Abstract: This work is concerned with the development of a method for the design of Mixed Signal VLSI circuits with on line testing capability. A novel theory of Fault Detection and Diagnosis of Hybrid Systems has been applied for the on-line detection of catastrophic stuck-at faults in mixed VLSI circuits. Based on this an FPGA based system has been developed to design a DC-DC buck converter with on-line testing capability. To the best of our knowledge the proposed methodology is one of the first attempts to provide a solution for On-Line Testing of mixed signal VLSI circuits using a formal theory, which is applicable to a very large class of low frequency analog circuits.
INTRODUCTION
The current work is aimed at development of a method for the design of Mixed Signal VLSI circuits with On Line Testing (OLT) capability. OLT can be defined as the procedure to enable integrated circuits to verify the correctness of their functionality during normal operation by checking whether the response of the circuit conforms to its normal dynamic model. While numerous methodologies have been developed for design of online test circuits in the digital domain [1, 2] , even with provision for automated recovery [3] , only a limited set of approaches exists in the mixed signal domain [4, 5] . Most of these methodologies have been demonstrated on a few "benchmark circuits", which are too simple compared to typical practical circuits. Moreover, these methodologies address particular classes of circuits such as linear circuits [6] , filters [7, 8] , etc.
Fault detection and diagnosis (FDD) has been studied widely in the control system literature. For many applications Hybrid System based models, such as Hybrid Automata (HA) and Activity Transition Graphs (ATGs) are well suited [9, 10, 11, 12] . The current work aims at developing a generic and formal methodology for on-line fault detection in Mixed Signal VLSI circuits based on the theory of Fault Detection and Diagnosis of Hybrid Systems (HS). This paper is divided into five sections. Section 2 briefly covers the theoretical framework of the use of the theory of FDD of HS for on-line fault detection Section 3 discusses the design case study of DC-DC buck Converter with On-Line Testing Capability. Section 4 highlights silicon test results and Section 5 presents conclusions. h τ is the transformation function that transforms the data variable during the transition τ ; , l u τ τ are the lower and upper time bounds. Some definitions are provided next that will be used for studying the conditions of diagnosability of failures in a hybrid system as defined above. ( ) ,
THEORY OF DISCRETE TIMED HS

Discrete Timed Hybrid System Model
Definition 1: Target Set of a transition
A set , D { | & ( ) ( ), for some } i i i i V V v v V h v τ τ σ σ σ ⊆ = ∈ ≠ ∈ Σ D ( ),* ( ) / { ( ) L G s t st L G = ∈ ℑ ∈ }.
Process model with measurement limitation
P(s) is termed as the measurable trace corresponding to trace s.
Definition 6: (Inverse Projection Operator)
The inverse projection operator
Definition 7: (Measurement indistinguishability of traces)
Two traces s and s′ are measurement indistinguishable, denoted as s s
Fault Modelling and Failure Diagnosis
Each state of the system is assigned a fault label by an unmeasurable status variable C with its domain = { } 
The set of all normal activity states is denoted as N X . 
Diagnoser
The diagnoser, denoted as O , is a di-graph Fig.1 shows the block diagram of the scheme, detailed in [13] .
Monoshot based design:
Steps in the operation of the circuit:
Pre-charge Mode • The capacitance discharges to maintain a constant output current. The value of the output voltage drops as the capacitor discharges via the load.
, the PMOS is switched on again. This repeats as long the circuit is in power
Modelling of the DC-DC Converter
In this subsection HS modelling of the DC-DC buck converter is discussed. Fault diagnosis is demonstrated using a catastrophic fault in the hysteresis comparator. The Hysteresis Comparator Block is illustrated in Fig. 2 . Under 17th IFAC World Congress (IFAC'08) Seoul, Korea, July [6] [7] [8] [9] [10] [11] 2008 fault, the output of the zero pulse (ZP1) is stuck at logic one. The Variables, Activity States and the Transitions of the model are given in Tables 1, 2 and 3, respectively. The ATG of the System is shown in Fig 3. 
Fault Diagnosability of the DCDC converter
A diagnoser is constructed from the system ATG that can be synthesized as a mixed signal circuit and placed on-chip for concurrent testing of the circuit.
Certain important definitions and facts regarding diagnosability are presented next, before construction of the diagnoser for the DCDC converter. to that diagnoser cycle also forms a cycle in the system. In simple words, if the system moves in a cycle where the measurable variables are "observed to be similar" in both normal and faulty conditions, then the system is said to move through an i F − indeterminate cycle.
Definition 12: Fair Transitions
If there is a G-Trace that visits a state x infinitely often, then any fair transition τ , from x is also traversed by the Gtrace infinitely often. The fairness property implies that if there is a cycle in G that has at least one transition from at least one of its states that moves out of the cycle and is fair, then the cycle can only be traversed a finite number of times at a stretch. Using the above property some transitions may be determined to be fair. If a system has a start up phase and an operational phase, then the transitions involved in the start up phase may be unfair while all others corresponding to the operational phase are fair. Now we propose a necessary and sufficient condition of diagnosability, taking into account the property of fairness. The formal proofs of the condition and the Diagnoser construction have not been discussed in detail for sake of brevity. For details the reader is referred to [9, 11, 14] . a of the diagnoser. In the same way the complete diagnoser is constructed and illustrated in Fig. 4 .
Transitions: The figure illustrates the fact that the fault is diagnosable. After the occurrence of the fault it reaches an i F − certain node 8 7 { } z x′ = and the fault is detected. Also it can be observed that an i F − indeterminate cycle exists in the diagnoser during the pre-charge period. Thus the fault is nondiagnosable during the pre-charge mode. But there is a fair outward transition from this loop, which takes place after the pre-charge mode is over and then the fault is diagnosed. Hence it can be observed that there is an i F − indeterminate cycle but that is not an i F F − − indeterminate cycle.
RESULTS
For the proof of concept, the DC-DC converter discussed in Section 3, has been used as a case study. The circuit has been fabricated and packaged with additional pin outs for testability. This state estimator, termed as a diagnoser or an observer, has been synthesized and implemented in an FPGA.
The observer in the current case is equipped to detect a fault without any diagnostic information and indicate this by changing the status a single bit line. Diagnostic information may be used for automated recovery, which requires a significant amount of switching arrangement leading to performance degradation. Thus, the proposed approach switches to a new chip/module on detection of any fault, without diagnosing for details. The diagnoser is also an HA and has been designed using two 4 bit ADCs (to convert the To illustrate OLT, provisions have been kept to introduce dummy faults in the circuit during normal operation using MUX based arrangement similar to the one used in [15] . Test results are illustrated below. Fig. 5 shows the snapshot of an oscilloscope screen illustrating out V and cx V when the fault described in Section 3 occurs during pre-charge mode. Fig. 5 also illustrates the output of the ADC used for encoding out V and the status line in a logic analyzer snapshot.
CONCLUSIONS
The method presented in this work is aimed towards the development of a formal and generic scheme for on-line testing of analog circuits. Presently it demonstrates the feasibility of the approach in an application example. For the development of a CAD tool for automated design of fault detectors a number of steps of the proposed scheme need optimization and automation; namely allocation of optimal tap points of the circuit by the observer, area and power trade-off with respect to fault coverage and detection latency etc. Further, parametric faults leading to substantial performance degradation comprise an important class of failures even from the perspective of OLT. Considering all parametric faults is computationally expensive and techniques need to be developed to alleviate state explosion. As the observer is designed using ADCs and digital logic, the current method may lead to prohibitive area overheads if applied to large analog circuits. However, this overhead may be acceptable for a mixed signal SoC with a limited analog content. 
