ANALYSIS AND EVALUATION OF SEQUENTIAL REDUNDANCY ...463401/FULLTEXT01.pdf · by Automatic Test...
Transcript of ANALYSIS AND EVALUATION OF SEQUENTIAL REDUNDANCY ...463401/FULLTEXT01.pdf · by Automatic Test...
TRITA-ICT-EX-2011:239
ANALYSIS AND EVALUATION OF SEQUENTIAL
REDUNDANCY IDENTIFICATION ALGORITHMS
Master of Science Thesis
In Electronic System Design
By
Yulia Kuznetsova
Stockholm, [October 2011]
Supervisor and Examiner:
Dr. Elena Dubrova
ANALYSIS AND EVALUATION OF SEQUENTIAL
REDUNDANCY IDENTIFICATION ALGORITHMS
ACKNOWLEDGEMENTS
ABSTRACT
CONTENTS
1. INTRODUCTION
2. BACKGROUND
2.1 TYPES OF FAULTS
2.2 COMBINATIONAL AND SEQUENTIAL CIRCUITS
2.3 WAYS OF TESTING
3. ALGORITHMS
3.1 SINGLE-FAULT THEOREM
3.2 MULTIFAULT THEOREM
3.3 SEQUENTIALLY UNTESTABLE FAULTS IDENTIFIED WITHOUT SEARCH
3.4 PARTIALLY DETECTABLE FAULTS IN SYNCHRONOUS SEQUENTIAL
CIRCUITS
3.5 SEQUENTIAL REDUNDANCY IDENTIFICATION USING RECURSIVE
LEARNING
3.6 A NOVEL, LOW-COST ALGORITHM FOR SEQUENTIALLY UNTESTABLE
FAULT IDENTIFICATION
3.7 UNTESTABLE FAULT IDENTIFICATION ON RTL LEVEL
4. ANALYSING THE MISTAKES
5. EFFICIENCY COMPARISON
6. CONCLUSION
7. APPENDIX
8. GLOSSARY
9. REFERENCES
ACKNOWLEDGEMENTS
I would like to thank my supervisor Dr. Elena Dubrova for all her guidance as well as Maxim
Teslenko, Ph.D, for his invaluable help in this research. Also, many thanks to the Swedish
Institute (Svenska Institutet, S.i.) for granting me the scholarship which made my studies at
KTH possible.
ABSTRACT
This thesis has a goal of analysing different methods used for identifying redundant faults in
synchronous sequential circuits as a part of reducing the complexity of ATPG algorithms and
minimizing the test sets. It starts with an overview of various faults which occur in digital
circuits of different types and moves on to the common testing methods used for fault
detection. As it is not possible to perform an exhaustive search in order to detect every
possible fault in any given circuit due to time and power consumption issues, there are certain
needs for minimizing the set of tests which detects the existing faults. Therefore discovering
the untestable and redundant faults is so important when testing. The overview of both
classical and novel methods for detecting untestable and redundant faults is presented
followed by the analysis of the results and the benefits each of these methods promises.
- A fault is said to be undetectable if it is not detectable. *
- Thank you, Captain Obvious...**
1. INTRODUCTION
With the increasing complexity of current digital systems, reliability considerations have
become increasingly important. As all physical devices, digital circuits are subject to failure.
The current technologies used to construct digital systems are more reliable than earlier
technologies, and that has led to a considerable decrease in the failure rate of individual
components. However, this has been offset to a significant extent by the increased complexity
of today’s circuit designs. Therefore, more and more advanced maintenance methods are
required.
In digital systems, a typical maintenance procedure is all about quick detection, location and
repair of any system fault. Nowadays fault detection algorithms are integrated into synthesis
tools (such as Synopsis). It all relies heavily on Automatic Test Pattern Generation (ATPG)
procedures which are notoriously very performance-demanding even for combinational
circuits. When it comes to sequential circuits, whether synchronous or asynchronous, the
complexity is increased even more. However, the problem with sequential circuits lies not
only in generating test patterns for testable faults (even though they might prove to be difficult
to detect). Another important issue is identification of untestable/undetectable faults which
normally requires enormous amount of CPU time. While in combinational circuits the
untestable/undetectable faults mean circuit redundancies, sequential
untestability/undetectability may also imply the existence of unreachable states or impossible
state transitions – it is often not possible to declare a fault redundant because even if it’s not
active now, it might propagate its effect to the output in the next state.
Whether untestable/undetectable or simply redundant, the presence of such a fault will
negatively affect the performance of ATPG tool, it may also prevent detection of other faults
in the circuit, and in case of redundancies – occupy extra space, thus increasing chip area,
power consumption and propagation delays. Therefore it makes sense to uncover
untestable/undetectable faults and filter them out before standard ATPG tool is employed.
* I. Pomeranz & S.M. Reddy “On identifying undetectable and redundant faults in
synchronous sequential circuits”
** A sarcastic reply to a self-evident statement, commonly used on the Internet
2. BACKGROUND
In order to comprehend the full complexity of the area covered by this research it is necessary
to review the concepts of fault diagnoses - the origins of faults in digital circuits, different
types of those circuits and the most common ways of fault detection depending on which fault
it is and where it occurred.
2.1 TYPES OF FAULTS
A fault is defined as any change in a system which causes it to behave differently from the
original system. Faults are caused by internal or external factors and often lead to system
errors which in turn may result in system failures.
Fig. 1 shows a fault classification chart where the fault types are divided into hardware and
software faults (first classification level), then by their duration (second level), and finally an
example of what could have caused such a fault is given (bottom level).
Fig. 1 Types of faults
Faults
Hardware Software
Permanent Transient Permanent Intermittent Intermittent
Short circuit Power failure Weak soldering
Bohrbugs Heisenbugs
Hardware faults can be permanent, transient or intermittent.
