Fundamental Algorithms for System Modeling, Analysis, and Optimization

Edward A. Lee, Jaijeet Roychowdhury, Sanjit A. Seshia

UC Berkeley EECS 144/244 Fall 2010 Copyright 2010, E. A. Lee, J. Roychowdhury, S. A. Seshia, All rights reserved

Lec 15: Testing for Fault Detection/Diagnosis

Thanks to K.-T. Cheng, S. Devadas, K. Keutzer for some slides

Fault Detection and Diagnosis

A fault is the adjudged or hypothesized cause of a system failure. Fault detection (is there a fault?) and diagnosis (where is the fault?) are key steps in system design and maintenance. Integrated Circuits
Faults: manufacturing defects or electrical effects

Control Systems (e.g. chemical process plants)

Faulty sensors or actuators, operator error, mechanical failures

Cyber-Physical Systems (e.g., cars, spacecraft)

Faulty sensors/actuators, mechanical failures,
2

Fault Detection and Diagnosis

Component

Vc VE X

...

Activation (controllability) Overall System

...

OUTPUTS
3 4

Observability and Controllability

Controllability
A system with internal state x is called controllable if the state can be modified by changing the input to the system. E.g., for circuits: put a 0 or 1 at an arbitrary internal node

Observability
A system with internal state x is called observable if the state can be determined by observing the outputs of the system. E.g., for circuits, observe the 0-1 value of an internal node from system outputs.

INPUTS

Propagation (observability)

Manufacture Testing in ICs

Apply a sequence of input vectors to a circuit Observe the output response and compare the response with a precomputed or expected response Any discrepancy is said to constitute an error, the cause of which is a physical defect

d q

FAB

clk

Defects and Fault models

Manufacturing defects can manifest in a variety of ways: Bridging Contaminants Shorts Opens Transistors stuck-open These need to be reduced to models: Single stuck-at-1, stuck-at-0 Multiple stuck-at-1, stuck-at-0 Delay fault models: Gate Path single-stuck-at fault model ubiquitous some use of delay fault modeling
6

Defect Model: Stuck-At Faults

A B C D a b f1 f2

Any input or internal wire in circuit can be stuck-at-1 or stuck-at-0 Single stuck-at-fault model: In the faulty circuit, a single line/wire is S-a-0 or S-a-1 Multiple stuck-at fault model: In the faulty circuit any subset of wires are S-a-0/S-a-1 (in any combination)
7

Outline of Topics
Basics & Terminology Single stuck-at faults and path sensitization Boolean Satisfiability-based technique

Formal Problem Definition

Given a combinational circuit on n variables x1, x2, , xn with m outputs f1, f2, , fm Let g be an internal net that is stuck at 0 Then, we wish to find values of x1, x2, , xn such that g(x1, x2, , xn) = 1 and there exists some j in 1,2,m, such that fj(x1, x2, , xn) takes different values depending on whether g is stuck at 0 or not. How does the definition change for g stuck at 1 ?
9

Problem: What about the Flip-Flops?

Solution 1: Unroll the sequential ckt in time

[Murray & Hayes, IEEE Computer, 1996]

10

Solution 2: Add scan logic

add additional state to flip-flops (15 - 20% area overhead)

Scan-chain

Scan Flip-flops

Scan-chain

inputs

Combinational Logic

outputs

[See Murray & Hayes, IEEE Computer, 1996]

11

Outline of Topics
Basics & Terminology Single stuck-at faults and path sensitization Boolean Satisfiability-based technique

12

Single Stuck-At Faults

A fault is assumed to occur only on a single net.
x1 x2 x3 G a b Z = x1 x2 + x2 x3

x1 x2 x3

G a b a s-a-1 G s-a-1 Z = ? Z = ?

This model is used because it has been found to be statistically correlated with defect-free circuits
13

Single Stuck-At Faults

A fault is assumed to occur only on a single net.
x1 x2 x3 G a b Z = x1 x2 + x2 x3

x1 x2 x3

G a b a s-a-1 G s-a-1 Z = x1 + x2x3 Z = x2x3

This model is used because it has been found to be statistically correlated with defect-free circuits
14

Activation and Path Sensitization

In order for an input vector X to detect a fault h s-a-D, D = 0,1 the input X must cause the signal h in the normal (fault-free) circuit to take the value D.
x2 x3 x1 x4 To activate the fault i.e., detect h s-a-1 we first need to make h = 0. How? h s-a-1 x f

15

Fault Activation

x2 x3 x1 x4

G1 h x 0/1 G2

G3 G4

0/1 G5 f 0/1

h s-a-1, for h to be 0, need x2 = x3 = 0

( x 2 x3 )

The condition is necessary but not sufficient. Error signal must be propagated to output (must affect the output value).
16

Fault Propagation
The error signal must be propagated along some path from its origin to an output
x2 x3 x1 x4 h s-a-1, for h to be 0, need x2 = x3 = 0 ( x 2 x3 ) G1 h x 0/1 G2 G3 G5 G4 f

How to propagate the fault?

17

Fault Propagation
The error signal must be propagated along some path from its origin to an output
x2 x3 x1 x4 h s-a-1, for h to be 0, need x2 = x3 = 0 G1 h x 0/1 G2 1 G3 G4 0 0/1 G5 f 0/1

( x 2 x3 )

Only one path G3, G5 In order to propagate an error through AND gate G3, other input x1 = 1. To propagate through G5, need G4 = 0, x1 + x4
18

Formal Problem Definition, Revisited

Given a combinational circuit on n variables x1, x2, , xn with m outputs f1, f2, , fm Let g be an internal net that is stuck at 0 Then, we wish to find values of x1, x2, , xn such that ACTIVATION (Controllability) g(x1, x2, , xn) = 1 and there exists some j in 1,2,m, such that fj(x1, x2, , xn) takes different values depending on whether g is stuck at 0 or not. PROPAGATION (Observability)
19

Single Path Sensitization (SPS)

1. Activate: Specify inputs so as to generate the appropriate value (0 for s-a-1, 1 for s-a-0) at the site of the fault. 2. Propagate: Select a path from the site of the fault to an output and specify additional signal values to propagate the fault signal along this path to the output (error propagation). 3. Justify: Specify input values so as to produce the signal values specified in (2) (line justification).
20

Sensitization Example
D A B C G2 G1 x h s-a-1 G4 G5 f1 G6 f2

G3 E

h s-a-1 Activate?

