Fault Simulation using Partially Reconfigurable ... - Semantic Scholar

Fault Simulation using Partially Reconfigurable Hardware A. Parreira, J.P. Teixeira, A. Pantelimon, M.B. Santos, and J.T. de Sousa IST / INESC-ID, R. Alves Redol, 9, 1000-029 Lisboa, Portugal1 [email protected]

Abstract. This paper presents a fault simulation algorithm that uses efficient partial reconfiguration of FPGAs. The methodology is particularly useful for evaluation of BIST effectiveness, and for applications in which multiple fault injection is mandatory, such as safety-critical applications. A novel fault collapsing methodology is proposed, which efficiently leads to the minimal stuck-at fault list at the look-up-tables’ terminals. Fault injection is performed using local partial reconfiguration with small binary files. Our results on the ISCAS’89 sequential circuit benchmarks show that our methodology can be orders of magnitude faster than software or fully reconfigurable hardware fault simulation.

Introduction Design for Testability (DfT) techniques are mandatory for cost-effective product development. Full scan based DfT techniques are very popular for sequential circuits, but these techniques impact device performance, area overhead, test application time and prevent at-speed testing, which is crucial to detecting dynamic faults [1]. To solve these problems partial scan or self-test strategies have been used, which requires testability analysis of the sequential blocks. During the design phase, test quality may be assessed by Fault Simulation (FS). For complex devices FS may be a very costly process, especially for sequential circuits. In fact, circuit complexity, test pattern length and fault list size may lead to a large computational effort. Although many efficient algorithms have been proposed for software fault simulation (see for example [2] and [3]), for complex circuits it is still a very time-consuming task and can significantly lengthen the time-to-market. FS can be implemented in software or hardware [1]. The ease of developing software tools for FS (taking advantage of the flexibility of software programming) made software simulation the most current approach. However, the recent advent of very complex programmable logic devices, namely Field Programmable Gate Arrays (FPGAs), created an opportunity for Hardware Fault Simulation (HFS), which may be an attractive solution for at least a subset of practical situations. In fact, evaluating Built-In Self-Test (BIST) effectiveness may require a heavy computational effort in 1

This work has been partially funded by FCT (Portugal), POCTI/ESE41788/2001.

2

A. Parreira, J.P. Teixeira, A. Pantelimon, M.B. Santos, and J.T. de Sousa

fault simulation. Long test sessions are needed to evaluate systems composed of several modules that have to be tested simultaneously in order to evaluate aliasing. One example is functional BIST in a System on a Chip (SoC) with data compression cores being used as part of the signature compression logic. Another fault simulation task not efficiently performed by software tools is multiple fault simulation, mainly because of the enormous number of possible fault combinations. Unfortunately, multiple fault simulation may become mandatory, namely in the certification process of safety-critical applications [4]. Different HFS approaches using FPGAs have been proposed in the literature to overcome the difficulties with Software Fault Simulation (SFS) for sequential circuits. Dynamic fault injection using dedicated extra hardware, and allowing the injection of different faults without reconfiguring the FPGA, was proposed in [5-8]. The additional hardware proposed for implementing dynamic fault injection uses a Shift Register (SR) whose length corresponds to the size of the fault list. Each fault is injected when the corresponding position in the SR has logic “1”, while all other positions have logic “0”. Upon initialization, only the first position of the SR is set to “1”. Then the “1” is shifted along the SR, activating one fault at a time. This technique was further optimized in [9]. However, a major limitation of this technique is the fact that the added hardware increases with the number of faults to inject, which limits the size of the circuits that can be simulated. In [6], it is also reported that some parallelism is possible by injecting independent faults at the same time. Unfortunately, the speedup reported was of only 1.36 times faster than serial fault simulation. In [10], a new approach that included a backward propagation network to allow critical path tracing [11] is proposed. This information allows multiple faults to be simulated for each test vector, but also requires heavy extra hardware and only combinational circuits have been analyzed. A serial fault simulation technique that required only partial reconfiguration during logic emulation was proposed in [12], showing that no extra logic need be added for fault injection purposes, and that HFS can be about two orders of magnitude faster than SFS for designs over 100,000 gates. More recently, other hardware fault injection approaches were proposed in [13-15] using the JBITS [16] interface for partial FPGA reconfiguration. The JBITS software can achieve effective injection of faults on Look-Up-Tables (LUTs) [13] [14] or erroneous register values [15]. These works do not report any results on partial FPGA reconfiguration times for fault injection - only some predictions are given. Moreover, the approach that uses JBITS requires the Java SDK 1.2.2 [17] platform and the XHWIF [18] hardware interface. The purpose of this paper is to present a Reconfigurable Hardware Fault Simulation (RHFS) methodology that uses partial reconfiguration to implement a novel, highly efficient hardware fault simulation tool, which we called f2s. We show that partial FPGA reconfiguration can be accomplished very efficiently by deriving very small bit files for fault injection. These bit files are obtained from the full configuration bit file by means of its direct manipulation, without requiring any additional software tools. Moreover, the new RHFS tool does not require the use any specific hardware interface with the FPGA. This paper is organized as follows. In section 2 the LUT extraction from the bit file is explained and the fault collapsing technique is proposed. In section 3 the new fault simulation tool, f2s, is presented. Section 4 presents experimental results that compare

