PrimePower

Functional Safety Manual

March 2018, Revision 1.5
Copyright and Proprietary Information Notice
© 2018 Synopsys, Inc. All rights reserved. This software and documentation contain confidential and proprietary information that is the
property of Synopsys, Inc. The software and documentation are furnished under a license agreement and may be used or copied only
in accordance with the terms of the license agreement. No part of the software and documentation may be reproduced, transmitted, or
translated, in any form or by any means, electronic, mechanical, manual, optical, or otherwise, without prior written permission of
Synopsys, Inc., or as expressly provided by the license agreement.
Destination Control Statement
All technical data contained in this publication is subject to the export control laws of the United States of America. Disclosure to
nationals of other countries contrary to United States law is prohibited. It is the reader's responsibility to determine the applicable
regulations and to comply with them.
Disclaimer
SYNOPSYS, INC., AND ITS LICENSORS MAKE NO WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, WITH REGARD TO THIS
MATERIAL, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
PARTICULAR PURPOSE.
Trademarks
Synopsys and certain Synopsys product names are trademarks of Synopsys, as set forth at
https://www.synopsys.com/company/legal/trademarks-brands.html.
All other product or company names may be trademarks of their respective owners.
Third-Party Links
Any links to third-party websites included in this document are for your convenience only. Synopsys does not endorse and is not
responsible for such websites and their practices, including privacy practices, availability, and content.

Synopsys, Inc.
690 E. Middlefield Road
Mountain View, CA, 94043
www.synopsys.com

Synopsys, Inc. March 2018, Revision 1.5

2
Document Control
Revision history
Version Description Date
1.0 First release of the document submitted for review. 15-Jan-2018
1.1 Added revision history, fixed template issues. 06-Feb-2018
1.2 Modified CoUs, AoUs, and Use Case description as needed. Fixed 01-Mar-2018
boilerplate changes from general feedback.
1.3 Corrected final AoU ID in Appendix B. 07-Mar-2018
1.4 Modified CoUs and Use Case description. 09-Mar-2018
1.5 Slight update to Chapter 2 intro 11-Mar-2018

March 2018, Revision 1.5 Synopsys, Inc.

3
 Contents
1 Customer Support .............................................................................................................................. 5
Accessing SolvNet ............................................................................................................................ 5
Contacting Synopsys Support ........................................................................................................... 5
2 Scope of This Document .................................................................................................................... 6
Using This Document ........................................................................................................................ 6
Terms and Definitions ....................................................................................................................... 6
3 Confidence in the Use of Software Tools According to ISO 26262-8, Clause 11 ............................. 10
Overview of ISO 26262-8, Clause 11 .............................................................................................. 10
Work Split between Synopsys and Tool Users ............................................................................... 11
4 PrimePower Description ................................................................................................................... 16
Coverage ........................................................................................................................................ 16
Compliance with ISO 26262............................................................................................................ 16
Product Documentation and Support .............................................................................................. 16
Installation and Supported Platforms .............................................................................................. 17
User Competence ........................................................................................................................... 17
Managing Known Safety-Related Defects ...................................................................................... 18
Managing New Releases ................................................................................................................ 18
5 Synopsys Digital Tool Chain ............................................................................................................ 19
6 Use Case ......................................................................................................................................... 20
Use Case 1: Power Analysis in Power-Critical Safety Applications ................................................ 22
7 Limitations of Use Case ................................................................................................................... 24
Appendix A Software Tool Information ............................................................................................ 25
Appendix B Complete List of CoU and AoU IDs .............................................................................. 27

March 2018, Revision 1.5 Synopsys, Inc.

4
 1
Customer Support
This section describes the customer support that is available through the Synopsys SolvNet®
customer support website or by contacting the Synopsys support center.

Accessing SolvNet
The SolvNet support site includes an electronic knowledge base of technical articles and answers to
frequently asked questions about Synopsys tools. The site also gives you access to a wide range of
Synopsys online services, which include downloading software, viewing documentation, and entering
a call to the Support Center.
To access the SolvNet site:
1. Go to the web page at https://solvnet.synopsys.com.
2. If prompted, enter your user name and password. (If you do not have a Synopsys user name and
password, follow the instructions to register.)

If you need help using the site, click Help on the menu bar.

