VLSI Design Verification and

Testing

Fault Simulation
 Course outline
• Simulation
– Compiled-code algorithm
– Event-driven algorithm

• Fault simulation
– Introductory topics
– Serial algorithm
– Parallel fault simulation
– Deductive fault simulation
– Concurrent fault simulation
 Simulation
• Simulation modeling of a design, verifying its function and
assessing its performance
• simulation is run using a software simulator, a software program run on a
computer

functional validation of a design:

• Verify the correctness of the functionality
• Verify the accuracy of the timings
• Explore and compare alternate architectures

• an emulator is a hardware simulator

• hardware blocks implement the functionality to be assessed in a hardwired
way
• generally faster than simulation
 Simulation
The purpose of simulation-based verification is to control the
functional correctness of the design
• no fault is injected into the circuit

Specification

Synthesis

Response Design Design

analysis changes ( netlist )

Computed True - value

Input stimuli
responses simulation

True-value simulation is performed for verification and validation

of the design; the system behavior is evaluated under the
assumption of a fault-free hardware
 Modeling for simulation
• the circuit is represented in the form of a Netlist
– modules
– interconnections
– netlists may use hierarchy

Example: module M1 … and a larger circuit, constructed from M1, OR, …

Module H1
Module M1 M1; H1;
a
a inputs: a, b; HM1 f inputs: a, b, c;
b O1 c b outputs: f, g;
outputs: d, e;
OR: O1, (a, b), (c); M1: HM1, (a, b), (f);
A1 d d
NOT: N1, (b), (e); O1 M1: HM2, (d, c), (g);
c
e AND: A1, (d, e), (d); HM2 g OR: O1, (b, c), (d);
N1

• Modules, blocks or components described by

• Input/output (I/O) function
• Delays associated with I/O signals

• Modules are interconnected

 Signal states
• Two-states (0, 1) is used for switch-level modelization of digital systems
0 (logic 0) can be GND, 1 (logic 1) would be Vdd

• Three-states (0, 1, X) the X state is added to model undefined state that

may occur during initialization of circuit containing flip-flops, or timing-
related issues
X undefined state

• Four-states (0, 1, X, Z) the Z state is used in the modelization of a high

impedance state that may occur in the transistor-level simulation (eg.
CMOS circuit shown below which behaves as a bad memory point)
Z high impedance state

Z Z: high impedance state

0 current status is stored on

parasitic capacitance
0
0
 Modeling levels
The level of a simulator is related to the detail of modeling
Logic simulation is applied to verify and validate a design

Behavioral level: very high-level design languages are used (System C, C, C+

+) the architecture and dataflow is checked

Register-transfer level: hardware description languages are used (VHDL,

Verilog); blocks and their interactions are described; dataflow, and the
control is checked; functional verification is performed

Gate-level: the netlist include scan-chains, and is linked to the actual

fabrication technology

Switch-level may be used to confirm high-performance designs, as an

interconnected list of MOS switches

Transistor level provides very accurate simulation, but also excessively long
simulation times
 Compiled-code algorithm
The circuit is described in a language that can be compiled and executed on
a computer.
Generally, VHDL or Verilog are used for functional circuit description, which is
transformed into a machine programming language (eg. assembly).

• Features
• Used for zero-delay combinational logic; timing is not considered
• Applied in the functional validation of synchronous circuits
• All nodes states are reevaluated for every input vectors
• Advantages
• Good in the case of two-level simulation, high-level simulations
• Since all nodes are reevaluated, its performance is optimized for high-activity circuits
• Higher-abstraction levels of modelization can be used (C)
• Fast
• Drawbacks
• Recompilation is required for every new design
• All nodes states are reevaluated, including those with steady-state values. Typically 1-
10% of the gates actually change their state
• Cannot model glitches, racing conditions, i.e. timing problem
 Compiled-code algorithm (2)
• Step 1: Perform logic optimization, levelize combinational logic and encode
in a compilable programming language
A G4