Fault Simulation using Partially Reconfigurable Hardware

3

SFS and HFS to the new RHFS approach using two ISCAS’89 benchmark circuits [19]. Finally, section 5 concludes the paper.

2. LUT extraction, fault injection and collapsing Virtex FPGAs [20] are essentially composed of an array of Configurable Logic Blocks (CLBs) surrounded by a ring of I/O blocks. The CLBs are the building blocks for implementing custom logic. Each CLB contains two slices. Each slice contains two 4 input Look-Up-Tables (LUTs), 2 flip-flops and some carry logic. For the fault model used in the next section, only LUT extraction is required. Each LUT can be used to implement a function of 0, 1, 2, 3 or 4 inputs. It is important to identify the number of inputs relevant for each used LUT, in order to include the corresponding faults in the fault list. Since each LUT has 4 inputs, the LUT contents consist of a 16bit vector, one vector for each combination of the inputs. Let yabcd be the output value for the combination of input values abcd. The LUT configuration 16-bit vector can be denoted y0000, y0001, y0010, …, y1111, where each bit position corresponds to the LUT output value for the respective combination of the inputs i3, i2, i1 and i0. If one input has a fixed value, then an 8 bit vector is obtained. For instance, if we have always i3=0, then the relevant 8 bit vector is y0000, y0001, y0010, y0011, y0100, y0101, y0110, y0111. The only circuit information required for our RHFS method is the configuration bit file of the FPGA. After retrieving the information of each LUT from the bit file [21], the relevance of each input ix (x=0,1, 2 and 3) is evaluated comparing the 8-bit vectors corresponding to ix=0 and ix=1. If these two vectors are identical then the input ix is not active. This is how we extract the LUT types, LUT2, LUT3, LUT4, etc., according to their number of relevant inputs. 2.2. Line Stuck-At Fault Injection and Collapsing The most popular fault model for digital circuit fault simulation is the single LineStuck-At (LSA) fault model. For the Virtex FPGAs, RHFS injects LSA faults in the outputs and inputs of LUTs. After extracting the number of active inputs in each LUT, the LSA fault list is created. Each LUT has two LSA faults (LSA-0 and LSA-1) per input or output. Thus, the total number of faults is 2, 4, 6, 8 and 10 for LUTs with 0, 1, 2, 3 or 4 active inputs, respectively. The required data for each fault injection consists of the 16-bit LUT configuration vector, modified in order to inject the fault behavior. In order to inject a LSA-v fault (v = 0 or v =1) at the output of a LUT, all 16 bit positions of the LUT reconfiguration vector must be set to the logic value v. The reconfiguration vector that corresponds to the LUT input a stuck at value v is obtained by copying the values yvbcd to y¬vbcd for each bcd combination. For instance, the vector for the fault input a LSA-0 is obtained by copying y0000 to y1000, y0001 to y1001, y0110 to y1110, …, y0111 to y1111. After computing the 16-bit reconfiguration vectors for each fault, fault collapsing can be performed efficiently by grouping the faults with identical reconfiguration vectors. To illustrate this, consider the LUT functionality F=a.b+c.d. Table 1 shows

