1 MAPLD 2005 /219Osovets
Design and Timing Closure Design and Timing Closure Techniques for ManagingTechniques for Managing
Wide Semiconductor Timing Wide Semiconductor Timing Variations in Space ApplicationsVariations in Space Applications
Alexander OsovetsAlexander OsovetsOrbital SciencesOrbital Sciences
CorporationCorporation
Michael CuvielloMichael CuvielloSwales Aerospace Swales Aerospace
IncorporatedIncorporated
September 7, 2005September 7, 2005
2 MAPLD 2005 /219Osovets
The Design Problem:The Design Problem:
Long term exposure to Long term exposure to radiation in spaceradiation in space
Causes Component degradation Causes Component degradation resulting in Integrated Circuit resulting in Integrated Circuit specifications with wide timing specifications with wide timing variations.variations.
Problems guaranteeing Problems guaranteeing timing margin of FPGA based timing margin of FPGA based digital systems.digital systems.
3 MAPLD 2005 /219Osovets
Example SystemExample System
Micro-controller
Aeroflex
RH80C196KDS
FPGA
ACTEL
RT54SX72S
Peripherals
Memory
4 MAPLD 2005 /219Osovets
Example:Example:Aeroflex RH80C196KDS Micro-controllerAeroflex RH80C196KDS Micro-controller
Signal Timing relative to
address latch
Signal Timing relative to
output clock
Timing tolerance 40-50% of
system clock
Timing tolerance 40-50% of
system clock
Timing tolerances 40-50% of system
clock period
Worst case timing doesn’t add up!
5 MAPLD 2005 /219Osovets
Time for an Updated Approach:Time for an Updated Approach: A Multiple Clock SystemA Multiple Clock System
ClockDomain
ClockDomain
ClockDomain
ClockDomain
ClockDomain
ClockDomain
System Clock
Re-Sync
Re-Sync
De
lay
De
lay
De
lay Re-
Sync
6 MAPLD 2005 /219Osovets
New Issues!New Issues!
Need for glitch free handshaking logic.Need for glitch free handshaking logic.
Re-synchronization of cross-clock domain Re-synchronization of cross-clock domain signals.signals.
A more sophisticated static timing analysis tool A more sophisticated static timing analysis tool flow with multi-clock multi-mode capability.flow with multi-clock multi-mode capability.
7 MAPLD 2005 /219Osovets
What Causes FPGA Cells To Glitch?What Causes FPGA Cells To Glitch? ASIC combinatorial cells do not glitch, since they are ASIC combinatorial cells do not glitch, since they are
custom designed for a specific function.custom designed for a specific function.
In FPGAs all combinatorial functions are created from In FPGAs all combinatorial functions are created from components available in the slice, i.e. C-Cell.components available in the slice, i.e. C-Cell.
Actel devices have multiplexer based structures.Actel devices have multiplexer based structures.
This results in all gates being built from muxes.This results in all gates being built from muxes.
That in turn implies possibility of output glitches on the That in turn implies possibility of output glitches on the input signal transitions, even in the cases when other input signal transitions, even in the cases when other inputs are stable.inputs are stable.
Issue 1: Glitch Free HandshakingIssue 1: Glitch Free Handshaking
8 MAPLD 2005 /219Osovets
Issue 1:Issue 1: Glitch Free LogicGlitch Free Logic
Why do we need glitch free components?Why do we need glitch free components?
To avoid tri-state bus contention during the To avoid tri-state bus contention during the enable/disable boundaries of multiple drivers.enable/disable boundaries of multiple drivers.
To create glitch free clocks and clock like signals i.e. ram To create glitch free clocks and clock like signals i.e. ram writes, interrupts … writes, interrupts …
Clock gating.Clock gating.
Power dissipation reduction.Power dissipation reduction.
EMI reduction.EMI reduction.
9 MAPLD 2005 /219Osovets
Issue 1:Issue 1: Glitch Free LogicGlitch Free LogicOption 1: Register all desired portsOption 1: Register all desired ports
Hard macro Flip-Flops in Actel R-Cell provide glitch free Hard macro Flip-Flops in Actel R-Cell provide glitch free operation.operation.
However, 54SX-S device has Triple Module Redundancy (TMR) However, 54SX-S device has Triple Module Redundancy (TMR) combinatorial voting circuit on the output of the registers.combinatorial voting circuit on the output of the registers.
Fortunately, glitch free operation is verified through simulation by Fortunately, glitch free operation is verified through simulation by NASA TMR designers.NASA TMR designers.
This solution is not always feasible due to design speed, This solution is not always feasible due to design speed, asynchronous driving modules or other limitations.asynchronous driving modules or other limitations.
10 MAPLD 2005 /219Osovets
Issue 1:Issue 1: Glitch Free LogicGlitch Free LogicOption 2 : OR-Gate or Option 2 : OR-Gate or MultiplexerMultiplexer Macros Macros
4 OR-gate macros with glitch free operation4 OR-gate macros with glitch free operation MX2 macro with glitch free operationMX2 macro with glitch free operation
Only on S input transitionOnly on S input transition When A and B inputs = 0When A and B inputs = 0
For BothFor Both The only way to ensure glitch free operation is to keep inputs transitions far The only way to ensure glitch free operation is to keep inputs transitions far
apart from each other (few gate delays).apart from each other (few gate delays). Indicated by ACTEL Engineers; but not guaranteed.Indicated by ACTEL Engineers; but not guaranteed. Use Use syn_keep and and alspreserve attributes for instantiation in VHDL. attributes for instantiation in VHDL. Significantly reduces output glitch possibility.Significantly reduces output glitch possibility.
11 MAPLD 2005 /219Osovets
Issue 1:Issue 1: Glitch Free LogicGlitch Free Logic Option 3 : Asynchronous RS-LatchOption 3 : Asynchronous RS-Latch
Asynchronous RS-Latch may provide glitch free output transitionAsynchronous RS-Latch may provide glitch free output transition However, most of the Actel Flop and Latch macros are built from combinatorial However, most of the Actel Flop and Latch macros are built from combinatorial
logiclogic DFPCB (presented on the previous slide) is one of few Actel macros comprised DFPCB (presented on the previous slide) is one of few Actel macros comprised
out of pure sequential logic.out of pure sequential logic. In addition CLR input has a precedence over PRE input, avoiding an uncertain In addition CLR input has a precedence over PRE input, avoiding an uncertain
condition.condition. Actel confirmed glitch free operation of this device, but again, as long as inputs Actel confirmed glitch free operation of this device, but again, as long as inputs
transitions are kept far enough from each othertransitions are kept far enough from each other The hard macro approach is less susceptible to the affects of routing delays, The hard macro approach is less susceptible to the affects of routing delays,
synthesis and placement variations.synthesis and placement variations.
This option shows the most promise. This option shows the most promise.
Good Luck!Good Luck!
12 MAPLD 2005 /219Osovets
Tapperture = To * e-(tco-tmet)
Clock
Input
Metastable
Output
thold+tsetup – metastability window
Normal
Outputtco – normal output delay
tmet – output sample time
Issue 2:Issue 2: Synchronizing Clock Domains Synchronizing Clock Domains Out of Phase Correlated Clock Domains - MetastabilityOut of Phase Correlated Clock Domains - Metastability
13 MAPLD 2005 /219Osovets
Issue 2: Synchronizing Clock Domains Issue 2: Synchronizing Clock Domains Out of Phase Correlated Clock Domains - MetastabilityOut of Phase Correlated Clock Domains - Metastability
MetastabilityMetastability The output of the flip-flop becomes indeterminate for an The output of the flip-flop becomes indeterminate for an
extended period of time beyond the normal specified output extended period of time beyond the normal specified output delay.delay.
