Hardware Design Methods - Electrical and Computer Engineering
Transcript of Hardware Design Methods - Electrical and Computer Engineering
Nov. 2007 Hardware Implementation Strategies Slide 1
Fault-Tolerant ComputingHardware Design Methods
Nov. 2007 Hardware Implementation Strategies Slide 2
About This Presentation
Edition Released Revised Revised
First Nov. 2006 Nov. 2007
This presentation has been prepared for the graduate course ECE 257A (Fault-Tolerant Computing) by Behrooz Parhami, Professor of Electrical and Computer Engineering at University of California, Santa Barbara. The material contained herein can be used freely in classroom teaching or any other educational setting. Unauthorized uses are prohibited. © Behrooz Parhami
Nov. 2007 Hardware Implementation Strategies Slide 3
Hardware Implementation Strategies
Nov. 2007 Hardware Implementation Strategies Slide 4
Nov. 2007 Hardware Implementation Strategies Slide 5
Multilevel Model of Dependable Computing
Component Logic Service ResultInformation SystemLevel →
Low-Level Impaired Mid-Level Impaired High-Level ImpairedUnimpaired
EntryLegend: Deviation Remedy Tolerance
Idea
l
Def
ectiv
e
Faul
ty
Err
oneo
us
Mal
func
tioni
ng
Deg
rade
d
Faile
d
Nov. 2007 Hardware Implementation Strategies Slide 6
Hardware-Based Tolerance/Recovery MethodsData path methods:Replication in space (costly)
Duplicate and compareTriplicate and votePair-and-spareNMR/hybrid
Replication in time (slow?)Recompute and compareRecompute and voteAlternating logicRecompute after shiftRecompute after swapReplicate operand segments
Mixed space-time replicationMonitoring (imperfect coverage)
Watchdog timerActivity monitor
Low-redundancy codingParity predictionResidue checkingSelf-checking design
Control unit methods:Coding of control signalsControl-flow watchdogSelf-checking design
Data path
.
.
....
……
……
…
…Inputs Outputs
Control unit
Control signals
Condition signalsGlue logic
Glue logic methods:Self-checking design
Nov. 2007 Hardware Implementation Strategies Slide 7
Replication of Data-Path Elements in Space
Pair-and-spare
VS2
3
1
4 Switch-voterSpare
V2
3
1Voter
C
1
Comparator2 Error
C
1
Comparators
2 Error
C
1′
2′ Error
S
Switch
NMR/Hybrid
Duplicate and compare
Triplicate and vote
The following schemes have already been discussed in connection with fault tolerance
Nov. 2007 Hardware Implementation Strategies Slide 8
Main Drawback of Replication in TimeCan be slow, but in many control applications, extra time is available
Interleaving of the primary and duplicate computations saves time
Schedule with 1 adder
+
+
×
+ +
× + +
×
Duplicate computation
+
+
×
Duplicate computation
Computation flowgraph, and schedule with 2 adders
t0
t0 + 1
t0 + 2
Nov. 2007 Hardware Implementation Strategies Slide 9
Recompute and Compare /VoteRepeat computation and store the results for comparison or voting
Comparison or voting need not be done right away; primary result may be used in further computations, with the result subsequently validated, if appropriate+ +
× + +
×
Duplicate computation
+ +
×
Triplicate computation
Use as operand in further computations,
while awaiting confirmation of validity
On a simultaneous multithreading architecture, multiple instruction streams may be interspersed
Some Cray machines take advantage of extensive hardware resources to execute instructions twice
Nov. 2007 Hardware Implementation Strategies Slide 10
Alternating Logic: Basic IdeasTransmission of data over unreliable wires or buses
Send data; store at receiving endSend bitwise complement of dataCompare the two versionsDetects wires s-a-0 or s-a-1, as well as many transients
The dual of a Boolean function f(x1, x2, . . . , xn) is another function fd(x1, x2, . . . , xn) such that fd(x1′, x2′, . . . , xn′) = f ′(x1, x2, . . . , xn)
Fact: Obtain the dual of f by exchanging AND and OR operators in its logical expression. For example, the dual of f = ab ∨ c is fd = (a ∨ b)c
f
fd
Inputs
Compl. inputs
Error
OutputAdvantages of this approach compared to duplication include a smaller probability of common errors
Nov. 2007 Hardware Implementation Strategies Slide 11
Alternating Logic: Self-Dual FunctionsA function f is self-dual if f(x1, x2, . . . , xn) = fd(x1, x2, . . . , xn)
With a self-dual function f, the functions f and fd in the diagram above can be computed by using the same circuit twice (time redundancy)
f
fd
Inputs
Compl. inputs
Error
OutputFor example, both the sum a ⊕ b ⊕ c and carry ab ∨ bc ∨ caoutputs of a full-adder are self-dual functions
Many functions of practical interest are self-dual
Use same circuit twice
Examples (proofs left as exercise)A k-bit binary adder, with 2k + 1 inputs and k + 1 outputs, is self-dualSo are 1’s-complement and 2’s-complement versions of such an adder
Nov. 2007 Hardware Implementation Strategies Slide 12
Recomputing with Transformed OperandsAlternating logic is a special case of the following general scheme, with its encoding and decoding functions being bitwise complementation
Recompute after shiftWhen f is binary addition, we can use shifts for encoding and decodingShifting causes the adder circuits to be exercised differently each timeOriginally proposed for ALUs with bit-slice organization
f
g
Inputs
Error
Output
e dInputs
Encode Decode
Recompute after swapWhen f is binary addition, we can use swaps for encoding and decoding
Swap the two operands; e.g., compute b + a instead of a + bSwap upper and lower halves of the two operands (modified adder)
XNOR if lower path finds complement of the result
Nov. 2007 Hardware Implementation Strategies Slide 13
Time-Redundant, Segmented AdditionInstead of using a k-bit adder twice for error detection or 3 times for error correction, one can segment the operands into 2 or 3 parts and similarly segment the adder; perform replicated addition on operand segments and use comparison/voting to detect/correct error
C
FF
Error
cout
Lower half of adder
Upper half of adder
Comparator
xLxH
yLyH
cin
Various other segmentation schemes have been suggestedExample: 16-bit adder with 4-way segmentation and voting
Sum computed in two cycles: The lower half in cycle 1, andthe upper half in cycle 2
Townsend, Abraham, and Swartzlander, 2003
Nov. 2007 Hardware Implementation Strategies Slide 14
Mixed Space-Time ReplicationInstead of duplicating the computation with no hardware change (slow) or duplicating the entire hardware (costly), we can add some hardware
to make the interleaved recomputations more efficient
Recomputation with same hardware resources (T = 5, excluding compare time)
Originalcomputation
(T = 3)
+
+
×
Recomputation with the inclusion of an extra adder(T = 3, excluding compare time)+ +
× + +
×
+
+
×
Duplicate computation
Consider the effect of including a second adder
Nov. 2007 Hardware Implementation Strategies Slide 15
Monitoring via Watchdog TimersMonitor or watchdog is a hardware unit that checks on the activities of a function unit
Watchdog is usually much simpler, and thus more reliable, than the unit it monitors
Functionunit
Monitor or watchdog
Watchdog timer counts down, beginning from a preset numberIt expects to be preset periodically by the unit that it monitorsIf the count reaches 0, the watchdog timer raises an exception flag
Watchdog timer can also help in monitoring unit interactionsWhen one unit sends a request or message, it sets a watchdog timerIf no response arrives within the allotted time, a failure is assumed
Watchdog timer obviously does not detect all problemsIt verifies “liveness” of the unit it monitors (good with fail-silent units)Often used in conjunction with other tolerance/recovery methods
Nov. 2007 Hardware Implementation Strategies Slide 16
Activity MonitorWatchdog unit monitors events occurring in, and activities performed by, the function unit (e.g., event frequency and relative timing)
Functionunit
Activity monitor
Observed behavior is compared against expected behavior
The type of monitoring is highly application-dependent
Example: Monitoring of program or microprogram sequencingActivity monitor receives contents of (micro)program counterIf new value is not incremented version of old value, then it ascertains that the instruction just executed was a branch or jump
Example: Matching assertions/firings of control signals or unitsagainst expectations for the instructions executed
Nov. 2007 Hardware Implementation Strategies Slide 17
Design with Parity Codes and Parity PredictionOperands and results are parity-encodedParity is not preserved over arithmetic and logic operations
/ k
/ k
/ k
Parity- encoded inputs
ALU
Error signal
Parity- encodedoutput
Parity generator
Ordinary ALU
Parity predictor
Parity prediction is an alternative to duplication
Compared to duplication:Parity prediction often involves less overhead in time and spaceThe protection offered by parity prediction is not as comprehensive
Nov. 2007 Hardware Implementation Strategies Slide 18
Parity Prediction for an AdderOperand A: 1 0 1 1 0 0 0 1 Parity 0Operand B: 0 0 1 1 1 0 1 1 Parity 1
A ⊕ B 1 0 0 0 1 0 1 0
Carries: 0 0 1 1 0 0 1 1 Parity 0Sum S: 1 1 1 0 1 1 0 0 Parity 1
p(S) = p(A) ⊕ p(B) ⊕ c0 ⊕ c1 ⊕ c2 ⊕ . . . ⊕ ck
Inputs Must compute second versions of these carries to ensure independence
Parity-checkedadder
A, p(A) B, p(B)
S, p(S)
c0
Parity predictor for our adder consists of a duplicate carry network and an XOR tree
Nov. 2007 Hardware Implementation Strategies Slide 19
Coding of Control SignalsEncode the control signals using a separable code (e.g., Berger code)Either check in every cycle, or form a signature over multiple cycles
Microprogram memory or PLA
op (from instruction register) Control signals to data path
Address 1
Incr
MicroPC
Data
0
Sequence control
0 1 2 3
Dispatch table 1
Dispatch table 2
Microinstruction register
In a microprogrammed control unit, store the microinstruction address and compare against MicroPC contents to detect sequencing errors
Check bits
Nov. 2007 Hardware Implementation Strategies Slide 20
Control-Flow WatchdogWatchdog unit monitors the instructions executed and their addresses (for example, by snooping on the bus)
Instructionsequencer
Control-flow Watchdog
The watchdog unit may have certain info about program behaviorControl flow graph (valid branches and procedure calls)Signatures of branch-free intervals (consecutive instructions)Valid memory addresses and required access privileges
In an application-specific system, watchdog info is preloaded in itFor a GP system, compiler can insert special watchdog directives
Overheads of control-flow checkingWider memory due to the need for tag bits to distinguish word typesAdditional memory to store signatures and other watchdog infoStolen processor/bus cycles by the watchdog unit
Nov. 2007 Hardware Implementation Strategies Slide 21
Preview of Self-Checking Design
Covered in next lecture Functionunit
Status
Encoded input
Encoded output
Self-checking checker
Functionunit 1
Encoded input
Self-checking checker
Functionunit 2
Encoded output
Self-checking checker
Function unit designed such that internal faults manifest themselves as an invalid output
Can remove this checker if we do not expect both units to fail and Function unit 2 translates any noncodeword input into noncode output
Output of multiple checkers may be combined in self-checking manner