Do you remember how auto maker Toyota had to pay a $1.2 billion settlement in 2014 because some of their automotive models experienced sudden, unintended acceleration? That scenario has to be an engineer’s worst nightmare because something was missed during the design and testing of an automotive electronics system that has to meet rigid safety standards. Prevention is always cheaper than a cure, especially when it comes to IC design, so I learned something new this week while watching an archived webinar called, “STMicroelectronics’Experience: Synopsys Logic BIST for Automotive and Safety-Critical Designs.”
A Toyota Camry that crashed in 2010. Source: NY Post
Related – Virtual HIL and the 100M LOC car
Safety Critical Applications
I already mentioned automotive as a safety-critical application, other industries include: medical devices, aviation, trains, bridges, power plants, etc. Just in the automotive space, stop and think about Advanced Driver Assistance Systems (ADAS) and how electronics control the feature and safety:
- Air bags
- Anti-lock Brake System
- Electronic stability control
- Adaptive cruise control
- Emergency breaking assist
- Blind-spot monitoring
- Lane-departure warning
- Rear cross-traffic detection
- Pedestrian detection
- Traffic sing recognition
Safety standards are defined for each industry: ISO 26262 for automotive, ISO 13485 for medical devices, DO-254 for aviation. Self-testing is a best practice for electronic systems to help meet each of these standard requirements. Synopsys recently added a synthesis-based in-system self-test product called Logic BIST (Built-In Self Test), and here’s where it fits into the overall design and test flow:
Logic BIST Flow
The required logic for BIST is automatically added to your gate-level design during logic synthesis, so you don’t have to modify the RTL source code in this approach. The Design Compiler tool meets the timing, area, power and test goals during the synthesis step shown in the first blue box above. The TetraMAX ATPG tool computes the seed and signature used by the logic BIST for self-testing purposes, which is different from the Synopsys manufacturing test flow where TetraMAX generates the test program for ATE and also provides silicon diagnostics capabilities.
Logic BIST adds controllability and observability to the scan flip-flops of your design, shown in grey below while the test logic is shown in blue.
Logic BIST Architecture
PRPG stands for Pseudo-Random Pattern Generation, and this is where stimulus is automatically created for self-testing of your logic. Test values are loaded into the grey flip-flops of you design, then results of your logic design are saved in the MISR (Multi-Input Shift Register) to be compared against a known-good value saved in the Signature, shown in green.
Logic BIST at STMicroelectronics
Cinzia Bartolemmei spoke about how her group is using logic BIST for both power-on test and in-system live test of safety critical cores. Requirements of this logic BIST approach for their designs are:
- Small silicon area overhead
- LBIST must be modular
- Doesn’t require data from chip input pins
- Simple to interface
- Pass or fail response
- Support both stuck-at and transition testing
- Trade-off patten count and test coverage
- Divide LBIST run into several timing intervals
They’ve been able to meet these requirements on IC design blocks ranging from thousands to millions of gates, and fulfill the automotive safety standards even on designs with multiple synchronous or asynchronous clocks. For a case study Cinzia talked about a macro cell used in automotive with about 120K flip-flops, scan chain length of 100 and two asynchronous clocks:
With this approach the area overhead for all DFT was 3% while LBIST required just 1.6%. For single stuck-at faults a test coverage of 91.76% was achieved using 20K patterns, while LBIST used just 2,300 patterns to reach 90% coverage. On transition faults a test coverage of 86.11% was reached using 20K patterns, and LBIST took just 12,400 patterns to get 85% coverage.
Related – Two New Announcements at ITC from Synopsys
Summary
We live in a complex world where our very lives depend on electronics systems functioning perfectly in order to keep us safe. One method to address safety requirements is through Logic BIST, and companies like STMicroelectronics have used Synopsys tools to make their automotive chips adhere to stringent safety requirements. View the entire 21 minute archived webinar here.
Comments
0 Replies to “Design For Safety in Automotive Electronics”
You must register or log in to view/post comments.