Caused by flip-flop input setup or hold time violations.Caused by flip-flop input setup or hold time violations.
ttmetmet denotes the extended duration before the output settles. denotes the extended duration before the output settles.
ttmetmet is related to a time window about the clock edge in which the is related to a time window about the clock edge in which the
input data transitions. input data transitions.
ttaperture.aperture. denotes a time window about the clock edge in which the denotes a time window about the clock edge in which the
input data transitions.input data transitions.
As tAs tmetmet increases, t increases, tapertureaperture decreases. decreases.
The aperture need not be exactly centered on the clock edge.The aperture need not be exactly centered on the clock edge.
14 MAPLD 2005 /219Osovets
To reduce the likelihood of propagating an indeterminate To reduce the likelihood of propagating an indeterminate value into the system, we double sample data that might value into the system, we double sample data that might transition within the ttransition within the tapertureaperture window at a period beyond window at a period beyond what twhat tmetmet is likely to be. is likely to be.
The Worst Case – Correlated Clocks The Worst Case – Correlated Clocks (from the same source)(from the same source)
Presents the possibility that the nominal data transition is always Presents the possibility that the nominal data transition is always centered exactly in the middle of the aperture.centered exactly in the middle of the aperture.
Typically, only the case of random occurrence is analyzed.Typically, only the case of random occurrence is analyzed.
A Latent Fault - Because of timing changes due to radiation and A Latent Fault - Because of timing changes due to radiation and correlated clock domains, this could occur repetitively at correlated clock domains, this could occur repetitively at sometime during the life of a mission. sometime during the life of a mission.
Issue 2:Issue 2: Synchronizing Clock Domains Synchronizing Clock Domains Out of Phase Correlated Clock Domains - MetastabilityOut of Phase Correlated Clock Domains - Metastability
15 MAPLD 2005 /219Osovets
To analyzeTo analyze Rely only on system noise to cause the actual data transition to occur Rely only on system noise to cause the actual data transition to occur
sometime off nominal that is outsidesometime off nominal that is outside ttapertureaperture. .
To eliminate any possibility that correlation between the system noise To eliminate any possibility that correlation between the system noise and the input clock might work against us, we consider only thermal and the input clock might work against us, we consider only thermal noise that we know is truly random.noise that we know is truly random.
This thermal noise could be considered to be in the input signal or This thermal noise could be considered to be in the input signal or actually noise on an internal node of the latch in the flip-flop. It is actually noise on an internal node of the latch in the flip-flop. It is caused by channel resistance of the transistor.caused by channel resistance of the transistor.
If we make our sampling period large enough, tIf we make our sampling period large enough, tapertureaperture reduces to the reduces to the point that it is insignificant compared to the timing jitter caused by point that it is insignificant compared to the timing jitter caused by thermal noise.thermal noise.
Thus, the failure rate because of tThus, the failure rate because of tmetmet exceeding our sampling period exceeding our sampling period also becomes very small.also becomes very small.
