Synthesis Of Fault Tolerant Circuits For FSMs

1
Synthesis Of Fault TolerantCircuits For FSMs
RAMs
Rajiv Garg Pradish Mathews Darren Zacher
2
Agenda

• Introduction
• Typical FSM
• Synthesis of Fault Tolerant (FT) FSMs
• Single Event Upset (SEU) Detect and Recovery
• Single Event Upset Detection
• Synthesis tool user options
• Fault tolerant RAMs
• Conclusion

3
Introduction

• Single Event Upset (SEU)
• noise introduced in circuit operating in extreme
  conditions of space, military, aircrafts etc
• Affects all types of FPGA devices and technology
• Results in data corruption , system malfunction
  or impairment of various circuit components

4
Contd..

• FSMs and RAMs are crucial component of circuit
• FSMs control design functionality by
  transitioning system to new state depending on
  transition function
• RAMs are the data storage components of the
  circuit
• Any malfunction to their operation can make the
  whole system go unpredictable

Important circuit elements FSMs RAMS must
inherit Fault Tolerant
5
Existing Solutions

• Triple Module Redundancy (TMR) is the commonly
  used scheme for SEU. But it is
• Area Extensive
• Only applicable to whole module block
• FPGA designers manually write fault tolerant
  circuits
• Cumbersome job for RTL designers
• There is an absence of complete automated
  software synthesis solutions in this domain

6
Typical FSM circuit

• FSM circuit has four major components
• Inputs
• Current state vectors
• Next State function
• Output logic

Output Logic
Outputs
Present State
Next State Function
State Vectors
Inputs
clk
rst
7
Synthesis of Fault Tolerant (FT) FSMs
FT FSM
output
Output function
Next State Function
State Registers
Inputs
Error Correction Circuit
Present State
Parity generator
Parity Registers
Parity Registers
clk
rst
8
Contd..

• Synthesis goals
• Automated Fault tolerant circuit implementation
• Achieve optimal implementation with minimal
  impact on quality of results (area and timing)
• Extra combinational and sequential logic added
• Parity generator
• Generates logic for parity registers
• Error corrector
• Detects and corrects SEU

9
SEU detection and recovery Circuit
output
Output function
Next State Function
State Registers
Inputs
Error Correction Circuit
Present State
Parity Generator
Parity Registers
Parity Registers
clk
rst
FOR SEU detection and recovery to original state
Encoding of State and parity registers such that
Hamming Distance gt 3
10
Parity generation(Hamming-3)

• Extra parity flops added to current state
  registers to create hamming distance-3
• number of parity flops k must satisfy the
  inequality 2k gt nk1 , n is data flops
• n k flops uniquely detect upset in n data flops
• Hamming code constructor to generate parity Error
  Correction circuit detects upset and recovers to
  original state
• General technique can be applied to any encoding
  scheme

11
Contd..

• n k bits uniquely detect for n data bits
• Consider a message having 4 data bits. We add 3
  parity bits to uniquely determine the single bit
  error in any of the 7 bits send
• Here (3,5,6,7) are data bits and (1,2,4) are
  parity bits
• Change in parity bits detect
• upset in data bits
• (1,2) detect upset in 3
• (1,4) detect upset in 5
• (2,4) detect upset in 6
• (1,2,4) detect upset in 7
• Upset in any (1,2,4) detect for itself

1
5
3
7
4
6
2
12
Contd..

• Asynchronous Events
• FSM State registers may have asynchronous set and
  reset
• Any asynchronous set and reset signal will
  abruptly transition the state of FSM registers
• Parity registers needs to be synchronized to FSM
  registers in case of asynchronous event

13
Contd..

• Consider hamming-3 for 2 data flops
• 3 parity registers required for 2 data flops
• Calculate rP1,sP1,rP2,sP2,rP3,sP3 (reset and set)
  of parity registers in terms of rC1,sC1,rC2,sC2 ?
• Set/reset have priority associated with them so
  both cannot be high simultaneously
• When one of set/reset high, Q is defined by set
• Q set

clk
14
Contd..

• In case of inferred FSM , any asynchronous event
  will affect all FSM registers
• Given FSM registers , asynchronous event is
  detected as
• OR of all set ands resets of FSM registers (rC1
  sC1 rC2 sC2) gt ET (event trigger)
• Parity registers set /reset calculated as
• set Fn(sC1,sC2) event trigger
• Reset !Fn(sC1,sC2) event trigger

15
Cont..

• Initial value state registers
• Current state registers may have initial values
• Parity registers needs to be synchronized to
  current state registers initial value so that
  these are not considered as upsets
• Initial value flops created for parity flops
• Initial value Fn( Current state initial values)

16
Enable Handling

• Say at T t1 , SEU occurs in
• Cs1 flop
• Because of En low
• Output at cs1 not corrected in
• next clock cycles so circuit no
• longer remains Fault Tolerant
• Now say at T t1 next clock cycles
• upset also occurs at Cs2

SEU occurs
En
Cs1
En
clk
Cs2
clk
So Enable Low can lead to Multiple SEU at a time
in the circuit
This can be taken care by dissolving enable at
Data path of Flops
17
Cont..

