Post silicon validation basics of investing

Your smartphone, award-winning VR gaming, the world's fastest supercomputer — our engineers are designing the advanced core processors leading the race towards a connected, autonomous, hyper-performance future. Job Overview Sr. Responsible for owning Post-Si validation workstreams ex: ATE, Board level validations, drive infrastructure development, capabilities, methodology, and debug of issues in post-Silicon validation.

Influence internal and external teams to improve product quality and TTM. Drives capabilities and improvements to the system validation platform to improve test coverage, debug capability and board level functionality. This includes integrating debug tools, power measurements, voltage control, logging, and other board level architecture to improve validation quality, debug times, coverage, and automation.

Owns System Validation SW infrastructure, test methodology, and debug techniques across the validation team. Follow through from pre-silicon design tools timing closure to post-silicon validation results by motivating changes into design timing tools to more accurately simulate real-world silicon behavior. Intimately involved in all debug activities from pre-silicon to customer ramp. This includes driving silicon fixes into future products and revisions, finding and implementing SW and HW solutions to work-around silicon and system bugs, and influencing product engineering manufacturing test programs, kill limits, voltage guard-bands and test SW to improve yields and DPM.

As the last line of defense on customer level issues. Directly interacts with customer teams, SW teams, design teams, application Engineers to quickly root-cause and resolve customer lines-down and ramp limiting issues. Ultimate goal is to ramp products quickly and improve TTM. Continuously drive validation improvements to find bugs earlier in the product Builds close relationships with external teams to improve quality, and develop new cross-group BKMs to improve product quality and TTM.

Owns thermal management scheme for the company used to ensure silicon operates within thermal limits and maintains basic level of performance. Drive characterization of silicon across process, temperature, and voltage for all major sub-systems in the SOC. Reasoning[ edit ] Large semiconductor companies spend millions creating new components; these are the " sunk costs " of design implementation. Consequently, it is imperative that the new chip function in full and perfect compliance to its specification, and be delivered to the market within tight consumer windows.

Even a delay of a few weeks can cost tens of millions of dollars. Post-silicon validation is therefore one of the most highly leveraged steps in successful design implementation. Validation[ edit ] Chips comprising , logic elements are the silicon brains inside cell phones, MP3 players, computer printers and peripherals, digital television sets, medical imaging systems, components used in transportation safety and comfort, and even building management systems.

Either because of their broad consumer proliferation, or because of their mission-critical application, the manufacturer must be absolutely certain that the device is thoroughly validated. Today, much of this work is done manually, which partially explains the high costs associated with system validation.

However, there are some tools that have been recently introduced to automate post-silicon system validation. Observability[ edit ] Simulation-based design environments enjoy the tremendous advantage of nearly perfect observability , meaning the designer can see any signal at nearly any time. They suffer, however, from the restricted amount of data they can generate during post-silicon system validation. Many complicated devices indicate their problems only after days or weeks of testing, and they produce a volume of data that would take centuries to reproduce on a simulator.

FPGA -based emulators, a well-established part of most implementation techniques, are faster than software simulators but will not deliver the comprehensive at-system-speed tests needed for device reliability. Moreover, the problem of post-silicon validation is getting worse, as design complexity increases because of the terrific advances in semiconductor materials processing.

Apologise, can even odds betting explained remarkable, rather

It is common for compatibility validation to include over a dozen operating systems of different flavours, more than a hundred peripherals and over applications. Electrical validation Electrical validation exercises electrical characteristics of the system, components and platforms to ensure an adequate electrical margin under worst-case operating conditions.

Validation is done with respect to various specification and platform requirements. For example, input-output validation uses platform quality and reliability targets. As with compatibility validation, a key challenge is the size of the parameter space. For system quality and reliability targets, validation must cover the entire spectrum of operating conditions voltage, current, resistance, etc for millions of parts.

The current state of practice in electrical validation is an integrated process of 1 sampling the system response for a few sample parts, 2 identifying operating conditions under which the electrical behaviour lies outside specification and 3 optimisation, re-design and tuning as necessary to correct the problem. Unlike logic and compatibility validation, electrical validation must account for statistical variation of system performance and noise tolerance across different process corners.

PRQ requires the average defect to be low, typically less than 50 parts per million. Speed path validation The objective of speed path validation is to identify frequency-limiting design paths in the hardware. Because of variations, switching performance of different transistors in the design varies. This leads to data being propagated at different rates along different circuit paths. Speed at which the circuit can perform is ultimately constrained by the limitations of the slowest in terms of data propagation speed path in the design.

Identifying such slow paths is therefore crucial in optimising design performance. Speed path analysis includes identification of a potentially slow transistor, among millions or billions of these in a design, responsible for the speed path and the execution cycle over a test, potentially millions of cycles long that causes a slow transition. Speed path debug makes use of a number of technologies including specialised testers, shmoo 2D plot of chip failure pattern over voltage and frequency axes, DfD instrumentation available for observability, as well as laser-assisted observation of design internals and techniques for stretching and shrinking clock periods.