21

Sensitization Example
D A B C G2 G1 x h G5 f1 G6 f2 G3 E G4

h s-a-1 Activate: To generate h = 0, need A = B = C = 1 Propagate?

22

Sensitization Example
D A B C G2 G1 x h G5 f1 G6 f2 G3 E h s-a-1 To generate h = 0, need A = B = C = 1 Have a choice of propagating through G5 or via G6. Propagating through G5 requires G2 = 1 A = D = 0 Contradiction Propagating through G6 requires G4 = 1 C = 1, E = 0. A valid test vector is ABCE
23

G4

Line Justification
B H A F G3 1 G2 1 C D x 0 E s-a-1 G1

G4

E s-a-1 E = 0 C = D = 1 to propagate through G1. To propagate through G4, need G2 = G3 = 1 How do we justify these values?
24

Line Justification - 2
B H A F G3 1 G2 1 C D x 0 E s-a-1 G1 Attempt to line justify G2 = G3 = 1 G3 = 1 possible if A = F = 1 or B = H = 1 If A = C = 1, then G2 = 0. G3 = 1 B = H = 1 G2 = 1 needs A = 0 or F = 0 Tests are ABCDEH, BCDEFH
25

G4

Redundancy
Not all faults result in failures! Existence of a fault does not change the functionality of a circuit redundant fault
x1 x2
s-a-1

f x1 x2 f

f = x1 + x1 x2

f = x1 + x2

A test generation algorithm is deemed complete if it either finds a test for any fault or proves its redundancy, upon terminating.
26

Completeness of SPS method ?

G2 C G1 d x
s-a-0

G3 G4 G5

G6 f

A B

E d s-a-0 A = B = 1 Propagate along G3, G6 C = 1 G2 = G4 = G5 = 1

For G4 = 1 either its top input = 0 or E = 0 If G1 = 0 fault is not activated (dont want to force G1 = 0) If E = 0 (B must be 1) G5 = 0 Inconsistency
27

Completeness of SPS? - 2
G2 C A B E d x
s-a-0

G3 G4 G5

G6 f

Propagation along G4, G6 also results in inconsistencies by symmetric argument Is there no test? How about C = E = 1?
28

Multiple Path Sensitization

1 1 1 1 d 1/0 x
s-a-0

G2 G3 G4 G5

1 0/1 G6 0/1 1 f 1/0

Error propagates down two paths G3, G6 and G4, G6 to output (G3, G4 values are correlated) Its natural to work backwards (justifying) and forwards (propagating) from point of fault activation but this focuses on sensitizing a single path Attempting to sensitize a single path will not find a test for this fault
29

Note on the D-Algebra/ D-calculus

Need to be able to deal with an arbitrary error at the inputs to a gate D represents a signal which has value 1 in normal circuit, and value 0 in faulty circuit. D 0/1
D D D 0 D D D D 1 D D D D 0 0 0

D, D behave like Boolean variables

30

Outline of Topics
Basics & Terminology Single stuck-at faults and path sensitization Boolean Satisfiability-based technique

31

Another approach to ATPG (Larrabee, 1989)

The ATPG problem (automatic test pattern generation) The CIRCUIT-SAT problem The Boolean Satisfiability (SAT) problem

CIRCUIT-SAT

ATPG

SAT
32

The ATPG problem

Circuit C
1 a 0 b 0 c 1 d 0 e f s-a-1 g 1 1 h 0(1) A fault value i 0(1) A logic circuit A fault point

f , s a 1

Does there exist a value assignment to the primary inputs which distinguishes the faulty and correct circuits ?

33

The CIRCUIT-SAT problem

a h b c d e Does there exist a value assignment to the primary inputs which causes the primary output to assume logic value 1 ?
34

ATPG as a CIRCUIT-SAT problem

Can we find an input value in which the faulty circuit and the good circuit differ? hf 1 a b c d e f h

if t = 1?

ATPG Circuit C

35

The Boolean Satisfiability (SAT) problem

Given a formula, f : Defined over a set of variables, V (a,b,c) Comprised of a conjunction (AND) of clauses (C1,C2,C3) Each clause is a disjunction (OR) of literals of the variables V Does there exist an assignment of Boolean values to the variables, V which sets at least one literal in each clause to 1 ? Example : ( a b c)( a c )( a b c ) C1 C2 C3
36

a=b=c=1

CIRCUIT-SAT as a SAT problem

A set of clauses representing the functionality of each gate A unit literal (i) clause asserting the output to be 1

a b c d e

f g

(b f )( c f )(b c f ) ( d g )( e g )( d e g ) ( a h )( f h )( a f h )
i

( h i )( g i )( h g i ) (i )
37

Solving the SAT problem

NP-complete problem, yet efficient techniques exist to solve probems encountered in practice We will review some of these methods in the next lecture

38

Current Status on Manufacture Test

Practical approach to test: use scan achieve 99%+ stuck-at coverage Single stuck-at-fault testing for combinational logic is a ``solved problem Despite the fact that it is NP-complete After 20+ years of research Results applied to combinational-equivalence checking

39