INTERNAL



 Date:
 28/062022

 /// 18
 Ref:
 EDHPC-2023

 Template:
 83230347-DOC-TAS-EN-009