B G7 Levelization ensures that inputs are

G1
C
evaluated before outputs. Consequently,
G3 gates in a given level have inputs only
D G8
from lower levels
G2
E G5
G

G6
Signals are treated as variables, and
F gates are treated as program statements
(instructions)
H G9

LEVEL0 LEVEL1 LEVEL2 LEVEL3 LEVEL4

• Step 2: Initialize internal state variables; output of flip-flops = logic 0

• Step 3: For each input vector

– Set primary input variables
– Repeat execution of compiled code until all variables have reached steady-state
– Save processed variables
 Levelization
Assign each gate a level label n. The output of the gates in level n-1
must be determined before processing of the gates in level n may be
undertaken. What seems easy to our human understanding, needs
applying a systematic algorithm for machine reasoning, which works with
netlists only:

• Label each gate with the maximum number of logic levels from primary
inputs (or with the maximum number of logic levels from primary output)

• Assign level number 0 to all primary inputs (PIs)

• For each PI fanout

– Label that line with the PI level number, &
– Queue logic gate driven by that fanout

• While queue is not empty

– Dequeue next logic gate
– If all gate inputs have level #’s, label the gate with the maximum of them + 1;
– Else, requeue the gate
 Levelization example (1)
Step 1
All PIs are assigned level 0 0
G1

Step 2
PIs fanout gates are queued in: 0
G2
G1, G2 queued for processing 0 G3

Step 3
processing G1: have all input of G1 been assigned a level ?
NO, G2 which is driving the input of G1 has not been assigned a level
NO, THEN, place G2 back into the queue for further processing
Step 4
pop out next element form the queue: G2: have all inputs of G2 been assigned a
level ?
YES, THEN if l is the maximum of the driving levels of G1 (l=0), assign to
G1 l+1 as level, ie. l+1= 1
 Levelization example (2)
Step 5
Place all fanouts of G1 into the 0
G1
queue
ie. G2, G3 placed in the queue
0
G2
0 G3
1

Step 6
processing G2: have all input of G2 been assigned a level ?
YES, THEN if l is the maximum of the driving levels of G2 (l=1, through
G1), assign to G2 l+1 as level, ie. l+1= 2
 Levelization example (3)
0
G1

0
G2
0 G3
Step 7 1

processing G3 : have all input of G3 been assigned a level ?

YES, THEN if l is the maximum of the driving levels of G3 (l=1, through
G1), assign to G3 l+1 as level, ie. l+1= 2

0
G1

Step 8 0
G2
queue is empty 0 G3
1
2
end
 Event-driven algorithm (1)
Every event is caused by other events that have occurred earlier in
time and in lower levels
• The change of a signal from a value to another is called an event
• ONLY gates which have a change in any input go to the activity list
• Every gate which is on the activity list is simulated
• If the gate output change, gate at fanout are placed in turn into the activity
list

triggering event at t=0 time-delay of a gate

0 1 initial condition
a
b
3 e
c
1 0
0
3 g

d f
2 0

logic 1
g

logic 0
1 2 3 4 5 6 7
time, t
 Event-driven algorithm (2)
• Very efficient for discrete-event simulations, and low-activity circuits
• Event scheduling procedure of distributing activities caused by
events over time according to specified delays  allows accurate
simulation of arbitrary delays
• Ten time (or more) speedup with respect to compiled-code
• only active gates (with an event on one or all inputs) are simulated
A G4

B 1 G7
1 G1
C
1
G3

D G2 G8
1 1 G5
E
G

G6
F

1 G9
H

LEVEL0 LEVEL1 LEVEL2 LEVEL3 LEVEL4

 Fault simulation
• Considering a circuit, test vectors and fault models the fault simulator is
able to predict the behavior of the faulty circuit

• Assumption
– the functionality of the circuit is assumed to be correct, ie. the designer has not
made any error, however, the circuit may not operate correctly due to
manufacturing-induced defects

• Motivation
– Determine test quality and in turn product quality
– Find undetected fault targets to improve tests
… and also …
– Guide the test pattern generation process (for ATPG)
– Create faults dictionaries: list of output responses to test T for each injected fault

• Results
– Fault coverage fraction (or percentage) of modeled faults detected by test
vectors
– Set of undetected faults
 Fault simulator (1)
• A fault simulator is used in the development of manufacturing tests
– Performed after design has be verified/validated
– e.g. TetraMAX fault simulation facility

• Operation of the fault simulator

– Determine the logic value of every node for the fault-free case (good
machine simulation)
– Determine the logic value of every node for the applied fault model
(generally stuck-at faults)

– Determines the fault list (if not available)

– Determines the coverage for a given fault model and fault list
– Produces vectors of the required manufacturing fault coverage
 Fault simulator (2)
• Mostly, single stuck-at faults are handled
– Rarely stuck-open, transition, and path-delay faults

• Procedure in generating a fault list

– A preliminary fault list is obtained from considering stuck-at faults on every
circuit line
– Techniques such as equivalence and dominance are used to collapse the fault-
list (single stuck-at)

Verified design Verification

netlist input stimuli

Fault simulator Test vectors

Modeled Remove
fault list tested faults Test Delete
compactor vectors

Fault Low Test Add vectors

coverage generator
?
Adequate

Stop
 Fault simulator (3)
• Fault-dropping a fault once detected is dropped from
consideration as more vectors are simulated
– fault-dropping should be suppressed for diagnosis purposes

• Fault sampling a random sample of faults is simulated when the

circuit is large
– the sample set should be representative and should not be biased
 Algorithms for fault simulation
The fault simulator must classify the given faults as detected or undetected
by the given stimuli

for all vectors in the test vector set:

• the fault-free circuit is simulated;
• copies of the the circuit, each having one fault are simulated
• the binary output is the fault-free, and faulty circuit simulations are
compared
• a different output means that current vector detects the fault that has
been injected into the simulated copy of the circuit

Remarks:
• expensive in computation
• fault dropping is applied, i.e. simulation is stopped after a specific fault fn
has been detected for the first time
 Types of fault simulators
• Serial

• Parallel
– Simulation of w faults in parallel

• Deductive
– Predicts faulty responses from fault-free

• Concurrent
– Interleave faulty and true-value simulation
 Serial fault simulation
• Algorithm:
Simulate fault-free circuit and save responses for further comparison

Repeat following steps for each fault in the fault list:

1. Modify the netlist by injecting one fault
2. Simulate the modified netlist using every test vector
3. For each of the vector, compare the fault-free response and the current
response (one fault injected)
4. The fault is detected if the responses differ; the simulation process may be
stopped
5. If the responses do not differ, then currently injected fault is not detected 
back to step 1

• Advantages
– Easy to implement: a regular logic simulator is used, plus a mechanism for
injecting faults
– A wide range of fault models are supported
• Drawback
– Low performance: simulation time can be prohibitively high for large fault lists
e.g. for n faults, n time the simulation time of a true-value will be needed
 Parallel fault simulation (1)
• Modern computer process 32-bit or 64-bit operands in one pass;
this wide word size is used to store several copies of a signal and
process all in one parallel pass

• … under following assumptions ….

– the circuit consists of only logic gates, with unit delays
– only stuck-at faults are simulated
– all signals assuming values either 1 or 0
Rx Ry This only bit used in serial simulation

driving signal All w-bits (8 bits here) used in parallel

simulation where 1 bit stores the true
AND

value (dark bit)

ALU

Rx

• Compiled-code method
 Parallel fault simulation (2)
• Multi-pass simulation
Each pass simulates w-1 new faults, where w is the machine word
length (16-bit, 32-bit, …)

• Speed up over the serial method ~ w-1

one bit-position is reserved for the signal value of the fault-free circuit

• Not suitable for non-Boolean logic

 Parallel simulation example (1)
• Two single stuck-at faults are injected into the circuit in next slide
c s-a-0, and f s-a-1

• The word length considered is w=3, i.e. all signals in a particular

node are expressed in a three-bit format where
– bit-0 is the signal value of the fault-free circuit
– bit-1 is the signal value of the circuit assuming c s-a-1
– bit-2 is the signal value of the circuit assuming f s-a-0

• All bits forming a 3-bit word are updated simultaneously, according

to the logical function to be processed

• All faults causing word bits of value at the circuit output that differ
from the fault free circuit are declare detected
 Parallel simulation example (2)
Bit 0: fault-free circuit
Bit 1: circuit with c s-a-1
Bit 2: circuit with f s-a-0
f s-a-0 can not be detected
using this specific vector
c s-a-1 detected

0 0 0
0 1 0
a
s-a-1
b e
c
0 0 0 0 1 0 0 1 0

d f s-a-0

1 1 1 1 1 0
 Actual implementation in the simulator
• Faults are modeled by superimposing logic gates into the circuit
– s-a-0  AND2 gate (2-input AND gate)
all other input bits set to 1, except a 0 at the bit-location of the fault
– s-a-1  OR2 gate
all other input bits set to 0, except a 1 at the bit-location of the fault

0 0 0
0 1 0
a
s-a-1
b e
c
0 0 0 0 1 0 0 1 0

g
0 1 0 1 1 1
d f
1 1 0

s-a-0
1 1 0
 Deductive fault simulation (1)
• One-pass simulation of the fault-free circuit
– a mathematical analysis is performed, rather than a simulation, stricto-senso
– all node values in the circuit are determined for each input vector
– if the circuit has feedback though, more than one pass may be needed

• Each line k is attached a list Lk of faults detectable on k

La list of faults attached to node a

Processing for input vector a=0, b=1
a1 node a s-a-1
La=[a1] b0 node b s-a-0
Lc=[a1, c0]
a=0
c=1
b=1
Lb=[b0]

a fault is said to be detected if the value implied by the current input vector at the
primary output of the circuit is the complement of that implied in absence of the
considered fault
 Deductive fault simulation (2)
• Following true-value simulation of each vector, fault lists of all gate output
lines are updated using mathematical rules, signal values, and gate input
fault lists
– the fault list of a signal contains the names of all faults in the circuit that can
change the state of that line

• PO fault lists provides the list of faults that can be detected, using currently
applied vector
 Short reminder
• for classical Boolean gates, it is possible to determine a list of input
values which either mask the other input (control the output)

• … or sensitize the other input

follow: output follows other input, invert: output inverts other input
 Fault list propagation rules
propagation rules for main Boolean gates in a deductive fault simulator

 stands for union,  represents intersection, and complementation

 Understanding the rules, examples
• In order for a fault to propagate through to line c, following options are
possible
– the error must cause both line a and line b to change their state, thus La  Lb
or
– the error causes line c s-a-1, thus Lc = [La  Lb] c1
La=[a1]
Lc=[c1]
[a1]  [b1] = Ø
a=0
b=0 [c1]  Ø = [c1]
c=0
Lb=[b1]

• In order for a fault to propagate through, it must switch the state of line a,
while guaranteeing that the state of lines b and c do not change, or switch
the state of line d
La=[a0] Ld= (La  (Lb Lc )) d0
a=1
Lb=[b1]
b=0 d=1
Lc=[c1]
c=0
 Understanding the rules, more examples
• AND2 gate with a fanout of 2
Ld=[a1, c1, d1]
La=[a1]
Lc=[a1, c1] d=0
a=0
b=1
c=0 e=0
Lb=[b0]
Le=[a1, c1, e1]

b is sensitizing a through to c, but a is blocking b

an error can pass through to c iff

1. it can switch a and
2. guarantee that b does not switch (i.e. this error belongs to
the list of errors that do not affect line b, also called !L b or Lb barre)
Compact representation of propagation rules
now that we understand the propagation rules, let us derive a
general expression

let Loutput / output be the list of detectable faults at input/output node

case 1: none of the gate inputs is a controlling value

   output stuck at 
Loutput   Linput  
 controlled ouput


  non controlling inputs 

case 2: one or more of the gate input is a controlling value

     output stuck at non 

Loutput    Linput     Linput   
  controlling inputs  non controlling inputs   controlled ouput 
 Circuit example
[a0]
a=1 [a0, b0, c0, e0]
c Faults detected by
b=1 e=1
[b0] [b0, c0] this input vector:

g=1

d f=0
[b0, d0] [b0, d0, f1]