Permanent faults are usually caused by certain physical defects such broken connection, short
circuits, etc. They remain in the system until manually corrected. They are usually the easiest
to detect as one doesn’t have to determine the conditions under which they are reproducible.
Transient faults are activated for some period of time. Transient faults also known as glitches
or soft faults, are most often caused by the environmental factors such as electrical power
surges, mechanical shock, overheating, etc. If a transient fault is active periodically, it is
called intermittent. These faults are usually caused by age-related deterioration,
implementation flaws or both. For example, a weak soldering spot can cause a circuit to
malfunction every now and then, thus resulting in an intermittent fault.
Software faults are by their nature considerably different from hardware faults and harder to
classify. Lacking mechanical or electronic parts, software cannot be physically broken, it
cannot age or be affected by the environment. However, it is prone to bugs, and it is
constantly changing during upgrades which is making it more complex and hard to test.
Example of bugs which cause software faults are Bohrbugs (bugs that are consistent under
certain conditions) and Heisenbugs (which disappear once an attempt to study them is made).
2.2 COMBINATIONAL AND SEQUENTIAL CIRCUITS
Combinational circuit consists of a set of gates with no feedback loops (also known as acyclic
circuit) – this means that the output is dependant only on the present values of the input
doesn’t take into account previous values.
Fig. 2 Combinational circuit diagram and example schematic
Combi-
national
Circuit
C
Z X
x1
x2
x3
x2
x1
x4
Z=x1x2+x3x2+x1x4
Sequential circuit’s output depends on the present inputs as well as the previous ones. This is
achieved by introducing a memory element which stores information about the previous state.
There are two types of sequential circuits: the first is synchronous which has an extra clocking
device that synchronises the inputs.
Fig. 3 Sequential Circuit
The other type of sequential digital circuit is an asynchronous one: it lacks the clock line and
because of that is more difficult to test comparing to the synchronous sequential and
combinational circuits due to the possibility of timing problems on the feedback path.
However, it is often faster and cheaper to produce than the sequential ones.
Fig 5. Asynchronous Sequential Circuit
Z X
Combi-
national
Circuit
C
Clock for memory
elements
Memory elements
Combi-
national
Circuit
C
Z X
2.3 WAYS OF TESTING
Generally speaking, testing is applying a set of inputs to a circuit and observing the output in
order to compare it with a pre-computed result known to be the right one. Testing should be
performed during the entire lifespan of an electronic device as faults may be introduced into
any circuit during any stage such as manufacturing, assembly or storage. And as it was
already mentioned in chapter 2.1 faults may eventually result in system failures.
Properly applied testing procedures not only prevent system failures, but also fight
imperfections of manufacturing process – if a fault isn’t random, detecting and eliminating a
probable cause will benefit the system in the future. In order to perform proper testing, certain
test patterns are required. They are applied to the unit (circuit) under test (UUT) with a use of
Automatic Test Equipment (ATE). The process of generating such test patterns is a difficult,
yet extremely important task. Nowadays it is most commonly computer-aided and performed
by Automatic Test Patter Generation (ATPG) systems. Fig. 4 below shows a flow-chart of a
typical ATPG system.
Fig. 4 ATPG System
Circuit description Initial state
information Faults
Pattern generator
Fault simulator
Evaluate test
coverage
Build detection and
Location dictionaries
Translate to ATE
language
inadequate
Test program
Such a system receives a set of inputs consisting of description of a circuit for which test
patterns are being generated, initial state information as well as the faults which will be tested.
Then the test patterns are generated, faults are simulated, and the response from the tested
circuit is analyzed in order to produce dictionaries in easily understandable format in order to
be fed to the ATE. This process is then repeated for every test pattern until generation is
completed.
Over the years many algorithms have been proposed for test generation of digital circuits.
They do differ considerably between each other depending on the basic approach and also the
type of circuit they are applied to – sequential circuits are generally more difficult to test than
combinational circuits. Also, test pattern generation process for asynchronous sequential
circuits is notoriously more complicated than for synchronous ones.
For combinational circuits test pattern generation algorithm may use the algebraic description
(equitation) of the UUT (i.e. Boolean difference) or other methods that are utilizing the
topological gate level description of the circuit (i.e. D-algorithm). The first type is
theoretically able to obtain a complete test set covering a given fault, but in practice is too
time and memory consuming to be implemented on a computer. The second type is more
realistic and in fact is the first one ever used for real life ATPG.
ATPG processes for sequential circuits are much more complex than the ones meant for
combinational circuits. Instead of a single input vector a whole test sequence is normally
required. However, in case of synchronous sequential circuits (see previous chapter) most of
the techniques for generating test patterns for combinational circuits can be extended for
sequential circuits. In case of asynchronous sequential circuits this transformation isn’t as
precise as timing is a critical factor in this case, while asynchronous circuits lack the
synchronizing clock signal.
With increasing complexity of digital circuits, the number of tests required for adequate test
coverage is also increasing. Therefore test minimization problem is as vital as ever. Scientists
across the world are constantly working of various methods of obtaining compact test sets
which would speed up and optimize the testing procedures and keep up with the constantly
evolving technologies.
There exist several different approaches for test reduction and minimization. In this paper I
will consider one of them - it has to do with identifying the redundant and untestable faults in
synchronous sequential circuits in order to ignore them in further test generation, thus saving
computational resources and possibly removing the redundant circuit parts in order to reduce
hardware.
3. REDUNDANCY IDENTIFICATION ALGORITHMS
Identifying redundancy is not a trivial task, though it might sound simple to some: if there’s
no existing test for a given fault in a circuit, such a circuit is considered redundant. However,
it requires a tremendous amount of computations in order to prove that there’s no such a test
for this particular fault.
