Safety analysis gets an upgrade
With traditional fault simulation only the most basic of fault conditions (stuck-at-1/0) may be analyzed. However, more complex faults can also cause disruption, and these should also be handled appropriately.
Transient faults, if occurring at the wrong time on the wrong signal, can be as catastrophic as a permanent fault. The ideal safety mechanism to trap such faults is hardened flips-flops, using an approach known as Triple Modular Redundancy (TMR). A single flip-flop is replaced by three flip-flops. The flip-flop outputs are compared and if one is different it is assumed faulty and the other two are used to provide the correct signal.
The problem with flip-flop hardening is that the size and power consumption of the flip-flops is dramatically increased. If it is not possible to accurately assess which flip-flops to harden, using selective hardening, a large number of them will be changed, significantly degrading the performance and power consumption of the entire device. In most designs some flip-flops will only be updated on a small percentage of clock cycles (e.g. control registers) or will not perform critical functions, whereas others perform key functions or are updated on every clock cycle (e.g. datapath registers).
To calculate the potential FiT rate of a design that might experience transient faults during operation, a workload set of tests must be designed that target a specific flip flop with a broad range of transient fault types. This allows the Architectural Vulnerability Factor (AVF) of the flip flop to be very accurately estimated. Combining the AVFs of all the flips flops may be used to provide an assessment of the FiT rate.