Contacting Synopsys Support

If you have problems, questions, or suggestions, you can contact the Synopsys support center in the
following ways:
Go to the Synopsys Global Support Centers site on synopsys.com. There you can find e-mail
addresses and telephone numbers for Synopsys support centers throughout the world.
Go to either the Synopsys SolvNet site or the Synopsys Global Support Centers site and open a
case online (Synopsys user name and password required).

Synopsys, Inc. March 2018, Revision 1.5

5
 2
Scope of This Document
This section describes the scope of this document and defines terms used in this document.

Using This Document

The PrimePower Functional Safety Manual describes the proper use of the PrimePower tool in
safety-related applications according to the ISO 26262 standard, and is intended to confirm the
compliance of the PrimePower tool to the standard when used in the context of a tool chain.
The PrimePower tool enables the user to accurately analyze power dissipation of cell-based designs.
It is intended as an advanced solution for ASIC and structured custom circuit designers who are
developing products for power-critical applications.
Section 3 describes an overview of the ISO 26262-8, clause 11 and the approach adopted by
Synopsys to comply with the requirements of the standard. Section 4 defines the general information
such as where to find the latest documentation and installation requirements regarding the use of the
PrimePower tool as a software tool in the development of safety-related applications. Section 5
shows the high-level overview of the tool chain that this product belongs to. Section 6 details the
safety-related requirements for the safety-qualified use case of the PrimePower tool. Section 7 lists
the known limitations of the use case.
Specific documentation for performing design and analysis as part of an ISO 26262 compliant flow is
provided in Section 3, Section 5, Section 6, Appendix A, and Appendix B of this document, the
PrimePower Functional Safety Manual.

Terms and Definitions

Term Definition
AoU Assumption of Use.
An action that is assumed and required to be taken by the user of a
software tool.

ASIL Automotive Safety Integrity Level.

This is a risk classification scheme defined by the standard ISO 26262.
The standard identifies four levels: ASIL A, ASIL B, ASIL C, and ASIL D.
ASIL D dictates the highest integrity requirements on a product and ASIL
A dictates the lowest.

Synopsys, Inc. March 2018, Revision 1.5

6
 Term Definition
Component A part of an electronic system that implements a function in a vehicle. See
also Part 1 of the standard ISO 26262 for the definition. The standard also
refers to elements and items, but for the PrimePower Functional Safety
Manual, there is no difference.

CoU Condition of Use.

A condition of the design, software tool, design environment, or situation
that is assumed and required to be fulfilled by the user.

CRM Customer Relationship Management.

Internal Synopsys database that manages customer STARs.

db A binary file format for storing library and design data.

Defect Product nonconformance.

Error An error is a discrepancy between the actual and the specified or

theoretically correct operation of an element.
The root causes of an error can be manifold. In this document, the focus
is on errors that are introduced or left undetected in a design, due to the
malfunction in a software tool (e.g. generation of bad logic by a logic
synthesis tool, failure of a static timing analysis tool to detect a timing
violation).

Fault An abnormal condition that can cause an element or item to fail.

Fault analysis An analysis that determines the behavior of a system when a fault is
introduced.

FMEA Failure Mode and Effects Analysis.

An analysis that looks at different parts of a system, identifies ways the
parts could fail, and determines the causes and effects of these potential
failures.

FSDB Fast Signal DataBase. FSDB is a binary file format that represents several
simulation data formats.

PPWR Abbreviation of the PrimePower tool. Both PPWR and PrimePower are
interchangeably used in this document.

SAIF Switching Annotation Interchange Format. A text syntax for passing

switching information between tools.

March 2018, Revision 1.5 Synopsys, Inc.

7
Term Definition
SDC Synopsys Design Constraints. A Tcl-based syntax for describing design
constraints.

Software / software The PrimePower tool.

tool

Software tool criteria Analysis according to ISO 26262 to determine the required TCL of a
evaluation software tool.

Software tool Means to create evidence, that a software tool with low or medium TCL is
qualification suitable to be used in the development of safety related products
according to ISO 26262.

SolvNet Synopsys customer support site.

SPEF Abbreviation for Standard Parasitic Exchange Format.

Standard In this document, refers to ISO 26262 Road Vehicles – Functional Safety,
2011 and 2018 versions.

STAR Synopsys Technical Action Request.

A STAR documents and tracks a product Bug or Enhancement request
(called a B-STAR or an E-STAR, respectively). It is stored in the
Synopsys CRM database.
Only Synopsys employees can access the CRM database. However,
limited STAR information is available from SolvNet for customers who are
associated with the user site of a STAR. Customer contacts are notified
automatically when a STAR is filed or when its status changes.

