Nadpis 1 Nadpis 2 Nadpis 3 Jméno Příjmení Vysoké učení technické v Brně, Fakulta informačních technologií v Brně Božetěchova 2, 612 66 Brno [email protected]

Nadpis 1 Nadpis 2

Nadpis 3

Jméno PříjmeníVysoké učení technické v Brně, Fakulta informačních technologií v Brně

Božetěchova 2, 612 66 [email protected]

99.99.2008

Hardware Acceleration of Fault-tolerant System Verification

Marcela Šimková[email protected]

Faculty of Information TechnologyBrno University of Technology

Czech Republic

June 4, 2013

Motivation

• Evaluation platform for testing fault-tolerance methodologies in electro-mechanical (EM) applications.

• Examples:• aerospace,• space,• automotive, • safety-critical,• …

2 Marcela Šimková

Goals of the Research

3

• Fault-tolerance methodologies are targeted to electronic components.

→ Is the mechanical part also affected? How?

• Fault-tolerance methodologies are often demonstrated on simple electronic circuits.

→ What about real-size systems?

Marcela Šimková

Current State

• We have: • FPGA-based designs (mechanical part),• simulation environment (stimuli, reactions of electronic

part),• fault-injector.

• We need:• A complex set of input stimuli (test vectors) for detection of

injected faults and checking the design behaviour.

4

robotrobot

controller

simulation FPGA

faultinjection

inputstimuli

robotcontroller

faultinjection

FPGA

Marcela Šimková

Outline of the Presentation

5

1. Evaluation platform.

• Experimental EM design.• Issue of the complexity.• Simulation of the mechanical part.• Fault injection.• Different fault-tolerance methodologies.

2. Strategies for the generation of input stimuli.

• ATPG.• Functional verification.• Experiments.• HAVEN.

Marcela Šimková

Zápatí pro všechny stránky (ne první a poslední) 6

Evaluation Platform

Experimental EM Design

Evaluation Platform Marcela Šimková

7

• The robot device (mechanical part) and its robot controller (electronic part).

• Mission: Path search through a maze.

Issue of the Complexity


8

• The robot controller is designed as a complex system with specific components.

• Testing and validating individual or co-operating fault-tolerance methodologies.

Simulation of the Mechanical Part


9

• Simulation environment Player/Stage.

• Video: http://www.fit.vutbr.cz/~isimkova/robot/final.wmv

• The visual feedback about the movements of the robot after the fault injection.

Fault Injection


10

• The weak point of FPGAs is their configuration memory.

• Configuration bits (bitstream) determine the functionality of the FPGA chip (in our case the robot controller).

• Small change of the bitstream (inversion of the stored value) can lead to different functionality (Single Event Upset, SEU).

• Fault injection = a deliberate change of single or multiple bits in the bitstream.

• The main goal: classification of faults.

Different Fault-tolerance Methodologies


11

• Incremental hardening of designsagainst faults.

• Methodologies: • TMR,• duplex,• coding,• bit scrubbing, • partial dynamic reconfiguration,• ...


Strategies for the Generation of Input Stimuli

Strategies

Input Stimuli Generation Marcela Šimková

13

• Common approaches:

ATPG (Automatic Test Pattern Generation)- gate-level- different fault models- scan architectures

Functional tests- check functional aspects of the design

• New strategy?

Functional verification- pre-silicon simulation-based verification approach- register-transfer level- check functional and partially structural aspects of the design

Functional Verification


14

• Simulation-based approach that checks whether a model of the system (DUT, Design Under Test) respects the specification.

+ Additional verification techniques:• constrained-random stimulus generation,• coverage-driven verification,• assertion-based verification,• self-checking mechanisms.

+ Implementation mainly in SystemVerilog.

+ Verification methodologies (OVM, UVM).

Coverage

15

• ATPG - fault coverage • Functional verification

functionalcode

assertions

statement

FSM

coverage metricsspecification DUT (hdl)


Pros and Cons of Using Functional Verification

16

• Cons:• knowledge of verification basics,• implementation of the verification environment (2 weeks or

more).

• Pros:• reuse of verification vectors (if functional verification is a

part of the pre-silicon phase of the design cycle),• fast generation of vectors (in seconds).


Experimental design

17Median Workshop Marcela Šimková

1. Experiment


2. Experiment


3. Experiment


4. Experiment

21

• Combination of vectors from functional verification and ATPG.

• Achieved fault coverage: 96.20%

Median Workshop Marcela Šimková

Evaluation of Results


• As for ALU, vectors originated in functional verification were effective enough for detection of stuck-at faults.

• Combination with ATPG vectors even more effective.

• Future ideas:• Bigger designs (the robot controller)?• Randomness of vectors?• An optimized set of vectors from functional verification?

Future work

• Direct interconnection of the evaluation platform with the functional verification environment.

→ Verification of fault-tolerant designs !

• How?


23

HAVEN

• Framework for hardware acceleration of functional verification on FPGA (for arbitrary synchronous units).

• Allows acceleration by moving some (or all) components from software to hardware verification environment.

• Runs at the frequency limited only by the FPGA (~ 100 MHz).

• High level of abstraction, easy to adapt/extend.

• For an FPGA system, verifies directlythe system, not only a model.

• Freely available and open source.

24Dagstuhl Seminar: Verifying Reliability Marcela Šimková


Questions?

Documents

Nadpis 1 Nadpis 2 Nadpis 3 Jméno Příjmení Vysoké učení technické v Brně, Fakulta informačních technologií v Brně Božetěchova 2, 612 66 Brno [email protected]