Dip. Automatica e Informatica

Slides:



Advertisements
Similar presentations
F T -U NSHADES A design analysis tool based on Emulation Technologies ESA-ESTEC/17540 University of Sevilla-AICIA-ESA.
Advertisements

Survey of Detection, Diagnosis, and Fault Tolerance Methods in FPGAs
Sana Rezgui 1, Jeffrey George 2, Gary Swift 3, Kevin Somervill 4, Carl Carmichael 1 and Gregory Allen 3, SEU Mitigation of a Soft Embedded Processor in.
Scrubbing Approaches for Kintex-7 FPGAs
HPEC 2012 Scrubbing Optimization via Availability Prediction (SOAP) for Reconfigurable Space Computing Quinn Martin Alan George.
April 30, Cost efficient soft-error protection for ASICs Tuvia Liran; Ramon Chips Ltd.
DC/DC Switching Power Converter with Radiation Hardened Digital Control Based on SRAM FPGAs F. Baronti 1, P.C. Adell 2, W.T. Holman 2, R.D. Schrimpf 2,
Maintaining Data Integrity in Programmable Logic in Atmospheric Environments through Error Detection Joel Seely Technical Marketing Manager Military &
Implementation of DSP Algorithm on SoC. Mid-Semester Presentation Student : Einat Tevel Supervisor : Isaschar Walter Accompaning engineer : Emilia Burlak.
© 2011 Xilinx, Inc. All Rights Reserved This material exempt per Department of Commerce license exception TSU Xilinx Tool Flow.
1 FLIPPER SEU Fault Injection in Xilinx FPGAs Monica Alderighi National Institute for Astrophysics, IASF Milano, Italy Computing.
A comprehensive method for the evaluation of the sensitivity to SEUs of FPGA-based applications A comprehensive method for the evaluation of the sensitivity.
FPGA IRRADIATION and TESTING PLANS (Update) Ray Mountain, Marina Artuso, Bin Gui Syracuse University OUTLINE: 1.Core 2.Peripheral 3.Testing Procedures.
Ch.9 CPLD/FPGA Design TAIST ICTES Program VLSI Design Methodology Hiroaki Kunieda Tokyo Institute of Technology.
ASIC/FPGA design flow. FPGA Design Flow Detailed (RTL) Design Detailed (RTL) Design Ideas (Specifications) Design Ideas (Specifications) Device Programming.
Lessons Learned The Hard Way: FPGA  PCB Integration Challenges Dave Brady & Bruce Riggins.
© 2003 Xilinx, Inc. All Rights Reserved For Academic Use Only Xilinx Design Flow FPGA Design Flow Workshop.
1 Extending Atmel FPGA Flow Nikos Andrikos TEC-EDM, ESTEC, ESA, Netherlands DAUIN, Politecnico di Torino, Italy NPI Final Presentation 25 January 2013.
CSE 494: Electronic Design Automation Lecture 2 VLSI Design, Physical Design Automation, Design Styles.
J. Christiansen, CERN - EP/MIC
VHDL Project Specification Naser Mohammadzadeh. Schedule  due date: Tir 18 th 2.
Tools - Implementation Options - Chapter15 slide 1 FPGA Tools Course Implementation Options.
FORMAL VERIFICATION OF ADVANCED SYNTHESIS OPTIMIZATIONS Anant Kumar Jain Pradish Mathews Mike Mahar.
ATMEL ATF280E Rad Hard SRAM Based FPGA SEE test results Application oriented SEU Sensitiveness Bernard BANCELIN ATMEL Nantes SAS, Aerospace Business Unit.
Introduction to FPGA Created & Presented By Ali Masoudi For Advanced Digital Communication Lab (ADC-Lab) At Isfahan University Of technology (IUT) Department.
MAPLD 2005/202 Pratt1 Improving FPGA Design Robustness with Partial TMR Brian Pratt 1,2 Michael Caffrey, Paul Graham 2 Eric Johnson, Keith Morgan, Michael.
This material exempt per Department of Commerce license exception TSU Xilinx Tool Flow.
Introduction to FPGAs Dr. Philip Brisk Department of Computer Science and Engineering University of California, Riverside CS 223.
1 - CPRE 583 (Reconfigurable Computing): VHDL to FPGA: A Tool Flow Overview Iowa State University (Ames) CPRE 583 Reconfigurable Computing Lecture 5: 9/7/2011.