TCL Tool confidence level, as defined by ISO 26262-8, clause 11.

Note: The TCL of a software tool does not necessarily indicate whether
the tool may malfunction or not. The TCL defines the confidence
level that an error in the safety-related design, which is introduced
or left undetected by the software tool, can be prevented or
detected in subsequent steps of the development flow, before the
erroneous safety-related design is released.

TD Tool error detection, as defined in ISO 26262-8, clause 11.

TI Tool impact, as defined in ISO 26262-8, clause 11.

Use case A use case is a specific way of using a software tool, that can be
characterized by:
- a limited set of tool functions and features that are used;

Synopsys, Inc. March 2018, Revision 1.5

8
 Term Definition
- a set of restrictions and constraints that are regarded while using
the tool; and
- a specific goal to be achieved or output to be generated by using
the software tool
Use cases may be associated with different steps or phases in the design
process, or they may describe alternative ways of using the tool for a
specific design step.

VCD Abbreviation for Value Change Dump, a file format generated by logic
simulation tools.

March 2018, Revision 1.5 Synopsys, Inc.

9
 3
Confidence in the Use of Software Tools According to
ISO 26262-8, Clause 11
This section provides an overview of the ISO 26262-8, clause 11. It then describes the approach
adopted by Synopsys to comply with the requirements of the standard, and how this is mapped to
activities performed by Synopsys and the end user of the Synopsys tools.

Overview of ISO 26262-8, Clause 11

Synopsys EDA software tools contribute significantly to the design specification, implementation,
integration, verification and validation of electrical and electronic (E/E) systems and components. If
these E/E systems and components are used as part of a safety-related automotive product, an error
in these systems or components could have severe consequences on functional safety. Such an error
may arise as a result of unforeseen operating conditions or due to a fault introduced during product
development, which in turn may be caused by a software tool malfunction. ISO 26262-8, clause 11
(Confidence in the Use of Software Tools) addresses this issue and specifies requirements and
methods which aim to minimize the risk of faults in the developed product due to malfunctions of a
software tool affecting the product’s functional safety.
According to ISO 26262, to determine the required level of confidence in a software tool that is used
in the development of a safety-related automotive product, the following criteria are evaluated:
The possibility that the malfunctioning software tool and its corresponding erroneous output can
introduce or fail to detect errors in a safety-related element being developed.
The confidence in preventing or detecting such errors in its corresponding output.
This procedure is called Software Tool Criteria Evaluation, and it must be performed for all software
tools that are involved in the development of a safety-related element, resulting in a required Tool
Confidence Level (TCL) for each software tool.
If the software tool criteria evaluation determines that a medium or high TCL is required, then
appropriate Software Qualification methods must be applied, effectively reducing the risk of a critical
software tool error. The choice of software qualification methods depends on the required TCL and
the maximum ASIL of all the safety requirements allocated to the element developed using the
software tool. However, if the software tool criteria evaluation determines that only a low TCL is
required, then there is no need to apply such software qualification methods.
The software tool criteria evaluation and software tool qualification flow is summarized in Error!
Reference source not found..

Synopsys, Inc. March 2018, Revision 1.5

10
 Figure 1: Software tool criteria evaluation and software tool qualification flow

Work Split between Synopsys and Tool Users

A software tool criteria evaluation must always be performed in the development environment of the
final tool user, and in the context of the actual product development. It is in this context, where
potential tool malfunctions, their effect on the safety-related product, and the effectiveness of
prevention and detection measures must be analyzed.
However, the tool vendor can support the tool user by performing a software tool criteria evaluation
(and, if required, a software tool qualification) on their own, based on assumed tool use cases and an
assumed development environment. If the assumptions made by the tool vendor match the actual
situation at the tool user, then the user can take over the evaluation (and qualification) results from
the tool vendor. Besides significantly reducing the effort for the tool user, this approach can also
result in a better quality for the software tool criteria evaluation and qualification, since the tool vendor
typically has a more detailed understanding of the inner working and possible malfunctions of the
software tool.
Synopsys has adopted exactly this approach, which is summarized in Error! Reference source not
found..

March 2018, Revision 1.5 Synopsys, Inc.

