J
jt_eaton
Guest
<style type="text/css">P { margin-bottom: 0.08in; }</style> After almost 30 years as a product and IC designer I am still amused when I find two designers arguing over what type of reset system to design. These usually start off civil enough but quickly devolve into both sides flinging factoids,folklore and fiction back and forth hoping something will stick. It never does and we continue to repeat this farce over and over. I have even seen engineers support one side or the other because they “feel” that it is better. When engineers start talking about feelings then you know that we are in a mess.
So I thought I would write this essay how things should work and explain why we still continue to argue over what should be a simple straight forward system.
If you ask both sides to describe what the mission statement for the reset system is then you will usually find that they are in agreement. "The reset system forces all nodes in the system into a known
good start state while the reset button is pressed". From there they diverge on how to do it.
So who is responsible for the reset system's mission statement? It comes like all IC requirements from the product development team. This team does a make/buy analysis and decides to create an IC. A requirements doc is created that lists all signals connected to the chip along with all the mission statements for the entire chip.
Somebody on the product team will be responsible for the reset design. They will spec how it is created,filtered and distributed to all chips. The reset system mission statement comes from this person.
And this is the crux of our problem. I have a desktop pc, tablet , dsl modem,firewall and hotspot and they all reset the same way. In fact all products behave the same during reset. You press a button and after some time lag the product returns to its reset state. The time lag can range from fractions of a second up to 10 or 20 seconds.
When an IC designer designs a reset system they will always try to reset everything as soon as possible. If you even suggest that maybe you could wait 10 ns for the next clock edge before applying the reset then the asynchronous reset crowd will scream that is cannot be done and it must be reset NOW!!!.
They do this because their mission statement's only focus is what happens when the button is pressed. It doesn't say anything about waiting. Product designers could care less. Go ahead and wait billions of nanoseconds. No problem.
Product designers are using a different mission statement for reset than IC designers. Their mission statement is “If the reset button is not pressed then do nothing, otherwise wait long enough to be absolutely sure that the button is pressed before forcing all nodes in the system into a known good start state”.
They reason they do this is because the biggest threat to a products reset system is Electrostatic Discharge (ESD). If a product can see spurious resets from esd events in the field then it is doomed. Delaying reset until you are certain will prevent these failures. It is a nuisance but still quite acceptable to the customer.
The product reset designer must create a Low Pass Filter that will pass the valid reset while blocking any and all noise. One of the side effects of a low pass filter is that you will always insert a delay after the button press before the system can respond. Reset filters need to be under 100 hz so those delays can be in the milliseconds.
So our product designer has two choices for designing the filter. They can use analog components or they can use digital. Analog is nice because it is completely asynchronous and works even if your clock circuit fails to start. This is essential in embedded systems that drive actuators.
Digital on the other hand is cheap. The cost of putting a digital filter on the reset signal is zero. The number of gates is a round off error of a round off error. It also has zero impact on the PC board layout.
Analog filters use capacitors and the lower the frequency the larger the capacitor. In the mobile arena this is a huge cost.
So what is the best solution? Use both. Put in a analog low pass filter with a high cutoff frequency to keep the component size small. This will let you control the pads if your clock source fails to startup. Then feed this signal into a digital low pass filter to do the heavy lifting and give you the millisecond to multisecond delays that you need. Nice, simple ,eloquent and cost effective.
But there is a problem. There is one side in the reset debate that insists on designing ICs with a combinational path from the reset input pad to EVERY flip-flop and latch in the chip. They do this because they want to be sure that when reset is asserted that the IC will respond.
The problem is that if you want to use a digital low pass filter then it has to be able to block this path and prevent the signal on the reset pad from reseting any flip-flops. You can't do both.
You cannot use a digital filter to block noise on reset because an asychronous reset system will bypass the filter and send the noise pulse to the entire design.
I have noticed that most reset discussions are only among IC designers and rarely is this issued discussed with the product teams. This is like having IC designers chose a microprocessor without ever talking to any firmware engineers.
So how did we get into this mess? IC designers did not take their reset mission statement from the product teams, they up made their own that made it easier to design the IC at the expense of the product performance. This is voodoo engineering at its worst.
There are some good reasons for using an asynchronous reset system.It turns out that there are only five ways that you can screw up your reset system design.
1) Fail to connect flip-flop to reset system. Reset assertion never makes it to the flip-flip.
2) Fail to connect reset deassertion to a flip-flop. The reset assertion makes it so it can reset but is locked in that state forever.
3) Pick a wrong reset value.
4) Fail to reset combinatorial loops. We reset the design by resetting all the flip-flops. Loops do not have flip-flop drivers so we have to add an asynchronous reset.
5) Noise or ESD
The reason that the asynchronous wackos want to use their solution is failure #1. If I insist that all my IP has 100% asynchronous resets then it is very easy to verify that all IP is in compliance and that I will have no failures because some flip-flop was left out of the reset system. Its actually a good idea and 40 years ago it was the way that all systems were designed.
The problem we have today is that choosing the asynchronous option makes it easier to design the IC but harder to design the product. This is not a decision that an IC design team can make on their own, it has to come down from the product design team. Remember, the IC team is working for the Product team. They are the ones that have to make this decision.
If you take a design inserted with any of the first four reset failures then I can give you a simulation or spyglass rule or some other rtl checker that will read your design and catch that error. There is no tool
in the digital toolbox that can catch an esd failure error. Designing a working reset system is not as much of a design problem as it is a verification problem. Asynchronous resets do make it easier but at a significant cost to the product.
No modern IC design team should be using asynchronous resets inside the core of todays designs. You will still need them in the pad_ring but never in the core. Any IC team still using asynchronous resets should get rid of them. You will need to improve your verification effort to make up for the harder task of verifying synchronous resets but that is what you are being paid to do.
