You are on page 1of 19

# 1

Fundamental Algorithms
for System Modeling,
Analysis, and Optimization
Edward A. Lee, J aijeet Roychowdhury,
Sanjit A. Seshia
UC Berkeley
EECS 144/244
Testing for Fault Detection/Diagnosis
Thanks to K.-T. Cheng, S. Devadas, K. Keutzer for some slides
2
Fault Detection and Diagnosis
A fault is the adjudged or hypothesized cause of a
system failure.
Fault detection (is there a fault?) and diagnosis (where is
the fault?) are key steps in system design and
maintenance.
Integrated Circuits
– Faults: manufacturing defects or electrical effects
Control Systems (e.g. chemical process plants)
– Faulty sensors or actuators, operator error, mechanical failures
Cyber-Physical Systems (e.g., cars, spacecraft)
– Faulty sensors/actuators, mechanical failures, …
2
3
Fault Detection and Diagnosis
.

.

.
.

.

.
I
N
P
U
T
S
O
U
T
P
U
T
S
X
V
E
Overall System
Propagation
(observability)
V
c
Activation
(controllability)
Component
4
Observability and Controllability
Controllability
– A system with internal state x is called controllable if
the state can be modified by changing the input to the
system.
– E.g., for circuits: put a 0 or 1 at an arbitrary internal
node
Observability
– A system with internal state x is called observable if
the state can be determined by observing the outputs
of the system.
– E.g., for circuits, observe the 0-1 value of an internal
node from system outputs.
3
5
Manufacture Testing in ICs
Apply a sequence of input vectors to a circuit
Observe the output response and compare the
response with a precomputed or “ expected”
response
Any discrepancy is said to constitute an error, the
cause of which is a physical defect
FAB
?
a
b
s
q
0
1
d
clk
6
Defects and Fault models
Manufacturing defects can manifest in a variety of ways:
– Bridging
– Contaminants
– Shorts
– Opens
– Transistors stuck-open
These need to be reduced to models:
– Single stuck-at-1, stuck-at-0
– Multiple stuck-at-1, stuck-at-0
– Delay fault models:
• Gate
• Path
– single-stuck-at fault model ubiquitous
– some use of delay fault modeling
4
7
Defect Model: Stuck-At Faults
Any input or internal wire in circuit can be
stuck-at-1 or stuck-at-0
Single stuck-at-fault model: In the faulty
circuit, a single line/wire is S-a-0 or S-a-1
Multiple stuck-at fault model: In the faulty
circuit any subset of wires are S-a-0/S-a-1
(in any combination)
a b
f1
f2
A
B
C
D
8
Outline of Topics
Basics & Terminology
Single stuck-at faults and path sensitization
Boolean Satisfiability-based technique
5
9
Formal Problem Definition
Given a combinational circuit on n variables x
1
, x
2
, …, x
n
with m outputs f
1
, f
2
, …, f
m
Let g be an internal net that is stuck at 0
Then, we wish to find values of x
1
, x
2
, …, x
n
such that
g(x
1
, x
2
, …, x
n
) = 1
and there exists some j in 1,2,…m, such that
f
j
(x
1
, x
2
, …, x
n
) takes different values depending on
whether g is stuck at 0 or not.
How does the definition change for g stuck at 1 ?
10
6
11
Formal Problem Definition, Revisited
Given a combinational circuit on n variables x
1
, x
2
, …, x
n
with m outputs f
1
, f
2
, …, f
m
Let g be an internal net that is stuck at 0
Then, we wish to find values of x
1
, x
2
, …, x
n
such that
g(x
1
, x
2
, …, x
n
) = 1
and there exists some j in 1,2,…m, such that
f
j
(x
1
, x
2
, …, x
n
) takes different values depending on
whether g is stuck at 0 or not.
ACTIVATION