11
 Figure 2: Work Split between Synopsys and Tool Users

Synopsys performs the following activities:

1. Software tool criteria evaluation
Identification of possible use cases for the software tool, together with required inputs and
expected outputs
Specification of conditions of use (CoU) for each use case, related to the development
environment in which the tool is assumed to be deployed, including tool usage procedures and
constraints
Analysis of potential software tool malfunctions, and their effect on a safety-related product
that is developed with this tool
Analysis of prevention and detection measures internal to the software tool, to avoid tool
malfunctions, or to control and mitigate their effects
Specification of assumptions of use (AoU), which are additional prevention and detection
measures assumed to be performed by the end user of the tool

Synopsys, Inc. March 2018, Revision 1.5

12
 Estimation of the Tool Impact (TI) for each malfunction, and the probability of Tool error
Detection (TD) by the prevention and detection mechanisms (including assumptions of use)
Determination of the required Tool Confidence Level (TCL) for each software tool
malfunction, based on TI and TD
Determination of the maximum TCL from all software tool malfunctions related to a use case.
This is called the pre-determined TCL for the software tool use case
Summary of the results in a software tool criteria evaluation report

2. Software tool qualification

If the pre-determined TCL indicates that a medium (TCL2) or high (TCL3) tool confidence level
is required for the software tool, then Synopsys may decide to perform a software tool
qualification
The specific methods applied for tool qualification can vary for different tools and use cases,
and they may include an evaluation of the software tool development process, the validation of
the complete software tool, the validation of critical tool malfunctions with insufficient
prevention and detection measures, or other methods
Summary of the qualification methods, procedures and results in a software tool qualification
report

3. Safety manual for the software tool

The PrimePower Functional Safety Manual (this document) is an important deliverable to the
tool users, as it includes all end user-relevant information from the Synopsys software tool
criteria evaluation and qualification
Software tool criteria evaluation related information, documented in Section 6, includes:
o Description of software tool use cases
o Description of the required inputs and expected outputs for each use case
o Specification of conditions of use (CoU – conditions of the design, software tool, design
environment, or situation that are assumed and required to be fulfilled by the user) for
each use case
o Specification of assumptions of use (AoU – actions that are assumed and required to be
taken by the user of a software tool) for each use case
o Pre-determined TCL for each use case
Software tool qualification related information (not required for the PrimePower tool and
therefore not included in this safety manual)
o Description of the scope of the software tool qualification, including malfunctions and
scenarios covered by the qualification
o Specification of additional conditions of use (CoU) derived from the software tool
qualification
o Specification of additional assumptions of use (AoU) derived from the software tool
qualification
Other information included in this safety manual
o General information about the software tool needed by the tool user (see Appendix A)
o Known limitations of the software tool, related to the described use case as documented
in Section 7

March 2018, Revision 1.5 Synopsys, Inc.

13
4. Certification and assessment report
Synopsys may decide to perform a functional safety assessment, to confirm the correctness,
completeness and ISO 26262 conformance of the performed software tool criteria evaluation
and qualification
Synopsys may also decide to achieve certification from an accredited third-party certification
body, in addition to the functional safety assessment
The results of these activities are summarized in a functional safety assessment report and a
certificate which can be viewed at exida Certificate for ISO 26262 Compliance

If the tool user wants to benefit from the work done by Synopsys, then according to the Error!
Reference source not found. above, the user shall perform the following activities for each software
tool:

1. Software tool criteria evaluation

Review and verify that the software tool criteria evaluation (and qualification) performed by
Synopsys, as documented in the tool‘s Functional Safety Manual, matches the actual situation
of the user’s product development process
o Verify whether the actual use case(s) of the software tool match those evaluated by
Synopsys
o Verify whether the actual inputs and outputs are identical to or a sub-set of those as
evaluated by Synopsys
o Verify that all conditions of use (CoU) specified by Synopsys are met, or whether the
development process can be adjusted to meet these CoU(s)
o Verify that all assumptions of use (AoU) specified by Synopsys are met, or whether the
development process can be adjusted to meet these AoU(s)
o Verify that the pre-determined Tool Confidence Level (TCL) for the relevant use case(s)
are TCL1, or
o Verify that Synopsys has successfully performed an additional software tool qualification
for all TCL2 and TCL3 scenarios to conclude that the tool is suitable to be used for the
development of a safety-related element of the same or higher ASIL than required by
the user
If all the verification steps described above are successful, then the results of the Synopsys
software tool criterial evaluation (and qualification) are applicable to the tool user, which
means:
o The required TCL pre-determined by Synopsys can be taken over by the tool user for
actual product development
o If the pre-determined TCL is TCL1, then the tool can be used without the need to
perform any additional software tool qualification
o If the pre-determined TCL is TCL2 or TCL3, then the software tool qualification
performed by Synopsys is sufficient, and the tool can be used without the need for
further software tool qualification by the end user
All of the steps above must be documented in a software tool criteria evaluation report,
including evidence for the successful conclusion of all verification steps, which may include
reference to the Synopsys Functional Safety Manual, and optionally, to the Synopsys
certification and assessment report