ESS | FPGA for Dummies | | Maurizio Donna FPGA for Dummies Basic FPGA architecture.
Greg Alkire/Brian Smith 197 MAPLD An Ultra Low Power Reconfigurable Task Processor for Space Brian Smith, Greg Alkire – PicoDyne Inc. Wes Powell.
Introduction to Field Programmable Gate Arrays Lecture 1/3 CERN Accelerator School on Digital Signal Processing Sigtuna, Sweden, 31 May – 9 June 2007 Javier.
Using reconfigurable FPGAs in radioactive environments: challenges and possible solutions Massimo Violante Politecnico di Torino Dip. Automatica e Informatica.
In-Place Decomposition for Robustness in FPGA Ju-Yueh Lee, Zhe Feng, and Lei He Electrical Engineering Dept., UCLA Presented by Ju-Yueh Lee Address comments.
© PSU Variation Aware Placement in FPGAs Suresh Srinivasan and Vijaykrishnan Narayanan Pennsylvania State University, University Park.
Gill 1 MAPLD 2005/234 Analysis and Reduction Soft Delay Errors in CMOS Circuits Balkaran Gill, Chris Papachristou, and Francis Wolff Department of Electrical.
Actel Antifuse FPGA Information – Radiation Tests Actel Antifuse FPGA – A54SX72A 72K gates 208 pqfp package 2.5v to 5.0v I/O tolerant $62 each for tested.
Chandrasekhar 1 MAPLD 2005/204 Reduced Triple Modular Redundancy for Tolerating SEUs in SRAM based FPGAs Vikram Chandrasekhar, Sk. Noor Mahammad, V. Muralidharan.
MAPLD 2005/213Kakarla & Katkoori Partial Evaluation Based Redundancy for SEU Mitigation in Combinational Circuits MAPLD 2005 Sujana Kakarla Srinivas Katkoori.
1 Architecture of Datapath- oriented Coarse-grain Logic and Routing for FPGAs Andy Ye, Jonathan Rose, David Lewis Department of Electrical and Computer.
Fault-Tolerant Resynthesis for Dual-Output LUTs Roy Lee 1, Yu Hu 1, Rupak Majumdar 2, Lei He 1 and Minming Li 3 1 Electrical Engineering Dept., UCLA 2.
Programmable Hardware: Hardware or Software?
Time-borrowing platform in the Xilinx UltraScale+ family of FPGAs and MPSoCs Ilya Ganusov, Benjamin Devlin.
Floating-Point FPGA (FPFPGA)
Topics SRAM-based FPGA fabrics: Xilinx. Altera..
MAPLD 2005 Reduced Triple Modular Redundancy for Tolerating SEUs in SRAM based FPGAs Vikram Chandrasekhar, Sk. Noor Mahammad, V. Muralidharan Dr. V. Kamakoti.
SEU Mitigation Techniques for Virtex FPGAs in Space Applications
Radiation Tolerance of an Used in a Large Tracking Detector
Links & Clock distribution: toward the TDR
Maintaining Data Integrity in Programmable Logic in Atmospheric Environments through Error Detection Joel Seely Technical Marketing Manager Military &
Getting Started with Programmable Logic
M. Aguirre1, J. N. Tombs1, F. Muñoz1, V. Baena1, A. Torralba1, A
We will be studying the architecture of XC3000.
Timing Analysis 11/21/2018.
Evaluation of Power Costs in Triplicated FPGA Designs
Design of a ‘Single Event Effect’ Mitigation Technique for Reconfigurable Architectures SAJID BALOCH Prof. Dr. T. Arslan1,2 Dr.Adrian Stoica3.
Analytical Approach for Soft Error Rate Estimation of SRAM-Based FPGAs
ChipScope Pro Software
Mi Zhou, Li-Hong Shang Yu Hu, Jing Zhang
Advancement on the Analysis and Mitigation of
Avidan Efody, Mentor Graphics Corp.
Reprogrammable Flash-based FPGA on EUCLID mission
Win with HDL Slide 4 System Level Design
Hardware Assisted Fault Tolerance Using Reconfigurable Logic
ChipScope Pro Software
Off-path Leakage Power Aware Routing for SRAM-based FPGAs
Xilinx Kintex7 SRAM-based FPGA
THE ECE 554 XILINX DESIGN PROCESS
THE ECE 554 XILINX DESIGN PROCESS
Reconfigurable Computing (EN2911X, Fall07)
Presentation transcript:

Dip. Automatica e Informatica Reconfigurable FPGAs in radioactive environment challenges and possible solutions Massimo Violante Luca Sterpone Politecnico di Torino Dip. Automatica e Informatica Torino, Italy

Politecnico di Torino Leading Engineering School in Italy, founded in 1859 Department of Automation and Computer Engineering 60 faculties, 80 research assistants, 20 staff 100 PhD students Annual budget (~5 M€) Massimo VIOLANTE - CERN 18-10-2011

Electronic CAD & Reliability Group Its mission is to support, through techniques, tools, and services, the designer of electronic circuits and systems 7 faculties, 3 research assistants, 6 PhD students Strong cooperation with major industries, agencies, and research centers world-wide Reliable COTS-based embedded systems Prof. Massimo Violante, and Dr. Luca Sterpone 1 research assistant, 2 PhD students www.cad.polito.it Massimo VIOLANTE - CERN 18-10-2011

Goal To illustrate the challenge in designing with reconfigurable FPGAs in radioactive environment To illustrate possible solutions (design flow) Massimo VIOLANTE - CERN 18-10-2011

Outline Introduction Xilinx Virtex II & 4 Actel ProASIC Conclusions Massimo VIOLANTE - CERN 18-10-2011

Outline Introduction Xilinx Virtex II & 4 Actel ProASIC Conclusions Massimo VIOLANTE - CERN 18-10-2011

Introduction A number of reconfigurable FPGAs today available SRAM-based FPGAs: Xilinx, Altera, SiliconBlue, Atmel, … Flash-based FPGAs: Actel Plenty of experimental data available showing sensitivity to radiations, but Limited support to help designers Some design tools Some application notes Lack of established design flows including: architecture, implementation and validation Massimo VIOLANTE - CERN 18-10-2011

Activities at Polito Driver: space-related agencies/companies SRAM-based FPGAs  Xilinx Virtex II & 4 Development of design methods and tools Fault injection: in cooperation with INAF (Milano, Italy), and Univ. of Sevilla (Sevilla, Spain) Radiation testing: in cooperation with Univ. of Padova (Padova, Italy) Flash-based FPGAs  Actel ProASIC Fault injection Radiation testing: in cooperation with ESA (Noordwijk, NL) Massimo VIOLANTE - CERN 18-10-2011

Outline Introduction Xilinx Virtex II & 4 Actel ProASIC Conclusions Massimo VIOLANTE - CERN 18-10-2011

Why Virtex-II & 4? Package qualified successfully for space use Extensive database concerning radiation effects/device reliability Availability of design tools Newer devices like Virtex-5QV rad-hard are under scrutiny but too new to be adopted without further investigations Package is the biggest issue at the moment Limited availability of radiation/reliability data ITAR Massimo VIOLANTE - CERN 18-10-2011