More recently, analysis techniques based on formal methods have been successfully used for speed path identification. Despite these latest developments, a significant ingenuity is necessary to isolate frequency-limiting paths for modern designs. Obviously, the above list of activities is not exhaustive. In addition to the above, validation covers behaviour of the system under extreme temperatures, physical stress and the like.

Even the categories themselves are not cast in stone. Post-silicon validation in practice typically involves close collaboration between validators of different areas. In many cases, it is impossible to validate the hardware without also considering at least the firmware running on different IP cores.

Indeed, post-silicon functional validation today often refers to the union of logic and compatibility validation. Observability and controllability limitations Limitations in observability and controllability constitute one of the key factors that distinguish validation based on a silicon artefact from pre-silicon activities. The problem arises because it is not possible to observe or control the billions of internal signals of the design during silicon execution.

In order to observe a signal, its value must be routed to an observation point, such as an external pin or internal memory for instance, trace buffer. Consequently, the amount of observation that can be performed is limited by the number of pins or by the amount of memory dedicated for debug observability. Similarly, the amount of controllability depends on the number of configuration options defined by the architecture.

Both observability and controllability must be accounted for during the designing of the chip, since the hardware needs to be in place to route appropriate design signals to an observation point or to configure the system with specific controls. On the other hand, during design, one obviously does not know what kind of design bugs may show up during post-silicon validation and what signals would be profitable to observe to debug these. The current state of industrial practice primarily depends on designer experiences to identify observability.

Any missing observability is typically only discovered at post-silicon—in the form of failure to root cause a given failure. Fixing observability at that time would require a new silicon spin, which is typically impractical.

Streamlining observability and error sequentiality Traditional software or pre-silicon hardware debugging tends to work by sequentially finding and fixing bugs. We find a bug, fix it and then go on to finding the next bug. Unfortunately, this natural mental model of debugging breaks down for post-silicon. In particular, fixing a hardware bug found during post-silicon would require a new stepping. Consequently, when a bug is discovered—even before the root cause for the bug is identified—one must find a way to workaround the bug to continue the post-silicon validation and debug process.

Finding such workarounds is a challenging and creative process. On one hand, the workaround must eliminate the effect of the bug; on the other, it must not mask other bugs from being discovered. Debugging in the presence of noise A consequence of the fact that we are using actual silicon as the validation vehicle is that we must account for factors arising from physical reality in functional debug, that is, effects of temperature, electrical noise and others.

A key challenge in post-silicon validation is to consequently find a recipe for example, via tuning of different physical, functional and non-functional parameters to make a bug reproducible. On the other hand, the notion of reproducibility in post-silicon is somewhat weaker than in pre-silicon validation. Since post-silicon validation is fast, an error that reliably appears once in a few executions even if not per cent of the time is still considered reproducible for post-silicon.

Nevertheless, given the large space of parameters, ensuring reproducibility to the point that one can use it to analyse and diagnose the error is a significant challenge. Security and power management challenge Modern SoC designs incorporate highly-sophisticated architectures to support aggressive energy and security requirements. These architectures are typically defined independently by disparate teams with complex flows and methodologies of their own, and include their unique design, implementation and validation phases.

The challenge of security on observability is more direct. SoC designs include a large number of assets, such as cryptographic keys, DRM keys, firmware, debug mode and the like, which must be protected from unauthorised access. Unfortunately, post-silicon observability and DfD infrastructure in silicon provide an obvious way to access such assets. Further, much of the DfD infrastructure is available on-field to facilitate survivability. This permits their exploitation by malicious hackers to gain unauthorised access to system assets after deployment.

Indeed, many celebrated system hacks have made use of post-silicon observability features, causing devastating impact to the product and company reputation once carried out. Consequently, a knee-jerk reaction is to restrict DfD features available in the design. On the other hand, lack of DfD may make post-silicon validation difficult, long and even intractable. This may delay the product launch. With aggressive time-to-market requirement, a consequence of such delays can be a loss of billions of dollars in revenue or even missing the market for the product altogether.

Power management features also affect observability, but in a different manner. Power management features focus on turning off different hardware and software blocks at different points of execution, when not functionally necessary. The key problem is that observability requirements from debug and validation are difficult to incorporate within the power management framework. In particular, if a design block is in a low-power state, it is difficult to observe or infer the interaction of the block with other IPs in the SoC design.

Lack of observability can affect debug of IPs different from the one subjected to power management. For example, consider debugging IP A during a specific silicon execution. For this purpose, signals from A need to be routed to some observation point such as a memory or output pin.