<script src="//platform.linkedin.com/in.js" type="text/javascript">
lang: en_US </script> <script type="IN/Share" data-counter="right"></script>
So I thought I would write this essay how things should work and explain why we still continue to argue over what should be a simple straight forward system.
If you ask both sides to describe what the mission statement for the reset system is then you will usually find that they are in agreement. "The reset system forces all nodes in the system into a known
good start state while the reset button is pressed". From there they diverge on how to do it.
So who is responsible for the reset system's mission statement? It comes like all IC requirements from the product development team. This team does a make/buy analysis and decides to create an IC. A requirements doc is created that lists all signals connected to the chip along with all the mission statements for the entire chip.
Somebody on the product team will be responsible for the reset design. They will spec how it is created,filtered and distributed to all chips. The reset system mission statement comes from this person.
And this is the crux of our problem. I have a desktop pc, tablet , dsl modem,firewall and hotspot and they all reset the same way. In fact all products behave the same during reset. You press a button and after some time lag the product returns to its reset state. The time lag can range from fractions of a second up to 10 or 20 seconds.
When an IC designer designs a reset system they will always try to reset everything as soon as possible. If you even suggest that maybe you could wait 10 ns for the next clock edge before applying the reset then the asynchronous reset crowd will scream that is cannot be done and it must be reset NOW!!!.
They do this because their mission statement's only focus is what happens when the button is pressed. It doesn't say anything about waiting. Product designers could care less. Go ahead and wait billions of nanoseconds. No problem.
Product designers are using a different mission statement for reset than IC designers. Their mission statement is “If the reset button is not pressed then do nothing, otherwise wait long enough to be absolutely sure that the button is pressed before forcing all nodes in the system into a known good start state”.
They reason they do this is because the biggest threat to a products reset system is Electrostatic Discharge (ESD). If a product can see spurious resets from esd events in the field then it is doomed. Delaying reset until you are certain will prevent these failures. It is a nuisance but still quite acceptable to the customer.
The product reset designer must create a Low Pass Filter that will pass the valid reset while blocking any and all noise. One of the side effects of a low pass filter is that you will always insert a delay after the button press before the system can respond. Reset filters need to be under 100 hz so those delays can be in the milliseconds.
So our product designer has two choices for designing the filter. They can use analog components or they can use digital. Analog is nice because it is completely asynchronous and works even if your clock circuit fails to start. This is essential in embedded systems that drive actuators.
Digital on the other hand is cheap. The cost of putting a digital filter on the reset signal is zero. The number of gates is a round off error of a round off error. It also has zero impact on the PC board layout.
Analog filters use capacitors and the lower the frequency the larger the capacitor. In the mobile arena this is a huge cost.
So what is the best solution? Use both. Put in a analog low pass filter with a high cutoff frequency to keep the component size small. This will let you control the pads if your clock source fails to startup. Then feed this signal into a digital low pass filter to do the heavy lifting and give you the millisecond to multisecond delays that you need. Nice, simple ,eloquent and cost effective.
But there is a problem. There is one side in the reset debate that insists on designing ICs with a combinational path from the reset input pad to EVERY flip-flop and latch in the chip. They do this because they want to be sure that when reset is asserted that the IC will respond.
The problem is that if you want to use a digital low pass filter then it has to be able to block this path and prevent the signal on the reset pad from reseting any flip-flops. You can't do both.
You cannot use a digital filter to block noise on reset because an asychronous reset system will bypass the filter and send the noise pulse to the entire design.
I have noticed that most reset discussions are only among IC designers and rarely is this issued discussed with the product teams. This is like having IC designers chose a microprocessor without ever talking to any firmware engineers.
So how did we get into this mess? IC designers did not take their reset mission statement from the product teams, they up made their own that made it easier to design the IC at the expense of the product performance. This is voodoo engineering at its worst.
There are some good reasons for using an asynchronous reset system.It turns out that there are only five ways that you can screw up your reset system design.
1) Fail to connect flip-flop to reset system. Reset assertion never makes it to the flip-flip.
2) Fail to connect reset deassertion to a flip-flop. The reset assertion makes it so it can reset but is locked in that state forever.
3) Pick a wrong reset value.
4) Fail to reset combinatorial loops. We reset the design by resetting all the flip-flops. Loops do not have flip-flop drivers so we have to add an asynchronous reset.
5) Noise or ESD
The reason that the asynchronous wackos want to use their solution is failure #1. If I insist that all my IP has 100% asynchronous resets then it is very easy to verify that all IP is in compliance and that I will have no failures because some flip-flop was left out of the reset system. Its actually a good idea and 40 years ago it was the way that all systems were designed.
The problem we have today is that choosing the asynchronous option makes it easier to design the IC but harder to design the product. This is not a decision that an IC design team can make on their own, it has to come down from the product design team. Remember, the IC team is working for the Product team. They are the ones that have to make this decision.
If you take a design inserted with any of the first four reset failures then I can give you a simulation or spyglass rule or some other rtl checker that will read your design and catch that error. There is no tool
in the digital toolbox that can catch an esd failure error. Designing a working reset system is not as much of a design problem as it is a verification problem. Asynchronous resets do make it easier but at a significant cost to the product.
No modern IC design team should be using asynchronous resets inside the core of todays designs. You will still need them in the pad_ring but never in the core. Any IC team still using asynchronous resets should get rid of them. You will need to improve your verification effort to make up for the harder task of verifying synchronous resets but that is what you are being paid to do.
<script src="//platform.linkedin.com/in.js" type="text/javascript">
lang: en_US </script> <script type="IN/Share" data-counter="right"></script>
Last edited by a moderator:
