Upload
kerrie-walton
View
216
Download
1
Tags:
Embed Size (px)
Citation preview
Synthesis Of Fault TolerantCircuits For
FSMs & RAMs
Rajiv Garg Pradish Mathews
Darren Zacher
MAPLD 2009 - Synthesis of Fault Tolerant Circuits for FSMs & RAMs
Agenda
Introduction Typical FSM Synthesis of Fault Tolerant (FT) FSMs Single Event Upset (SEU) Detect and Recovery Single Event Upset Detection Synthesis tool user options Fault tolerant RAMs Conclusion
MAPLD 2009 - Synthesis of Fault Tolerant Circuits for FSMs & RAMs
Introduction
Single Event Upset (SEU)
noise introduced in circuit operating in extreme conditions of space, military, aircrafts etc
Affects all types of FPGA devices and technology
Results in data corruption , system malfunction or impairment of various circuit components
MAPLD 2009 - Synthesis of Fault Tolerant Circuits for FSMs & RAMs
Contd..
FSMs and RAMs are crucial component of circuit FSMs control design functionality by transitioning
system to new state depending on transition function RAMs are the data storage components of the
circuit Any malfunction to their operation can make the
whole system go unpredictable
MAPLD 2009 - Synthesis of Fault Tolerant Circuits for FSMs & RAMs
Existing Solutions
Triple Module Redundancy (TMR) is the commonly used scheme for SEU. But it is : Area Extensive Only applicable to whole module block
FPGA designers manually write fault tolerant circuits Cumbersome job for RTL designers
There is an absence of complete automated software synthesis solutions in this domain
MAPLD 2009 - Synthesis of Fault Tolerant Circuits for FSMs & RAMs
Typical FSM circuit
FSM circuit has four major components Inputs Current state vectors Next State function Output logic
Present Present StateState
Next State Next State FunctionFunction State State
VectorsVectors
Output Output LogicLogic
InputsInputs
OutputsOutputs
rstrstclkclk
MAPLD 2009 - Synthesis of Fault Tolerant Circuits for FSMs & RAMs
Synthesis of Fault Tolerant (FT) FSMs
Next State Next State FunctionFunction
State State VectorsVectors
Output Output LogicLogic
InputsInputs
OutputsOutputs
clkclk rstrst
Next State Next State FunctionFunction
StateStateRegistersRegisters
InputsInputs
OutputOutputfunctionfunction
rstrst
Present Present StateStateParityParity
generatorgenerator Parity Parity RegistersRegisters
ErrorErrorCorrectionCorrection
CircuitCircuit
Parity Parity RegistersRegisters
outputoutput
FTFT
FSMFSM
clkclk
MAPLD 2009 - Synthesis of Fault Tolerant Circuits for FSMs & RAMs
Contd..
Synthesis goals Automated Fault tolerant circuit implementation Achieve optimal implementation with minimal
impact on quality of results (area and timing) Extra combinational and sequential logic added Parity generator
Generates logic for parity registers Error corrector
Detects and corrects SEU
MAPLD 2009 - Synthesis of Fault Tolerant Circuits for FSMs & RAMs
SEU detection and recovery Circuit
Next State Next State FunctionFunction
StateStateRegistersRegistersInputsInputs
OutputOutputfunctionfunction
rstrst
Present Present StateStateParity Parity
GeneratorGenerator Parity Parity RegistersRegisters
ErrorErrorCorrectionCorrection
CircuitCircuit
Parity Parity RegistersRegisters
outputoutput
FOR SEU detection and recovery to original state FOR SEU detection and recovery to original state Encoding of State and parity registers such that Encoding of State and parity registers such that
Hamming Distance >= 3 Hamming Distance >= 3
clkclk
MAPLD 2009 - Synthesis of Fault Tolerant Circuits for FSMs & RAMs
Parity generation(Hamming-3)
Extra parity flops added to current state registers to create hamming distance-3
number of parity flops k must satisfy the inequality 2^k >= n+k+1 , n is data flops
n + k flops uniquely detect upset in n data flops Hamming code constructor to generate parity
Error Correction circuit detects upset and recovers to original state
General technique can be applied to any encoding scheme
MAPLD 2009 - Synthesis of Fault Tolerant Circuits for FSMs & RAMs
Contd..
n + k bits uniquely detect for n data bits Consider a message having 4 data bits. We add 3 parity bits
to uniquely determine the single bit error in any of the 7 bits send
Here (3,5,6,7) are data bits and (1,2,4) are parity bits Change in parity bits detect
upset in data bits (1,2) detect upset in 3 (1,4) detect upset in 5 (2,4) detect upset in 6 (1,2,4) detect upset in 7 Upset in any (1,2,4) detect for itself
11
2244
55 33
66
77
MAPLD 2009 - Synthesis of Fault Tolerant Circuits for FSMs & RAMs
Contd..
