Glitches on clock domain crossing signals have always been a concern for chip designers. Now with increased requirements for reliability, renewed scrutiny is being given to find ways to identify these problems and fix them. In particular applications such as automotive electronics have given this added effort an impetus. Siemens EDA has learned a lot about CDC analysis through working with customers on numerous challenging projects. They learned that there are more types of CDC paths that should be examined than are traditionally looked at as sources of problems.
In their white paper titled “The Three Witches – Preventing Glitch Nightmares on CDC Paths” the authors Ping Yeung and Sulabh-Kumar Khare share their experience with gate level CDC analysis. The three types of CDC paths they cite as critical to focus on are unsynchronized CDC paths, combinational CDC paths and, of course, data multiplexing CDC paths. Their paper focuses on gate level analysis because synthesis can take a seemingly clean design and introduce CDC issues during optimization steps.
Different types of CDC paths need to be properly identified so that the appropriate analysis methods are used on them to look for issues. They also point out that gate level analysis can require long runtimes. This calls for methods to improve efficiency by adding the ability to make refinement and continue execution instead of starting over each time. The Siemens paper also looks at methods to add parallelism to CDC analysis runs to improve throughput.
Siemens describes a methodology that combines structural CDC analysis, expression analysis and formal methods to identify and prove real glitches at the gate level. The complete methodology is done in three stages. It starts with gate level set up. The RTL constraints are needed to obtain accurate results. Siemens’ Questa Signoff CDC has the ability to track naming transformations so that RTL constraints be used for gate level analysis. Starting with the validated RTL constraints means there is less room for error. In the case where more information is needed, additional RTL to gate name mapping can be added. Also, Questa Signoff CDC can infer constraints for added logic, such as scan, etc.
The second stage identifies the safe, unsafe and waived CDC paths. Naturally the safe paths are those that contain no combinational logic. The unsafe paths will contain a mixture of the “Three Witches” that the paper’s title refers to. Waivers from the RTL CDC analysis can be used to reduce the workload at the gate level.
Finally, the third stage involves gate level glitch analysis. This is a comprehensive expression analysis of the combinational logic tree in the CDC path that identifies potential glitch candidates. The list of glitch candidates can be pruned with this information. A formal engine is then used to look for scenarios where glitches can propagate. Questa Signoff CDC performs analysis that identifies the exact location at which a signal and its complementary term will converge. The result of this analysis gives the designer essential information to understand the exact scenario where a glitch can cause a failure.
Because the potential glitch paths are relatively independent of each other, it is possible to partition the analysis for parallel processing. Using a large server farm, it is possible to concurrently process thousands (or more) of CDC paths. With this approach it is possible to achieve an overnight run for even extremely large designs.
Because the Three Witches of CDCs can curse a design, it’s comforting to know that there are approaches to smoke them out. Siemens benefits from their ability to work with customers on large projects to learn best practices which can then be supported in their tools and shared with designers. The full white paper is available on the Siemens EDA website.Share this post via: