vlsi tes)ng and fault-tolerant design fault...

VLSITes)ngandFault-TolerantDesignFaultSimula)on

DrHaoZhengComp.Sci&Eng.UofSouthFlorida

Overview

•  Faultsimula=onapplica=ons•  Faultsimula=ontechniques– Serial– Parallel– Deduc=ve– Concurrent

•  Faultsimula=onforcombina=onalcircuits– Cri=calPathTracing

2

FaultSimula)on

•  Simula=onofacircuitinthepresenceoffaults•  Usedto– EvaluateatestTwrtfaultcoverage.– GeneratetestsTtoachievecertainfaultcoverage.– Constructfaultdic=onary– Analyzecircuitopera=oninthepresenceoffaults

3

EvaluateaTestT

•  Usualmetric:faultcoverage•  Faultcoveragerelevanttothefaultmodel–  100%FCdoesnotmean100%defectsarecoveredifthefaultmodelislimited.

– Otherdefectsmays=llexistsifnotconsideredinafaultmodel.

– Lowerboundondefectcoverage•  Defectcoveraged=probabilitythatTdetectanyphysicalfault.– Hasabigimpactonproductquality.

4

132 FAULT SIMULATION

0.8 Y=O.Ol

Y=O.l

0.6Defect level

0.4 Y=O.5

Y=O.25

1008040 60Defect coverage (%)

20

Y=O.99

o

0.2

Figure 5.1 Defect level as a function of yield and defect coverage

Generate initial T

NSufficient fault coverage?

y

Done

Figure 5.2 General use of fault simulation in test generation

change T according to the results of the fault simulation until the obtained coverage isconsidered satisfactory. The test T is modified by adding new vectors and/or bydiscarding some of its vectors that did not contribute to achieving good coverage.These changes may be made by a program or by a test designer in an interactive mode.

YieldandDefectLevel

•  Yield(Y)=prob.thatmanufacturedcircuitisdefectfree

5

DL=1–Y1-d

YieldandDefectLevel

•  Defectlevel(DL)=prob.ofshippingadefec=veproduct

6

DL=1–Y1-d

TestEvalua)on

7

EnhanceTun=ladequatefaultcoverageissa=sfactory


0.8 Y=O.Ol

Y=O.l

0.6Defect level

0.4 Y=O.5

Y=O.25

1008040 60Defect coverage (%)

20

Y=O.99

o

0.2

Figure 5.1 Defect level as a function of yield and defect coverage

Generate initial T

NSufficient fault coverage?

y

Done

Figure 5.2 General use of fault simulation in test generation

change T according to the results of the fault simulation until the obtained coverage isconsidered satisfactory. The test T is modified by adding new vectors and/or bydiscarding some of its vectors that did not contribute to achieving good coverage.These changes may be made by a program or by a test designer in an interactive mode.

8

TestGenera)on

Targetfaultorientedapproach

ConstructFaultDic)onaries

•  FaultDic=onary–storesoutputresponse(Rf)orsignatureS(Rf)toTofeveryfaultycircuitNf

9

f1 f2 .. fn

T1 0 1 .. 1

T2 1 0 .. 1

: : : :

Tm 1 1 .. 0

CircuitAnalysis

•  Analyzecircuitopera=onsinpresenceoffaults•  Someeffectsintroducedbyfaultsnotpresentinfault-freecircuit:– Racesand/orhazards– Oscilla=onand/ordeadlock–  Inhibitproperini=aliza=onofseq.circuit– Transformcombina=onaltosequen=al– Transformsynchronoustoasynchronous

10

GeneralFaultSimula)onTechniques

•  SerialFaultSimula=on•  ParallelFaultSimula=on•  Deduc=veFaultSimula=on•  ConcurrentFaultSimula=on

11

SerialFaultSimula)on

•  Simplestmethod•  Givenafaultf,dothefollowing:– TransformNtoNf

– SimulateNf

•  Repeatforotherfaultsunderconsidera=on.•  Advantage– Noneedforaspecialfaultsimulator