Why Virtex-II & 4? Virtex-II & 4 appealing when… SEL, TID However Need for large device with plenty of resources Need for high performance Need for in-flight reconfiguration capabilities SEL, TID SEL free (LETTH(H.I.)=100 MeV-cm2/mg) TID > 250 krad(Si) ~50.0 rad(Si)/sec (Virtex-4QV) However SEEs are an issue and must be mitigated Design validation is crucial Massimo VIOLANTE - CERN 18-10-2011

SEE of concern SEU/MCU in the device configuration memory SEU/MCU in the user memory SEU/MCU in hard-IPs SEFI SET (although difficult to observe) Massimo VIOLANTE - CERN 18-10-2011

How to approach the design Proper system architecture is needed Payload FPGA, Configuration memory scrubber, SEFI monitor SEE-aware design goes in the payload FPGA TMR Some vendors provide support for TMR TMRtool from Xilinx, Precision RT from Mentor Graphics, Symplify Pro from Synopsys They allow TMR insertion, safe-FSM encoding Massimo VIOLANTE - CERN 18-10-2011

Typical architecture Voter Partition TMR Domain D1.1 D1.2 D2.1 D2.2 Massimo VIOLANTE - CERN 18-10-2011

Observation All design techniques are based on the single-fault assumption (1 SEE = 1 fault in the design) But SEE in the configuration memory may produce multiple faults Massimo VIOLANTE - CERN 18-10-2011

An example: original circuit The original netlist The bitstream 1 Massimo VIOLANTE - CERN 18-10-2011

An example: single effect The corrupted netlist The bitstream 10 An open circuit is created 1 * Massimo VIOLANTE - CERN 18-10-2011

An example: multiple effects The corrupted netlist The bitstream 01 A short circuit is created 1 * Massimo VIOLANTE - CERN 18-10-2011

SEE-corrupted netlist Why TMR may fail? Original netlist SEE-corrupted netlist Domain 1 Domain 1 Domain 2 Domain 2 The SEE modifies the same signal in two domains  SEE is producing multiple effects not masked by voters Massimo VIOLANTE - CERN 18-10-2011

An example Design: X-TMR design In theory any SEE should be mitigated Fault injection in the device configuration memory Resource Failure LUT 26 Global routing 1,497 CLB Local routing 45 CLB configuration Total 1,568 Massimo VIOLANTE - CERN 18-10-2011

Where is the bug? Design tools (TMRtool, Precision RT,…) work at HDL-level only Design implementation is done using standard place & route that tend to pack designs tightly Minimize device occupation Minimize delay Slices and switch matrices are shared by different TMR domains  SEE may induce multiple errors affecting different TMR domains at the same time! A SEE-aware implementation flow is needed Massimo VIOLANTE - CERN 18-10-2011

Open questions How can I predict radiation-effects analysis? Anticipate analysis before going to beam testing Millions of bit are inside the configuration memory: how many of them are really sensitive? Device cross-section vs design cross-section The bit 0x000c1c00, offset 156 is leading the circuit to fail: which part of the design it refers to? Debug the design quickly and accurately How can I implement my design safely? Avoid SEE effects escaping my architecture Massimo VIOLANTE - CERN 18-10-2011

The design flow Xilinx standard tools TMR tool PAR Input design XST synthesis Xilinx standard tools TMR tool Output design PAR bitstream Massimo VIOLANTE - CERN 18-10-2011

The design flow STAR TMR tool Input design STAR XST synthesis List of sensitive bits TMR tool Output design Analyze the impact of SEE in FPGA configuration memory without running simulations PAR bitstream Massimo VIOLANTE - CERN 18-10-2011

Compute robust placement for TMR design The design flow Input design STAR XST synthesis List of sensitive bits TMR tool VPLACE Output design Robust placement PAR Compute robust placement for TMR design bitstream Massimo VIOLANTE - CERN 18-10-2011

