Cost modelling and concurrent engineering for testable design

This thesis was submitted for the degree of Doctor of Philosophy and awarded by Brunel University.As integrated circuits and printed circuit boards increase in complexity, testing becomes a major cost factor of the design and production of the complex devices. Testability has to be considered during the design of complex electronic systems, and automatic test systems have to be used in order to facilitate the test. This fact is now widely accepted in industry. Both design for testability and the usage of automatic test systems aim at reducing the cost of production testing or, sometimes, making it possible at all. Many design for testability methods and test systems are available which can be configured into a production test strategy, in order to achieve high quality of the final product. The designer has to select from the various options for creating a test strategy, by maximising the quality and minimising the total cost for the electronic system. This thesis presents a methodology for test strategy generation which is based on consideration of the economics during the life cycle of the electronic system. This methodology is a concurrent engineering approach which takes into account all effects of a test strategy on the electronic system during its life cycle by evaluating its related cost. This objective methodology is used in an original test strategy planning advisory system, which allows for test strategy planning for VLSI circuits as well as for digital electronic systems. The cost models which are used for evaluating the economics of test strategies are described in detail and the test strategy planning system is presented. A methodology for making decisions which are based on estimated costing data is presented. Results of using the cost models and the test strategy planning system for evaluating the economics of test strategies for selected industrial designs are presented

The Art of Fault Injection

Classical greek philosopher considered the foremost virtues to be temperance, justice, courage, and prudence. In this paper we relate these cardinal virtues to the correct methodological approaches that researchers should follow when setting up a fault injection experiment. With this work we try to understand where the "straightforward pathway" lies, in order to highlight those common methodological errors that deeply influence the coherency and the meaningfulness of fault injection experiments. Fault injection is like an art, where the success of the experiments depends on a very delicate balance between modeling, creativity, statistics, and patience

Analysis and Test of the Effects of Single Event Upsets Affecting the Configuration Memory of SRAM-based FPGAs

SRAM-based FPGAs are increasingly relevant in a growing number of safety-critical application fields, ranging from automotive to aerospace. These application fields are characterized by a harsh radiation environment that can cause the occurrence of Single Event Upsets (SEUs) in digital devices. These faults have particularly adverse effects on SRAM-based FPGA systems because not only can they temporarily affect the behaviour of the system by changing the contents of flip-flops or memories, but they can also permanently change the functionality implemented by the system itself, by changing the content of the configuration memory. Designing safety-critical applications requires accurate methodologies to evaluate the system’s sensitivity to SEUs as early as possible during the design process. Moreover it is necessary to detect the occurrence of SEUs during the system life-time. To this purpose test patterns should be generated during the design process, and then applied to the inputs of the system during its operation. In this thesis we propose a set of software tools that could be used by designers of SRAM-based FPGA safety-critical applications to assess the sensitivity to SEUs of the system and to generate test patterns for in-service testing. The main feature of these tools is that they implement a model of SEUs affecting the configuration bits controlling the logic and routing resources of an FPGA device that has been demonstrated to be much more accurate than the classical stuck-at and open/short models, that are commonly used in the analysis of faults in digital devices. By keeping this accurate fault model into account, the proposed tools are more accurate than similar academic and commercial tools today available for the analysis of faults in digital circuits, that do not take into account the features of the FPGA technology.. In particular three tools have been designed and developed: (i) ASSESS: Accurate Simulator of SEuS affecting the configuration memory of SRAM-based FPGAs, a simulator of SEUs affecting the configuration memory of an SRAM-based FPGA system for the early assessment of the sensitivity to SEUs; (ii) UA2TPG: Untestability Analyzer and Automatic Test Pattern Generator for SEUs Affecting the Configuration Memory of SRAM-based FPGAs, a static analysis tool for the identification of the untestable SEUs and for the automatic generation of test patterns for in-service testing of the 100% of the testable SEUs; and (iii) GABES: Genetic Algorithm Based Environment for SEU Testing in SRAM-FPGAs, a Genetic Algorithm-based Environment for the generation of an optimized set of test patterns for in-service testing of SEUs. The proposed tools have been applied to some circuits from the ITC’99 benchmark. The results obtained from these experiments have been compared with results obtained by similar experiments in which we considered the stuck-at fault model, instead of the more accurate model for SEUs. From the comparison of these experiments we have been able to verify that the proposed software tools are actually more accurate than similar tools today available. In particular the comparison between results obtained using ASSESS with those obtained by fault injection has shown that the proposed fault simulator has an average error of 0:1% and a maximum error of 0:5%, while using a stuck-at fault simulator the average error with respect of the fault injection experiment has been 15:1% with a maximum error of 56:2%. Similarly the comparison between the results obtained using UA2TPG for the accurate SEU model, with the results obtained for stuck-at faults has shown an average difference of untestability of 7:9% with a maximum of 37:4%. Finally the comparison between fault coverages obtained by test patterns generated for the accurate model of SEUs and the fault coverages obtained by test pattern designed for stuck-at faults, shows that the former detect the 100% of the testable faults, while the latter reach an average fault coverage of 78:9%, with a minimum of 54% and a maximum of 93:16%

