07-runtime.tex 23.1 KB
Newer Older
1
\section{Run-time Control of Fault Injection}
2
\label{sec:runtime}
Christian Fibich's avatar
Christian Fibich committed
3

4
5
6
7
There are two options available to control the \textit{\ac{FIJI}} logic added to the instrumented design in the target FPGA device at run time.
The \textit{\ac{FIJIEE}} tool is a command-line tool which facilitates downloading pre-defined or random test patterns but can also be controlled interactively.
The \textit{\ac{FIJIEE} GUI} tool provides a graphical user interface to roughly the same functionality.
Both communicate with \textit{\ac{FIJI}} via serial connection (UART) to download test patterns and read back status information.
Christian Fibich's avatar
Christian Fibich committed
8

9
Both \textit{\ac{FIJIEE}} programs work with \textit{\ac{FIJI} Tests} files, which can
10
11
12
13
contain (1) overall test execution parameters such as the serial device
to be used for communication with the fault injection logic, (2) 
a succession of test patterns for sequenced tests along with test
execution information, and (3) test execution information for random
14
15
tests such as fault probabilities or minimum and maximum timer values.

16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
\Cref{sec:execution_flow} explains how the \ac{FIJI} hardware and the \ac{FIJIEE} on the host PC communicate to coordinate the execution of tests.
A description of the \ac{FIJIEE} command-line tool and GUI follow in \Cref{sec:ee-cli} and \Cref{sec:ee-gui} respectively.
Specific features that extend the run-time functionality are detailed in the trailing sections.

\subsection{Execution Flow}
\label{sec:execution_flow}

\begin{figure}[ht]
\centering
\includegraphics[width=0.85\linewidth]{img/Pattern.pdf}
\caption{Fault Sequencing}
\label{fig:seq}
\end{figure}


In \Cref{fig:seq} an extract of a longer execution of a \ac{FIJI} system is depicted showing 
some of the possible sequences of events.

First of all, the \ac{FIC} must acquire a valid configuration (as specified in \hyperref[TRM:sec:h2f]{the \ac*{TRM}}).
If there are any reception errors (frame error, wrong 
ID, or CRC mismatch) the \ac{FIC} nevertheless continues reading in the appropriate 
amount of frames/bytes for a configuration. Only after the complete reception 
of the expected number of bytes the \ac{FIC} reports the result back to the host. To 
that end a \textit{CONF\_DONE} message is sent, possibly with some set error bits (see 
40
\hyperref[TRM:sec:f2h]{the \ac*{TRM}}).
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67

Upon the successful reception of a configuration, the DUT is reset by the \ac{FIC} 
if requested. The \ac{FIC} then optionally waits for a trigger signal (again 
depending on a configuration setting) and then starts the next phase.
NB: In \Cref{fig:seq} the 
second and partially visible third execution cycle do not use any triggers and 
thus have no \textit{WAIT} phases at all.

In the \textit{COUNT} phase the timer counts down duration $t_1$. When the timer expires, 
the \ac{FIC} instructs the \acp{FIU} to apply fault pattern 1 and thus possibly enables 
the forwarding of faulty signals by the \acp{FIU}. At this point the \ac{FIC} reports 
back to the host that transmitting a new configuration is now possible with a 
\textit{READY} message. Also, it loads the timer with duration $t_2$. When the timer 
expires, the \ac{FIC} instructs the \acp{FIU} to apply fault pattern 2. This pattern 
stays active until the duration $t_1$ of the next configuration has been counted 
down.

In other words $t_1$ determines exactly the time between reception of a new configuration or optionally the arrival of a trigger and the start of the first fault.
$t_2$ on the other hand specifies how long this first fault should be active (before fault~2 becomes active).

In the ideal case the host sends a new configuration while duration $t_2$ of the 
previous configuration is still in progress. This allows to apply successive 
configurations or even fault patterns themselves without a gap. If the new 
configuration does not arrive in time, the \ac{FIC} notifies the host by sending an
\textit{UNDERRUN} message. It then waits for a new configuration to be downloaded.


68
\subsection[FIJIEE Command-line Interface]{\acs{FIJIEE} Command-line Interface}
69
\label{sec:ee-cli}
70

71
The \textit{\ac{FIJIEE}} may be invoked as follows:
72

73
\texttt{perl fiji\_ee.pl [OPTIONS]}
74
75
76
77
78
79

The following command-line parameters are required regardless of operation mode:

\begin{itemize}
    \item \texttt{-m, {-}{-}mode=<mode>}
          
80
81
82
83
84
85
    The download mode to use:
    \begin{itemize}
        \item[] \texttt{manual}: Prompt for fault patterns and timer values
        \item[] \texttt{auto}:   Download tests in the \textit{\ac{FIJI} Tests} file
        \item[] \texttt{random}: Download randomly generated tests
    \end{itemize}
86
87
88

    \item \texttt{-s, {-}{-}settings=<filename>}

89
    Specifies the \textit{\ac{FIJI} Settings} file to use.
90
91
92

    \item \texttt{-t, {-}{-}tests=<filename>}

93
    Specifies the \textit{\ac{FIJI} Tests} file to use.
94
95
\end{itemize}

96
The script also accepts the following \emph{optional} command-line arguments:
97
98
99
100

\begin{itemize}
    \item \texttt{-p, {-}{-}port=<port>}

101
102
103
104
105
106
107
108
109
110
111
112
113
        The serial port to use.
        Overrides the value configured in the \textit{\ac{FIJI} Settings} file.

    \item \texttt{-c, {-}{-}completion=<filename>}

        Path to the completion script (cf.\ \Cref{sec:completion_script}).
        Overrides the value configured in the \textit{\ac{FIJI} Tests} file.

    \item \texttt{-i, {-}{-}interactive}

        Enables user interaction (default in \texttt{manual} mode).
        \textit{\ac{FIJIEE}} is supposed to be run non-interactively most of the time (e.g., when called by test scripts).
        However, if this option is given \textit{\ac{FIJIEE}} offers the user some options which require user input (e.g., to save test files for failures etc).
114

115
116
    \item \texttt{-v, {-}{-}verbose}

117
118
        Increase verbosity on the terminal. Each occurence of \texttt{-v} or
        \texttt{{-}{-}verbose} further increases verbosity.
119

120
121
    \item \texttt{-h, {-}{-}help}

122
        Displays usage information on the terminal and exits
123
124
\end{itemize}

Christian Fibich's avatar
Christian Fibich committed
125
In \textit{Random} mode, the following options can be used to overrule
Christian Fibich's avatar
Christian Fibich committed
126
the values defined in the supplied \textit{\ac{FIJI} Tests} file:
Christian Fibich's avatar
Christian Fibich committed
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144

\begin{itemize}
    \item \texttt{-a, {-}{-}timer-1-min=<duration>}
    
    Minimum value for duration $t_1$

    \item \texttt{-b, {-}{-}timer-2-min=<duration>}
    
    Minimum value for duration $t_2$

    \item \texttt{-A, {-}{-}timer-1-max=<duration>}

    Maximum value for duration $t_1$

    \item \texttt{-B, {-}{-}timer-2-max=<duration>}

    Maximum value for duration $t_2$

145
    \item \texttt{-0, {-}{-}prob-s0=<probability>}
Christian Fibich's avatar
Christian Fibich committed
146

147
    Probability of a stuck-at-0 fault on any net
Christian Fibich's avatar
Christian Fibich committed
148
149
150

    \item \texttt{-1, {-}{-}prob-s1=<probability>}

151
    Probability of a stuck-at-1 fault on any net
Christian Fibich's avatar
Christian Fibich committed
152
153
154

    \item \texttt{-d, {-}{-}prob-dly=<probability>}

155
    Probability of a delay fault on any net
Christian Fibich's avatar
Christian Fibich committed
156
157
158

    \item \texttt{-f, {-}{-}prob-seu=<probability>}

159
    Probability of an SEU fault on any net
Christian Fibich's avatar
Christian Fibich committed
160
161
162

    \item \texttt{-o, {-}{-}prob-so=<probability>}
    
163
    Probability of a stuck-open fault on any net
Christian Fibich's avatar
Christian Fibich committed
164
165
166
\end{itemize}

The entered durations must fit into the timer width specified in the
Christian Fibich's avatar
Christian Fibich committed
167
\textit{\ac{FIJI} Settings} file, with the maximum duration being greater
Christian Fibich's avatar
Christian Fibich committed
168
169
170
than or equal to the minimum duration.