PROPAGATION
(Controllability)
(Observability)
14
Outline of Topics
Basics & Terminology
Single stuck-at faults and path sensitization
Boolean Satisfiability-based technique
7
15
Single Stuck-At Faults
A fault is assumed to occur only on a single net.
x
1
x
2
x
3
a
b
G
Z = x
1
x
2
+ x
2
x
3
a s-a-1 Z = ?
G s-a-1 Z = ?
x
1
x
2
x
3
a
b
G
This model is used because it has been found to be
statistically correlated with defect-free circuits
16
Single Stuck-At Faults
A fault is assumed to occur only on a single net.
x
1
x
2
x
3
a
b
G
Z = x
1
x
2
+ x
2
x
3
a s-a-1 Z = x
1
+ x
2
x
3
G s-a-1 Z = x
2
x
3
x
1
x
2
x
3
a
b
G
This model is used because it has been found to be
statistically correlated with defect-free circuits
8
17
Activation and Path Sensitization
In order for an input vector X to detect a fault h
s-a-D, D = 0,1 the input X must cause the
signal h in the normal (fault-free) circuit to
take the value D.
h
f
x
s-a-1
x
2
x
3
x
1
x
4
To activate the fault – i.e., detect h s-a-1
we first need to make h = 0. How?
18
G
3
Fault Activation
h
0/1
0/1
0/1
h s-a-1, for h to be 0, need x
2
= x
3
= 0 ( x
2
x
3
)
G
1
G
5
f
G
4
G
2
x
x
2
x
3
x
1
x
4
The condition is necessary but not sufficient.
Error signal must be propagated to output
(must affect the output value).
9
19
The error signal must be propagated along
some path from its origin to an output
How to propagate the fault?
G
3
Fault Propagation
h
0/1
h s-a-1, for h to be 0, need x
2
= x
3
= 0 ( x
2
x
3
)
G
1
G
5
f
G
4
G
2
x
x
2
x
3
x
1
x
4
20
The error signal must be propagated along
some path from its origin to an output
Only one path G
3
, G
5
In order to propagate an error through AND
gate G
3
, other input x
1
= 1. To propagate
through G
5
, need G
4
= 0, x
1
+ x
4
G
3
Fault Propagation
h
0/1
0/1
0/1
0
1
h s-a-1, for h to be 0, need x
2
= x
3
= 0 ( x
2
x
3
)
G
1
G
5
f
G
4
G
2
x
x
2
x
3
x
1
x
4
10
21
Formal Problem Definition, Revisited
Given a combinational circuit on n variables x
1
, x
2
, …, x
n
with m outputs f
1
, f
2
, …, f
m
Let g be an internal net that is stuck at 0
Then, we wish to find values of x
1
, x
2
, …, x
n
such that
g(x
1
, x
2
, …, x
n
) = 1
and there exists some j in 1,2,…m, such that
f
j
(x
1
, x
2
, …, x
n
) takes different values depending on
whether g is stuck at 0 or not.
ACTIVATION
PROPAGATION
(Controllability)
(Observability)
22
Single Path Sensitization (SPS)
1. Activate: Specify inputs so as to generate the
appropriate value (0 for s-a-1, 1 for s-a-0) at the
site of the fault.
2. Propagate: Select a path from the site of the
fault to an output and specify additional signal
values to propagate the fault signal along this
path to the output
(error propagation).
3. Justify: Specify input values so as to produce
the signal values specified in (2)
(line justification).
11
23
Sensitization Example
h s-a-1
Activate?
f1
f2
G
6
G
5
G
4
G
3
G
1
h s-a-1
G
2
D
A
B
C
E
x
24
Sensitization Example
h s-a-1
Activate: To generate h = 0, need A = B = C = 1
Propagate?
f1
f2
G
6
G
5
G
4
G
3
G
1
h
G
2
D
A
B
C
E
x
12
25
Sensitization Example
h s-a-1
To generate h = 0, need A = B = C = 1
Have a choice of propagating through G
5
or via G
6
.
Propagating through G
5
requires G
2
= 1
 A = D = 0 Contradiction
Propagating through G
6
requires G
4
= 1  C = 1, E = 0.
A valid test vector is ABCE
f1
f2
G
6
G
5
G
4
G
3
G
1
h
G
2
D
A
B
C
E
x
26
Line Justification
E s-a-1  E = 0