Synopsys, Inc. March 2018, Revision 1.5

14
2. Software tool qualification
If any of the verification steps described above as part of the tool user’s software tool criteria
evaluation fails (e.g. different use case, CoU or AoU cannot be met, pre-determined TCL is not
TCL1 and Synopsys has not performed a software tool qualification), then the user must
perform his/her own software tool qualification
The specific methods applied for tool qualification are decided and planned by the tool user --
Synopsys does not recommend any specific methods or procedures
The summary of the qualification methods, procedures and results shall be documented in a
software tool qualification report

March 2018, Revision 1.5 Synopsys, Inc.

15
 4
PrimePower Description
This section provides a general description regarding the use of the PrimePower tool as a software
tool in the development of safety-related applications and describes where to get the latest product
documentation and the runtime environment required to use the PrimePower tool.

Coverage
The PrimePower Functional Safety Manual is intended to be used starting with the version 2018.06
and later versions of the PrimePower tool per the use case presented in this document. In general,
unless otherwise noted, the failure modes and detection mechanisms noted in the use case
presented in Section 6 are tool version independent.

Compliance with ISO 26262

The PrimePower tool can be used in the development of safety-related elements according to
ISO 26262, with allocated safety requirements up to a maximum Automotive Safety Integrity Level D
(ASIL D), if the tool is used in the context of a tool chain and in compliance with this document, the
PrimePower Functional Safety Manual.
See the exida Certificate for ISO 26262 Compliance of Synopsys PrimePower when used in a tool
chain flow.

Product Documentation and Support

Comprehensive documentation for using the PrimePower tool is provided on SolvNet. The latest
documentation for the PrimePower tool can be accessed on SolvNet.
Specific documentation for performing design and analysis as part of an ISO 26262 compliant flow is
provided in Section 3, Section 5, Section 6 and Appendix A of this document, the PrimePower
Functional Safety Manual.
Synopsys provides online customer support for the PrimePower tool. See Section 1 for more
information.

Synopsys, Inc. March 2018, Revision 1.5

16
Installation and Supported Platforms
The installation of the PrimePower tool must follow the guidelines in the Synopsys® Installation Guide
as well as the specific PrimePower Installation Notes document.
Users are required to download the tool executable and INSTALL_README from the SolvNet site at
https://solvnet.synopsys.com/DownloadCenter/dc/product.jsp.
Supported platforms and operating systems requirements:
For installation instructions, see the Synopsys® Installation Guide at
https://www.synopsys.com/install.
For the latest supported binary-compatible hardware platform or operating system, including
required operating system patches, see https://www.synopsys.com/qsc.
If updates (including security patches) to computing environments (including operating systems)
are backward compatible with previous versions of the computing environment used to test the
PrimePower tool, the results of the testing performed by Synopsys using such previous versions
are applicable.
Additional information:
For information about the compute platforms roadmap, go to
https://www.synopsys.com/support/licensing-installation-computeplatforms/compute-
platforms/compute-platforms-roadmap.html.
For platform notices, go to https://www.synopsys.com/support/licensing-installation-
computeplatforms/compute-platforms/platform-notice.html.
For information regarding the license key retrieval process, go to
https://solvnet.synopsys.com/smartkeys/smartkeys.cgi.

User Competence
To properly use the PrimePower tool, a user must have a good understanding and working
knowledge of the following:
Electrical engineering and circuit design
The ISO 26262 standard
Documentation of the PrimePower tool, such as the PrimePower User Guide on SolvNet
This Functional Safety Manual
The published list of safety-related defects for the PrimePower tool available at
PrimePower Safety-Related Issues Master List on SolvNet
Applicability of the PrimePower tool in the overall tool chain

March 2018, Revision 1.5 Synopsys, Inc.