The sum of the fault probabilities must not exceed $1.0$. The difference
171
between this sum and $1.0$ determine the probability of fault-free
Christian Fibich's avatar
Christian Fibich committed
172
173
operation.

174
When choosing the \texttt{manual} mode, \textit{\ac{FIJIEE}} prompts
Christian Fibich's avatar
Christian Fibich committed
175
the user for fault configurations before they are downloaded as shown
Stefan Tauner's avatar
Stefan Tauner committed
176
in \Cref{lst:manualprompt}.
Christian Fibich's avatar
Christian Fibich committed
177

178
To choosen between the various fault models one has to enter its index.
179
The mapping between these fault indices and the respective fault models is shown in \Cref{tab:faultmap}.
180
181

\begin{figure}
Stefan Tauner's avatar
Stefan Tauner committed
182
\begin{lstlisting}[caption=Interactive configuration session,label=lst:manualprompt,style=plain]
Christian Fibich's avatar
Christian Fibich committed
183
184
185
186
187
188
189
190
191
192
193
194
Enter configuration for FIU #0 in t2 (default: 0x7): 0
Enter configuration for FIU #0 after t2 (default: 0x7): 1
Enter configuration for FIU #1 in t2 (default: 0x7): 2
Enter configuration for FIU #1 after t2 (default: 0x7): 3
Enter configuration for FIU #2 in t2 (default: 0x7): 4
Enter configuration for FIU #2 after t2 (default: 0x7): 5
Enter duration t1 (default: 0x0): 100
Enter duration t2 (default: 0x0): 1000
Enable trigger (default: 0)? 1
Use external/not internal trigger (default: 0)? 0
Enable reset (default: 0)? 0
\end{lstlisting}
195
\end{figure}
Christian Fibich's avatar
Christian Fibich committed
196

197
\begin{table}[!hb]
Christian Fibich's avatar
Christian Fibich committed
198
199
    \caption{Mapping between fault indices and models}
    \label{tab:faultmap}
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
    \centering
    \begin{tabular}{ll}
        \toprule
        Index & Fault Model \\
        \midrule
        0 & No fault \\
        1 & Stuck at 0 \\
        2 & Stuck at 1 \\
        3 & Delay \\
        4 & Single Event Upset \\
        5 & Stuck open \\
        6 & Reserved - No fault \\
        7 & Reserved - No fault \\
        \bottomrule
    \end{tabular}
Christian Fibich's avatar
Christian Fibich committed
215
216
\end{table}

217
Following the fault configurations for the different \ac{FIU}s in both phases 
Christian Fibich's avatar
Christian Fibich committed
218
219
the time values for both duration have to be entered in clock cycles.

220
Afterwards, the trigger mode must be selected, where
Christian Fibich's avatar
Christian Fibich committed
221
\texttt{1} maps to enabling the trigger facility. If the user enters a \texttt{1},
222
\textit{\ac{FIJIEE}} asks if the internal trigger (\texttt{0}) or the
Christian Fibich's avatar
Christian Fibich committed
223
224
225
external trigger (\texttt{1}) shall be used.

Finally, the user has to enter if the fault injection logic shall apply
226
a reset to the \ac{DUT} before applying this fault injection pattern. 
Christian Fibich's avatar
Christian Fibich committed
227
228
229

Informations other than the fault patterns (e.g., the serial port,
baud rate, or \texttt{HOLD\_ON\_FAULT\_DETECT} information) are read from
Christian Fibich's avatar
Christian Fibich committed
230
the \textit{\ac{FIJI} Settings} and \textit{\ac{FIJI} Tests} files.
Christian Fibich's avatar
Christian Fibich committed
231
232


233
\subsection[FIJIEE GUI]{\acs{FIJIEE} GUI}
234
\label{sec:ee-gui}
235

236
Apart from the functionality explained above the \acs{FIJIEE} GUI additionally provides the possibility to edit \textit{\ac{FIJI} Tests} files in a guided manner, where entered values are checked for validity and sanity.
237

238
239
Although the \textit{\ac{FIJIEE}} GUI is a graphical tool, it accepts the
following \emph{optional} command-line arguments:
240
241

\begin{itemize}
242
    \item \texttt{-s, {-}{-}settings=<filename>}
243

244
        Specifies a \textit{\ac{FIJI} Settings} file to load at startup.
245

246
    \item \texttt{-t, {-}{-}tests=<filename>}
247

248
        Specifies a \textit{\ac{FIJI} Tests} file to load at startup.
249
    
250
251
252
253
254
    \item \texttt{-v, {-}{-}verbose}

       Increase verbosity on the terminal. Each occurence of \texttt{-v} or
       \texttt{{-}{-}verbose} further increases verbosity.