•  Disadvantage–  Imprac=calforlargenumberoffaults

12

OtherThreeTechniques

•  Commoncharacteris=cs:– Donotchangethecircuitmodel– Cansimultaneouslysimulateasetoffaults(!)– Simultaneouslysimulategoodandbadcircuits

•  One-Pass–Ifallfaultsaresimulatedsimultaneously

•  Mul)-Pass–Forlargesetoffaults,needmul=plesimula=onruns

13

TasksinFaultSimula)on

•  Faultspecifica)on:definesetofmodeledfaultsandperformfaultcollapsing

•  Faultinser)on:selectafaultsubsetandcreatedatastructurestoindicatefaultpresence.

•  Faulteffectgenera)on:Saylineihasfs-a-1thenwhenevervalue0propagatesonlinei,thensimulatorchangesitto1

•  Faulteffectpropaga)on:Propagatev/vftoprimaryoutputforfaultdetec=on

•  Faultdiscarding:Inverseoffaultinser=on– Discardafaultifitisdetectedfork=mes.

14

136

31 30 2

FAULT SIMULATION

oA

'------- value of A in the good circuit

'------- value of A in faulty circuit #1

Figure 5.4 Value representation in parallel simulation

The above equations represent the process of fault insertion for one fault f (j s-a-c).For W faults, this process is carried on in parallel using two mask words storing thevalues bij and c in the bit position corresponding to fault f. Figure 5.5 shows a portionof a circuit, the masks used for fault insertion on line Z, and the values of Z before andafter fault insertion. The first mask - / - associated with a line indicates whetherfaults should be inserted on that line and in what bit positions, and the second - S -defines the stuck values of these faults. Thus after evaluating gate Z by Z = Xl.Y, theeffect of inserting faults on Z is obtained by

Z' = Z./z + /z.Sz

Fault insertion for Xl and Y is similarly done before evaluating Z.

The above technique has several possible implementations [Thompson andSzygenda 1975].

For 3-valued logic (0,1 ,u), one bit is not sufficient to represent a signal value. Thecoding scheme shown in Figure 5.6 uses two words, Al and A2, to store the W valuesassociated with signal A. Since the codes for the values 0 and 1 are, respectively, 00and 11, the logical AND and OR operations can be applied directly to the words Aland A2. Hence, to evaluate an AND gate with inputs A and B and output C, instead ofC =A.B we use

Cl = Al.BlC2 = A2.B2

The complement operator, however, cannot be applied directly, as the code 01 willgenerate the illegal code 10. An inversion B = NOT (A) is realized by

ParallelFaultSimula)on•  SimultaneouslysimulatethegoodcircuitandWcopiesoffaultycircuits

•  SetFoffaultsneeds⎡F/W⎤numberofpasses•  Valuesofthesamesignalindifferentcircuitsarepackedintoonememoryloca=on(awordormul=-words).

15

A

B

Func)onEvalua)on

•  WordsforAandBarebitwiseANDed(foreg.)forlogicAND.

•  SimilarforotherBooleanopera=ons.•  Sequen=alcircuit:Foreg.,JKFF

TheaboveexpressionisaBooleanexpressionconsis=ngofAND,OR,andNOT

16

Q+ = JQ+KQ

BitValueComputa)on

•  Letvibethevalueonlinei inthefaultycircuitNfwherefisthefaultjs-a-c

•  Then,

17

v0

i = vi�ij + c�ij

where �ij =

⇢0 i 6= j1 i = j

General Fault Simulation Techniques

xXl

137

Y z

Figure 5.5 Fault insertion on Z

Value of Ao 1 u

Al 0 1 0A2 0 1 1

Figure 5.6 Coding for 3-valued logic

Bl = A2

B2 =M

that is, we complement Al and A2 and interchange them. Figure 5.7 shows a samplecomputation for Z = X.Y (with a 3-bit word).

