DIAFIM
ACCELERATE FAULT INJECTION ON FPGA BASED PROTOTYPES
DIAFIM
QUICKLY ASSESS THE VULNERABILITY OF YOUR DIGITAL ASICs AND IP CIRCUITS
DIAFIM
CARRY OUT TEST FAULT INJECTION WITHIN SYSTEM CONTEXT
Previous
Next

DIAFIM - FAULT INJECTION FLOW

DiaFim approach begins by the import of a net-list post-synthesis of the design under test (1). After this step DiaFim will identify all the flips-flops contained in the design and will instrument them with fault injectors (2).

Thus, at this stage, there is a need for a third-party FPGA synthesis tool to integrate the fault injection logic part, to the DUT. The complete design (instrumented application logic plus fault- injection logic) can be synthesized (3).

A test campaign interface tool (4) enables you to define the test scenarios you want to apply on the DUT. Finally, the configuration bitstream can be downloaded on the FPGA targeted and you can start to run test campaigns.

REPORTS

A set of figures and tables allows the user to quickly assess the sensitivity zones of the circuit

EXTRACT
FROM REPORT A

DiaFim can detect up to five different types of failures which are: AOM, Crash, Timeout, Hang and ISM. In the report represented here below, the first pie-chart represents the repartition of the number of tests for which there was a least one difference compared to the “gold” reference. Another type of pie-chart gives the distribution of the different types of failure measured, their number and percentage.

EXTRACT
FROM REPORT B

Different figures are proposed showing the distribution of the injection cycle, for example the graph here below shows the number of tests executed for each  injector.

EXTRACT FROM REPORT C

In the example here below, DiaFim reports the results obtained for the test N°13 of the suite N°11 for a scenario plays on the injection chain id N°1. The comparison between the collected signals and the reference signals shows a difference of 5 bits and the output data collected a mismatch of 7 words.

<Suite 11 – Test 13> ⇒ AOM + ISM ⇒ Collected: Injection Chain, Output data, DUT

⇒ Injections:

Chain idFault kindCycleDurationPoint(s)
1Bit flip211cy.register2_reg[7],
1Bit flip381cy.register2_reg[7],

From »Injection Chain » ⇒ Collected: 1602 – Compared: 1602 ⇒ Mismatches: 5 bits

Signals Values
doCore_core_inst/core_regfile_6_15_8_sva_reg[7:0]0x06
doCore_core_inst/core_regfile_6_7_0_sva_reg[7:0]0x00

From »Output data » ⇒ Collected: 9 – Compared: 9 ⇒ Mismatches: 7 words

[1..9]: 0x44, 0x43, 0x12, 0x05, 0x00, 0x01, 0x04, 0x06, 0x0c,

EXTRACT FROM REPORT D

A summary of the values obtained on a test suite is reported in a table with the parameters and the status obtained for each test id.

Test IDFault kindInjection cyclesDurationInjection pointsStatutsEstimated DurationRun cycles count
GoldN/AN/AN/AN/AOK170260 ns8513 cy.
Test 16Chain 1: Bit flip,Chain 1: 7296,Chain 1:
1 cy.,
Chain 1:
doCore_core_inst/doCycle_if_4_else_1_else_if_doCycle_if_4_else_1_else_if_and_svs_1_reg
doCore_core_inst/doCycle_mux_72_itm_1_15_12_reg[2]
AOM170260 ns8513 cy.
Test 36Chain 1: Bit flip,Chain 1: 3729,Chain 1:
1 cy.,
Chain 1:
doCore_core_inst/doCycle_dctoEx_temp_rhs_31_12_Ipi_2_dfm_1_18_4_reg[11]
AOM170240 ns8662 cy.
Test 102Chain 1: Bit flip,Chain 1: 2927,Chain 1:
1 cy.,
Chain 1:
doCore_core_inst/core_regFile_23_7_0_sva_reg[7]
doCore_core_inst/core_extoMem_useRd_sva_reg
AOM166360 ns8318 cy.
Test 105Chain 1: Bit flip,Chain 1: 6461,Chain 1:
1 cy.,
Chain 1:
doCore_core_inst/core_extoMem_result_sva_31_16_reg[2
doCore_core_inst/core_pc_31_2_sva_reg[10]
AOM + ISM299340 ns14967 cy.
Test 113Chain 1: Bit flip,Chain 1: 5154,Chain 1:
1 cy.,
Chain 1:
doCore_core_inst/core_pc_31_2_sva_reg[3]
AOM170640 ns8532 cy.
Test 116Chain 1: Bit flip,Chain 1: 7381,Chain 1:
1 cy.,
Chain 1:
doCore_core_inst/core_memtoWB_result_31_16_sva_reg[3]
Timeout + AOM + ISM250 ms12500000 cy.
Test 134Chain 1: Bit flip,Chain 1: 539,Chain 1:
1 cy.,
Chain 1:
doCore_core_inst/core_regFile_11_7_0_sva_reg[4]
AOM170420 ns8521 cy.
Test 157Chain 1: Bit flip,Chain 1: 2432,Chain 1:
1 cy.,
Chain 1:
doCore_core_inst/core_regfile_17_15_8_sva_reg[1]
doCore_core_inst/core_ftoDC_instruction_sva_reg[13]
AOM169940 ns8497 cy.
Test 176Chain 1: Bit flip,Chain 1: 2903,Chain 1:
1 cy.,
Chain 1:
doCore_core_inst/core_dctoEx_rd_sva_reg[4]
AOM170260 ns8513 cy.
Test 197Chain 1: Bit flip,Chain 1: 1092Chain 1:
1 cy.,
Chain 1:
doCore_core_inst/doCycle_mux_72_itm_1_11_8_reg[0]
AOM170260 ns8513 cy.