Asynchronous Events
FSM State registers may have asynchronous set and reset
Any asynchronous set and reset signal will abruptly transition the state of FSM registers
Parity registers needs to be synchronized to FSM registers in case of asynchronous event
MAPLD 2009 - Synthesis of Fault Tolerant Circuits for FSMs & RAMs
Consider hamming-3 for 2 data flops 3 parity registers required for 2 data flops
Calculate rP1,sP1,rP2,sP2,rP3,sP3 (reset and set) of parity registers in terms of rC1,sC1,rC2,sC2 ?
Set/reset have priority associated with them so both cannot be high simultaneously
When one of set/reset high, Q is defined by setQ = set
clkclk
rP2 sP2rP2 sP2
rC2 sC2rC2 sC2
C2C2
rP3 sP3rP3 sP3
rC1 sC1rC1 sC1
rP1 sP1rP1 sP1
C1C1
P1P1
P2P2
P3P3
setset resetreset QQ
00
00
11
00
11
00
No effectNo effect
00
11
Contd..Contd..
MAPLD 2009 - Synthesis of Fault Tolerant Circuits for FSMs & RAMs
Contd..
In case of inferred FSM , any asynchronous event will affect all FSM registers
Given FSM registers , asynchronous event is detected as OR of all set ands resets of FSM registers (rC1 ||
sC1 || rC2|| sC2) => ET (event trigger) Parity registers set /reset calculated as
set = Fn(sC1,sC2) && event trigger Reset = !Fn(sC1,sC2) && event trigger
MAPLD 2009 - Synthesis of Fault Tolerant Circuits for FSMs & RAMs
Cont..
Initial value state registers
Current state registers may have initial values
Parity registers needs to be synchronized to current state registers’ initial value so that these are not considered as upsets
Initial value flops created for parity flops Initial value = Fn( Current state initial values)
MAPLD 2009 - Synthesis of Fault Tolerant Circuits for FSMs & RAMs
Enable Handling
Say at T = t1 , SEU occurs in Cs1 flop
Because of En = low Output at cs1 not corrected in
next clock cycles so circuit no longer remains Fault Tolerant
Now say at T = t1 + next clock cyclesupset also occurs at Cs2
EnEn
EnEn
ErrorError
CorrectorCorrectorNext StateNext State
FunctionFunction
SEU occursSEU occurs
Cs1Cs1
Cs2Cs2
This can be taken care by dissolving enable at Data path of FlopsThis can be taken care by dissolving enable at Data path of Flops
clkclk
clkclk
MAPLD 2009 - Synthesis of Fault Tolerant Circuits for FSMs & RAMs
Cont..
Dissolving Enable mux is put in the data path of flop with enable as select line
Mux sel0 = corrected current state Mux sel1 = next state
Now, after upset in any register, correct state is set at Flip flop output in next clock cycle
EnEn
EnEn
ErrorError
CorrectorCorrectorNext StateNext State
FunctionFunction
Cs1Cs1
Cs2Cs2
muxmux
muxmux
00
11
00
11
clkclk
clkclk
MAPLD 2009 - Synthesis of Fault Tolerant Circuits for FSMs & RAMs
Optimized techniques for 1-hot/1-cold encoding
1-hot/1-cold special encoding schemes Already hamming distance-2 Only single bit is 1 or 0 in whole state Vector
Optimized technique for 1-hot/1-cold are following Binary transformation with parity Full Register duplication scheme
MAPLD 2009 - Synthesis of Fault Tolerant Circuits for FSMs & RAMs
Binary transformation with parity
One HotOne Hot State State
VectorsVectors
BinaryBinary VectorsVectors
Parity Parity Register Register
(P)(P)
1-hot to1-hot toBinaryBinary
Next StateNext State FunctionFunction
ErrorError DetectionDetection
ErrorError CorrectorCorrector
UpsetUpset
Present Present statestate
inputinput
Corrected stateCorrected state
ParityParity
generatorgenerator
Output Output functionfunction
outputoutput
rstrst
1-hot vectors already 1-hot vectors already hamming-2hamming-2
Binary vectors + parity Binary vectors + parity added to create total added to create total
minimum hamming-3minimum hamming-3clkclk
MAPLD 2009 - Synthesis of Fault Tolerant Circuits for FSMs & RAMs
Technique
1-hot encoded Next state will be converted to Binary value vector
Even parity bit (P) will be generated for this binary vector by doing XOR operation of next state Binary vectors.
Error Detection Circuit generates the new even parity bit (P’) using the binary vector state
registers P and P’ are compared to detect the upset If P and P’ differ : an upset has occurred in Binary Registers or parity
Register P and P’ same : no upset has occurred at least in Binary Vector or
parity register
MAPLD 2009 - Synthesis of Fault Tolerant Circuits for FSMs & RAMs
Contd..
Since SEU, upset occurs either in the preset state vector or the binary state vectors and parity
Error Corrector circuit if upset signal is high
no upset in preset state registers Present state set as corrected state
If upset is low no upset in Binary Vector Registers decode binary vector to one hot and set them as
corrected state.
MAPLD 2009 - Synthesis of Fault Tolerant Circuits for FSMs & RAMs
Full Register duplication scheme
1-hot1-hot State State VectorVector
Duplicated Duplicated One Hot One Hot
State State VectorsVectors
Next State Next State FunctionFunction
inputinput
ErrorError DetectorDetector
ErrorError CorrectorCorrector
upsetupset
OutputOutputFunctionFunction
outputoutput
rstrst
Corrected stateCorrected state
1-hot vectors already 1-hot vectors already hamming-2hamming-2
Duplicated 1-hot vector Duplicated 1-hot vector also hamming-2also hamming-2
So total hamming distance So total hamming distance >=4>=4
clkclk
MAPLD 2009 - Synthesis of Fault Tolerant Circuits for FSMs & RAMs
Technique
All 1-hot state vectors are duplicated as parity registers Error detector circuit
detects the upset in one hot using optimized xnor circuit Since SEU, upset will either occur in present state vector or
duplicated parity registers Error Correction Circuit
If the upset signal is high upset detected then present state (one hot state vectors) passed as
corrected state. If upset is low
no upset, duplicated registers are passed as corrected state.
MAPLD 2009 - Synthesis of Fault Tolerant Circuits for FSMs & RAMs
Comparison of different SEU correct & recovery schemes for 1-hot
AreaArea
(in LUTs)(in LUTs)
0
200
400
600
800
1000
1200
8 16 32 64 128 256
1-hot states
binary transformation withparity
Full Register duplicationscheme
Hamming-3
MAPLD 2009 - Synthesis of Fault Tolerant Circuits for FSMs & RAMs
Results explanation
Hamming-3 Applicable to all encoding schemes Extensive area penalty in case of 1-hot/1-cold optimal for binary (gray etc) encoding
For 1-hot/1-cold binary transformation with parity
Optimizes area usage over hamming-3 Full Register duplication scheme
More prone to SEU Area efficient then both the above techniques logic is simple
MAPLD 2009 - Synthesis of Fault Tolerant Circuits for FSMs & RAMs
SEU detection and correction
Next State Next State FunctionFunction
StateStateRegistersRegisters
InputsInputs
OutputOutputfunctionfunction
rstrst
Present Present StateStateParity Parity
GeneratorGenerator Parity Parity RegistersRegisters
ErrorErrorCorrectionCorrection
CircuitCircuit
Parity Parity RegistersRegisters
outputoutput
FOR SEU detection and Correction to User defined stateFOR SEU detection and Correction to User defined state
Encoding of state and parity registers such thatEncoding of state and parity registers such that
minimum Hamming Distance > =2minimum Hamming Distance > =2
clkclk
MAPLD 2009 - Synthesis of Fault Tolerant Circuits for FSMs & RAMs
Hamming-2 technique
Current Current State State
VectorsVectors
2 parity 2 parity registersregisters
(p0 and p1)(p0 and p1)
Next state Next state FunctionFunction
Error Error detectordetector
Output Output FunctionFunction
Error Error correctorcorrector
ParityParity
generatorgenerator
outputoutput
inputinput
clkclk rstrst 2 parity registers added 2 parity registers added to create Hamming-2 to create Hamming-2 distance in encoded distance in encoded