Fault simulation and test generation for small delay faults

Delay faults are an increasingly important test challenge. Traditional delay fault models are incomplete in that they model only a subset of delay defect behaviors. To solve this problem, a more realistic delay fault model has been developed which models delay faults caused by the combination of spot defects and parametric process variation. According to the new model, a realistic delay fault coverage metric has been developed. Traditional path delay fault coverage metrics result in unrealistically low fault coverage, and the real test quality is not reflected. The new metric uses a statistical approach and the simulation based fault coverage is consistent with silicon data. Fast simulation algorithms are also included in this dissertation. The new metric suggests that testing the K longest paths per gate (KLPG) has high detection probability for small delay faults under process variation. In this dissertation, a novel automatic test pattern generation (ATPG) methodology to find the K longest testable paths through each gate for both combinational and sequential circuits is presented. Many techniques are used to reduce search space and CPU time significantly. Experimental results show that this methodology is efficient and able to handle circuits with an exponential number of paths, such as ISCAS85 benchmark circuit c6288. The ATPG methodology has been implemented on industrial designs. Speed binning has been done on many devices and silicon data has shown significant benefit of the KLPG test, compared to several traditional delay test approaches

Learning digital test and diagnostics via Internet

An environment targeted to e-learning is presented for teaching design and test of electronic systems. The environment consists of a set of Java applets, and of web based access to the hardware equipments, which can be used in the classroom, for learning at home, in laboratory research and training, or for carrying out testing of students during exams. The tools support university courses on digital electronics, computer hardware, testing and design for testability to learn by hands-on exercises how to design digital systems, how to make them testable, how to build self-testing systems, how to generate test patterns, how to analyze the quality of tests, and how to localize faults in hardware. The tasks chosen for hands-on training represent simultaneously research problems, which allow to fostering in students critical thinking, problem solving skills and creativity

Scalable algorithms for software based self test using formal methods

textTransistor scaling has kept up with Moore's law with a doubling of the number of transistors on a chip. More logic on a chip means more opportunities for manufacturing defects to slip in. This, in turn, has made processor testing after manufacturing a significant challenge. At-speed functional testing, being completely non-intrusive, has been seen as the ideal way of testing chips. However for processor testing, generating instruction level tests for covering all faults is a challenge given the issue of scalability. Data-path faults are relatively easier to control and observe compared to control-path faults. In this research we present a novel method to generate instruction level tests for hard to detect control-path faults in a processor. We initially map the gate level stuck-at fault to the Register Transfer Level (RTL) and build an equivalent faulty RTL model. The fault activation and propagation constraints are captured using Control and Data Flow Graphs of the RTL as a Liner Temporal Logic (LTL) property. This LTL property is then negated and given to a Bounded Model Checker based on a Bit-Vector Satisfiability Module Theories (SMT) solver. From the counter-example to the property we can extract a sequence of instructions that activates the gate level fault and propagates the fault effect to one of the observable points in the design. Other than the user supplying instruction constraints, this approach is completely automatic and does not require any manual intervention. Not all the design behaviors are required to generate a test for a fault. We use this insight to scale our previous methodology further. Underapproximations are design abstractions that only capture a subset of the original design behaviors. The use of RTL for test generation affords us two types of under-approximations: bit-width reduction and operator approximation. These are abstractions that perform reductions based on semantics of the RTL design. We also explore structural reductions of the RTL, called path based search, where we search through error propagation paths incrementally. This approach increases the size of the test generation problem step by step. In this way the SMT solver searches through the state space piecewise rather than doing the entire search at once. Experimental results show that our methods are robust and scalable for generating functional tests for hard to detect faults.Electrical and Computer Engineerin

RON-BEAM DEBUG AND FAILURE ANALYSIS OF INTEGRATED CIRCUITS

A current research project at IMAG/TIM3 Laboratory aims at an integrated test system combining the use of the Scanning Electron Microscope (SEM), used in voltage contrast mode, with a new high-level approach of fault location in complex VLSI circuits, in order to reach a complete automated diagnosis process. Two research themes are induced by this project, which are: prototype validation of known circuits, on which CAD information is available, and failure analysis of unknown circuits, which are compared to reference circuits. For prototype validation, a knowledge-based approach to fault location is used. Concerning failure analysis, automatic image comparison based on pattern recog- nition techniques is performed. The purpose of the paper is to present these two methodologies, focusing on the SEM-based data acquisition process

