5. High-Level Decision Diagrams Overview and examples Register Transfer Level circuits Microprocessors Methods of synthesis Structural superposition of elementary graphs Synthesis with symbolic executions of Data Flow Diagrams Synthesis with with using the FSM model Fault modeling with HLDDs HLDD-node related general fault model for digitaal systems HLDD based fault collapsing

Logic Level BDDs 0 1 1 0 1 0 0 y x1 x2 x3 x4 x5 x6 x7 1 Functional BDD Simulation: 0 1 1 0 1 0 0 Boolean derivative: y x1 x2 x3 x4 x5 x6 x7 1 Functional BDD

Generalization of BDDs Binary DD 2 terminal nodes and 2 edges from each node General case of DD n  2 terminal nodes and n  2 edges from each node m Y 1 2 h Fk Fn l0 l1 l2 lh lk lk+1 Fk+1 ln lm GY m y 1 lm l1 l0 Gy Novelty: Boolean methods can be generalized in a straightforward way to higher functional levels

HLDDs and Faults RTL-statement: K: (If T,C) RD  F(RS1,RS2,…RSm),  N Terminal nodes RTL-statement faults: data storage, data transfer, data manipulation faults Nonterminal nodes RTL-statement faults: label, timing condition, logical condition, register decoding, operation decoding, control faults Control path Data path

Decision Diagrams for Microprocessors Instruction set: I R 3 A OUT 4 DD-model of the microprocessor: A I IN 1,6 2,3,4,5 A + R 7 A  R 8 A  R 9  A 10 I1: MVI A,D A  IN I2: MOV R,A R  A I3: MOV M,R OUT  R I4: MOV M,A OUT  IA I5: MOV R,M R  IN I6: MOV A,M A  IN I7: ADD R A  A + R I8: ORA R A  A  R I9: ANA R A  A  R I10: CMA A,D A   A I A 2 R IN 5 1,3,4,6-10

Decision Diagrams for Microprocessors High-Level DD-based structure of the microprocessor (example): DD-model of the microprocessor: 1,6 A I IN IN 3 R 2,3,4,5 OUT I R A 4 7 A + R I A OUT 8 2 A  R R I A 9 5 A  R A IN 10  A 1,3,4,6-10 R

IF C=1, THEN PC = A,ELSE PC = PC + 2 From MP Instruction Set to HLDDs OP B Semantic RT level operations READ memory R(A1) = M(A) PC = PC + 2 1 WRITE memory M(A) = R(A2) Transfer R(A1) = R(A2) PC = PC + 1 Complement R(A1) =  R(A2) 2 Addition R(A1) = R(A1)+ R(A2) Subtraction R(A1) = R(A1)- R(A2) 3 Jump PC = A Conditional jump IF C=1, THEN PC = A,ELSE PC = PC + 2 Instruction code: ADD A1 A2 R3 = R3 + R2 PC = PC+1 OP=2. B=0. A1=3. A2=2 OP PC 1, 2 B 3 A PC + 2 PC + 1 C 1 A1 = 0 R0 1 A1 = 3 R3 R1, R2 A1 R0 R(A1) R1 1 R2 2 R3 3 A2 R(A2) OP B0 M(A) 1 B1 R(A2) B2 2 R(A1) - R(A2) 3 R(A1) R(A1) + R(A2) OP B M(A) 1 R(A2) 1-3

HLDDs for MP InstrSet Instruction code: ADD A1 A2 OP=2. B=0. A1=3. A2=2 R3 = R3 + R2 PC = PC+1 OP PC 1, 2 B 3 A PC + 2 PC + 1 C 1 Program Counter A1 R0 R(A1) R1 1 R2 2 R3 3 A2 R(A2) Register Decoding A1 = 0 R0 OP B0 1 M(A) B1 R(A2) B2 2 R(A1) - R(A2) 3 A1 = 3 R3 R1, R2 R(A1) R(A1) + R(A2) Registers and ALU OP B M(A) 1 R(A2) 1-3 Memory Access

Structural Synthesis of HLDDs c (M ) 1 y Function M = R IN d (M ) 2 e (M ) 3 + I N * 4 Operation n Reset = 0 Hold ’ Load Control Path y x Data Path