Suppose, the routing includes IP B, which is in no way functionally dependent on A. It is possible then for B to be powered down during a part of the execution when A is active. However, this means that the route of observable signals from A is not active during that time, resulting in no observability of the internal behaviour of A.

One approach to address this challenge is to disable power management during silicon debug. However, this restricts the ability to debug and validate power management protocols themselves, for example, sequence of activities that must happen in order to transition an IP to different sleep or wake-up states. Developing a post-silicon observability architecture that accounts for security and power management constraints is highly non-trivial.

Planning The primary goal of post-silicon validation is to identify design errors by exploiting the speed of post-silicon execution. It should be clarified that it is not necessary for post-silicon validation to completely diagnose or root cause a bug. The goal is to narrow down from a post-silicon failure to an error scenario that can be effectively investigated in pre-silicon environment.

Since a physical object silicon is involved in the validation process, the path is from an observed failure for example, system crash to a resolution of the root cause for failure. Test execution This involves setting up the test environment and platform, running the test and, in case the test fails, performing some obvious sanity checks like, checking if the SoC has been correctly set up on the platform, power sources are connected and switches are set up as expected for the test.

If the problem is not resolved during sanity check, it is typically referred to as a pre-sighting. Pre-sighting analysis The goal of pre-sighting analysis is to make failure repeatable. This is highly non-trivial, since many failures occur under highly-subtle and coordinated execution of different IP blocks. This may result in a buffer overflow eventually resulting in a system crash , when occurring in a state in which input queue of C has only one slot left and before C has had the opportunity to remove some items from the queue.

Making failure repeatable requires running the test several times, under different software, hardware, systems and environmental conditions possibly with some knowledge and experience on potential root causes until a stable recipe for failure is discovered.

At that point, failure is referred to as sighting. Sighting disposition Once a failure is confirmed as a sighting, a debug team is assigned for its disposition. This includes developing plans to track, address and create workarounds for the failure. The plan typically involves collaboration among representatives from architecture, design and implementation as well as personnel with expertise in specific design features exercised in the failing tests for example, power management and secure boot.

Bug resolution Once a plan of action has been developed for a sighting, it is referred to as a bug. A team is assigned for ensuring that it is resolved in a timely manner based on the plan. Resolution includes finding a workaround for the failure to enable exploration of other bugs and triaging, and identifying the root cause for the bug. Triaging and root causing bugs are two of the most complex challenges in post-silicon validation.

In particular, root cause for a failure observed on a specific design component can be in a completely different part of the design. One of the first challenges is to determine whether the bug is a silicon issue or a problem with design logic. If it is determined to be a logic error, the goal is typically to recreate it on a pre-silicon platform such as RTL simulation and FPGA. The exact post-silicon scenario cannot be exercised in a pre-silicon platform.

One second of silicon execution takes several weeks or months to exercise on RTL simulation. Consequently, bulk of the creative effort in post-silicon creates a scenario that exhibits the same behaviour as the original post-silicon failure but involves an execution small enough to be replayable in pre-silicon platforms. In addition to this key effort, other activities for bug resolution include grouping and validating the bug fix.

The same design error might result in different observable failures for different tests. For example, a deadlock in a protocol might result in a system crash in one test and a hang in another. Given aggressive validation schedules, it is imperative not to waste resources to debug the same error twice. Consequently, it is critical to group together errors arising from the same root cause. This is a highly non-trivial exercise. One must bucket errors with the same or similar root cause but with possibly different observable failures before analysing these.

Finally, once a fix has been developed, one must validate the fix itself to ensure that neither does it correct the original error nor introduce a new one. Given the scope and complexity of post-silicon validation and the aggressive schedule under which it must be performed, it is clear that it needs meticulous planning. Each validation has methodologies to mitigate these. This part introduces the concept of validation.

Validation includes different tasks such as functional correctness, adherence to power and performance constraints for target use-cases, tolerance for electrical noise margins, security assurance, robustness against physical stress or thermal glitches in the environment, and so on. Validation is acknowledged as a major bottleneck in system-on-chip SoC design methodology. It accounts for an estimated 70 per cent of overall time and resources spent on SoC design validation. Post-silicon validation is a major bottleneck in SoC design methodology.

It takes more than 50 per cent SoC overall design effort. Due to increasing SoC design complexity coupled with shrinking time-to-market constraints, it is not possible to detect all design flaws during pre-silicon validation. Validation is clearly a crucial and challenging problem as far as diversity of critical applications of computing devices in the new era is concerned, along with the complexity of the devices themselves. Post-silicon validation makes use of a fabricated, pre-production silicon implementation of the target SoC design as the validation vehicle to run a variety of tests and software.

The objective of post-silicon validation is to ensure that the silicon design works properly under actual operating conditions while executing real software, and identify and fix errors that may have been missed during pre-silicon validation. Complexity of post-silicon validation arises from the physical nature of the validation target. It is much harder to control, observe and debug the execution of an actual silicon device than a computerised model.