4

A. Parreira, J.P. Teixeira, A. Pantelimon, M.B. Santos, and J.T. de Sousa

the configuration vectors for the fault free LUT (F) and the configuration vectors that model all LSA faults in the LUT (i/v means line i stuck-at value v). The LUT input combination that corresponds to each vector position (row) is given in the four left most columns of Table 1. Analyzing this table, we notice that two fault pairs can be collapsed using the methodology presented: (a/0, b/0) and (c/0, d/0). The shaded cells in the table indicate the LUT input combinations (or LUT test vectors) that activate the fault given in the respective column. Table 1. Fault reconfiguration vectors for LSA faults of a LUT implementing F=a.b+c.d.

a

b

c

d

F

a/0

b/0

c/0

d/0

a/1

b/1

c/1

d/1

F/1

F/0

0

0

0

0

0

0

0

0

0

0

0

0

0

1

0

0

0

0

1

0

0

0

0

0

0

0

1

0

1

0

0

0

1

0

0

0

0

0

0

0

0

0

1

1

0

0

0

1

1

1

1

1

0

0

1

1

1

1

1

0

0

1

0

0

0

0

0

0

0

1

0

0

0

1

0

0

1

0

1

0

0

0

0

0

1

0

1

0

1

0

0

1

1

0

0

0

0

0

0

1

0

0

1

1

0

0

1

1

1

1

1

1

0

0

1

1

1

1

1

0

1

0

0

0

0

0

0

0

0

0

1

0

0

1

0

1

0

0

1

0

0

0

0

0

0

1

1

0

1

0

1

0

1

0

0

0

0

0

0

0

1

0

1

1

0

1

0

1

1

1

1

1

0

0

1

1

1

1

1

0

1

1

0

0

1

0

0

1

1

1

1

1

1

1

0

1

1

0

1

1

0

0

1

1

1

1

1

1

1

0

1

1

1

0

1

0

0

1

1

1

1

1

1

1

0

1

1

1

1

1

1

1

1

1

1

1

1

1

1

0

3. Reconfigurable hardware fault simulation A new tool for FPGA based fault simulation (f2s) has been developed. One great advantage of f2s is the fact that it takes as input solely the binary file with the complete FPGA configuration. From this file, f2s identifies the target device for which the mapping was performed. This identification is mandatory in order to know the number of rows and columns for LUT bit positioning. LUT extraction is carried out as described in section 2.1 and the fault list is collapsed as described in section 2.2. After fault collapsing, f2s creates a report with all the LUTs in use, the original fault list, the collapsed fault list and the estimated reconfiguration times for different hardware interfaces. Fig. 1 shows this report for the s5378 ISCAS’89 benchmark circuit. Next, all partial reconfiguration bit files are generated in sequence for each fault. In this

Fault Simulation using Partially Reconfigurable Hardware

5

way, each bit file reprograms only the minimum number of frames (smallest amount of data that can be read or written with a single command) required to un-inject the previous fault and inject the next one. Both single and multiple fault injection are supported. Debugging and validation of the tool was carried out using a JTAG 200 Kb parallel III port. The experimental values obtained for the reconfiguration times matched the estimated values. Since the current version of the tool does not support any type of external test vector application, it is more suitable for BIST quality evaluation purposes. However, the methodology can be easily extended to apply external vectors supplied from an internal (FPGAs have internal RAM blocks) or external memory. BIT_FILE_NAME: = s5378.ncd BIT_PART_STRING: = v2000ebg560 BIT_DATE_STRING: = 2003/01/16 BIT_TIME_STRING: = 18:01:59 BIT_IMAGE: size 1269956 FAULTS STACK AT ZERO/ONE at LUT´s INPUTS / OUTPUTS / SELECT RAM BITS LUT -- LOCATION , TYPE , CONTENTS AND FAULT TYPE TO INJECT ( equivalent faults , between – and separated by / ) row=49 col=19 slice=1 lut=G type=2 vector=0 0 0 0 0 0 1 1 0 0 0 0 0 0 1 1 faults= -- O_S_1/I1_S_0/I2_S_0 – O_S_0 – I2_S_1 – I1_S_1 … … row=55 col=73 slice=0 lut=G type=4 vector=0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 faults= -- O_S_1/I0_S_0/I1_S_0/I2_S_0/I3_S_1 – O_S_0 – I1_S_1 – I2_S_1 – I0_S_1 – I3_S_0 lut capacity lut not used fauls to detect fauls to inject lut type 1 lut type 2 lut type 3 lut type 4

38400 37996 3610 2707 0 66 83 255

98.9479166666667 0.749861495844875 0 0.171875 0.216145833333333 0.6640625

TIME (hour:min:sec) to program and inject 0:6:51 (based on 200 Kb parallel III port speed – jtag) TIME (hour:min:sec) to program and inject 0:0:16 (based on 5 Mb parallel IV port speed – jtag) TIME (hour:min:sec) to program and inject 0:0:1 (based on 66 Mb usb port speed – serial) Fig. 1. Fault list report from f2s

6

A. Parreira, J.P. Teixeira, A. Pantelimon, M.B. Santos, and J.T. de Sousa

4. Experimental Results Software, Hardware and Reconfigurable Hardware Fault Simulation are compared in this section. The focus is to determine the trade-offs associated with the fundamentals of the three approaches: SFS costs increase steadily with circuit complexity, test length and fault list size, especially for sequential circuits. HFS has a significant initial cost, associated with FPGA synthesis and implementation, and a low cost in the hardware emulation process itself. Finally, RHFS represents a trade-off between the previous two approaches. Because reconfiguration is used in fault injection, hardware mechanisms for fault injection need not be added to the original circuit. This gives rise to a much simpler circuit that can be compiled faster. On the other the fault replacements by means of partial reconfiguration will take more time than simply shifting the fault register as in HFS. Thus the RHFS fault simulation times increase faster with the number of vectors when compared to HFS, but slower when compared to SFS. In order to compare the three approaches, two ISCAS’89 circuits, s5378 and s13207, have been used as test vehicles. The complexity of these circuits and their fault list sizes before and after collapsing are shown in Table 2. From the analysis of this table, it is clear that the original fault list of LSAs at LUT terminals is efficiently collapsed by the tool. Table 3 shows the LSA fault collapsing results for the s5378 circuit obtained with the f2s tool in terms of the distribution of the faults among the various types of extracted LUTs. Pseudo-random test vectors have been used in the experiments. The vectors are generated internally in the FPGA using an LFSR, as it is common for BIST. Since we are mainly interested in measuring the fault simulation time, we have not obtained fault coverage values. However fault coverage can be obtained by emulating the fault free circuit, saving the response sequences and later comparing them to the output response sequences of the faulty circuits. Work in this direction is in progress. Table 2. LUT usage for a Virtex XCV2000E FPGA and corresponding fault list sizes for the two ISCAS’89 sequential circuit benchmarks.

Benchmark Circuit

#LUTs used

#LUTs unused

#LSA faults before collapsing

#LSA faults after collapsing

s5378

404

37996

3610

2707

s13207

795

37605

7126

5434

Fault Simulation using Partially Reconfigurable Hardware

7

Table 3. Collapsed fault distribution over LUT types for the s5378 benchmark circuit.

LUT Type LUT2 LUT3 LUT4

4 63

# faults 6 7 8 9 10 3 40 24 7 14 54 47 118 11 24 5

Software fault simulation has been carried out using a widely used commercial fault simulation tool running on a Sun ultra10/440 workstation of 1 GB of RAM capacity. The SFS time, tSFS, is computed by the commercial EDA tool. The fault simulation time, tHFS , for the HFS or RHFS approaches is computed by the following expression:

t HFS = tcomp + treconf +

# faults × # vectors f HFS

where tcomp is the sum of the FPGA synthesis and configuration times, treconf is the time required for reconfiguration (which is zero in the case of HFS) and fHFS is the frequency of vector hardware application. The value of tcomp is obtained after synthesis and mapping of the circuit using the Xilinx Synthesis Tool (XST). The f2s tool analyses the bit stream and computes all reconfiguration frames for each fault. According to the number of generated reconfiguration frames, it reports the value of treconf for different hardware interfaces. Figs. 3 and 4 show the fault simulation times for the two ISCAS’89 benchmark circuits, s5378 and s13207, respectively, for fHFS = 50MHz, using a Celoxica RC1000-PP board containing a Xilinx Virtex 2000E FPGA. Note that, unlike in SFS, in HFS or RHFS no fault dropping is available since all faults are simulated in sequence. The curve marked “RHFS (200Kb)” refers to partial reconfiguration using a JTAG 200 Kb parallel III port. The curve marked “RHFS (5Mb)” refers to partial reconfiguration using a JTAG 5 Mb parallel IV port. From these results it is clear that HFS (hardware fault simulation with a unique configuration file) is advantageous over SFS only when the number of test vectors exceeds a certain value that mainly depends on the FPGA compilation time tcomp [9]. Once the FPGA is compiled, the cost of applying test vectors is very small compared to SFS, despite the fact that the slope of tSFS depends on the computational resources of the machine that is running it. On the other hand, RHFS (hardware fault simulation using partial reconfiguration files for fault replacement) is faster than SFS even for a small number of test vectors. This results from the fact that tcomp + trecomp for RHFS is much lower than tcomp for the HFS approach. In the final version of this paper, results comparing RHFS, HFS and SFS times for a larger set of benchmark circuits will be presented, which should also include larger circuits like the ones reported in [22].

8

A. Parreira, J.P. Teixeira, A. Pantelimon, M.B. Santos, and J.T. de Sousa

5000 SFS

4000

time [s]

HFS RHFS (200 Kb)

3000 2000 1000 0 0

50

100

150

200

250

300

350

400

450

500

# vectors ( x 1000 )

Fig. 2. Reconfigurable HW, fixed HW and SW fault simulation times for the s5378 benchmark circuit. 30000 SFS

25000

HFS RHFS (5 Mb)

time [s]

20000

RHFS (200 Kb)

15000 10000 5000 0 0

10

20

30

40 50 60 # vectors ( x 1000 )

70

80

90

Fig. 3. Reconfigurable HW, fixed HW and SW fault simulation times for the s13207 benchmark circuit

100

Fault Simulation using Partially Reconfigurable Hardware

9

Conclusions In this work we have presented a novel approach to fault simulation using partial reconfiguration of FPGAs for fault replacement (RHFS). The approach has been compared to traditional software fault simulation (SFS), and to previous fixed hardware fault simulation (HFS). The superiority of the new approach has been demonstrated on two ISCAS’89 benchmark circuits. Compared to software fault simulation, we found that RHFS is faster than SFS, even for a limited number of test vectors. After performing FPGA compilation during some tens of minutes, the simulation time for RHFS increases linearly with the number of test vectors at a rate that, for a 50MHz clock frequency, is two orders of magnitude lower than the increase rate observed for SFS. Our fault simulation methodology uses the LSA fault model at LUT terminals. We presented a fault collapsing technique based on comparing the LUT reconfiguration vectors for each fault that leads to an efficiently optimized fault list. Our RHFS methodology was embodied in a software tool, f2s, which takes as unique input the binary file for FPGA configuration. This is a significant advantage over other partial reconfiguration techniques that depend on a variety of file formats and tools. When processing the bit file, f2s, identifies the target FPGA device, extracts the LUTs in use and their types, and generates minimal reconfiguration bit files for fault injection. Current work is oriented towards supporting external vectors, automation of vector formatting and fault coverage evaluation. The goal is to make f2s a competitive fault simulation tool. References [1] M.L. Bushnel, V.D. Agrawal, “Essentials of Electronic Testing for Digital Memory and Mixed-Signal VLSI Circuits”, Kluwer Academic Pubs., 2000. [2] T.M. Niermann, W. T. Cheng, J. H. Patel, “PROFS: A fast, memory-efficient sequential circuit fault simulator”, IEEE Trans. Computer-Aided Design, pp.198-207, 1992. [3] E.M. Rudnick, J.H. Patel, “Overcoming the Serial Logic Simulation Bottleneck in Parallel Fault Simulation”, Proc. of the IEEE International Test Conference (ITC), pp. 495-501, 1997. [4] F.M. Gonçalves, M.B. Santos, I.C. Teixeira and J.P. Teixeira, "Design and Test of Certifiable ASICs for Safety-critical Gas Burners Control", Proc. of the 7th. IEEE Int. On-Line Testing Workshop (IOLTW), pp. 197-201, July, 2001. [5] R.W.Wieler, Z. Zhang, R. D. McLeod, “Simulating static and dynamic faults in BIST structures with a FPGA based emulator”, Proc. of IEEE Int. Workshop of FieldProgrammable Logic and Application, pp. 240-250, 1994. [6] K. Cheng, S. Huang, W. Dai, “Fault Emulation: A New Methodology for Fault Grading”, IEEE Trans. On Computer-Aided Design of Integrated Circuits and Systems, vol. 18, no. 10, pp1487-1495, October 1999. [7] Shih-Arn Hwang, Jin-Hua Hong and Cheng-Wen Wu, “Sequential Circuit Fault Simulation Using Logic Emulation”, IEEE Transations on Computer-Aided Design of Integrated Circuits and Systems, vol. 17, no. 8, pp. 724-736, August 1998.