Issue 2:Issue 2: Synchronizing Clock Domains Synchronizing Clock Domains Out of Phase Correlated Clock Domains - MetastabilityOut of Phase Correlated Clock Domains - Metastability
16 MAPLD 2005 /219Osovets
Clock
Uniform
Input Distribution
Corelated
Input Distribution
Tc
TdTjitter
Apperture
Window
Tapperture
Issue 2:Issue 2: Synchronizing Clock Domains Synchronizing Clock Domains Out of Phase Correlated Clock Domains - MetastabilityOut of Phase Correlated Clock Domains - Metastability
17 MAPLD 2005 /219Osovets
MTBF =1/fjitter*fd*To* e-(tco-tmet)
MTBF =E(t)=T/Ne
Where T is operation time, Ne is number of faults
MTBF is expected value of the time between failures
For uniform failure distribution
Ne= fd*T*Pfail= fd*T* Tapperure/Tjitter
Issue 2:Issue 2: Synchronizing Clock Domains Synchronizing Clock Domains Out of Phase Correlated Clock Domains - MetastabilityOut of Phase Correlated Clock Domains - Metastability
18 MAPLD 2005 /219Osovets
Input slewdU/dt=1V/ns
Thermal noise V2noise=KT/C
For T=303K(30C); C= 5E-12 pF k=1.38E-23 J/K
Vnoise~=30μV translates into
Tjitter~=.03pS
This is a conservative noise estimate disregarding system noise
Vnoise
Tjitter
Issue 2:Issue 2: Synchronizing Clock Domains Synchronizing Clock Domains Out of Phase Correlated Clock DomainsOut of Phase Correlated Clock Domains
Input Jitter EstimateInput Jitter Estimate
MTBF = (Tjitter * Td / C1) * e(C2 * tmet)
For Actel RT54SX72S
C1 = To*e-(tco/ ) 7E-10C2=1/ 1e10 tmet = Tc-tsetup-tpd-tcotpd = propagation delaytsetup = flip-flop setup time.tco = flip-flop output delay tco+tpd+tsetup 1.5 ns Tc = 1/32 MHz Td = 1/8 MHz
MTBF 2.62 x 10110 years
MTBF Estimate for Synchronizer in MTBF Estimate for Synchronizer in Actel Actel RT54SX72SRT54SX72S
19 MAPLD 2005 /219Osovets
Multiple Pseudo Asynchronous clocks - Multiple Pseudo Asynchronous clocks - phase shifted phase shifted synchronous clocks with slow drifting undefined phases.synchronous clocks with slow drifting undefined phases.
Synchronization to master clock leads to messy manual Synchronization to master clock leads to messy manual analysis with reduced operating frequency and high analysis with reduced operating frequency and high probability of mistakes. Clock uncertainty is on the order of probability of mistakes. Clock uncertainty is on the order of full cycle.full cycle.
Sequential multi-cycle CPU operation and external DMA Sequential multi-cycle CPU operation and external DMA block require multi-mode analysis.block require multi-mode analysis.
Board level cross chip analysis is required to meet ICs Board level cross chip analysis is required to meet ICs specification.specification.
CLOCK DOMAINS ENCAPSULATION AND BOUNDARY RE-SYNCHRONIZATION IS A BETTER SOLUTION.
PRIMETIME IS AN ASIC TOOL, WHICH CAN BE USED FOR FPGA ANALYSIS TO MEET TIMING REQUIREMENTS.
Issue 3: Static Timing AnalysisIssue 3: Static Timing Analysisfor Multi-Clock Domains Multimode Systemsfor Multi-Clock Domains Multimode Systems
20 MAPLD 2005 /219Osovets
Processor Processor BlockBlock
DiagramDiagram
Issue 3:Issue 3: Static Timing Analysis Static Timing Analysis for Multi-Clock Domains Multimode Systemsfor Multi-Clock Domains Multimode Systems
ALE
wrln
Addr
Data
Sys_clk
Clko
CS
OE
FPGA
CPURAM
DMA
Wr_n
21 MAPLD 2005 /219Osovets
SRAMSRAMBusBus
ReadRead
SYS_CLK
Setup Time Tswr: (1)“Address Latch” valid to (2) “Read Not” valid to (3) Data Required on “AD” bus -(4) “Address Latch” detected to (5) “SRAM Read Not” valid to (6) SRAM Access time to (7) D bus to AD bus delay.