18

Mask

StuckValues

Todiscardafaultsimplymaketheit’s

maskbit=0

Z 0 = ZIZ + SZIZ

0

Z = X1 · Y

ParallelFS-Limita)ons

•  Parallelsimula=oniscompa=bleonlyinpartwithfunc=onallevelmodeling–  Forexampleifwehavetoexamineforawordvalue,weneedtoextractthebitsandthenre-pack

•  Imprac=calformul=-valuedlogic•  Eventononebitposi=onresultsinenterwordevalua=on=>wastedcomputa=on

•  Cannottakeadvantageoffaultdropping– Evenifallbutonefaultsaredropped,wes=llevaluateWcopies!

19

Deduc)veFaultSimula)on•  Simulatesgoodcircuitanddeducesthebehaviorofallfaulty

circuits(limitedbymemory)•  MaintainsFaultList,Li foreachsignallinei.•  Li = ListofallfaultsfthatcausethevaluesoniinNandNftobe

differentatthecurrentsimula=on=me•  DifferencewithParallelSimula=on:

20

HowDeduc)veSimula)onWorks

•  Given– Fault-freevalues– Faultlistsoninputsofanelement

•  Compute:– Fault-freeoutput– Outputfaultlist(i.e.,faultlistpropaga=on)

21

TwoValuedDeduc)veSimula)on

22

•  AnyfaultthatcausesAorB=0willleadtoZ=0•  Therefore:

LZ=LA∪LB∪{Zs-a-0}

LA = {A s� a� 0}LB = {B s� a� 0}

TwoValuedDeduc)veSimula)on•  AnyfaultthatcausesA=1withoutchangingB,willcauseanerror

onZ•  Note--AfaultthatpropagatesonbothAandBwillnotaffectZ•  Therefore:

23

LZ=(LA∩LB)∪{Zs-a-1}=(LA-LB)∪{Zs-a-1}

GeneralFormulae

•  LetI=setofinputsofgateZC=setofinputswithcontrolvaluecThenFaultListonZ,,isgivenbyifC=Φthen

else

24

LZ = {[

j2I

Lj} [ {Z s� a� (c� i)}

LZ

LZ = {\

j2C

Lj}� {[

j2I�C

Lj} [ {Z s-a-(c� i)}

Example

25

AperFaultCollapsing,thefaultsetis F={a0,a1,b1,c0,c1,d1,e0,g0,h0,h1}

AssumeT=00110

General Fault Simulation Techniques 141

Lj == Lg - Lf == {co,go}, L, == Ld U Lh == {co,h o}

Lk == L, - L, == {co,h o}

t.; == L, - L j == {ho}

01f

11C ------------41

d 11

00

ab

Figure 5.10

Since h 0 is detected, we drop it from the set of simulated faults by deleting h 0 fromevery fault list where it appears, namely l-s, L i , Li, and L m • (Note that Co is notdetected.)

Now assume that both inputs a and b change to 1. Then La == {a o}, L b == 0, f = 1,and Lf == {an}. The evaluation of gate j generates no logic event, but nowL, == Lf n Lg == 0. This shows that a list event may occur even without acorresponding logic event. Propagating this list event to gate m, we obtainLm == L k - L j == {co}. Hence Co is now detected. D

Note that when L a is computed, to determine whether a list event has occurred, thenew La must be compared with the old La by La), before the latter isdestroyed; i.e., we must determine whether La == La.

Fault propagation becomes more involved when there is feedback. Care must beexercised when the effect of a fault, say ao or aI, feeds back onto the line a itself. Ifthe fault list propagating to line a contains an no and if the good value of a is 0, thenno should be deleted from La because the values of a in the fault-free circuit and thecircuit with the fault aa are the same. Similarly al should be deleted from La it'" thegood value of a is 1.