A redundant fault itself is not affecting the circuit behavior, but as already mentioned in the
previous chapter, it is important that its existence is discovered for the sake of further test
pattern generation and hardware reduction.
It is also very important to distinguish the concepts of redundant and untestable faults in
sequential circuits. These two types of faults are identical in a combinational circuit (provided
that it contains only Boolean gates), but for a sequential circuit redundant faults represent a
subset of untestable fauls (which sometimes can be detected by multiple observations) and
unlike partially detectable (also known as partially testable) faults do not affect circuit’s
operation under any conditions. The diagram below shows a rough classification of faults in
terms of their detectability.
Fig. 1 Faults classification
Faults
Testable
Untestable
Partially testable
Redundant
Consider the following example of a redundant fault in a combinational circuit:
Fig. 2 Removing the redundancy
In order to “uncover” the stuck-at-0 fault on line “d” (1), the following condition is necessary:
A=B=1. However, if B=1, the resulting output E will also be equal to 1, thus, blocking the
fault effect. This means that no matter if the fault is present or not, the output of the circuit
will be the same. Thus, this fault is untestable, and in combinational circuits, as mentioned
before, such faults are considered redundant. Therefore we can permanently ground line d (2)
as it is doesn’t affect the inputs of the OR gate and always behaves like a logical 0. Then the
AND gate can be removed as it is no longer connected to anything, and so can be OR gate
because it now acts like a wire. The resulting simplification can be seen at (3), where E = B
instead of E= AB +B.
Such hardware reduction is not only important in terms of reducing costs (though nowadays
the price of single circuit components is much less than in 1970s when redundancy
identification and removal became important). Removing the redundancy makes the hardware
faster, reduces the power consumption and saves a lot of testing efforts during verification.
In this paper a few major approaches to identification of sequential redundancy and
untestability are investigated. The first two are the famous single-fault and multi-fault
theorems which are considered the major break-through in the field.
1
2
3
3.1 SINGLE-FAULT THEOREM
It was originally introduced by V. Agrawal and S. Chakladhar in 1993 [2] together with a
multifault theorem (see chapter 3.2). It was an era when synchronous sequential redundancy
received wide attention and scientists started actively looking for efficient ways of identifying
and eliminating redundant and untestable faults in sequential circuits. However, until Agrawal
and Chakladhar published their paper entitled “Combinational ATPG Theorems for
Identifying Untestable faults in Sequential Circuits” the known solutions relied on sequential
automatic test pattern generation which were naturally highly complex. The two new methods
based on combinational ATPG presented in that article suggested faster and better way of
identifying the untestable faults in the sequential circuits.
The figure below shows a combinational array model of a sequential circuit. It represents an
“unrolled” sequential circuit (see Fig. 3 from the previous chapter). Each block of this model
represents a copy of a combinational logic, and each arrow represent a group of signals. An
input arrow on the left side of each block is the present state and an output arrow on the right
side is the next state. PI stands for the primary input and PO – primary output. The present
state of the left-most block is assumed to be unknown. A reset state is no enforced in this
algorithm, but if it is provided, it is controlled by PI. The ATPG is looking for the input
vectors which will be applied to PI in order to uncover fault effects on PO.
Fig. 3 Combinational array model
2
PI PI PI PI
n 3
PO PO PO PO
1
Definition – C(n) is a combinational circuit containing n-blocks. These blocks are arranged in
descending order from n…1 from left to right. (Note: I. Pomeranz and S. Reddy in their
research [3] are using ascending order of block numeration as will be illustrated later on).
Fig. 4 Insertion of a single fault in combinational array model
The above figure illustrates the presence of a target single fault in the first block of a
combinational array model. The fault model taken into consideration by this algorithm is
single stuck-at fault (i.e. a fault which results in a line of a circuit being permanently stuck at
a logic “1” or “0”).
Theorem: if a single fault in a combinational array is untestable then that fault is untestable
in the sequential circuit. The array replicates the combinational logic and can have any finite
length.
The theorem can be easily illustrated by the following example of the modulo-3 counter (see
Fig. 5 on the next page) which has 3 valid states (Q1Q0) corresponding to “00”, “01” and
“10”. At the reset R = 1 the counter is set to “00”. The output Z turns to “1” only when the
counter is set to “10”. When I = 0, R = 0, the counter retains its current state. When I = 1
and R = 0, the state changes the following way: “00”→ “01” → “10” → “00” and so on, as
flip-flops (FF) are locked. The state “11” is invalid and should never be reached under
f
2
PI PI PI PI
4 3
PO PO PO PO
1
X
Fig 5. Modulo-3 counter [4]
normal circumstances as it isn’t reachable from any other state. The only way it can appear in
the circuit is through a possible power up.
There are six sequentially untestable faults in the circuit, out of which fault #1 (marked with *
symbol on Fig. 5) is potentially detectable (as classified by GENTEST which was used for
generating test patterns in this case) because it is interfering with the circuit’s initialisation.
This fault can be tested by applying the following inputs: I=1, R=1, clocking the FF and
checking the output Z. Fault-free circuit would produce a steady zero (000000...) while in the
presence of that fault Z would be equal to 01001001... The present of a “1” in the periodic
output point out a fault. Unfortunately it is not possible to determine the exact time “1” will
be observed with the help of GENTEST as it initializes both faulty and fault-free circuits in
the same way. When the experiment was concluded, GENTEST identified four out of five
untestable faults in this example using the single fault theorem proving that it works
successfully.
3.2 MULTIFAULT THEOREM
Multifault theorem for sequential redundancy identification is the second fundamental
ATPG theorem. Like single-fault theorem, it was introduced by V. Agrawal and S.