Data Path: High-Level DD Synthesis Control Path R 2 y 4 Operation Function Reset = 0 1 Hold = ’ Load M 3 y x Data Path y 4 e R 2 1 #

Structural Synthesis of HLDDs Superposition of component HLDDs Control Path y x y 4 e R 2 1 Data Path y 4 3 c d R 2 1 Ø IN + e y 3 c d 1 IN R 2 e

Data Path: HLDD Synthesis 4 3 c d R 2 1 # IN R2 R2 + e Control Path y x Data Path M 3 y Function = 1 + R 2 I N * 4 Operation Reset = 0 Hold ’ Load

High-Level Decision Diagrams y 4 3 1 R + R 2 IN + R * R IN* R # IN R2 R2 + M3 M1 M2 Superposition of High-Level DDs: A single DD for a subcircuit Instead of simulating all the components in the circuit, only a single path in the DD should be traced

Functional Synthesis of High-Level DDs High-Level DDs can be synthesized by symbolic execution of the Data-Flow Diagram Data-Flow Diagram F2

Synthesis of High-Level DDs AC AC+1 F1 AX F2 1 High-Level DDs can be synthesized by symbolic execution of the Data-Flow Diagram: Decision Diagrams: F2 AX AC F0 1 F1 PC PC+1 AC ≠0 F0 1 F1

Digital System and Data Flow Diagram q=0 q=1 q=4 q=2 q=3 q=5 Digital system A B C M ADR MUX 1 2 ALU COND Control Path Data d / l FF y x q ¢ z

Synthesis of Functional HLDDs Results of cycle based symbolic simulation: Data Flow Diagram/FSMD Constraints Assignment statements q xA xB xC A = B + C; q = 1 1 A = A + 1; q = 4 B = B + C; q = 2 2 C = A + B; q = 5 C = C; q = 3 3 A = C + B; q = 5 4 B = B A = A + B + C; q = 5 q = 5 C = C; q = 5 q = 0 Begin A = B + C q = 1 1 x A q = 4 q = 2 A =  A + 1 B = B + C x 1 x 1 A B q = 3 B =  B C =  C C =  C x 1 x 1 C C A = A +  B + C C = A + B A =  C + B q = 5 END

Extraction of the behaviour for A: Results of symbolic simulation: Synthesis of HLDDs Extraction of the behaviour for A: Results of symbolic simulation: q xA xB xC A B + C 1 A + 1 3 C + B 4 A + B + C Constraints Assignment statements q xA xB xC A = B + C; q = 1 1 A = A + 1; q = 4 B = B + C; q = 2 2 C = A + B; q = 5 C = C; q = 3 3 A = C + B; q = 5 4 B = B A = A + B + C; q = 5 q = 5 C = C; q = 5 A = f (q, A, B, C, xA, xC) = = (q=0)(B+C)  (q=1)(xA=0) (A + 1)  (q=3)(xC=1)( C+B)  (q=4)(xA=0)(xC=0)(A+ B + C + 1) Predicate equation for A:

Decision diagram for A: Synthesis of HLDDs Decision diagram for A: Extraction of the behaviour for A: q xA xB xC A B + C 1 A + 1 3 C + B 4 A + B + C Predicate equation for A: A = (q=0)(B+C)  (q=1)(xA=0) (A + 1)  (q=3)(xC=1)( C+B)  (q=4)(xA=0)(xC=0)(A+ B + C + 1) Synthesis method: similar to Shannon’s expansion theorem:

Functional HLDDs Data Flow Diagram Decision Diagrams Begin A = B + C x A A =  A + 1 B = B + C B = B C = C A = A + B + C C = A + B C + B END 1 s 2 3 4 5 Register variables State variable

High-Level Vector Decision Diagrams System with 4 HLDDs Vector HLDD

High-Level Vector Decision Diagrams System with 4 HLDDs Vector HLDD

Hierarchical Test Generation with DDs x1 x2 x3 x4 x5 x6 x7 1 C Component: Binary Decision Diagram A small part is simulated at the lower level System: High-level decision diagram M=A.B.C.q A q ¢ i B’ + C’ C q x A’ + B’ B i q #1 #5 1 A x 1 C A i  A’ + 1 q i  C’ q #4 #3 1 B i B’ + C’ A q x x i A’ + B’+C’ A C 2 #2 B A small part is simulated at the higher level: to increase the speed of analysis  B’ q 3 C #5 x i A’ + B’ C B q i  B’ #5 q 1 A #5 B’ +  C’ i 1 C q i  C’ 4 #5 q Cause-effect analysis well formalized #5