Additional complexities occur in propagation of fault lists through memory elements.Consider the SR latch shown in Figure 5.11. Let the state at time ( 1 be(YbY2) = (0,1), and the input be (S,R) = (1,1). If at time (2 R changes to 0, theoutputs should remain the same. Let Ls an'! LR be the input fault lists at time (2

associated with lines Sand R, and let L 1 and L 2 be the fault lists associated with linesY 1 and Y 2 at time (1· The new fault lists L 1 and L 2 associated with lines Y 1 and Y2resulting from the input logic event at (2 can be computed as follows (faults internal tothe latch will be ignored).

26

F={a0,a1,b1,c0,c1,d1,e0,g0,h0,h1}La={a1} Lb={b1} Lc={c0}Ld=∅ Le=∅



Lk == L, - L, == {co,h o}

t.; == L, - L j == {ho}

01f

11C ------------41

d 11

00

ab

Figure 5.10







27

F={a0,a1,b1,c0,c1,d1,e0,g0,h0,h1}La={a1} Lb={b1} Lc={c0}Ld=∅ Le=∅Lf=La∩Lb=∅ Lg=Lc∪{g0}={c0,g0}Lh=Lc∪{h0}={c0,h0}



Lk == L, - L, == {co,h o}

t.; == L, - L j == {ho}

01f

11C ------------41

d 11

00

ab

Figure 5.10







28

F={a0,a1,b1,c0,c1,d1,e0,g0,h0,h1}La={a1} Lb={b1} Lc={c0}Ld=∅ Le=∅Lf=La∩Lb=∅ Lg=Lc∪{g0}={c0,g0}Lh=Lc∪{h0}={c0,h0}Lj=Lg-Lf={c0,g0} Li=Ld∪Lh={c0,h0}Lk=Li-Le={c0,h0} Lm=Lk-Lj={h0}



Lk == L, - L, == {co,h o}

t.; == L, - L j == {ho}

01f

11C ------------41

d 11

00

ab

Figure 5.10







Faulth0isdetected!

29

Nowassumethatnexttestvectoris11110.Redotheexample.La= Lb= Lc= Ld= Le=Lf= Lg=Lh=Lj= Li= Lk= Lm=



Lk == L, - L, == {co,h o}

t.; == L, - L j == {ho}

01f

11C ------------41

d 11

00

ab

Figure 5.10







F={a0,a1,b1,c0,c1,d1,e0,g0,h0,h1}

30

Solu=on:La={a0} Lb=∅ Lc={c0}Ld=∅ Le=∅Lf=La∪Lb={a0} Lg=Lc∪{g0}={c0,g0}Lh=Lc∪{h0}={c0,h0}Lj=Lf∩Lg=∅ Li=Ld∪Lh={c0,h0}Lk=Li-Le={c0,h0}Lm=Lk-Lj={c0,h0}

Faultc0isdetected!



Lk == L, - L, == {co,h o}

t.; == L, - L j == {ho}

01f

11C ------------41

d 11

00

ab

Figure 5.10







DS-Limita)ons

•  Compa=bleonlyinpartwithfunc=onallevelmodeling–  ApplicableonlytomodelswithBooleaneqns.

•  Limitedtotwoorthreelogicvalues•  Cannothandle=mingmodels•  Faultpropaga=onmechanismcannottakefulladvantageoftheconceptofac=vity-directedsimula=on

31

ConcurrentFaultSimula)on

•  Observa=on–Mostofthe=me,mostvaluesinmostfaultcircuitsagreewiththoseinthegoodcircuit.

•  ConcurrentMethod–  simulatesthegoodcircuitN– ForeveryfaultycircuitNfsimulateonlythoseelementsthatdifferwithcorrespondingonesinN

– ThedifferencesofanelementxinNisstoredasaconcurrentfaultlist(CLx)