Chakladhar in 1993 [2], but due to numerous corrections by I. Pomeranz and S. Reddy [3],
was published again in 1995 [4].
The theorem is also based on the idea of using combinational array model for unrolling
sequential circuits in order to apply combinational ATPG algorithms for undetectable fault
identification, which are less complex and more time and processing power efficient than
sequential ATPG algorithms. But, unlike single fault theorem, the fault is inserted in every
block of the combinational array (Fig. 4). Note that word “multifault” means a single fault
copied into every block, i.e. it is one fault in the same place of every block, but not multiple
faults in each block of combinational array (i.e. not multiple stuck-at faults).
Definition – A target multifault is a multiple fault in C(n) such that the same single fault
is introduced in each block [2]
Multifault theorem – A target multifault that is untestable in C(n) corresponds to an
untestable single fault in sequential circuit. [2]
The proof of this theorem isn’t exceptionally complicated once an iterative array model of
test generation is considered [11]. The state inputs of the leftmost block of our n-block
combinational array model C(n) are assumed to be completely controllable, and state outputs
of the rightmost block – completely observable. If a multifault is undetectable, it means that
it is not possible to activate it by n vectors for any of the 2p initial states (where
p is the number of FF). Thus, it is not possible to observe the fault effect neither at any of
the n primary outputs (PO), nor at the state variable outputs of the rightmost block. If one
takes an iterative array model for incorporating the C(n), it becomes obvious that its state
inputs can only be a subset of the possible 2p states. This means that those faults which
couldn’t be activated in an isolated C(n) are still not activated, thus testing them is
impossible.
Fig. 6 Multifault insertion in combinational array model
The main idea is to introduce faults in each block of combinational array to reproduce
one fault in sequential array. Agrawal and Chakradhar in [2] proved that it is possible to
identify large number of untestable faults in circuits using this method. Theoretically, with
infinite number of blocks in combinational array model (C(n), n →∞) it is possible to detect
all untestable faults. However, in reality it is not achievable, and with a use of finite n in
practise, which is normally kept reasonably small in order to reduce ATPG run time, some of
untestable faults remain undetected.
Comparing to a Single-fault theorem, Multifault theorem is more time-consuming and
difficult to implement due to the use of complicated mutlifault ATPG algorithms, but it has
been proved to work, and has become a base for several researches that use the core principals
of the theorem for developing more effective methods of sequential redundancy identification.
f
2
PI PI PI PI
4 3
PO PO PO PO
1
X X X X
3.3 SEQUENTIALLY UNTESTABLE FAULTS IDENTIFIED WITHOUT SEARCH
This algorithm [6] was presented in 1994 by Mahesh A. Iyer and Miron Abramovici and is
based on an idea that if a fault is requiring an illegal combination of values in order to be
detected, it is untestable.
It uses implications for obtaining a subset of faults which require conflicts on certain lines
in the circuit in order to be detected. There’s neither any assumption of any global reset state
nor any need for state transition information. This algorithm is fault-independent and
identifies untestable faults without any search on the contrary to the exhaustive search of
fault-oriented test generation algorithms.
In their previous work [12] Iyer and Abramovici presented an algorithm for indentifying
redundancy in combinational circuits: Fault-Independent algorithm for Redundancy
identification (FIRE) was dramatically different from any automatic test generation (ATG)
algorithm for redundancy identification (RID). Unlike a typical ATG which confirms a fault
as redundant when all possible approaches to its detection result in conflicts, FIRE starts with
a possible conflict representing an impossible condition and uses it to find the untestable
faults. Such faults are also considered redundant in a typical combinational circuit containing
only Boolean gates, as was discussed in one of the previous chapters.
The algorithm Iyer and Abramovici apply to sequential circuits is based on combinational
FIRE algorithm and is extending it in order to identify sequentially untestable faults. It is
called FUNTEST (Find UNTESTable faults) and like FIRE is also using the combinational
iterative array model as in the single fault theorem by Agrawal and Chakladhar [2], but in this
case it isn’t based on ATG and is meant to identify sequentially untestable faults without
search.
The experimental results conducted with FUNTEST showed a considerable reduction in CPU
time comparing to sequential test generator (GENTEST). Also, sequential test generator
didn’t manage to detect a large number of faults identified as untestable by this algorithm.
However, FUNTEST is only able to identify a subset of the untestable faults. Taking all this
into account, it makes sense to be using FUNTEST prior to GENTEST or another sequential
ATG in order to improve the fault coverage. Indeed, the relevant tests proved this: the average
fault coverage improved by nearly 4% and the CPU time reduced by 20%. The relation
between faults identified by FUNTEST and GENTEST is illustrated in Fig.5.
Fig.7. FUNTEST vs GENTEST [6]
The majority of faults discovered by FUNTEST are believed to be redundant, but in order to
prove this a further analysis is required, such as checking if a particular untestable fault would
interfere with circuit’s initialization: if it doesn’t, it will be redundant, otherwise it will be
considered partially detectable.
A little after FUNTEST the same researches presented a new algorithm called FUNI (Find
UNtestable faults for which Illegal states are necessary for detection) [13] which was also
meant to discover sequentially untestable faults without exhaustive search, but was more
general than FUNTEST. It required pre-computing illegal states by another algorithm of theirs
named FILL (Find ILLegal states) which was also presented in [13]. However, just like
FUNTEST it couldn’t distinguish between untestable and redundant faults.
One year later a new and improved algorithm [14] appeared thanks to Iyer and Abramovici.
They named it FIRES (sequential FIRE algorithm) and unlike anything that came out before,
this algorithm successfully proven that it could identify sequentially redundant, and not just
untestable faults using so called c-cycle redundancy concept [14] which is a generalization of
a conventional redundancy concept.