17
Managing Known Safety-Related Defects
Synopsys maintains current information for every reported defect through STARs. The PrimePower
team evaluates each reported issue for potential impact on functional safety.
A list of all known safety-related defects for each release of the PrimePower tool is available in a
SolvNet knowledge base article and is referenced from the PrimePower Release Notes document.
PrimePower users must assess, as part of their own software tool criteria evaluation, the potential
impact of the known safety-related defects in their design and must ensure mitigation of any relevant
safety-related defects.

Managing New Releases

Synopsys can release new versions of the PrimePower tool at any time to extend its functionality or to
fix defects. When a new version is available, notification is posted on the SolvNet site. A subscription
service is available for users to be notified of any new product releases.
When installing a new version of the PrimePower tool, users must evaluate the impact of any known
safety-related defects in their design by checking the accompanying PrimePower Release Notes for
the following:
Any changes that apply to safety-related use cases
List of known safety-related defects in the new version of the PrimePower tool
In addition, users must refer to the latest version of this document, the PrimePower Functional Safety
Manual, available with the product release contents.

Synopsys, Inc. March 2018, Revision 1.5

18
 5
Synopsys Digital Tool Chain
This section provides an overview of where the PrimePower is used in the tool chain.
The ISO 26262 standard provides a methodology and requirements for software tool criteria
evaluation and qualification (see ISO 26262-8, clause 11). It applies to software tools used for the
development of safety-related designs where it is essential that the tool operates correctly without
introducing or failing to detect errors in the safety-related design.
The suitability of a software tool to be used in the development of a safety-related design is
determined in the software tool criteria evaluation, which results in a Tool Confidence Level (TCL): a
level of confidence that the software tool does not introduce or fail to detect an error in the design
without being noticed, and mitigated before the design is released as a safety-related product. This
evaluation is best performed in the context of the overall software tool chain and development flow, in
which the individual software tool is used. The following high-level diagram reflects the tool chain for
which the PrimePower tool is applicable.
Synopsys Digital Tool Chain

March 2018, Revision 1.5 Synopsys, Inc.

19
 6
Use Case
This section describes the safety-qualified use case of the PrimePower tool. Users should also
perform TCL determination based on their specific Use Case.
The PrimePower tool is a tool that accurately analyzes power dissipation of cell-based designs. It is
intended as an advanced solution for ASIC and structured custom circuit designers who are
developing products for power-critical applications.
The user interface supports variables, commands, and command options for performing power
analysis. Provide the switching activity information in the SAIF, VCD, or FSDB file format. Irrespective
of the mode you select and the options you choose, power analysis is performed when you run the
update_power command.
The PrimePower tool builds a detailed power profile of the design based on the circuit connectivity,
the switching activity, the net capacitance, and the cell-level power behavior data in the Synopsys
database format (.db) library. The library can be a nonlinear power model (such as, NLPM) library. It
calculates the power behavior for a circuit at the cell level and reports the power consumption at the
chip, block, and cell levels. When power analysis is complete, you can view design data and analysis
results in the graphical form, including histograms and waveforms.

Synopsys, Inc. March 2018, Revision 1.5

20
Figure 4 illustrates the steps in a typical power analysis in the PrimePower tool.

Figure 3: A Typical Power Analysis Flow in the PrimePower Tool

March 2018, Revision 1.5 Synopsys, Inc.

21
Use Case 1: Power Analysis in Power-Critical Safety
Applications
In this use case, the goal is to use PrimePower to perform comprehensive power analysis (both
averaged power and peak power) and generate detailed power reports on gate-level designs for
power-critical safety-related applications.
Note: Typically, power consumption is not a safety-related requirement for the design of an IC. In this
case, any potential PrimePower software tool malfunction cannot introduce or fail to detect an error in
the IC design, and thereby lead to the violation of a safety requirement. According to ISO 26262-8,
clause 11.4.5.2, such software tool malfunctions would be rated as TI1, which automatically leads to
a TCL1. However, the following use case assumes that power consumption is indeed a safety-related
requirement, and provides appropriate conditions and assumptions of use. The user should evaluate
whether power consumption is also a safety-related requirement in their IC design, and whether
therefore these conditions and assumptions of use are applicable and must be fulfilled.
In this use case, the PrimePower tool uses and generates the following main inputs and outputs.
Inputs:
o Gate-level netlist (.v)
o Logic library (.db, .lib)
o Timing constraints (.sdc)
o Parasitics (SPEF or GPD)
o Toggle information (.saif, .vcd, or .fsdb)
o Tcl scripts for configuration and execution
Expected outputs:
o Power reports (ASCII)
o Log files (ASCII)
o Power waveforms (FSDB)