• True-value simulation is run in a first pass

• The second input-to-output pass generates the fault lists and generation,
resulting in Lg. Lg holds the list of four faults that are detected applying the
input vector a=1, b=1, which are: a s-a-0, c s-a-0, e s-a-0, g s-a-0

• Notice that b0 are present on lines e and f, and consequently cancel out of
Lg. b0 forces e=0 and f=1 which is not detected on line g.
 Concurrent fault simulation (1)
based on the observation that stimulating a fault free network, and
the same network where one fault has been injected produces an almost
identical activity sequence:

Concurrent fault simulation is an event-driven simulation of the

fault-free circuit and only those parts of the faulty circuit that differ
in signal states from the fault-free circuit

• Faster than other methods, but uses most memory.

 Concurrent fault simulation (2)
• Simulator models:
Events
– good-event: event that occurs in the fault-free circuit, and is defined by
the signal name, the type of change (e.g.1 to 0) and the time of change
– fault-event: occur in the faulty circuit, and are considered only if they
differ from a good event
Circuits
– good-gate: each good gate is attached a list of bad-gates, each of
which has an I/O that differs from the fault-free circuit

• Event-driven simulation (when simulate, what simulate):

– good-events and fault-events make good-gates active for simulation
– good-events also make bad-gates active for simulation
 Concurrent fault simulation example (1)
• a bad-gate is inserted into the fault list when the signal values of a
good-gate make a fault active

bad-gates in grey
bad-gate: one I/O is different from a
good-gate
a linked set of bad gates forms the
fault list

incorrect output values indicate detected faults

This example from: M. L. Bushnel and W. D. here, a0, c0, e0, g0 are detected, which is in accordance with the results
Agrawal, Essential of Electronic Testing for Digital,
Memory, and Mixed Signal VLSI Circuits, obtained with the deductive method
 Concurrent fault simulation example (2)
• Lists of faults are dynamic, and updated in order to keep only those bad-
gates with dissimilar I/O with respect to corresponding good-gate

• Convergence is reached when I/Os are identical, and is handled by bad-

gate removal

no bad events are generated; I/Os are

good-event similar as good gate’s
bad-gates are thus converging to
10 good-gate, and can be ruled out
10 10
10

observe how the list of faults has

10 10 been modified !
10
Concurrent fault simulation example (3)
• Changing of signal a activates fault a1

• Divergence results, and reflects into the creation of new bad-gates

divergence: creation of new bad gates

in the fault list

a fault is detected when the output g is different from that of the good
gate, i.e. following faults are detected: b 0, d0, f1, a1, e1, g1
 Fault sampling
• Goal: reduce the effort on fault simulation (CPU time and memory)
by picking a random sample from the set of all faults

• The fault coverage is analytically determined from the fault

coverage that has been derived using fault sampling

• Warning: the size of the sample should be selected “appropriately”

• Warning: the set of selected vectors may be biased

 Additional readings and references
• D. B. Amstrong, “A Deductive Method for Simulating Faults in Logic
Circuits,” IEEE T. on Computers, Vol. C-21, No. 5, pp. 464-471, May 1972
• E. G. Ulrich, T. Baker, “The Concurrent Simulation of Nearly Identical
Digital Networks,” Computer, Vol. 7, pp. 39-44, 1974
 References
• M. L. Bushnel and W. D. Agrawal, “Essential of Electronic Testing for
Digital, Memory, and Mixed Signal VLSI Circuits,” Springer, 2005
• L.-T. Wang, C.-W. Wu, X. Wen, “VLSI Test Principles and Architectures,”
Morgan Kaufmann Publishers (Elsevier), 2006