FUNTEST, FUNI and FIRES algorithms are illustrated by pseudo-code in the Appendix
(Chapter 6) along with other functional outlines of methods used in fault detection.
FUNTEST faults
GENTEST GENTEST
aborted untestable
faults faults
3.4 PARTIALLY DETECTABLE FAULTS IN SYNCHRONOUS SEQUENTIAL
CIRCUITS
The paper [8] was published in 1996 by Dr. D. S. Dawoud of University of Botswana. As
others before, Dawoud assumes that not all undetectable faults in the circuit are redundant and
divide all faults in three types:
Fig. 8 Fault types
Although it doesn’t come up with a functional algorithm for identifying the untestable faults,
it introduces several interesting theories and definitions of partially detectable faults and how
they behave under different modes of operations.
Taking into account the mode of operation the same fault could be operationally redundant or
not. It all depends on whether a partial test exists for the fault.
The synchronization mode implies a specified input sequence (power-up sequence) at the start
which synchronizes the circuit. The corresponding test strategy to this mode is called a
restricted test strategy which employs only those test sequences that start with a power-up
sequence. The special cases in synchronization mode are power-up and hardware resets.
The other mode is called a free mode and it is not restricted to any power-up sequence. The
test strategy used in this case is logically called unrestricted and may apply any test sequence,
including the ones from restricted test strategy.
Dawoud proposes and proves a theory that both unrestricted and restricted test strategies are
equivalent when it comes to identifying undetectable faults. Therefore, the strategy that is less
complicated may be used when generating the tests.
Operationally
Redundant
Partially
Detectable
Detectable
FAULTS
3.5 SEQUENTIAL REDUNDANCY IDENTIFICATION USING RECURSIVE LEARNING
A sequential redundancy identification procedure based on uncontrollability analysis and
recursive learning techniques was presented in 1996 by Wanlin Cao and Dhiraj K. Pradhan in
Texas, USA. It was implied that the proposed algorithm could identify redundant faults. It
was also implied that it could be used for identifying untestable faults, though with certain
modifications.
Like FIRES (see Chapter 3.3) the first algorithm is using c-cycle redundancy concept and can
identify redundant faults that require conflicting assignments on multiple lines.
Definition of c-cycle redundancy [7]:
Consider a set of states {Sc} reachable after powering up the faulty circuit and applying any
sequence of c input vectors. Then a fault is c-cycle redundant if it is not partially testable
under the assumption that the initial states of the faulty circuit are restricted to {Sc}.
In order to understand the concept of recursive learning one needs to get acquainted with the
idea of implications. There are two types of implications: direct and indirect.
A direct implication is a logical consequence of the truth table from some logic function.
An indirect implication is a logical consequence that is not directly following from the truth’s
table, but rather from the circuit’s structure.
Consider the following example:
Fig. 9 An example of the Recursive Learning technique
If y=1 it is not possible to make a direct implication about other values. On the other hand,
using recursive learning technique, one can discover indirect implication that if y = 1 then
f=1.
a = 1’
f = 1’
f = 1’’
c = 1’
d = 1’
e = 1’’
y = 1!
At the point y when there’s no possibility for direct implication, we introduce temporary
values: in case of y=1 there are two options: d=1 or e=1. As soon as such temporary
assignments are performed, it is possible to apply direct implications: f=1 in case of d=1 or
e=1. By using an indirect implication y = 1 � f=1, test generation tool can set f=1 thus
reducing the possible input variations by half. If the f value comes from another OR gate, then
the process may recurse looking for further implications. This is why it is called a recursive
learning procedure. The number of recursions is known as recursion or learning level. The
time complexity of the procedure is derived from the number of recursion levels and is
exponential, however as conflicting assignments are identified locally around the gates, the
overall memory requirement is linear.
From the previous example it can be concluded that using recursive learning one can extract
all logical dependencies between signals in a circuit in order to perform direct implications
for a given assignments of values.
The algorithms presented by Cao and Pradhan extended and modified this concept to be used
for identification of sequentially redundant and untestable faults (see the Appendix for
algorithm outlines).
The experiments conducted on ISCAS benchmarks showed that the proposed algorithm
together with its own modification successfully identified a large number of c-cycle
redundant and untestable faults (see Chapter 5).
The first algorithm can be used for integration into a synthesis tool in order to remove
redundancies which could be extremely useful as redundant faults represent parts of the
circuit that could be removed in order to decrease chip area and power consumption. The
second algorithm for identifying the untestable faults in general – it takes longer during the
initial pre-processing stage for finding and storing the implications information, but it is all
worthwhile in the end: this information will be essential later for ATPG.
3.6 A NOVEL, LOW-COST ALGORITHM FOR SEQUENTIALLY UNTESTABLE
FAULT IDENTIFICATION
Presented by M. Syal and M. S. Hsiao of Bradley Department of Electrical and Computer
Engineering Virginia Tech, Blacksburg in 2003 as new and low-cost way of identifying
sequentially untestable faults, the algorithm [9] claimed to be able to handle a fault being
introduced in any time frame within the unrolled sequential circuit (unlike the single fault
theorem [2], where the target single fault is present in the first (right-most) block of a
combinational array model). It is using sequential implications to extend the unobservability
propagation of gates in multiple time frames.
Like many others before, this approach is based on a single fault theorem by Agrawal and S.
Chakradhar with principal difference mentioned above and is closely related to FIRE
algorithm [12] in a sense that it is using similar single-line conflict analysis, but also a
sequential implications engine as the basis for discovering the untestable faults in
synchronous sequential circuits.
An interesting classification of untestable faults group is presented together with this
algorithm which is illustrated on the figure below:
Fig. 10 Untestable fault model
E
D
C
B
A
A - combinationally redundant fault
B - if a fault can be uncovered in some time frame (i), but the fault effect will not be
propagated to the next time frame (i+1)
C – a fault in i doesn’t recombine with itself in any j > i
D - a fault in i recombines with itself in j > i, but the compounded fault effect is blocked
E – all untestable faults
The algorithm by Syal and Hsiao is handling untestable faults from group C and D according
to the presented theorem:
Theorem 1: If a target fault injected in any time frame ‘i’ is found to be combinationally
untestable, and if it can be guaranteed that the injected fault either does not recombine or
does not become testable after re-combination with a copy of the same fault in any time frame
greater than ‘i’, the fault would be truly sequentially untestable. [9]
The theorem is brought to practise by a low-cost method using a sequential implications
engine and a single-line conflict analysis like in FIRE. Experimental results on ISCAS ‘89
sequential benchmark circuits showed that many untestable faults could be identified using
this algorithm at very little expense of memory and execution time.
In 2006 the same authors presented an extended version of the same research complementing
it with an algorithm for identification of untestable faults by maximizing impossibilities. This
approach was aimed to discover more untestable faults by identifying multinode-conflicting
assignments unlike many other approaches targeting only single-line conflicts. Application of
this new approach on ISCAS 1985 and ISCAS 1989 circuits helped discovering more
untestable faults than when using single-line conflicts analysis, even with the help of the
implementation of Theorem 1.
3.7 UNTESTABLE FAULT IDENTIFICATION ON RTL LEVEL
This method [16] presented in 2008 by J. Raik, H. Fujiwara, R. Ubar, A. Krivenko is radically
different from any other before. While all previously published works in this area apply their
fault-detection algorithms on a logic level, the algorithm presented here is targeting the
Register-Transfer Level (RTL), thus scaling up with the increased complexity of the modern
designs. The method is implemented using VHDL and PSL (Property Specification
Language). In addition, it could be applied during high-level synthesis in order to improve the
testing processes and minimize the chip area.
A simplified diagram of the layers of abstraction is shown below illustrating that RTL is at a
higher abstraction layer:
Fig. 11 Abstraction layers
In RTL design consists of two parts: a control part (Finite State Machine, or FSM) and a data
path part. FSM provides the control signals into the data path part, which consists of registers,
multiplexers and functional units.
Fig. 12 An example of RTL datapath
Algorithm
RTL
Gates
An example from the previous page shows a general case of a RTL datapath where an enable
signal e that is controlling a datapath register r has a stuck-at-1 fault injected. The theorem
introduced in [16] suggests that this fault is untestable if for all the control states of FSM
where the guarding register (any register that has its inputs reachable from r though a
combinational logic, e.g. r3 and r4 from Fig. 12) is reading from r, all the states that are
immediately preceding control states (within one clock-cycle) write values to r.
Obviously, not all registers with untestable faults will satisfy the conditions of the above
theorem. However, when put to practise, this method has proven to work on many different
sequential circuits (see results analysis in Chapter 5).
The figure below illustrates the impact of an untestable fault on the register enable signal e
from a logic level perspective. As can be seen, it makes four other signals to be untestable and
this number grows the more bits there are in a register according to a formula: “4n+1” (where
n is a number of bits).
Fig. 13 Gate-level model with an untestable fault e
It has been proven that this particular type of faults isn’t covered very well by a typical
sequential ATPG algorithm, but this novelty approach was able to identify them as untestable
(in average 40% more than a sequential ATPG).
4. ANALYSING THE MISTAKES
A single- and multi-fault theorems were originally presented by V. Agrawal and S.
Chakladhar at the European Test Conference in 1993 [2], but due to numerous corrections by
I. Pomeranz and S. Reddy [3] the entitled “Combinational ATPG Theorems for Identifying
Untestable faults in Sequential Circuits” had to be published again in 1995 [4].
What went wrong?
First, Agrawal and Chakladhar claimed that the faults found untestable by the single-fault
theorem in a combinational circuit are by default redundant in a sequential circuit. This is far
from the truth and the corrections presented by Pomeranz and Reddy in [3] illustrated that
perfectly. An interested reader should refer to that paper. I will only repeat what has already
been emphasized in the very beginning of Chapter 3 of this thesis: a redundant fault is a
subset of untestable faults, but not every untestable fault is redundant. Therefore, procedures
identifying untestable faults and procedure identifying redundant faults should be
distinguished from each other.
As for the undetectability of multifaults: initially Agrawal and Chakladhar claimed that if a
target multifault was untestable in C(n) for a given value on n, it would also be untestable
in C(m), where m > n. Pomeranz and Reddy again proven this incorrect: even if a multifault
is untestable in C(n), there’s still a possibility that it will be activated in the next state output
of C(n) resulting in a detectable fault effect on one of C(m)’s state variables. A good
example proving this statement is given in [3].
A paper by Liang and others [18] proposed a symbolic simulation-based approach for
sequential untestable fault identification. However, thanks to Long, Iyer and Abramovici it
was proven in [19] that such a method could end up with ‘false positives’, i.e. a fault would be
considered untestable when there could exist a test for it. In [19] it is suggested to use FUNI
instead in order to avoid this problem.
5. EFFICIENCY COMPARISON
This chapter illustrates the efficiency of the algorithms described in Chapter 3 by examples
based on the experimental data collected during respective researches. Most of them were
conducted on sequential benchmark circuits ISCAS 85 and ISCAS 89 – the classical
sequential benchmarks used widely in FPGA community.