C = D = 1 to propagate through G
1
.
To propagate through G
4
, need G
2
= G
3
= 1
How do we justify these values?
G
3
1
G
4
G
2
1
G
1
x
0
s-a-1
B
H
A
F
C
D
E
13
27
Line Justification - 2
Attempt to line justify G
2
= G
3
= 1
G
3
= 1 possible if A = F = 1 or B = H = 1
If A = C = 1, then G
2
= 0.
G
3
= 1  B = H = 1
G
2
= 1 needs A = 0 or F = 0
Tests are A’BCDE’H, BCDE’F’H
G
3
1
G
4
G
2
1
G
1
x
0
B
H
A
F
C
D
E
s-a-1
28
Not all faults result in failures!
Existence of a fault does not change the
functionality of a circuit redundant fault
f = x
1
+ x
1
x
2
f = x
1
+ x
2
A test generation algorithm is deemed complete
if it either finds a test for any fault or proves
its redundancy, upon terminating.
Redundancy
x
s-a-1
x
1
x
2
f
x
1
x
2
f
14
29
Completeness of SPS method ?
d s-a-0  A = B = 1
Propagate along G
3
, G
6
 C = 1
G
2
= G
4
= G
5
= 1
For G
4
= 1 either its top input = 0 or E = 0
If G
1
= 0 fault is not activated (don’t want to force G
1
= 0)
If E = 0 (B must be 1)  G
5
= 0 Inconsistency
A
B
x
d
s-a-0
f
G
2
G
6
G
3
G
4
G
5
C
E
G
1
30
Completeness of SPS? - 2
Propagation along G
4
, G
6
also results in
inconsistencies by symmetric argument
Is there no test?
A
B
x
d
s-a-0
f
G
2
G
6
G
3
G
4
G
5
C
E
How about C = E = 1?
15
31
Multiple Path Sensitization
Error propagates down two paths G
3
, G
6
and G
4
, G
6
to output (G
3
, G
4
values are correlated)
It’s natural to work backwards (justifying) and
forwards (propagating) from point of fault
activation but this focuses on sensitizing a
single path
Attempting to sensitize a single path will not find a
test for this fault
1
1
1
1
1/0
1
0/1
0/1
1
x
d
s-a-0
f
G
2
G
6
G
3
G
4
G
5
1/0
33
Outline of Topics
Basics & Terminology
Single stuck-at faults and path sensitization
Boolean Satisfiability-based technique
16
34
Another approach to ATPG (Larrabee, 1989)
The ATPG problem (automatic test pattern generation)
The CIRCUIT-SAT problem
The Boolean Satisfiability (SAT) problem
SAT
CIRCUIT-SAT
ATPG
35
The ATPG problem
Does there exist a value assignment to the primary
inputs which distinguishes the faulty and correct
circuits ?
•A logic circuit
•A fault point
•A fault value
a
b
c
d
e
f
g
h
i
s-a-1
0(1)
0(1)
1
0
0
0
1
1
1
1 ,    a s f 
Circuit C
17
36
The CIRCUIT-SAT problem
Does there exist a value assignment to the
primary inputs which causes the primary output
to assume logic value ‘1’ ?
a
b
c
d
e
f
g
h
i
37
ATPG as a CIRCUIT-SAT problem
a
b
c
d
e
f
g
h
i
1
h
f
i
f
t = 1?
ATPG
ψ
C Circuit
Can we find an input value in which the faulty circuit and
the good circuit differ?
18
38
The Boolean Satisfiability (SAT) problem
Given a formula, f :
) )( )( ( c b a c a c b a     
C
1
C
2
C
3
a=b=c=1
(a,b,c)
(C
1
,C
2
,C
3
)
Comprised of a conjunction (AND) of clauses
Defined over a set of variables, V
Each clause is a disjunction (OR) of literals of the
variables V
Example :
Does there exist an assignment of Boolean values to
the variables, V which sets at least one literal in each
clause to ‘1’ ?
39
CIRCUIT-SAT as a SAT problem
A set of clauses representing the functionality of each
gate
A unit literal (i) clause asserting the output to be ‘1’
a
b
c
d
e
f
g
h
i
19
40
CIRCUIT-SAT as a SAT problem
A set of clauses representing the functionality of each
gate
A unit literal (i) clause asserting the output to be ‘1’
a
b
c
d
e
f
g
h
i
) )( )( ( h f a h f h a    
) )( )( ( g e d g e g d    
) (i
) )( )( ( i g h i g i h    