Upload
clinton-porter
View
221
Download
2
Embed Size (px)
Citation preview
Nadpis 1 Nadpis 2
Nadpis 3
Jméno PříjmeníVysoké učení technické v Brně, Fakulta informačních technologií v Brně
Božetěchova 2, 612 66 [email protected]
99.99.2008
Hardware Acceleration of Fault-tolerant System Verification
Marcela Šimková[email protected]
Faculty of Information TechnologyBrno University of Technology
Czech Republic
June 4, 2013
Motivation
• Evaluation platform for testing fault-tolerance methodologies in electro-mechanical (EM) applications.
• Examples:• aerospace,• space,• automotive, • safety-critical,• …
2 Marcela Šimková
Goals of the Research
3
• Fault-tolerance methodologies are targeted to electronic components.
→ Is the mechanical part also affected? How?
• Fault-tolerance methodologies are often demonstrated on simple electronic circuits.
→ What about real-size systems?
Marcela Šimková
Current State
• We have: • FPGA-based designs (mechanical part),• simulation environment (stimuli, reactions of electronic
part),• fault-injector.
• We need:• A complex set of input stimuli (test vectors) for detection of
injected faults and checking the design behaviour.
4
robotrobot
controller
simulation FPGA
faultinjection
inputstimuli
robotcontroller
faultinjection
FPGA
Marcela Šimková
Outline of the Presentation
5
1. Evaluation platform.
• Experimental EM design.• Issue of the complexity.• Simulation of the mechanical part.• Fault injection.• Different fault-tolerance methodologies.
2. Strategies for the generation of input stimuli.
• ATPG.• Functional verification.• Experiments.• HAVEN.
Marcela Šimková
Zápatí pro všechny stránky (ne první a poslední) 6
Evaluation Platform
Experimental EM Design
Evaluation Platform Marcela Šimková
7
• The robot device (mechanical part) and its robot controller (electronic part).
• Mission: Path search through a maze.
Issue of the Complexity
Evaluation Platform Marcela Šimková
8
• The robot controller is designed as a complex system with specific components.
• Testing and validating individual or co-operating fault-tolerance methodologies.
Simulation of the Mechanical Part
Evaluation Platform Marcela Šimková
9
• Simulation environment Player/Stage.
• Video: http://www.fit.vutbr.cz/~isimkova/robot/final.wmv
• The visual feedback about the movements of the robot after the fault injection.
Fault Injection
Evaluation Platform Marcela Šimková
10
• The weak point of FPGAs is their configuration memory.
• Configuration bits (bitstream) determine the functionality of the FPGA chip (in our case the robot controller).
• Small change of the bitstream (inversion of the stored value) can lead to different functionality (Single Event Upset, SEU).
• Fault injection = a deliberate change of single or multiple bits in the bitstream.
• The main goal: classification of faults.
Different Fault-tolerance Methodologies
Evaluation Platform Marcela Šimková
11
• Incremental hardening of designsagainst faults.
• Methodologies: • TMR,• duplex,• coding,• bit scrubbing, • partial dynamic reconfiguration,• ...
Zápatí pro všechny stránky (ne první a poslední) 12
Strategies for the Generation of Input Stimuli
Strategies
Input Stimuli Generation Marcela Šimková
13
• Common approaches:
ATPG (Automatic Test Pattern Generation)- gate-level- different fault models- scan architectures
Functional tests- check functional aspects of the design
• New strategy?
Functional verification- pre-silicon simulation-based verification approach- register-transfer level- check functional and partially structural aspects of the design
Functional Verification
Input Stimuli Generation Marcela Šimková
14
• Simulation-based approach that checks whether a model of the system (DUT, Design Under Test) respects the specification.
+ Additional verification techniques:• constrained-random stimulus generation,• coverage-driven verification,• assertion-based verification,• self-checking mechanisms.
+ Implementation mainly in SystemVerilog.
+ Verification methodologies (OVM, UVM).
Coverage
15
• ATPG - fault coverage • Functional verification
functionalcode
assertions
statement
FSM
coverage metricsspecification DUT (hdl)
Input Stimuli Generation Marcela Šimková
Pros and Cons of Using Functional Verification
16
• Cons:• knowledge of verification basics,• implementation of the verification environment (2 weeks or
more).
• Pros:• reuse of verification vectors (if functional verification is a
part of the pre-silicon phase of the design cycle),• fast generation of vectors (in seconds).
Input Stimuli Generation Marcela Šimková
Experimental design
17Median Workshop Marcela Šimková
1. Experiment
18Median Workshop Marcela Šimková
2. Experiment
19Median Workshop Marcela Šimková
3. Experiment
20Median Workshop Marcela Šimková
4. Experiment
21
• Combination of vectors from functional verification and ATPG.
• Achieved fault coverage: 96.20%
Median Workshop Marcela Šimková
Evaluation of Results
22Median Workshop Marcela Šimková
• As for ALU, vectors originated in functional verification were effective enough for detection of stuck-at faults.
• Combination with ATPG vectors even more effective.
• Future ideas:• Bigger designs (the robot controller)?• Randomness of vectors?• An optimized set of vectors from functional verification?
Future work
• Direct interconnection of the evaluation platform with the functional verification environment.
→ Verification of fault-tolerant designs !
• How?
Input Stimuli Generation Marcela Šimková
23
HAVEN
• Framework for hardware acceleration of functional verification on FPGA (for arbitrary synchronous units).
• Allows acceleration by moving some (or all) components from software to hardware verification environment.
• Runs at the frequency limited only by the FPGA (~ 100 MHz).
• High level of abstraction, easy to adapt/extend.
• For an FPGA system, verifies directlythe system, not only a model.
• Freely available and open source.
24Dagstuhl Seminar: Verifying Reliability Marcela Šimková
Zápatí pro všechny stránky (ne první a poslední) 25
Questions?