Sequential circuit s208 is a relatively small circuit with about 50 untestable faults, s386 is
bigger and contains a total of 70 untestable faults, and s5378 is large and has over 700
untestable faults present.
5.1 FUNTEST vs GENTEST
The horizontal line shows the name of the circuits the tests were conducted on, while the
vertical axis represents number of untestable/undetectable/redundant faults identified.
From the first chart it is obvious that if on a smaller circuit the results are not so much
different for the methods under test, but the bigger the circuit gets, the more efficient
FUNTEST becomes in terms of finding undetectable faults.
0
50
100
150
200
250
S208 S386 S5378
FUNTEST
GENTEST
Fig 1. FUNTEST vs GENTEST
5.2 FUNTEST vs GENTEST vs SINGLE-FAULT THEOREM (SFT)
0
100
200
300
400
500
600
S208 S386 S5378
FUNTEST
GENTEST
SFT
Fig. 2 FUNTEST vs GENTEST vs Single Fault Theorem (SFT)
However, when it comes to CPU time it becomes obvious that a Single Fault Theorem
applied to GENTEST isn’t holding its grounds in terms of processing time
consumption:
0
200
400
600
800
1000
1200
1400
1600
1800
s5378
FUNTEST
SFT
GENTEST
Fig. 3 FUNTEST, SFT and GENTEST in terms of consuming resources
5.3 FIRES & FUNI vs RECURSIVE LEARNING
0
100
200
300
400
500
S386 S5378
FIRES
Proc1
0
100
200
300
400
500
600
700
S386 S5378
FUNI
Proc2
Fig. 4 FIRES vs Procedure 1 from 3.5 Fig. 5 FUNI vs Procedure 2 from 3.5
comparing # of found redundant faults comparing # of found undetectable faults
5.4 FIRES & FUNI vs SYAL & HSIAO TOOL
0
200
400
600
800
1000
1200
1400
s386 s5378 s15850
sequential benchmark circuits
№ o
f u
nte
sta
ble
fa
ult
s d
ete
cte
d
S&H
FUNI+FIRE
Fig. 6 FUNI+FIRE vs Syal & Hsiao tool [9]
5.5 RTL APPROACH
The experiments were conducted on HLSynth92 and HLSynth93 sequential benchmarks
(newer and updated comparing to ISCAS 85 and ISCAS 89 in order to suit the challenges
and demands of evolving hardware). The diagram below represents the CPU time spend
on indentifying the untestable faults for respective sequential benchmarks. The next graph
shows the fault coverage per circuit.
0
2
4
6
8
10
12
14
gcd
sosq
mult8
x8
diffeq
benchmark circuits
CP
U s
ec
RTL search
Fig. 7 RTL approach – time-wise
0
10
20
30
40
50
60
70
80
90
100
gcd sosq mult8x8 diffeq
RTL search
Fig. 8 RTL approach – fault coverage
As can be observed from Fig. 7 and Fig. 8, a large number of untestable faults has been
identified using this method in rather short time periods. The biggest fault coverage was
achieved at diffeq benchmark, but it also took the longest time. The least faults were
discovered at mult8x8, but it also required the least CPU time.
5.6 HISTOTRICAL OVERVIEW
The chart below shows the most interesting algoritms used for sequential
redundancy/untestability identification that have been proposed over the years.
2008
2003
1996
1995
1994
1993
SFT &MFT
FUNTEST
FUNI
FIRES
Syal & Hsiao
RTL
In 1993 a Single Fault Theorem (SFT) and Multi-fault theorem (MFT) were proposed by
Agrawal and Chakladhar [2]. These fault-oriented algorithms were the first of their kind and
were based on applying combinational ATPG to the “unrolled” sequential circuit.
FUNTEST (1994), FUNI (1995) and FIRES (1996) by Iyer and Abramovici [6],[13],[14]
were based on SFT, but unlike it, were fault-independent algorithms which required very little
CPU time. In 2003 Syal and Hsiao presented another fault-independent algorithm which relies
on using powerful sequential implication. And finally, in 2008 a novel algorithm [16] by a
group of Estonian and Japanese researches was presented that is meant to identify a large
subset of untestable faults on RTL level – something that hasn’t been seen before.
6. CONCLUSION
Over the years as the complexity of the digital systems was rapidly increasing, the reliability
considerations have become particularly important. However, with the increasing complexity
the number of test patterns required for adequate test coverage was increasing accordingly and
the maintaining system reliability became a really challenging task. Thus the need for simpler
fault detection algorithms has become more and more urgent.
The main focus of this paper was to analyse the existing methods of identifying redundant and
untestable faults in synchronous sequential circuits which is an important part in research
aimed for test reduction and minimization. If it was possible to identify all the faults which do
not affect the output, they could be ignored during testing (thus saving power and memory
resources) or removed physically as redundant components (thus reducing hardware).
However, in reality identification of all untestable and redundant faults isn’t possible due to
exponential complexity of test pattern generation process. During several decades scientists
have struggled to avoid this problem proposing various algorithms for detecting the
undetectable. One of the most remarkable discoveries in the area was made in 1993 by
Agrawal and Chakladhar [2] and had to do with unrolling the synchronous sequential circuit
in order to apply the combinational ATPG algorithms to it, successfully detecting single and
multifaults. Many other methods that followed are to some extent based on this discovery.
As time passes, sequential redundancy identification algorithms as well as ATPG algorithms
in general become more and more efficient, consuming less and less resources, while
discovering more and more faults. But as the systems complexity continues to increase,
simplification of automatic test pattern generation procedures remains an open challenge, and
the struggle for reliability goes on.
7. APPENDIX
In this appendix a few most commonly used redundancy removal algorithms are illustrated by
their pseudo-code outlines. The exact implementation depends on many different criteria. For
more information please refer to the respective publications referred to as [..] in the figure
captions (see Chapter 9 “References”).