10

A. Parreira, J.P. Teixeira, A. Pantelimon, M.B. Santos, and J.T. de Sousa

[8] P.Civera, L.Macchiarulo, M.Rebaudengo, M.Reorda, M.Violante, “An FPGAbased approach for speeding-up Fault Injection campains on safety-critical circuits”, IEEE Journal of Electronic Testing Theory and Applications, vol. 18, no.3, pp. 261271, June 2002. [9] M.B. Santos, J. Braga, I. M. Teixeira, J. P. Teixeira, "Dynamic Fault Injection Optimization for FPGA-Based Harware Fault Simulation", Proc. of the Design and Diagnostics of Electronic Circuits and Systems Workshop (DDECS), pp. 370-373, April, 2002. [10] Miron Abramovici, Prem Menon, “Fault Simulation on Reconfigurable Hardware” , IEEE Symposium on FPGAs for Custom Computing Machines, pp. 182190, 1997. [11] M. Abramovici, P. R. Menon, D. T. Miller, “Critical Path Tracing: An Alternative to Fault Simulation”, IEEE Design Automation Conference, pp. 468 - 474 , 1984. [12] L. Burgun, F. Reblewski, G. Fenelon, J. Barbier, O. Lepape, “Serial fault simulation”, Proc. Design Auomation Conference, pp. 801-806, 1996. [13] L.Antoni, R. Leveugle, B. Fehér, “Using Run-Time Reconfiguration for Fault Injection in Hardware Prototypes”, IEEE International Symposium on Defect and Fault Tolerance in VLSI Systems, pp.405-413, October 2000. [14] L.Antoni, R. Leveugle, B. Fehér, “Using Run-Time Reconfiguration for Fault Injection Applications”, IEEE Instrumentation and Measurement Technology Conference, vol. 3, pp.1773-1777, May 2001. [15] L.Antoni, R. Leveugle, B. Fehér, “Using Run-Time Reconfiguration for Fault Injection in Hardware Prototypes”, IEEE International Symposium on Defect and Fault Tolerance in VLSI Systems, pp. 245-253, 2002. [16] S. Guccione, D. Levi, P.Sundararajan, “Jbits: A Java-based Interface for Reconfigurable Computing”, Proc. of the 2nd Military and Aerospace Applications of Programmable Devices and Technologies Conference (MAPLD), pp. 27, 1999. [17] E. Lechner, S. Guccione, “The Java Environment for Reconfigurable Computing”, Proc. of the 7th International Workshop on Field-Programmable Logic and Applications (FPL), Lecture Notes in Computer Science 1304, pp.284-293, September 1997. [18] P.Sundararajan, S.Guccione, D.Levi, “XHWIF: A portable hardware interface for reconfigurable computing”, Proc. of Reconfigurable Technology: FPGAs and Reconfigurable Processors for Computing and Communications, SPIE 4525, pp.97102, August 2001. [19] F. Brglez, D. Bryan, K. Kominski, “Combinational Profiles of Sequential Benchmark Circuits”, Proc. Int. Symp. on Circuits and Systems (ISCAS), pp. 122934, 1989. [20] Xilinx Inc., “Virtex-E 1.8V Field Programmable Gate Arrays”, Xilinx DS022, 2001. [21] Xilinx Inc., “Virtex Series Configuration Architecture User Guide”, Application Note: Virtex Series, XAPP151 (v1.5), September 27, 2000. [22] H. Cha, E. Rudnick, J.Patel, R. Iyer, G.Shoi, “A Gate-Level Simulation Environment for Alpha-Particle-Induced Transient Faults”, IEEE Transactions on Computers, vol. 45, no.11, pp1248-1256, November 1996.