Page 1
Nadpis 1 Nadpis 2
Nadpis 3
Jméno PříjmeníVysoké učení technické v Brně, Fakulta informačních technologií v Brně
Božetěchova 2, 612 66 [email protected]
99.99.2008
Hardware Acceleration of Fault-tolerant System Verification
Marcela Šimková[email protected]
Faculty of Information TechnologyBrno University of Technology
Czech Republic
June 4, 2013
Page 2
Motivation
• Evaluation platform for testing fault-tolerance methodologies in electro-mechanical (EM) applications.
• Examples:• aerospace,• space,• automotive, • safety-critical,• …
2 Marcela Šimková
Page 3
Goals of the Research
3
• Fault-tolerance methodologies are targeted to electronic components.
→ Is the mechanical part also affected? How?
• Fault-tolerance methodologies are often demonstrated on simple electronic circuits.
→ What about real-size systems?
Marcela Šimková
Page 4
Current State
• We have: • FPGA-based designs (mechanical part),• simulation environment (stimuli, reactions of electronic
part),• fault-injector.
• We need:• A complex set of input stimuli (test vectors) for detection of
injected faults and checking the design behaviour.
4
robotrobot
controller
simulation FPGA
faultinjection
inputstimuli
robotcontroller
faultinjection
FPGA
Marcela Šimková
Page 5
Outline of the Presentation
5
1. Evaluation platform.
• Experimental EM design.• Issue of the complexity.• Simulation of the mechanical part.• Fault injection.• Different fault-tolerance methodologies.
2. Strategies for the generation of input stimuli.
• ATPG.• Functional verification.• Experiments.• HAVEN.
Marcela Šimková
Page 6
Zápatí pro všechny stránky (ne první a poslední) 6
Evaluation Platform
Page 7
Experimental EM Design
Evaluation Platform Marcela Šimková
7
• The robot device (mechanical part) and its robot controller (electronic part).
• Mission: Path search through a maze.
Page 8
Issue of the Complexity
Evaluation Platform Marcela Šimková
8
• The robot controller is designed as a complex system with specific components.
• Testing and validating individual or co-operating fault-tolerance methodologies.
Page 9
Simulation of the Mechanical Part
Evaluation Platform Marcela Šimková
9
• Simulation environment Player/Stage.
• Video: http://www.fit.vutbr.cz/~isimkova/robot/final.wmv
• The visual feedback about the movements of the robot after the fault injection.
Page 10
Fault Injection
Evaluation Platform Marcela Šimková
10
• The weak point of FPGAs is their configuration memory.
• Configuration bits (bitstream) determine the functionality of the FPGA chip (in our case the robot controller).
• Small change of the bitstream (inversion of the stored value) can lead to different functionality (Single Event Upset, SEU).
• Fault injection = a deliberate change of single or multiple bits in the bitstream.
• The main goal: classification of faults.
Page 11
Different Fault-tolerance Methodologies
Evaluation Platform Marcela Šimková
11
• Incremental hardening of designsagainst faults.
• Methodologies: • TMR,• duplex,• coding,• bit scrubbing, • partial dynamic reconfiguration,• ...
Page 12
Zápatí pro všechny stránky (ne první a poslední) 12
Strategies for the Generation of Input Stimuli
Page 13
Strategies
Input Stimuli Generation Marcela Šimková
13
• Common approaches:
ATPG (Automatic Test Pattern Generation)- gate-level- different fault models- scan architectures
Functional tests- check functional aspects of the design
• New strategy?
Functional verification- pre-silicon simulation-based verification approach- register-transfer level- check functional and partially structural aspects of the design
Page 14
Functional Verification
Input Stimuli Generation Marcela Šimková
14
• Simulation-based approach that checks whether a model of the system (DUT, Design Under Test) respects the specification.
+ Additional verification techniques:• constrained-random stimulus generation,• coverage-driven verification,• assertion-based verification,• self-checking mechanisms.
+ Implementation mainly in SystemVerilog.
+ Verification methodologies (OVM, UVM).
Page 15
Coverage
15
• ATPG - fault coverage • Functional verification
functionalcode
assertions
statement
FSM
coverage metricsspecification DUT (hdl)
Input Stimuli Generation Marcela Šimková
Page 16
Pros and Cons of Using Functional Verification
16
• Cons:• knowledge of verification basics,• implementation of the verification environment (2 weeks or
more).
• Pros:• reuse of verification vectors (if functional verification is a
part of the pre-silicon phase of the design cycle),• fast generation of vectors (in seconds).
Input Stimuli Generation Marcela Šimková
Page 17
Experimental design
17Median Workshop Marcela Šimková
Page 18
1. Experiment
18Median Workshop Marcela Šimková
Page 19
2. Experiment
19Median Workshop Marcela Šimková
Page 20
3. Experiment
20Median Workshop Marcela Šimková
Page 21
4. Experiment
21
• Combination of vectors from functional verification and ATPG.
• Achieved fault coverage: 96.20%
Median Workshop Marcela Šimková
Page 22
Evaluation of Results
22Median Workshop Marcela Šimková
• As for ALU, vectors originated in functional verification were effective enough for detection of stuck-at faults.
• Combination with ATPG vectors even more effective.
• Future ideas:• Bigger designs (the robot controller)?• Randomness of vectors?• An optimized set of vectors from functional verification?
Page 23
Future work
• Direct interconnection of the evaluation platform with the functional verification environment.
→ Verification of fault-tolerant designs !
• How?
Input Stimuli Generation Marcela Šimková
23
Page 24
HAVEN
• Framework for hardware acceleration of functional verification on FPGA (for arbitrary synchronous units).
• Allows acceleration by moving some (or all) components from software to hardware verification environment.
• Runs at the frequency limited only by the FPGA (~ 100 MHz).
• High level of abstraction, easy to adapt/extend.
• For an FPGA system, verifies directlythe system, not only a model.
• Freely available and open source.
24Dagstuhl Seminar: Verifying Reliability Marcela Šimková
Page 25
Zápatí pro všechny stránky (ne první a poslední) 25
Questions?