Managing Complexity of HL Reasoning High-Level Decision Diagrams Program data flow D E State space Behavior of A C A=FA1 (...) B B=FB1 (...) C=FC1 (...) Novelty: Instead of reasoning the design as a whole, it will be partitioned into the behavioral sub-models of functional variables (HLDDs) A=FA2 (B,C,...) A=FAn (D,E,...)

DD Synthesis from VHDL Descriptions VHDL description of 4 processes which represent a simple control unit

Synthesis of HLDDs from VHDL DDs for state, enable_in and nstate nstate rst clk #1 state’ state 1 state’ rb0 enable_in #2 #1 1 2 nstate Superposition of DDs clk enable’ enable 1 enable_in

Synthesis of HLDDs from VHDL rst #1 state 1 state’ rb0 enable' #2 2 HLDD model for the Control Unit enable #0011 #0001 1 #0100 #1100 state rb0 2 #0010 outreg fin reg_cp reg

Simulation & Fault Backtracing with HLDD Inputs rst #1 state 1 state’ rb0 enable' #2 2 enable #0011 #0001 #0100 #1100 #0010 outreg fin reg_cp reg Simulated vector Outputs

Motivations for High-Level Fault Models Current situation: The efficiency of test generation (quality, speed) is highly depending on the description method (level, language), and fault models Because of the growing complexity of systems, gate level methods have become obsolete High-Level methods for diagnostic modeling are today emerging, however they are not still mature Main disadvantages: The known methods for fault modeling are dedicated to special classes (i.e. for microprocessors, for RTL, VHDL etc. languages...), not general not well defined and formalized

State of Art: Microprocessor Fault Model Source decoding (MUX): F1: no source is selected F2: wrong source is selected; F3: more than one source is selected and the multiplexer output is either a wired-AND or a wired-OR function of the sources, depending on the technology. Destination decoding (DMUX) F4: no destination is selected F5: instead of, or in addition to the selected correct destination, one or more other destinations selected Instruction exec. faults F6: one or more microorders not activated F7: microorders are erroneously activated F8:  a different set of micro- instructions is activated instead of, or in addition to Data storage/bus/ALU faults: F9:   one or more cells SAF0 /1; F10: one or more cells fail 01/10 F11: two or more cells coupled; F12: one or more lines SAF0 /1; F13: one or more lines wired-OR/AND F14: data manipulation faults Thatte’1980

Fault Models for High-Level Components Decoder: - instead of correct line, incorrect is activated - in addition to correct line, additional line is activated - no lines are activated Multiplexer (n inputs log2 n control lines): - stuck-at - 0 (1) on inputs - another input (instead of, additional) - value, followed by its complement - value, followed by its complement on a line whose address differs in 1 bit Memory fault models: - one or more cells stuck-at - 0 (1) - two or more cells coupled

Fault models and Tests Functional fault model Dedicated functional fault model for multiplexer: stuck-at-0 (1) on inputs, another input (instead of, additional) value, followed by its complement value, followed by its complement on a line whose address differs in one bit Test description

Register Level Fault Models RTL statement: K: (If T,C) RD  F(RS1, RS2, … RSm),  N Components (variables) of the statement: RT level faults: K  K’ - label faults T  T’ - timing faults C  C’ - logical condition faults RD  RD - register decoding faults RS  RS - data storage faults F  F’ - operation decoding faults  - data transfer faults  N - control faults (F)  (F)’ - data manipulation faults K - label T - timing condition C - logical condition RD - destination register RS - source register F - operation (microoperation)  - data transfer  N - jump to the next statement

Universal Functional Fault Model Exhaustive combinational fault model: - exhaustive test patterns - pseudoexhaustive test patterns - exhaustive output line oriented test patterns - exhaustive module Hierarchical test generation:

Hierarchical Test Generation Component under test Component level test: D1 D2 D 1 D2 x1 & & x2 1 y D1 x3 & D1 D 1 Network level test: x4 & 1 1 x5 D x1 x2 x3 x4 x5 y D2 D1 1 D D2 & & Symbolic test: contains 3 patterns 1

