outline • Background – JPL MER example Reliable State Machines • JPL FPGA/ASIC Process – Procedure – Guidelines Dr. Gary R Burke • State machines – Traditional California Institute of Technology – Highly Reliable Jet Propulsion Laboratory – Comparison 10/14/2005 Caltech 1 10/14/2005 Caltech 2 10/14/2005 Caltech 3 10/14/2005 Caltech 4 MER Mission example • Large number of FPGAs • Mostly fuse programmable – but at least one RAM programmable FPGA • Several ASICs • Many standard parts eg Microprocessor, RAM chips. 10/14/2005 Caltech 5 10/14/2005 Caltech 6 1
10/14/2005 Caltech 7 10/14/2005 Caltech 8 10/14/2005 Caltech 9 10/14/2005 Caltech 10 10/14/2005 Caltech 11 10/14/2005 Caltech 12 2
FPGA/ASIC Process • JPL needs to ensure design process is sound • A bug in an FPGA/ASIC can halt a billion dollar mission • Tight schedules can result in inadequate testing • Inadequate version control can result in the wrong code • First Pass success important for ASIC design 10/14/2005 Caltech 13 10/14/2005 Caltech 14 FPGA/ASIC Process FPGA/ASIC Process • To ensure a quality product: • Peer reviews by experts to check the design and design approach • Requirements are correct and do not change • Formal Reviews to ensure design process is • Specification is complete adequate, and to sign off on the design • Design will meet the specification and • Documentation for review and archiving requirements • Check-lists to ensure all problems are fixed • Testing has covered all possible cases 10/14/2005 Caltech 15 10/14/2005 Caltech 16 FPGA/ASIC Process ASIC PROCESS Proto Board Proto Board Design Test ASIC Design Process GRB - 2/1/04 Firmw are Firmw are Design: Compilation • Configuration Management to ensure Physical Design: Complete Layout:: chip Specification: IDR HDL Design: PDR Structural design: Structural Physical CDR STA RT Design Design fabrica Review Review sign-of f sign-off Review tion correct versions are used A nalog Circuit Analog Layout Design: Design: • Verification Matrix – which documents all Preliminary RTL code, Specification Level 5 Test Plan Structural code Inputs CM plan Requirements Updated Test Vectors Test approach Specification testing Preliminary Test vectors RTL code, Structural code Specification Layout Chip layout CDR outputs Test Plan Test Vectors CM plan netlist Checklist Test approach Updated Specification V-matrix Conceptual Synthesis Physical Complete Layout:: Create PDR Design CDR process Specification. Design RTL Design; Timing analysis Structural Chip integration Is ASIC Peer DRC Review: Is Preliminary & RTL simulation testability Design Physical Design: • Checking tools e.g. Lint, DRC; all errors, Ready to review LVS ASIC ready design. Requiremen DFT;simulation coverage Prototype; ATPG Peer Place and Route V test bench & modeling procede and ERC for Test Approach. ts Vendor software Review Timing analysis BA Review Trial Synthesis with Gate level and sign-off fabrication? ASIC/FPGA/ structural Update Prototype Is ASIC Trial Timing analysis verification Sign-off Test Vectors BA package design? selection. ready to Trial testability anal. Firmware design Vendor software Configuration procede Test Plan Test vectors BA Initial Firmware design and warnings documented management with TV coverage Gate level detailed SEU mitigation plan Trial P&R Review plan verification BA design? Fault tolerant plan Prototype FPGA Select Foundry Partition Design Lint verification Formal Verification Specify IPs pinout defined FT approach code walkthrough 10/14/2005 Caltech 17 10/14/2005 Caltech 18 3
FPGA PROCESS Guidelines FPGA Design Process GRB - 2/1/04 Firmw are Firmw are Design: V erification • Define set of rules for HDL design FPGA Prototype FPGA Final Build HDL Design: FPGA fuse START Specification: IDR PDR design: CDR Review Review programming Prot-board • Reduce ambiguity design Proto-Board Test Preliminary RTL code, Specification Configuration Level 5 Test Plan • Clarify design to be easily checked and Inputs CM plan code Requirements Updated Specification Test approach Test Vectors RTL code, Configuration Preliminary Test Plan code Verification Specification CDR outputs Updated Specification Test Vectors matrix; CM plan Checklist Test vectors reviewed Test approach Conceptual process Create HDL Design; Synthesis CDR Design Specification. HDL simulation Timing analysis Review: Is & Is FPGA Implementation DFT;simulation coverage testability flight FPGA Requiremen Ready to Physical Design: Partition and V test bench & modeling Prototype ready for ts procede Place and Route Test Approach. Trial Synthesis FPGA software personalizat • Implement most reliable design techniques Review with Gate level Timing analysis FPGA device Trial Timing analysis ion? Is FPGA synthesis? verification Update Prototype and package ready to Test Plan Test Vectors selection. procede Initial Firmware design Firmware design Test vectors Vendor software Configuration with SEU mitigation plan TV coverage System Test management detailed Fault tolerant plan Prototype FPGA Schedule with design? Lint verification Plan for Reviews pinout defined Specify IPs code walkthrough FT approach prot-board design 10/14/2005 Caltech 19 10/14/2005 Caltech 20 Fault Tolerant State Machines State Machines • A state machine is a sequential machine that when • The state machine needs to be tolerant of built into an FPGA or ASIC controls the single event upsets sequencing of actions in the digital logic • The current state of a machine is held in a state • State machine should not hang register which is updated on a clock • State machine should always be in a defined • The next value of the state register (next state) is state derived from the current state and the inputs • No asynchronous inputs to state machine • Outputs from the state machine are decoded from the state register and can also be combined with • Default state must be specified the inputs 10/14/2005 Caltech 21 10/14/2005 Caltech 22 State-Machine (SM) Encoding Other SM Encoding • 1-hot encoding • Each distinct state of the SM is represented – The number of bits in the code is equal to the number by a unique code of states. Each encoded state has just 1 bit in the • The allocation of these binary codes to encoded word set to a 1 (the rest are 0) – The advantage is that when optimized for non-reliable states is the Encoding use, the amount of logic needed is less than Binary • The simplest encoding is Binary encoding, and it can be faster. One bit change with a SEU will result in a bad code which can be detected. • In Binary encoding each state is given the – The disadvantage is the increased number of bits results in more flip/flops and therefore more targets for SEUs. next available binary number in sequence. The SEU advantage is lost when the 1-hot encoding is optimized. 10/14/2005 Caltech 23 10/14/2005 Caltech 24 4
Recommend
More recommend