• Dissolving Enable
• mux is put in the data path of flop with enable
  as select line
• Mux sel0 corrected current state
• Mux sel1 next state
• Now, after upset in any register, correct state
  is set at Flip flop output in next clock cycle

En
0
1
Cs1
En
clk
0
Cs2
1
clk
18
Optimized techniques for 1-hot/1-cold encoding

• 1-hot/1-cold special encoding schemes
• Already hamming distance-2
• Only single bit is 1 or 0 in whole state Vector
• Optimized technique for 1-hot/1-cold are
  following
• Binary transformation with parity
• Full Register duplication scheme

19
Binary transformation with parity
Corrected state
Output function
output
input
Next State Function
Present state
One Hot State Vectors
Error Corrector
1-hot to Binary
Upset
Binary Vectors
Error Detection

• 1-hot vectors already hamming-2
• Binary vectors parity added to create total
  minimum hamming-3

Parity Register (P)
Parity generator
clk
rst
20
Technique

• 1-hot encoded Next state will be converted to
  Binary value vector
• Even parity bit (P) will be generated for this
  binary vector by doing XOR operation of next
  state Binary vectors.
• Error Detection Circuit
• generates the new even parity bit (P) using the
  binary vector state registers
• P and P are compared to detect the upset
• If P and P differ an upset has occurred in
  Binary Registers or parity Register
• P and P same no upset has occurred at least in
  Binary Vector or parity register

21
Contd..

• Since SEU, upset occurs either in the preset
  state vector or the binary state vectors and
  parity
• Error Corrector circuit
• if upset signal is high
• no upset in preset state registers
• Present state set as corrected state
• If upset is low
• no upset in Binary Vector Registers
• decode binary vector to one hot and set them as
  corrected state.

22
Full Register duplication scheme
Corrected state
output
Output Function
Error Corrector
1-hot State Vector
input
Next State Function
upset
Duplicated One Hot State Vectors

• 1-hot vectors already hamming-2
• Duplicated 1-hot vector also hamming-2
• So total hamming distance gt4

Error Detector
rst
clk
23
Technique

• All 1-hot state vectors are duplicated as parity
  registers
• Error detector circuit
• detects the upset in one hot using optimized xnor
  circuit
• Since SEU, upset will either occur in present
  state vector or duplicated parity registers
• Error Correction Circuit
• If the upset signal is high
• upset detected then present state (one hot state
  vectors) passed as corrected state.
• If upset is low
• no upset, duplicated registers are passed as
  corrected state.

24
Comparison of different SEU correct recovery
schemes for 1-hot
Area (in LUTs)
25
Results explanation

• Hamming-3
• Applicable to all encoding schemes
• Extensive area penalty in case of 1-hot/1-cold
• optimal for binary (gray etc) encoding
• For 1-hot/1-cold
• binary transformation with parity
• Optimizes area usage over hamming-3
• Full Register duplication scheme
• More prone to SEU
• Area efficient then both the above techniques
• logic is simple

26
SEU detection and correction
output
Output function
Next State Function
State Registers
Inputs
Error Correction Circuit
Present State
Parity Generator
Parity Registers
Parity Registers
rst
clk
FOR SEU detection and Correction to User defined
state Encoding of state and parity registers
such that minimum Hamming Distance gt 2
27
Hamming-2 technique
output
Error corrector
Output Function
input
Current State Vectors
Next state Function
Error detector
2 parity registers (p0 and p1)
Parity generator

• 2 parity registers added to create Hamming-2
  distance in encoded states

rst
clk
28
Technique

• Parity generator
• generates two parity bits p0 and p1
• p0 and p1 are the odd and even parity
  respectively of next state
• Error detection circuit
• calculate parity registers p0 and p1 using
  Current state registers
• Both p0 and P1 compared with p0 and p1
  respectively
• If both sets (p0,p0) and (p1,p1) differ , an
  upset in current state vector
• Error correction circuit
• If Upset detected
• sets the corrected state to user defined state
• If no upset detected
• current state vector set as corrected state

29
Optimized detection and correction scheme for
1-hot/1-cold/2-hot
Output function
Corrected state
output
Error corrector (user defined state)
input
Next state Function
Current State Vectors (1-hot )
upset
Error detector

• 1-hot vectors already hamming-2
• No parity required

clk
rst
30
Technique

• Error detection circuit
• implemented using xnor/xor circuit to detect
  single event upset
• Error Corrector Circuit
• If upset detected
• corrected state is set to user defined state
• If no upset detected
• current state vector is set as corrected state

31
Synthesis tools options for User controls

• User options to implement SEU detection or both
  SEU detection recovery circuit
• Ability to apply different fault tolerant
  implementation on different FSMs
• User attributes on FSM state register specifying
• FSM encoding scheme
• //pragma attribute ltstate_namegt encoding_style
  ltbinary/one-hot/graygt
• Fault tolerant implementation
• //pragma attribute ltstate_namegt safe_fsm_type
  ltseu_detect/seu_correctgt
• Correction State for SEU detection correction
  circuit
• //pragma attribute ltstate_namegt recovery_state
  ltstate_vectorgt

32
Contd..

• Example reg 30 cst //pragma attribute cst
  recovery_state 1000

33
Fault Tolerant RAMs

• Application of TMR to RAMs
• Triplicates memory elements
• Can overfill the FPGA Block RAM capacity
• Can lead to many potential memories in the design
  not inferred
• Hamming-3 is applied to RAMs to detect and
  recover from SEU
• the width of memory word size is increased by
  adding error checking bits

34
Contd..

• Memory cell with addition
• of parity registers
• Additional combinational
• logic added for parity
• generator and error
• corrector

Hamming Code
...
...
RAM
RAM
address
Error Corrector
parity Generator
dataout
datain
parity
35
Conclusion

• For safety critical applications automated
  synthesis solution is good for its following
  salient features
• Designer does not need to write manually Fault
  tolerant implementations
• Generates best Quality of results in terms of
  timing and area
• Is formally verifiable with equivalence checker

36

• Thank you