This specification has been designed to enable safety-critical industries to deploy state-of-the-art GPU graphics and compute acceleration while meeting the highest levels of functional safety requirements. The Vulkan SC Conformance Test Suite is also freely available in open source, and multiple vendors have officially conformant Vulkan SC 1.0 implementations.
The demand for advanced GPU-accelerated graphics and compute is growing in a wide range of industries where safety is critical, such as automotive, autonomy, avionics, medical, industrial, and energy. Where a compute or display system failure would pose a significant safety risk it is critical that systems meet safety-critical standards such as RTCA DO-178C Level A / EASA ED-12C Level A (avionics), ISO 26262 ASIL D (automotive), IEC 61508 (industrial), and IEC 62304 (Medical).
To streamline system-level safety-critical certifications, system components such as acceleration APIs should be streamlined as far as possible to reduce documentation and testing surface area, have deterministic behaviour and predictable execution times to simplify design and testing and implement robust and unambiguous fault handling.
The Vulkan SC 1.0 specification leverages the proven Vulkan 1.2 API to meet these requirements while delivering state-of-the-art graphics and compute acceleration. Vulkan SC also decouples software and hardware development for easier integration of new hardware components and software reusability across platforms and system generations.
“Vulkan 1.2’s modern design for explicit control over GPU resources was the ideal foundation for building this next-generation safety-critical GPU API that provides significantly increased performance and control over graphics and compute dataflows than was possible with OpenGL SC 2.0,” said Steve Viggers, of CoreAVI and Vulkan SC working group chair. “Vulkan SC 1.0 enables detailed design and control of device scheduling, synchronization, and resource management, making it the ideal API for developing the next generation of safety-critical graphics and compute applications targeting modern GPUs.”
Vulkan SC Architecture
Vulkan SC removes functionality from Vulkan that is not needed for safety-critical markets, increases the robustness of the specification by eliminating ignored parameters and undefined behaviours, and enables enhanced detection, reporting, and correction of run-time faults.
Vulkan SC 1.0 is also aligned with the MISRA C software development guidelines for embedded code safety, security, portability, and reliability.
Vulkan SC increases determinism and reduces application size by shifting preparation of the run-time application environment either offline, or into application setup, as much as possible. This includes offline compilation of graphics pipelines that define how the GPU processes data, together with static memory allocation, that together enable detailed GPU control that can be rigorously specified and tested.
All Vulkan SC pipelines are compiled offline and can be statically analysed to understand the dataflow and the amount of memory used by the pipeline processing.
The memory needed for pipeline execution can then be reserved at device creation time as fixed size pools to minimise memory usage and avoid the need for runtime memory allocation.
Similarly, Vulkan SC enables the application to statically pre-allocate the upper bound of application memory requirements, avoiding the need for runtime dynamic memory management.