statesstates
MAPLD 2009 - Synthesis of Fault Tolerant Circuits for FSMs & RAMs
Technique
Parity generator generates two parity bits p0 and p1 p0 and p1 are the odd and even parity respectively of next state
Error detection circuit calculate parity registers p0’ and p1’ using Current state registers Both p0 and P1 compared with p0’ and p1’ respectively If both sets (p0,p0’) and (p1,p1’) differ , an upset in current state
vector Error correction circuit
If Upset detected sets the corrected state to user defined state
If no upset detected current state vector set as corrected state
MAPLD 2009 - Synthesis of Fault Tolerant Circuits for FSMs & RAMs
Optimized detection and correction scheme for 1-hot/1-cold/2-hot
Current Current State State
VectorsVectors(1-hot )(1-hot )
Next state Next state FunctionFunction
Error Error detectordetector
Error corrector(user defined
state)
upsetupset
OutputOutput
functionfunction
outputoutput
clkclk
rstrst
inputinput
Corrected stateCorrected state
1-hot vectors 1-hot vectors already hamming-2already hamming-2
No parity requiredNo parity required
MAPLD 2009 - Synthesis of Fault Tolerant Circuits for FSMs & RAMs
Technique
Error detection circuit implemented using xnor/xor circuit to detect single
event upset Error Corrector Circuit
If upset detected corrected state is set to user defined state
If no upset detected current state vector is set as corrected state
MAPLD 2009 - Synthesis of Fault Tolerant Circuits for FSMs & RAMs
Synthesis tools options for User controls
User options to implement SEU detection or both SEU detection & recovery circuit
Ability to apply different fault tolerant implementation on different FSMs
User attributes on FSM state register specifying FSM encoding scheme
//pragma attribute <state_name> encoding_style <binary/one-hot/gray>
Fault tolerant implementation //pragma attribute <state_name> safe_fsm_type
<seu_detect/seu_correct> Correction State for SEU detection & correction circuit
//pragma attribute <state_name> recovery_state <state_vector>
MAPLD 2009 - Synthesis of Fault Tolerant Circuits for FSMs & RAMs
Contd..
Example : reg [3:0] cst //pragma attribute cst recovery_state 1000
..
S0S0(0001)(0001)
S0S0(0001)(0001)
S1S1(0010)(0010)
S1S1(0010)(0010)
S2S2(0100)(0100)
S2S2(0100)(0100)
Transition to Transition to default statedefault state
????(0101)(0101)
????(0101)(0101)
Invalid stateInvalid state
DefaultDefault
S3S3(1000)(1000)
S3S3(1000)(1000)
States defined States defined for normal for normal FSM operationFSM operation
Recovery StateRecovery State
ResetReset
MAPLD 2009 - Synthesis of Fault Tolerant Circuits for FSMs & RAMs
Fault Tolerant RAMs
Application of TMR to RAMs Triplicates memory elements Can overfill the FPGA Block RAM capacity Can lead to many potential memories in the design
not inferred Hamming-3 is applied to RAMs to detect and
recover from SEU the width of memory word size is increased by
adding error checking bits
MAPLD 2009 - Synthesis of Fault Tolerant Circuits for FSMs & RAMs
Contd..
Memory cell with addition of parity registers
Additional combinational logic added for parity generator and error
corrector
...
RAM
Hamming Code
RAM
...
RAMRAM parityparityGeneratorGenerator
Error Error CorrectorCorrector
address
dataindatain parityparity
dataoutdataout
MAPLD 2009 - Synthesis of Fault Tolerant Circuits for FSMs & RAMs
Conclusion
For safety critical applications automated synthesis solution is good for its following salient features
Designer does not need to write manually Fault tolerant implementations
Generates best Quality of results in terms of timing and area
Is formally verifiable with equivalence checker
MAPLD 2009 - Synthesis of Fault Tolerant Circuits for FSMs & RAMs
Thank you