Fig. 1 A typical redundancy removal algorithm [17]
Fig. 2 Single Fault Theorem algorithm [2],[3],[4]
Fig. 3 Multifault Theorem algorithm [2],[3],[4]
Fig. 4 FIRE algorithm [12]
Fig 5. FUNTEST algorithm [6]
Fig 6. FUNI algorithm [13]
Fig 7. FIRES algorithm [14]
Fig. 8 Recursive Learning algorithm [7]
Fig. 9 Recursive learning – identifying redundant faults (Procedure 1)
Fig. 10 Recursive learning – identifying untestable faults (Procedure 2)
Fig. 11 Syal & Hsiao algorithm from 3.6
Fig. 12 Syal & Hsiao algorithm for maximizing local impossibilities from 3.6
Fig. 13 ATPG algorithm speedups over the years
8. GLOSSARY
Fault - physical defect, imperfection, or flaw that occurs in some hardware or software
component. [5]
Error - deviation from correctness or accuracy in computation, which occurs as a result of a
fault. Errors are usually associated with incorrect values in the system state. [5]
Failure - non-performance of some action which is due or expected. A system is said to have
a failure if the service it delivers to the user deviates from compliance with the system
specification for a specified period of time. [5]
ATPG – Automatic Test Pattern Generation
ATE – Automatic Test Equipment
UUT – Unit Under Test
(Operationally) redundant fault – a fault that is never manifested as an output error. [10]
Untestable/undetectable fault – a fault which cannot be detected with some given test
methodology [2]
Partially detectable fault – an undetectable fault for which there exists a partial test for at
least one initial state of the faulty circuit. [10]
Partial test – a test that detects a fault only under certain initial states and fails to detect the a
under other initial states [8]
FIRE - a fault independent combinational redundancy algorithm.
FUNTEST – FIRE algorithm (see above) extended to sequential circuits
GENTEST - an automatic test pattern generator for sequential circuits.
DFT - design for testability
BIST - build in self-test
RID - redundancy identification
ILA – iterative logic array
RTL – Register-Transfer Level
PSL - Property Specification Language
VHDL - VHSIC Hardware Description Language
VHSIC - Very High Speed Integrated Circuit
FSM -Finite State Machine
ISCAS - International Symposium on Circuits and Systems
FPGA - field-programmable gate array
9. REFERENCES
[1] M. A. Breuer, A. D. Friedman “Diagnosis and reliable design of digital systems”,
Computer Science Press, 1976
[2] V. D. Agrawal and S. T. Chakradhar, “Combinational ATPG theorems
for identifying untestable faults in sequential circuits,” Proc. Euro. Test
Cont. pp. 249-253, Apr. 1993.
[3] I. Pomeranz and S. M. Reddy “On identifying undetectable and redundant faults in
synchronous sequential circuits,” in Proc. 12th IEEE VLSI Test Symp., Apr. 1994, pp.
8-14.
[4] V. D. Agrawal and S. T. Chakradhar, "Combinational ATPG theorems
for identifying untestable faults in sequential circuits," IEEE Transactions
on Computer-Aided Design of Integrated Circuits and Systems, vol. 14, pp.
1155-1160, September 1995
[5] E. Dubrova “Fault Tolerant Design: An Introduction”, draft
[6] M. A. Iyer and M. Abramovici “Sequentially untestable faults identified without
search”, IEEE, 1994
[7] W. Cao and D. K. Pradhan “Sequential redundancy identification using recursive
learning”, IEEE, 1996
[8] D. S. Dawoud “Partially detectable faults in synchronous sequential circuits”, IEEE,
1996
[9] M. Syal and M. S. Hsiao “A novel low-cost algorithm for sequentially untestable fault
identification”, IEEE,2003
[10] I. Pomeranz and S. M. Reddy, “Classification of Faults in Synchronous Sequential
Circuits”, IEEE, 1994
[11] P. Muth, “A nine-valued circuit model for test generation,” IEEE Trans.
Comput., vol. C-25, pp. 63G-636, June 1976.
[12] M. A. Iyer and M. Abramovici, “Low-Cost Redundancy Identification for
Combinational Circuits” Proc. 7th. Intnl. Conf on VLSIDesign, India, pp. 315-318, Jan.
1994.
[13] D.E. Long, M.A. Iyer and M. Abramovici, “Identifying Sequentially Untestable Faults
Using Illegal States,” Proc. 13th. IEEE VLSI Test Symposium,pp.4-11, May 1995.
[14] M.A. Iyer, D.E. Long and M. Abramovici, “Identifying Sequential Redundancies
Without Search,” Proc. DAC 96, June 1996.
[15] M. Syal and M.S. Hsiao “New Techniques for Untestable Fault Identification in
Sequential Circuits”, IEEE, 2006
[16] J. Raik, H. Fujiwara, R. Ubar, A. Krivenko “Untestable Fault Identification in Sequential
Circuits”, IEEE, 2008
[17] M.L. Bushnell, V. D. Agrawal “Essentials of electronic testing for digital, memory, and
mixed-signal VLSI circuits”,Kluwer Academic Publishers, 2000
[18] H.-C. Liang, C. L. Lee, and E. J. Chen, “Identifying untestable faults in sequential
circuits,” IEEE Des. Test. Comput., vol. 12, no. 3, pp. 14–23, Sep. 1995.
[19] D. E. Long, M. A. Iyer, and M. Abramovici, "FILL and FUNI: Algorithms to identify
illegal states and sequentially untestable faults", ACM Transact. Des. Automat. Electron.
Syst., vol. 5, no. 3, pp.631 - 657 , 2000.