200 likes | 337 Vues
Design Seminar on Actel SX-A and RTSX-S Programmed Antifuses. Richard B. Katz Head, NASA Office of Logic Design April 13, 2004. Topics for this Seminar. Lastest information - this is an informal presentation Review of NASA-DoD Independent Assessment Team findings
 
                
                E N D
Design SeminaronActel SX-A and RTSX-S Programmed Antifuses Richard B. Katz Head, NASA Office of Logic Design April 13, 2004
Topics for this Seminar • Lastest information - this is an informal presentation • Review of NASA-DoD Independent Assessment Team findings • Review of recent NASA Advisory • Background and Fundamentals of the programmed antifuse problem • Technical Discussions • Parts Handling • Output Drive • Simultaneous Switching Outputs • Electrical Overstress Model • PCB Layout Issues • Oscilloscope Probing • IBIS Models and Simulation • "Industry Tiger Team" Activities
NASA-DoD Independent Assessment Team Members Richard Katz – ChairHead, NASA Office of Logic Design Robert Kichak – Co-Chair Discipline Chief Engineer, NASA Engineering and Safety Center Rod Barto NASA Office of Logic Design Lisa Coe NASA Marshall Space Flight Center Marty Fraeman Johns Hopkins University/Applied Physics Laboratory Kevin Hames NASA Johnson Space Center EV15 Andy Kostic Missile Defense Agency Technical Risk Manager Henning Leidecker Chief Parts Engineer, NASA Goddard Space Flight Center Jay Schaefer Senior Engineer, National Security Agency Geoffrey Yoder NASA Johnson Space Center, EV5 Parts, Packaging, and Manufacturing Branch Chief Consultants Steven ScottNASA GSFC Chief Engineer; NESC Fred Felt Analyst; Code 562 “Gans” University of Maryland; CALCE
Ground the TRST* Pin Now!!!!! • Extremely common application error • Not specific to FPGAs • Very serious • Can result in total loss of control • See OLD News #7 • “TRST* and the IEEE JTAG 1149.1 Interface” • http://klabs.org/richcontent/old_news/old_news_7/old_news_7.htm • NASA Advisory “in process”
Part Margins • Modern, high-speed devices have lower margins in general • These devices have lower margins in particular • Careful attention to all specifications • VCCA • Input/Output
Damaged Programmed Antifuses • Long-term reliability and stability unknown • Prop delays can change from tens of nanoseconds to microseconds • Conservative replacement of potentially overstressed parts. • Do not always have a parameter externally detectable to indicate failure; passing functional tests does not prove reliability • Internal probing through test port can detect a subset of failures
Are These Devices Reliable? • Can not give a 100% answer • Most uses (> 106 devices) are successful • "Clusters of failures" seen at a few aerospace organizations • Damage detected in both commercial and space parts – not lot or part number specific • There are unknowns • Data sets • Parts under analysis • Antifuse stress for space parts are lower than commercial parts during operation, by design • Large number of parts went through qualification testing • Note that 0 failures have been detected in 0.22 µm/UMC SX-A devices.
Recommendations - Actel • Improve data sheet - prominent warnings, cautions, and recommendations • Future devices, easier to design with • Was a goal for these devices • Improve programming software and reporting; tighten limits if practical • Increase testing • Real-world applications • Test-to-failure.
Recommendations - Users • Conservative application recommended • Not all applications are conservative • Signal and power integrity, loading issues • Centralized programming station per facility • Power conditioning • Statistics • Carefully review screening data from manufacturer for outliers • Credible risk in ATE and PBBI testing • Must be justified quantitatively • If done, must be subject to a rigorous review since they are creating an electrical environment for flight parts.
Recently … • NASA Advisory Released • NA-GSFC-2004-06 • OLD News #15 Released
Now and in the Future … • Application notes being developed and released • Nothing fundamentally new • Stress conservative practices • Document lessons learned from reviewing designs and investigating problems • See Old News #15 and NA-GSFC-2004-06 • Workshop at MAPLD 2004 • “PLD Failures, Analyses, and the Impact on Systems” • Lead by: • Jay C. Schaefer, National Security Agency • Kay Jobe, Boeing • Aerospace Corp. will present results from "Industry Tiger Team" • http://klabs.org/mapld04
Some TipsJust Brief Notes – Applications Notes Published • Simultaneous Switching Outputs • Ground Bounce • Signal Integrity • Power Integrity • Loading
Some TipsJust Brief Notes – Applications Notes to be Published • Simultaneous Switching Outputs • Limit the number of them • Use low slew outputs • Spread them around the IC – do not tightly group outputs to make the PCB layout “pretty”
Some TipsJust Brief Notes – Applications Notes to be Published • Simultaneous Switching Outputs - Continued • “Stagger” bus switching • Best using clock edges • Can use delay elements • Some things to consider • Back end optimizers will eliminated delay logic unless instructed not to do that (e.g., BUFD, PRESERVE) • Hand place delay elements • SX-A/SX-S has three levels of routing • Guide the routing so that the delay path is not “optimized”
Some TipsJust Brief Notes – Applications Notes to be Published • Ground Bounce • Measure this in all systems • PCI bus precharges to all ‘1’s • This leads to lots of simultaneous 1  0 transitions • Examine JTAG test sequences • May be worst-case SSO for your system
Some TipsJust Brief Notes – Applications Notes to be Published • Signal Integrity • Drivers are *HOT* • 1-2 ns transition times • Short circuit output current ~ 240 mA • Much higher than the familiar Act 2, 3 • Need to terminate becoming more common – signals outside the rails can be bad. • Moderate length runs on PCBs • Backplanes • Harnesses/connectors • Models, tools, and application notes available
Some TipsJust Brief Notes – Applications Notes to be Published • Power Integrity • Use robust bypass capacitors • Reviews show usage often inadequate • Care to be taken with power and ground planes • Use separate planes for VCCA, VCCI, and ground • Ensure that vias do not affect the ability of bypass caps to do their job • Measure performance under worst-case conditions • Power-on transient (overshoot) – was identified as a vulnerable time. • Operational • Temperature
Some TipsJust Brief Notes – Applications Notes to be Published • Loading • Large memory arrays • Be careful with MCMs, multiple loads per pin • Backplanes • Harnesses • Isolate • Buffers (although there is often resistance to using discrete parts, they have not yet been outlawed by the FPGA union) • Resistors
Conclusion Specification limits need to be followed: "These are the specs and we mean it!“ Actel Corporation, January 7, 2004.