For this use case of the PrimePower tool, the following conditions of use (constraints for the design
and design environment, recommended procedures for the tool usage, etc.) shall be met:
CoU-PPWR-001: User shall review all error and warning messages and take appropriate
action.
CoU-PPWR-002: User shall follow the power analysis scripts available from the Synopsys
SolvNet Methodology Retrieval System or use equivalent scripts.
CoU-PPWR-003: User shall run static timing analysis with a tool such as the PrimeTime tool
and confirm a timing and ERC clean design prior to running the PrimePower tool.

Synopsys, Inc. March 2018, Revision 1.5

22
 CoU-PPWR-004: For the final run, Tcl script-based batch mode execution shall be used,
without interactive command line entry or GUI manual command entry. Tcl scripts and log files
shall be retained as design signoff records.
For this use case of the PrimePower tool, the following assumptions of use (required actions to be
taken by the tool user to prevent or detect design errors due to possible tool malfunctions) shall be
met:
AoU-PPWR-001: User shall review the log files and power reports for expected execution
steps and expected results, and respond appropriately to all warning and error messages.
AoU-PPWR-002: User shall review the log files and power reports to confirm usage of the
expected toggle information, timing constraints, and back-annotated parasitics. Default
toggling, default timing, and wire load models should not be used.
AoU-PPWR-003: User shall review the log file to confirm complete parasitic back-annotation of
the design.
AoU-PPWR-004: User shall check that all outputs are generated with an up-to-date timestamp.
AoU-PPWR-005: User shall review the power analysis results and power waveform output files
(where applicable) for completeness and reasonable content.
AoU-PPWR-006: User shall compare the power reported by the PrimePower tool in averaged
mode against power reported by the physical implementation tool (such as IC Compiler or IC
Compiler II). Any significant discrepancy shall be reviewed and based on user judgement, shall
be run in a SPICE tool (such as HSPICE).
AoU-PPWR-007: When using a new library for the first time, user shall verify PrimePower
averaged power and peak power results for a selection of typical cells using a SPICE simulator
such as the HSPICE tool.

All analyzed failure modes and the corresponding prevention, detection and mitigation measures
(including conditions and assumptions of use listed above) are independent of the exact PrimePower
tool version.

A software tool criteria evaluation performed by Synopsys according to ISO 26262-8, clause 11,
which assumes the fulfillment of all conditions of use (CoU) and assumptions of use (AoU) as
described above, results in a required tool confidence level:

TCL1 for PrimePower Use Case 1 – Averaged Power Analysis in Power-Critical Safety
Applications

In this case, no further activities for software tool qualification are required.

March 2018, Revision 1.5 Synopsys, Inc.

23
 7
Limitations of Use Case
This section describes all known limitations of the use case mentioned in the previous section.

All known safety-related issues for the PrimePower tool are listed in the PrimePower Safety-Related
Issues Master List available on SolvNet.

Synopsys, Inc. March 2018, Revision 1.5

24
 Appendix A
Software Tool Information
This section provides general information about the PrimePower software tool, which is needed by
the tool user for performing his/her software tool criteria evaluation.

The following information about PrimePower is required according to ISO 26262-8, for the planning of
the usage of a software tool (clause 11.4.4) and the preparation of the own software tool criteria
evaluation (clause 11.4.5).
Please note that some of the information below provided by Synopsys simply needs to be confirmed
by the tool user and can be used without modification. Other information must be completed or
updated by the tool user to reflect his/her actual situation.
Required Info Tool Information Reference / Comment
Tool vendor Synopsys, Inc. ISO 26262-8, 11.4.4.1.a
Tool name and PrimePower ISO 26262-8, 11.4.4.1.a
version To determine tool version,
use:
report_version -
options
Tool use cases ISO 26262-8, 11.4.4.1.c
ISO 26262-8, 11.4.5.1.a
To be completed by the tool
user. Align with / verify against
use case described in Section
6 of this document.
Tool inputs and ISO 26262-8, 11.4.5.1.b
expected outputs To be completed by the tool
user. Align with / verify against
inputs and outputs described
in Section 6 of this document.
Tool ISO 26262-8, 11.4.4.1.b
configuration and ISO 26262-8, 11.4.5.1.c
constraints
To be completed by the tool
user. Align with / verify against
CoU for the use case
described in Section 6 of this
document.