255
256
    \item \texttt{-h, {-}{-}help}

257
        Displays usage information on the terminal and exits
258
259
\end{itemize}

260
The main elements of the \textit{\ac{FIJIEE} GUI} can be seen in \Cref{fig:download_gui}:
Christian Fibich's avatar
Christian Fibich committed
261
\begin{enumerate}[(1)]
Christian Fibich's avatar
Christian Fibich committed
262
    \item The \textit{Control Area} is used for loading and saving \textit{\ac{FIJI} Tests} files, as well as
Stefan Tauner's avatar
Stefan Tauner committed
263
          for exporting test runs to \textit{\ac{FIJI} Tests} files or templates for \ac{RTL} and gate-level simulation.
264
265
          Here the user can also select the UART device to be used for communication with the \ac{FIJI} logic.
    \item The \textit{Tab Area} switches between test modes.
Christian Fibich's avatar
Christian Fibich committed
266
267
    \item In the \textit{Main Area}, the tests in the selected mode
          can be configured.
268
269
    \item The \textit{Logging Window} shows the progress and outcome of operations.
          Warnings and error messages are color-coded in orange and red, respectively.
Christian Fibich's avatar
Christian Fibich committed
270
    \item Small green or red panels show the most recent status reported
Christian Fibich's avatar
Christian Fibich committed
271
          back by the \ac{FIJI} logic in the \textit{\ac{FIC} Status Panel}:
Christian Fibich's avatar
Christian Fibich committed
272
273
          \begin{itemize}
            \item \textit{U}: UART framing error
274
            \item \textit{I}: Design ID mismatch (between the hardware and the \ac{FIJI} configuration file)
Christian Fibich's avatar
Christian Fibich committed
275
            \item \textit{C}: CRC error
276
277
278
279
280
281
282
283
            \item \textit{1}: Fault detect signal 1
            \item \textit{2}: Fault detect signal 2
          \end{itemize}
    \item The \textit{Injection Status Panel} shows the running time of the current test on the right and type of the last received status message on the left.
          \begin{itemize}
            \item \textit{CONF\_DONE}: reception of the configuration succeeded
            \item \textit{READY}:      $t_1$ of the test has passed and \ac{FIJI} is ready to receive another configuration
            \item \textit{UNDERRUN}:   $t_2$ ended before a new test configuration was received (thus no exact timing can be maintained)
Christian Fibich's avatar
Christian Fibich committed
284
          \end{itemize}
285
    \item The buttons in the \textit{Button Panel} allow the user to control the test execution:
Christian Fibich's avatar
Christian Fibich committed
286
          \begin{itemize}
287
288
289
290
291
            \item \textit{Clear Log}: Clear the contents of the log window.
            \item \textit{Update}:    When the \ac{FIC} is ready (after $t_2$), request
                                      an update of the fault detect signals.
            \item \textit{Start}:     Run the currently configured test.
            \item \textit{Stop}:      Abort the current execution of tests.
Christian Fibich's avatar
Christian Fibich committed
292
293
          \end{itemize}
\end{enumerate}
294

295
\begin{figure}[!htb]
Christian Fibich's avatar
Christian Fibich committed
296
\centering
297
\input{img/fiji_ee_sequence_screenshot_marked.tex}
298
\caption{\ac{FIJIEE} GUI: Sequence Mode}
Christian Fibich's avatar
Christian Fibich committed
299
\label{fig:download_gui}
Christian Fibich's avatar
Christian Fibich committed
300
301
\end{figure}

Christian Fibich's avatar
Christian Fibich committed
302
\subsubsection{Sequence}
Christian Fibich's avatar
Christian Fibich committed
303
\label{sec:sequence}
Christian Fibich's avatar
Christian Fibich committed
304