Place & Route robustly TMR design The design flow Input design STAR XST synthesis List of sensitive bits TMR tool VPLACE Place & Route robustly TMR design Output design Robust placement PAR RoRA/PAR bitstream Robust bitstream Massimo VIOLANTE - CERN 18-10-2011

The design flow STAR Workload FLIPPER TMR tool VPLACE PAR RoRA/PAR Input design STAR Workload XST synthesis List of sensitive bits FLIPPER TMR tool VPLACE Fault coverage Output design Robust placement Analyze the impact of SEE in FPGA configuration memory by means of simulations PAR RoRA/PAR bitstream Robust bitstream Massimo VIOLANTE - CERN 18-10-2011

STAR Read the place & routed design and build the netlist/bitstream association For each bit of the bitstream: Flip the bit and update accordingly the netlist Is the original netlist corrupted (does the error arrive to outputs)? Yes  the bit is sensitive No  the bit is not sensitive Analysis is done looking at the error propagation path, and it does not consider workload Massimo VIOLANTE - CERN 18-10-2011

STAR operational modes Discovery mode: it analyzes the bitstream while neglecting mitigation schemes Lists sensitive bits TMR mode: it analyzes the bitstream while automatically recognizing (X)TMR mitigation scheme Lists bits that violate (X)TMR scheme (domain crossing events) List bits that produce warnings (may lead to domain crossing events in case of accumulation) Massimo VIOLANTE - CERN 18-10-2011

Domain crossing events Voter Partition TMR Domain V1 D1.1 V2 D1.2 V3 V1 D2.1 V2 D2.2 V3 V1 D3.1 V2 D3.2 V3 Massimo VIOLANTE - CERN 18-10-2011

Domain crossing events One Single Event Upset (SEU) in the configuration memory provokes two circuit modifications in two TMR domains in the same TMR partition  The fault propagates beyond the voter boundary Massimo VIOLANTE - CERN 18-10-2011

Warnings V1 D1.1 V2 D1.2 V3 V1 D2.1 V2 D2.2 V3 V1 D3.1 V2 D3.2 V3 One SEE in the configuration memory provokes two circuit modifications in two voter partitions  The fault stops at the voter boundary Massimo VIOLANTE - CERN 18-10-2011

TMR-mode algorithm The algorithm recognizes automatically TMR domains, voters, and voter partitions Forward error propagation: Find all the paths from the fault site to the circuit outputs, or memory elements Is the fault propagating to only one of the voter inputs? Yes  the bit is not sensitive No  the fault propagates to at least two inputs of a voter in the same partition  the bit is sensitive V V Massimo VIOLANTE - CERN 18-10-2011

The report Detailed report is produced for Xilinx devices Resource: PIP Block Adr 0 Maj Add 6 Min Add 14 Bit 156 Involved PIP : Y1 -- S2BEG2 FAR: 0x000c1c00 Bit: 156 Net = data_bus_IBUF_TR Massimo VIOLANTE - CERN 18-10-2011

Supported fault models Single Cell Upset (SCU) Multiple Cell Upset (MCU) Growing phenomena at each new generation of devices STAR includes layout information about the analyzed device (Virtex II, only) Accumulated SCU Massimo VIOLANTE - CERN 18-10-2011

CLBs candidate for domain-crossing events VPLACE Domain-crossing events observed when different TMR domains are packed in on CLB VPLACE avoids them by: Identifying the logic belonging to TMR domains Defining placement constraints (UCF file) to force each domain in dedicated FPGA CLBs CLBs candidate for domain-crossing events Robust placement Massimo VIOLANTE - CERN 18-10-2011

RoRA Domain-crossing events observed when net of different TMR domains are routed in adjacent CLB RoRA avoids them by: Identifying critical nets Re-routing critical nets To minimize run-time: Xilinx PAR is used to provide an initial solution RoRA reworks the initial solution by attacking critical nets only Massimo VIOLANTE - CERN 18-10-2011