31.25ns Typical
ALE
Address
CSsram
RD_N
ALE_1
ALE_2
ALE_SYNC
RD_n_3v
ADV_RD
Add/Data Address
Data
T1min=2*Clk-10 T2min=2*Clk-5
Required Data Valid
T3max=2*Clk-26
T1min=2*Clk-10
T4max=3*Clk + Ts_ale
T5max= Tp_rd3
T6max=Tsram
T7max= Tp_d_ad
4
1 2 3
5
6
7
Issue 3:Issue 3: Static Timing Analysis Static Timing Analysis Example of Manual Analysis Required with full resynchronization Example of Manual Analysis Required with full resynchronization
to master clockto master clock
22 MAPLD 2005 /219Osovets
Issue 3:Issue 3: Static Timing Analysis Static Timing AnalysisMulti Mode, Multi Clock Analysis Multi Mode, Multi Clock Analysis
80C19680C196BusBus
TimingTiming
SYS_CLK
ClocksClocksClocksAddress margin
Read margin
Write margin
ClocksClocks
23 MAPLD 2005 /219Osovets
Issue 3:Issue 3: Static Timing Analysis Static Timing AnalysisCross chip Data Mode AnalysisCross chip Data Mode Analysis
80C19680C196BusBus
TimingTiming
Data Read Data Read margins from margins from Ram CS to Ram CS to CPU read CPU read
strobestrobe
Latch Ram Address
CPU data read
RAM data out propagation
delay
24 MAPLD 2005 /219Osovets
Issue 3:Issue 3: Static Timing Analysis Static Timing AnalysisPrimeTime Advantages for FPGA designPrimeTime Advantages for FPGA design
Industry standard timing analysis toolIndustry standard timing analysis tool Tcl scripting capabilitiesTcl scripting capabilities Case analysis capabilitiesCase analysis capabilities Allows you to perform board level timing analysisAllows you to perform board level timing analysis Advanced timing analysis features: Advanced timing analysis features:
exceptions handling exceptions handling multiple clocks and frequenciesmultiple clocks and frequencies transparent latch and time borrowingtransparent latch and time borrowing mode analysis …mode analysis …
25 MAPLD 2005 /219Osovets
Issue 3:Issue 3: Static Timing Analysis Static Timing AnalysisActel FPGA Static Timing AnalysisActel FPGA Static Timing Analysis Results w/ PrimeTime Results w/ PrimeTime
Analyzed modes for setup and hold margins for best Analyzed modes for setup and hold margins for best and worst case corners:and worst case corners:
CPU address to RAM writeCPU address to RAM write CPU address to IO writeCPU address to IO write CPU data to RAM writeCPU data to RAM write CPU data to IO writeCPU data to IO write RAM data to CPU readRAM data to CPU read
Timing analysis results:Timing analysis results:
Setup timing margins were improved from negative slack to Setup timing margins were improved from negative slack to greater than 20% positive slack. greater than 20% positive slack.
Some tight hold margins were identified for buffer insertion. Some tight hold margins were identified for buffer insertion.
CPU address latchCPU address latch Clkout register to registerClkout register to register Sys_clk register to registerSys_clk register to register DMA RAM read/writeDMA RAM read/write
26 MAPLD 2005 /219Osovets
SummarySummary Radiation environments present unique challenges for Radiation environments present unique challenges for
timing closure.timing closure. Relaxed Timing DefinitionRelaxed Timing Definition Long term timing DriftLong term timing Drift
To address these challenges, a single clock synchronous To address these challenges, a single clock synchronous design was changed to a multi-clock architecture.design was changed to a multi-clock architecture.
To implement the new architecture, new issues had to be To implement the new architecture, new issues had to be addressed.addressed.
1.1. Guaranteeing glitch free handshaking signals from FPGA logic blocks.Guaranteeing glitch free handshaking signals from FPGA logic blocks.2.2. Careful analysis of metastability in the cross-domain re-synchronization Careful analysis of metastability in the cross-domain re-synchronization
circuits.circuits.3.3. Multi-mode, multi-clock Static Timing Analysis Multi-mode, multi-clock Static Timing Analysis
The new design successfully improved overall system The new design successfully improved overall system performance, timing margin, and quality of design.performance, timing margin, and quality of design.
27 MAPLD 2005 /219Osovets
ReferencesReferences
[1] Actel, “Metastability Characterization Report for Actel Antifuse FPGAs,” Application Note, May 2004[2] Actel, “Antifuse Macro Library Guide for Software 6.0,” May 2004[3] Paul R. Gray and Robert G. Meyer. Analysis and Design of Analog
Integrated Circuits. Wiley, New York, 1993.[4] Charles Dike and Edward (Ted) Burton, “Miller and Noise Effects in a
Synchronizing Flip-Flop,” IEEE J. Solid State Circuits, vol. 34, No. 6, June 1999.