32

ConcurrentListExample

33


are maintained for every element x in N in the form of a concurrent fault list, denotedby CLx • Let xf denote the replica of x in the circuit Nf . Let Vx (Vx ) denote theensemble of input, output, and (possibly) internal state values of x f(Xf). Duringsimulation, CLx represents the set of all elements xf that are different from x at thecurrent simulated time. Elements x and xf may differ in two ways. First, we mayhave Vx =t:: Vx ; this occurs when a fault effect caused by f has propagated to aninput/output line or state variable of xf. Second, f can be a local fault of xf' that is, afault inserted on an input/output line or state variable of xf. A local fault f makes xfdifferent from x, even if Vx = Vx ; this occurs when the input sequence applied so fardoes not activate j: f

An entry in CL x has the form (j,Vx ). Figure 5.15(a) illustrates a concurrent fault listin pictorial form. The gates "hanging" from the good gate c are replicas of c in thefaulty circuits with the faults a, a I, and b I. Here a and are faults whose effectspropagate to gate c; they cause, respectively, a=l and b=O. Faults a I and b I are localfaults of gate c. Note that b I appears in CL c even if the values of a, b, and c in thepresence of b I are the same as in the good circuit. Figure 5.15(b) shows CLc intabular form. By contrast, the fault list of c in deductive simulation is L, = {a,a I }.

a

(a)

f a b ca 1 1 0J3 0 0 1al 1 1 0b i 0 1 1

(b)

Figure 5.15 Concurrent fault list for gate c (a) Pictorial representation (b) Tabularrepresentation

A fault f is said to be visible on a line i when the values of i in Nand Nf are different.Among the entries in the concurrent fault list of a gate x, only those corresponding tofaults visible on its output appear also in the deductive fault list Lx. (In Figure 5.15, aand a I are visible faults.) In this sense, a deductive fault list is a subset of thecorresponding concurrent fault list. Thus concurrent simulation requires more storagethan deductive simulation.




a

(a)

f a b ca 1 1 0J3 0 0 1al 1 1 0b i 0 1 1

(b)



TwoCasesofDifferences

34

LetxfbereplicaofxinNfVxfandVxbe<inputs,output>

Case1:Vxf≠VxThishappenswhenfaulteffectoffpropagatestox

Case2:Vxf=VxThishappenswhenfisalocalfault(i.e.,input/outputfault)Note:EveniftheVxandVxfareequal,

theelementsaredifferentbecauseofthelocalfault.

VisibleFaults

35




a

(a)

f a b ca 1 1 0J3 0 0 1al 1 1 0b i 0 1 1

(b)



AfaultisvisibleonlineiwhenthevaluesofiinNandNfaredifferent.

Adeduc=vefaultlistincludesallvisiblefaults,whichissubsetoftheconcurrentfaultlist.

CFS-Example

36


1/0 good event i 0/1 good event: - - - a 1 newly visible

a C I

eb···

e

alCl

alCl

a d lex d l

(a) a (b) a

(c) d l

1/0 event in circuit d 1

1/0 event in circuit f3

Figure 5.16 Changes in fault lists during simulation

(index) and v/' is the scheduled value of line i in the circuit f. (The good circuit has[=0). The good-circuit event also occurs (implicitly) in all the faulty circuits that donot have an entry in CLA •

The overall flow of event-directed logic simulation shown in Figure 3.12 is valid forconcurrent fault simulation with the understanding that the events processed arecomposed events. Suppose that a composed event (i,L) has just been retrieved fromthe event list. First we update the values and the concurrent fault list of the sourceelement A where the event originated. Then we update the values and the concurrent

CFSExample–Contd.

37



a C I

eb···

e

alCl

alCl

a d lex d l

(a) a (b) a

(c) d l








a C I

eb···

e

alCl

alCl

a d lex d l

(a) a (b) a

(c) d l








a C I

eb···

e

alCl

alCl

a d lex d l

(a) a (b) a

(c) d l






ConcurrentSimula)on•  Individuallyevaluateselementsinbothgoodandfaultycircuits•  Alineimaychangeevenifiisstableingoodcircuit(seegated1in

previousexample)•  Alineiinthegoodcircuitandsomefaultycircuitsmayalsohave

simultaneousbutdifferentevents

38


-----r- 0/1 good event

event in circuit f

f

A

)ffo 11)

r------ 0/1 good eventIIII

f

(a)(b)

Figure 5.17

A B

Figure 5.18

fault list of every element B on the fanout list of i and evaluate the activated elements(in the good and faulty circuits).