March 2018, Revision 1.5 Synopsys, Inc.

25
Required Info Tool Information Reference / Comment
Tool environment Refer to the PrimePower Installation Notes at ISO 26262-8, 11.4.4.1.d
(OS) https://solvnet.synopsys.com/DownloadCenter. To be completed by the tool
Click the PrimePower tool name, the release user. Align with / verify against
number, and then "View installation guide" for the OS version evaluated by
tool version-specific OS support. Synopsys.
To determine the Linux
version, use:
uname -osr
Tool environment ISO 26262-8, 11.4.4.1.d
(CAD tool chain) To be completed by the tool
user. To determine name and
version of your tool chain,
please consult your CAD
department.
Maximum ASIL ASIL D ISO 26262-8, 11.4.4.1.e
Tool qualification Not applicable ISO 26262-8, 11.4.4.1.f
methods Software tool qualification is
not required for PrimePower
User manual and See Product Documentation and Support in ISO 26262-8, 11.4.4.2.a – d
other usage Section 4 of this document. Tool user to include a link to
guide documents these documents (Synopsys
SolvNet or local copy), and to
add any additional company-
internal tool usage guidelines.
Known software For limitations, refer to Section 7 of this ISO 26262-8, 11.4.4.2.e
tool malfunctions, document. Tool user to include a link to
and appropriate For the Safety-Related Issues Master List, see these documents (Synopsys
work arounds ... link in Section4 of this document. SolvNet or local copy), and to
add any additional company-
internal work around
descriptions.
Measures for the ISO 26262-8, 11.4.4.2.f
detection of tool To be completed by the tool
malfunctions ... user. Align with / verify against
AoU for the use case
described in Section 6 of this
document.

Synopsys, Inc. March 2018, Revision 1.5

26
 Appendix B
Complete List of CoU and AoU IDs
The complete list of Conditions of Use (CoU) for PrimePower is in the table below. CoU defines a
condition of the design, software tool, design environment, or situation that is assumed and required
to be fulfilled by the user.

ID Description

CoU-PPWR-001 User shall review all error and warning messages and take appropriate action.

CoU-PPWR-002 User shall follow the power analysis scripts available from the Synopsys
SolvNet Methodology Retrieval System or use equivalent scripts.

CoU-PPWR-003 User shall run static timing analysis with a tool such as the PrimeTime tool and
confirm a timing and ERC clean design prior to running the PrimePower tool.
For the final run, Tcl script-based batch mode execution shall be used, without
CoU-PPWR-004
interactive command line entry or GUI manual command entry. Tcl scripts and
log files shall be retained as design signoff records.

The complete list of Assumptions of Use (AoU) for PrimePower is in the table below. AoU defines an
action that is assumed and required to be taken by the user of a software tool.

ID Description

AoU-PPWR-001 User shall review the log files and power reports for expected execution steps
and expected results, and respond appropriately to all warning and error
messages.

AoU-PPWR-002 User shall review the log files and power reports to confirm usage of the
expected toggle information, timing constraints, and back-annotated parasitics.
Default toggling, default timing, and wire load models should not be used.

AoU-PPWR-003 User shall review the log file to confirm complete parasitic back-annotation of
the design.

AoU-PPWR-004 User shall check that all outputs are generated with an up-to-date timestamp.

AoU-PPWR-005 User shall review the power analysis results and power waveform output files
(where applicable) for completeness and reasonable content.

March 2018, Revision 1.5 Synopsys, Inc.

27
ID Description

AoU-PPWR-006 User shall compare the power reported by the PrimePower tool in averaged
mode against power reported by the physical implementation tool (such as IC
Compiler or IC Compiler II). Any significant discrepancy shall be reviewed and
based on user judgement, shall be run in a SPICE tool (such as HSPICE).

AoU-PPWR-007 When using a new library for the first time, user shall verify PrimePower
averaged power and peak power results for a selection of typical cells using a
SPICE simulator such as the HSPICE tool.

Synopsys, Inc. March 2018, Revision 1.5

28