305
In \textit{Sequence} mode, the \textit{\ac{FIJIEE} GUI} provides the
Christian Fibich's avatar
Christian Fibich committed
306
possibility to edit a sequence of fault patterns to be downloaded one
307
308
309
310
311
312
313
314
315
316
after another. At the top of the \textit{Main Area} of the sequence mode tab
generic parameters for the test execution can be set: If the
sequence is to be repeated once completed, and after which pattern the repetition
should start again (this is particularly useful if the first pattern is
used to reset the \ac{DUT}), and under which circumstances to halt the test execution.
In addition to these configurable halting conditions, the test execution is always stopped if and when an ID or CRC error is encountered.

Additionally, a Perl script can be selected to be executed upon test completion, which is described in detail in \Cref{sec:completion_script}.

Below the common options an overview of the currently configured sequence of test patterns
Christian Fibich's avatar
Christian Fibich committed
317
318
319
320
321
is displayed. Only the durations are displayed, the configured faults
are omitted in this view.

Test patterns can be configured by clicking the \textit{Edit} button
next to the \textit{Duration~T2} column. This opens a dialog box where
Christian Fibich's avatar
Christian Fibich committed
322
the timer values can be changed, the individual \ac{FIU}s configured, and
Christian Fibich's avatar
Christian Fibich committed
323
324
325
326
reset and trigger options enabled.

Test patterns can be appended at the end by \textit{Append Test} and
deleted individually by clicking the respective \textit{Delete Test} button.
327
Appended tests are always ``benign'', i.e., their durations are set to a workable minimum depending on the design frequency, the \ac{FIU}s are configured to be fault-free (``NONE''), and the trigger and reset options are disabled.
Christian Fibich's avatar
Christian Fibich committed
328
329

\subsubsection{Manual}
Christian Fibich's avatar
Christian Fibich committed
330

331
\Cref{fig:manual_download_gui} shows the \textit{Main Area} with
Christian Fibich's avatar
Christian Fibich committed
332
333
334
335
336
337
\textit{Manual} mode selected. Here, the parameters of a single fault
configuration can be entered. By clicking the \textit{Start} button with
manual mode selected, the currently entered configuration is sent to
the fault injection logic where it is immediately activated when the
logic is ready.

338
339
340
341
342
The optional \ac{FIU} names are displayed next to the respective index to 
help identifying the \acp{FIU}. The net the respective \ac{FIU} is attached
to is displayed as a tooltip for the \ac{FIU}'s label and the drop-down
menus to select faults.

Christian Fibich's avatar
Christian Fibich committed
343
As can also be seen in the Figure, the
Christian Fibich's avatar
Christian Fibich committed
344
hardware configuration information from the \textit{\ac{FIJI} Settings} file
345
346
is incorporated into the user interface. In the hardware configuration loaded
for the screenshot, the \acs{FIJI}-to-\acs{DUT} reset feature was turned off, and
347
the \textit{\ac{FIJIEE} GUI} notifies the user by graying-out the respective
348
checkbox and showing an explanation next to it.
Christian Fibich's avatar
Christian Fibich committed
349

350
\begin{figure}[!htb]
Christian Fibich's avatar
Christian Fibich committed
351
\centering
352
\includegraphics[width=0.85\linewidth]{img/fiji_ee_manual_screenshot.png}
353
\caption{\ac{FIJIEE} GUI: Manual Mode}
Christian Fibich's avatar
Christian Fibich committed
354
\label{fig:manual_download_gui}
Christian Fibich's avatar
Christian Fibich committed
355
356
\end{figure}

Christian Fibich's avatar
Christian Fibich committed
357
\subsubsection{Random}
Christian Fibich's avatar
Christian Fibich committed
358

359
360
361
362
363
364
365
366
367
368
369
370
371
372
For the random test the user can determine the global probability of the various fault models.
These probabilities are then used to determine the state of the \acsp{FIU} in each message sent.

There are two modes of operations that can be selected by the (``multiple faults per pattern'') option:
\begin{description}
    \item[Single Faulty \acs{FIU}]
        If the option is disabled then for each configuration message a single \ac{FIU} is selected among all \acp{FIU} to be (potentially) faulty in one (randomly selected) configuration pattern.
        For the selected pattern this \ac{FIU} is then armed according to the global probabilities.
        All other \acp{FIU} and the selected one in all but the selected pattern are set to \textit{No Fault}.
    \item[Multiple Faults]
        If the option is enabled then all \acp{FIU} in all patterns are subject to (potential) faults.
        A chance for multiple faulty signals at any given point are the consequence.
\end{description}

Christian Fibich's avatar
Christian Fibich committed
373
The GUI elements for configuring the \textit{Random} test mode can be
374
375
seen in \Cref{fig:random_download_gui}.
In addition to those parameters already described in \Cref{sec:sequence}, the following parameters are configurable:
Christian Fibich's avatar
Christian Fibich committed
376
377

\begin{itemize}
378
379
380
381
382
    \item The probability of the different fault models in each randomization operation.
          The difference of the sum of all fault probabilities to 1 is the probability
          that a \acs{FIU} is fault-free (i.e., set to \textit{NONE}).
    \item If it is possible that more than one FIU is configured to be faulty in any
          pattern as explained above.
383
384
    \item If the FIJI-to-\acs{DUT} reset signal shall be asserted in the initial
          fault configuration (e.g., to bring the \ac{DUT} into a defined state prior
Christian Fibich's avatar
Christian Fibich committed
385
386
          to fault injection)
\end{itemize}
Christian Fibich's avatar
Christian Fibich committed
387

388
\begin{figure}[!htb]
Christian Fibich's avatar
Christian Fibich committed
389
\centering
390
\includegraphics[width=0.85\linewidth]{img/fiji_ee_random_screenshot.png}
391
\caption{\ac{FIJIEE} GUI: Random Mode}
Christian Fibich's avatar
Christian Fibich committed
392
\label{fig:random_download_gui}
Christian Fibich's avatar
Christian Fibich committed
393
394
\end{figure}

395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
\subsubsection{Completion Script}
\label{sec:completion_script}
In \textit{Sequence} and \textit{Random} mode a Perl script can be selected to be executed upon test completion.
An example script is included that sends an email containing the test results, all log messages and the test triggering the fault if any.

The \textit{Completion Script} is given the following parameters (in this order):

\begin{itemize}
    \item The reply of the respective \texttt{FIJI::Downloader}'s \texttt{download\_*} function, i.e., an error message if something unexpected happened, or a hash containing the following fields:
    \begin{itemize}
        \item \texttt{msg\_type}: the type of the last received message.
            One of \texttt{CONF\_DONE}, \texttt{READY} \texttt{UNDERRUN}.
        \item \texttt{fault\_detect}: a hash indicating if a fault detection signal has been asserted.
            Contained keys: \texttt{ANY}, \texttt{1}, \texttt{2}
        \item \texttt{error}: another hash indicating any error flags sent by the \ac{FIC}.
            Contained keys: \texttt{ANY}, \texttt{I} (ID mismatch), \texttt{C} (CRC error), \texttt{U} (malformed UART frame)
    \end{itemize}
    \item The start and end time of the test execution in fractional seconds since the Unix epoch.
    \item A reference to the faulty \texttt{FIJI::Tests}.
    \item All available log messages as display in the respective UI.
\end{itemize}

Any return value of the script is ignored.

Christian Fibich's avatar
Christian Fibich committed
419
420
421
422
\subsubsection{Export}

Once a fault injection test has been completed (either a complete sequence 
has been downloaded, a fault detect line reported an error, the user aborted
423
the sequence or manual downloading, or a transmission error occurred), this
Christian Fibich's avatar
Christian Fibich committed
424
425
426
427
test run can be exported for reproducing it at a later time in hardware or
in simulation.

This is done using the \textit{Export} menu entry in the \textit{Control Area}
428
(marked as (1) in \Cref{fig:download_gui}). This menu provides the
Christian Fibich's avatar
Christian Fibich committed
429
430
431
432
433
434
435
following entries:

\begin{itemize}
    \item \textit{As Test Configuration}: This will open a dialog to save
          the completed test run as a \textit{\ac{FIJI} Tests} file for 
          later re-execution.
    \item \textit{As RTL Simulation Template}: This will export the current
Stefan Tauner's avatar
Stefan Tauner committed
436
          test run to VHDL-2008 and System Verilog templates for \ac{RTL} simulation.
Christian Fibich's avatar
Christian Fibich committed
437
          This HDL description contains (1) fault injection logic templates
Stefan Tauner's avatar
Stefan Tauner committed
438
          which have to be integrated into the various \ac{RTL} modules manually,
439
          and (2) a scheduling process that controls these templates using
Christian Fibich's avatar
Christian Fibich committed
440
441
442
443
          hierarchical identifiers whose path also has to be adapted.
    \item \textit{As VHDL architecture for gate-level simulation}: This
          generates a simulation-only architecture for the top-level
          fault injection module. It is intended to be used as a replacement
444
          for the \texttt{struc} architecture when synthesizing the
Christian Fibich's avatar
Christian Fibich committed
445
446
447
448
449
450
451
452
          design for fault injection tests.
          Thus, for performing a gate-level simulation with the recorded
          faults, a testbench for the fault injection wrapper
          module needs to be generated, and compiled with the modified netlist,
          the top-level entity of the fault injection logic as well as
          its dependencies (packages) and the exported simulation architecture.
\end{itemize}

Christian Fibich's avatar
Christian Fibich committed
453
\subsection{Gate-Level Simulation}
Christian Fibich's avatar
Christian Fibich committed
454

455
456
457
As mentioned above, \ac{FIJI} helps with re-executing a test that ran in actual
hardware as a gate-level simulation. To that end, \textit{\ac{FIJIEE}} tools
are able to export the executed tests as a VHDL architecture for the top-level
Christian Fibich's avatar
Christian Fibich committed
458
entity of the fault injection logic. This architecture replaces the \ac{FIC} and
459
the \acp{FIU} with a simulation-only description that sets the modified
Christian Fibich's avatar
Christian Fibich committed
460
461
462
463
464
465
466
net outputs according to the timing of the test run previously executed in
hardware.

To perform a gate-level simulation with a previously executed test sequence,
the following steps need to be performed:

\begin {enumerate}
467
468
    \item Perform a ``Sequence'' or ``Random'' test using a \textit{\ac{FIJIEE}} tool
       until a fault is detected.
Christian Fibich's avatar
Christian Fibich committed
469

470
    \item  Export the test run to a ``VHDL architecture for gate-level simulation''.
Christian Fibich's avatar
Christian Fibich committed
471
472
473
474
475
476
477
478
479

    \item  Set up a work library and compile the FPGA primitives required
           for gate-level simulation into that library using a logic simulator.

    \item Compile the following source files into the work library:
        
        \begin{itemize}
            \item \texttt{<path/to/fiji>/hw/rtl/fault\_selection\_type\_pkg.vhd}:

480
                  the 'fault selection type' required by the fault injection logic's top level
Christian Fibich's avatar
Christian Fibich committed
481

482
            \item the VHDL configuration package generated by \textit{\ac{FIJI} instrument}
Christian Fibich's avatar
Christian Fibich committed
483
        
484
            \item the following required parts of the FIJI HDL source:
Christian Fibich's avatar
Christian Fibich committed
485
486
487
488
489
490
491

                \begin{itemize}
                    \item \texttt{<path/to/fiji>/hw/rtl/private\_config\_pkg.vhd}
                    \item \texttt{<path/to/fiji>/hw/rtl/fault\_injection\_top\_pkg.vhd}
                    \item \texttt{<path/to/fiji>/hw/rtl/fault\_injection\_top\_.vhd}
                \end{itemize}

492
            \item the simulation architecture exported by \textit{\ac{FIJIEE}}
Christian Fibich's avatar
Christian Fibich committed
493

494
            \item the instrumented netlist generated by \textit{\ac{FIJI} instrument}
Christian Fibich's avatar
Christian Fibich committed
495

496
            \item the VHDL wrapper generated by \textit{\ac{FIJI} instrument}
Christian Fibich's avatar
Christian Fibich committed
497

498
            \item a testbench which instantiates the VHDL wrapper and supplies stimuli to its inputs
Christian Fibich's avatar
Christian Fibich committed
499
500
501
502
503
        \end{itemize}

    \item Run the simulation until the simulation architecture of the
          fault injection logic reports the end of the test run.
\end{enumerate}