Improving timing verification and delay testing methodologies for IC designs

textThe task of ensuring the correct temporal behavior of IC designs, both before and after fabrication, is extremely important. It is becoming even more imperative as the demand for performance increases and process technology advances into the deep sub-micron region. This dissertation tackles the key issues in the timing verification and delay testing methodologies. An efficient methodology is presented to identify false timing paths in the timing verification methodology which utilizes ATPG technique and timing information from an ordered list of timing paths according to the delay information. This dissertation also presents a speed binning methodology which utilizes structural delay tests successfully instead of functional tests. In addition, it establishes a methodology which quantifies the correlation between the timing verification prediction and actual silicon measurement of timing paths. This quantification methodology lays the foundation for further research to study the impact of deep submicron effects on design performanceElectrical and Computer Engineerin

Identifying worst case test vectors for FPGA exposed to total ionization dose using design for testability techniques

Electronic devices often operate in harsh environments which contain a variation of radiation sources. Radiation may cause different kinds of damage to proper operation of the devices. Their sources can be found in terrestrial environments, or in extra-terrestrial environments like in space, or in man-made radiation sources like nuclear reactors, biomedical devices and high energy particles physics experiments equipment. Depending on the operation environment of the device, the radiation resultant effect manifests in several forms like total ionizing dose effect (TID), or single event effects (SEEs) such as single event upset (SEU), single event gate rupture (SEGR), and single event latch up (SEL). TID effect causes an increase in the delay and the leakage current of CMOS circuits which may damage the proper operation of the integrated circuit. To ensure proper operation of these devices under radiation, thorough testing must be made especially in critical applications like space and military applications. Although the standard which describes the procedure for testing electronic devices under radiation emphasizes the use of worst case test vectors (WCTVs), they are never used in radiation testing due to the difficulty of generating these vectors for circuits under test. For decades, design for testability (DFT) has been the best choice for test engineers to test digital circuits in industry. It has become a very mature technology that can be relied on. DFT is usually used with automatic test patterns generation (ATPG) software to generate test vectors to test application specific integrated circuits (ASICs), especially with sequential circuits, against faults like stuck at faults and path delay faults. Surprisingly, however, radiation testing has not yet made use of this reliable technology. In this thesis, a novel methodology is proposed to extend the usage of DFT to generate WCTVs for delay failure in Flash based field programmable gate arrays (FPGAs) exposed to total ionizing dose (TID). The methodology is validated using MicroSemi ProASIC3 FPGA and cobalt 60 facility

Techniques for Improving Security and Trustworthiness of Integrated Circuits

The integrated circuit (IC) development process is becoming increasingly vulnerable to malicious activities because untrusted parties could be involved in this IC development flow. There are four typical problems that impact the security and trustworthiness of ICs used in military, financial, transportation, or other critical systems: (i) Malicious inclusions and alterations, known as hardware Trojans, can be inserted into a design by modifying the design during GDSII development and fabrication. Hardware Trojans in ICs may cause malfunctions, lower the reliability of ICs, leak confidential information to adversaries or even destroy the system under specifically designed conditions. (ii) The number of circuit-related counterfeiting incidents reported by component manufacturers has increased significantly over the past few years with recycled ICs contributing the largest percentage of the total reported counterfeiting incidents. Since these recycled ICs have been used in the field before, the performance and reliability of such ICs has been degraded by aging effects and harsh recycling process. (iii) Reverse engineering (RE) is process of extracting a circuit’s gate-level netlist, and/or inferring its functionality. The RE causes threats to the design because attackers can steal and pirate a design (IP piracy), identify the device technology, or facilitate other hardware attacks. (iv) Traditional tools for uniquely identifying devices are vulnerable to non-invasive or invasive physical attacks. Securing the ID/key is of utmost importance since leakage of even a single device ID/key could be exploited by an adversary to hack other devices or produce pirated devices. In this work, we have developed a series of design and test methodologies to deal with these four challenging issues and thus enhance the security, trustworthiness and reliability of ICs. The techniques proposed in this thesis include: a path delay fingerprinting technique for detection of hardware Trojans, recycled ICs, and other types counterfeit ICs including remarked, overproduced, and cloned ICs with their unique identifiers; a Built-In Self-Authentication (BISA) technique to prevent hardware Trojan insertions by untrusted fabrication facilities; an efficient and secure split manufacturing via Obfuscated Built-In Self-Authentication (OBISA) technique to prevent reverse engineering by untrusted fabrication facilities; and a novel bit selection approach for obtaining the most reliable bits for SRAM-based physical unclonable function (PUF) across environmental conditions and silicon aging effects