HLDDs and Faults RTL-statement: K: (If T,C) RD  F(RS1,RS2,…RSm),  N Terminal nodes RTL-statement faults: data storage, data transfer, data manipulation faults Nonterminal nodes RTL-statement faults: label, timing condition, logical condition, register decoding, operation decoding, control faults Control path Data path

Generalization of BDDs Binary DD 2 terminal nodes and 2 edges from each node General case of DD n  2 terminal nodes and n  2 edges from each node m Y 1 2 h Fk Fn l0 l1 l2 lh lk lk+1 Fk+1 ln lm GY m y 1 lm l1 l0 Gy Novelty: Boolean methods can be generalized in a straightforward way to higher functional levels

From Trad. MP Fault Model to HLDD Faults Each path in a DD represents a working mode of the system The faults having effect on the behaviour can be associated with nodes along the path D1:  node output is always activated (SAF-1) D2:   node output is broken (SAF-0) D3:  instead of the given output another output set is activated Instead of the 14 fault classes,the HLDD based fault model includes only 3 fault classes

Fault Collapsing with SSBDDs Each node in SSBDD represents a signal path: Two SSBDD faults x111, x110 represent a set of six faults in the circuit: {x111, x61, y1; x110, x60, y0}

Fault Collapsing with Structural HLDDs Each node in SSBDD represents a signal path: The faults at y3 in HLDD represent the faults in the control circuitry and in the multiplexer M3 of the RTL circuit The faults at R1*R2 in HLDD represent the faults in multiplier, input and output buses, and in the registers Fault collapsing – not investigated at high-level

Fault Activation in Digital Systems Multiple paths activation in a DD Control function y3 is tested Decision Diagram R 2 y # R 2 M 3 e + 1 a * b · IN c d y 4 Data path: Control path 4 1 R 2 2 y y 3 1 R + R 1 2 1 IN + R 2 1 IN 2 R 1 3 y 2 R * R 1 2 1 IN* R 2 Test cycle: Control: For D = 0,1,2,3: y1 y2 y3 y4 = 00D2 Data: Solution of R1+ R2  IN  R1  R1* R2

Explanation of the meaning of constraints (rules): Uniform Conditional Node Fault Model A1 = 0 R0 OP B0 1 M(A) B1 R(A2) B2 2 R(A1) - R(A2) 3 A1 = 3 R3 R1, R2 R(A1) R(A1) + R(A2) Test data calculation rules: mT MT(OP): [f(mT)  ZERO)] mi,mj MT(OP): [(f(mi) < f(mj)] Terminal nodes: MT(OP) = {M(A), R(A2), R(A1)+R(A2), R(A1))} OP=0 B=0 M(A) Explanation of the meaning of constraints (rules): M(A) & R(A2) R(A2) 1 & R3 = M(A) ALU R(A1) + R(A2) 1 R(A1) & 2 R(A1) 3 & To detect the fault: R3 = M(A)  R(A2) M(A) < R(A2) is needed

Logic level analog: Conditional SAF model Uniform Conditional Node Fault Model Logic level analog: Conditional SAF model 1 Defect Condition (constraint) SAF High level analog: Constraints for testing a node OP in HLDD: High-level fault model: A1 = 0 R0 OP B0 1 M(A) B1 R(A2) B2 2 R(A1) - R(A2) 3 A1 = 3 R3 R1, R2 R(A1) R(A1) + R(A2) Test data calculation rules: mT MT(OP): [f(mT)  ZERO)] mi,mj MT(OP): [(f(mi) < f(mj)] Terminal nodes: MT(OP) = {M(A), R(A2), R(A1)+R(A2), R(A1))}

Multi-Terminal BDDs Multi-Terminal BDDs for representing uncertainties: D Flip-Flop S JK Flip-Flop J q c q’ D D q c q’ S R K J C C K R RS Flip-Flop S C q R c q’ U U - unknown value

Generalization of MTBDDs for FSMs State Transition Diagram: 1/0 3/0 5/0 6/1 4/1 2/1 x1 x2 Res New features: representing vectors (vector DD) multi-output internal nodes multi-terminal DDs