FLIPPER STAR sensitive bits can become a failure or not depending on the workload Pattern-dependent fault masking FLIPPER is an emulation platform specifically designed for fault injection of SEU in Xilinx FPGA configuration memory Massimo VIOLANTE - CERN 18-10-2011

Real design Problem: optimize SEE mitigation of a design Device: Virtex-4 xc4vlx160 Design: XTMR circuit from Thales Alenia Space Sensitive bits according to STAR: 38,392 Sensitive bits after VPLACE/RoRA: 17,385 Improved the robustness w.r.t. SEE by 2x Massimo VIOLANTE - CERN 18-10-2011

Outline Introduction Xilinx Virtex II & 4 Actel ProASIC Conclusions Massimo VIOLANTE - CERN 18-10-2011

Why ProASIC? Package qualified successfully for space use Extensive database concerning radiation effects/device reliability Availability of design tools Massimo VIOLANTE - CERN 18-10-2011

Why ProASIC? ProASIC appealing when… SEL, TID However Need for low-power design Need for simple design Need for limited in-flight reconfiguration capabilities SEL, TID SEL free (LETTH(H.I.)=68 MeV-cm2/mg) TID > 30 krad(Si) ~1.0 rad(Si)/minute (no refresh) TID > 90 krad(Si) ~1.0 rad(Si)/minute (refresh) However SEEs are an issue and must be mitigated Design validation is crucial Massimo VIOLANTE - CERN 18-10-2011

SEE of concern No SEU/MCU in the device configuration memory SEU/MCU in the user memory SET Massimo VIOLANTE - CERN 18-10-2011

How to approach the design Simpler architecture than for SRAM-based FPGAs Although, if refresh is needed it becomes similar SEE-aware design goes in the payload FPGA TMR/EDAC for user memory SET (possibly) Some vendors provides support for TMR Symplify from Synopsys, Libero from Actel They allow TMR insertion Massimo VIOLANTE - CERN 18-10-2011

How to approach the design Current approaches are suitable against SEU, however SETs may happen Rule of thumb: after 50 MHz SET contribution becomes visible Massimo VIOLANTE - CERN 18-10-2011

How to mitigate SET? Available options: No widely-accepted solution Global TMR Insertion of SET filters (guard gates) No widely-accepted solution SET-aware design implementation is a possible solution Clever placement of inverting gates allows for SET pulse attenuation Massimo VIOLANTE - CERN 18-10-2011

Our approach Broadening/attenuation for inverting/not-inverting gates implemented by Actel VersaTile vs fan-out 150 routing segments as fan-out 5 routing segments as fan-out Massimo VIOLANTE - CERN 18-10-2011

Our approach Empirical approach to attenuate SETs Place inverting gates as close as possible Place non-inverting gate as far as possible Massimo VIOLANTE - CERN 18-10-2011

Preliminary results SET pulse of 1.8V with width of 250 ps, 400 ps, and 600 ps Massimo VIOLANTE - CERN 18-10-2011

Outline Introduction Xilinx Virtex II & 4 Actel ProASIC Conclusions Massimo VIOLANTE - CERN 18-10-2011

Conclusions Designing critical applications using reconfigurable FPGA is possible, but it requires Understanding of SEE effects Suitable mitigation techniques Suitable validation strategy In addition to that: Memory scrubbing scheme is needed (SRAM-based) SEFI mitigation scheme is needed (SRAM-based) Massimo VIOLANTE - CERN 18-10-2011

Cookbook Different “recipes” are possible depending on your “taste” High dose  SRAM-based FPGAs Low SEE rate  scrubbing only  High SEE rate  scrubbing + TMR  Very high SEE rate  scrubbing + TMR + SEFI  Low dose  Flash-based FPGAs Low frequency  TMR on FFs  High frequency  TMR on FFs + SET filtering  The proper cooking instruments and the chef skills are needed! Massimo VIOLANTE - CERN 18-10-2011

Acknowledgment ® Massimo VIOLANTE - CERN 18-10-2011

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.