Figure 5.19 outlines the processing of the composed event at the source element A.Let v (vf) be the current value of line i in the good circuit (in the circuit f). If an eventvlv' occurs in the good circuit, then we have to analyze every entry in CLA ; otherwisewe analyze only those entries with independent events. In the former case, if in acircuit f line i stays at value vi = v (Le., the value of i in the circuit f is the same as thevalue of i in the good circuit before the change), then f is a newly visible fault online i; these faults are collected into a list NV. The values of every analyzed entry f inCLA , except for the newly visible ones, are compared to the values of the goodelement A, and if they agree, f is deleted from CLA • (Practical implementation of theprocessing described in Figure 5.19 is helped by maintaining entries in concurrent faultlists and in lists of events ordered by their fault index.)

Figure5.17

ComposedEvent

39

•  Letussay,foragiveninputeventonA,wecomputetheoutputsinallcopiesofAinthefaultlist

•  LettheoutputlistbeL=(<f0>,<v’f0>),<f1>,<v’f1>),…(<fn>,<v’fn>)•  ComposedEvent:•  Asetofsimultaneouseventsoccurringonaline•  Representedas(i,L)



event in circuit f

f

A

)ffo 11)


f

(a)(b)

Figure 5.17

A B

Figure 5.18



Figure5.18

40

Processingofacomposedevent(i,L)atelementA

NV [ L ✓ CLA

ProcessingofelementBf∈CLB

41

•  Aperupda=ngtheCLAofsourceelementA,weneedtoupdatevaluesandCL’sofeveryelementBonthefanoutlistofi and evaluate activated elements

Case1:f∈CLB,f∉L,f∉NVRemark:BfexistsinCLBandnoindependenteventonioccursinNf

Ac=onIfgoodeventexistsandcanpropagateinNfthenac=vateBfExample:Changec0/1propagatesind1andβbutnotinc1andα

42

Case2:f∈CLB,f∈L,f∉NVRemark:BfexistsinCLBandanindependenteventonioccursinNf

Ac=onAc=vateBf

Example:finCLB

43



event in circuit f

f

A

)ffo 11)


f

(a)(b)

Figure 5.17

A B

Figure 5.18



Case3:f∉CLB,f∈L,f∉NVRemark:AnindependenteventonioccursinNf

butfdoesnotappearinCLBAc=onAddanentryforftoCLBandac=vateBf

44

Case3:f∉CLB,f∈L,f∉NVExample:

45

Case4:f∉CLB,f∉L,f∈NVRemark:fisnewlyvisibleonlinei anddoesnotappearin CLB

Ac=on:AddanentryforftoCLBExample:Adda1toCLe

46

Case5:f∈CLB,f∉L,f∈NVRemark:fisnewlyvisibleonlinei butanentryisalreadypresentinCLBAc=on:NoAc=on.Example:Inacomb.circuitthisoccurswithreconv.fanout

47

ComparisonCriteria Parallel Deduc)ve Concurrent

Mul=pleLogicValues

Imprac=calformorethan3logicvalues

Imprac=calformorethan3logicvalues

Nolimit

Func=onallevelModeling

Par=allycompa=ble Par=allycompa=ble

Fullycompa=ble

DifferentDelayModels

No No Yes

Speed* n3 n2 ?

StorageReqs. Medium Medium Large

48

*Comparisonforlargecombina=onalcircuitwithngates.Nocomparisonbetweendeduc=veandconcurrentreported.

49

Backup

FaultStorageCharacteris=cVector

–  Faultinser=onBit=1–  Faultdele=onBit=0–  Union–Bit-wiseOR–  Intersec=on–Bit-wiseAND–  MemoryIntensive

50

vlsi tes)ng and fault-tolerant design fault...

Documents