Exact gtx 1060 ethereum mining hash message, matchless)))

Post-silicon validation makes use of a fabricated, pre-production silicon implementation of the target SoC design as the validation vehicle to run a variety of tests and software. The objective of post-silicon validation is to ensure that the silicon design works properly under actual operating conditions while executing real software, and identify and fix errors that may have been missed during pre-silicon validation.

Complexity of post-silicon validation arises from the physical nature of the validation target. It is much harder to control, observe and debug the execution of an actual silicon device than a computerised model. Post-silicon validation is also performed under a highly-aggressive schedule to ensure adherence to time-to-market requirements.

Post-silicon validation is done to capture escaped functional errors as well as electrical faults. Modern embedded computing devices are generally architected through an SoC design paradigm. An SoC architecture includes a number of pre-designed hardware blocks potentially augmented with firmware and software of well-defined functionality, often referred to as intellectual properties IPs.

These IPs communicate and coordinate with each other through a communication fabric or network-on-chip. The idea of an SoC design is to quickly configure these pre-designed IPs for target use-cases of the device and connect these through standardised communication interfaces. This ensures rapid design turn-around time for new applications and market segments. It can include one or more processor cores, digital signal processors DSPs , multiple coprocessors, controllers, analogue-to-digital converters ADCs and digital-to-analogue converters DACs , all connected through a communication fabric.

Pre-simulation strengths show accurate logic behaviour—98 per cent of logic bugs found, 90 per cent of circuit bugs found, straightforward debugging and inexpensive bug fixing. The challenge of security on observability is more direct. SoC designs include a large number of assets, such as cryptographic keys, DRM keys, firmware, debug mode and the like, which must be protected from unauthorised access.

Unfortunately, post-silicon observability and DfD infrastructure in silicon provide an obvious way to access such assets. Further, much of the DfD infrastructure is available on-field to facilitate survivability. This permits their exploitation by malicious hackers to gain unauthorised access to system assets after deployment.

Indeed, many celebrated system hacks have made use of post-silicon observability features, causing devastating impact to the product and company reputation once carried out. Consequently, a knee-jerk reaction is to restrict DfD features available in the design.

On the other hand, lack of DfD may make post-silicon validation difficult, long and even intractable. This may delay the product launch. With aggressive time-to-market requirement, a consequence of such delays can be a loss of billions of dollars in revenue or even missing the market for the product altogether.

Power management features also affect observability, but in a different manner. Power management features focus on turning off different hardware and software blocks at different points of execution, when not functionally necessary. The key problem is that observability requirements from debug and validation are difficult to incorporate within the power management framework.

In particular, if a design block is in a low-power state, it is difficult to observe or infer the interaction of the block with other IPs in the SoC design. Lack of observability can affect debug of IPs different from the one subjected to power management. For example, consider debugging IP A during a specific silicon execution. For this purpose, signals from A need to be routed to some observation point such as a memory or output pin. Suppose, the routing includes IP B, which is in no way functionally dependent on A.

It is possible then for B to be powered down during a part of the execution when A is active. However, this means that the route of observable signals from A is not active during that time, resulting in no observability of the internal behaviour of A. One approach to address this challenge is to disable power management during silicon debug. However, this restricts the ability to debug and validate power management protocols themselves, for example, sequence of activities that must happen in order to transition an IP to different sleep or wake-up states.

Developing a post-silicon observability architecture that accounts for security and power management constraints is highly non-trivial. Planning The primary goal of post-silicon validation is to identify design errors by exploiting the speed of post-silicon execution. It should be clarified that it is not necessary for post-silicon validation to completely diagnose or root cause a bug. The goal is to narrow down from a post-silicon failure to an error scenario that can be effectively investigated in pre-silicon environment.

Since a physical object silicon is involved in the validation process, the path is from an observed failure for example, system crash to a resolution of the root cause for failure. Test execution This involves setting up the test environment and platform, running the test and, in case the test fails, performing some obvious sanity checks like, checking if the SoC has been correctly set up on the platform, power sources are connected and switches are set up as expected for the test.

If the problem is not resolved during sanity check, it is typically referred to as a pre-sighting. Pre-sighting analysis The goal of pre-sighting analysis is to make failure repeatable. This is highly non-trivial, since many failures occur under highly-subtle and coordinated execution of different IP blocks. This may result in a buffer overflow eventually resulting in a system crash , when occurring in a state in which input queue of C has only one slot left and before C has had the opportunity to remove some items from the queue.

Making failure repeatable requires running the test several times, under different software, hardware, systems and environmental conditions possibly with some knowledge and experience on potential root causes until a stable recipe for failure is discovered. At that point, failure is referred to as sighting. Sighting disposition Once a failure is confirmed as a sighting, a debug team is assigned for its disposition. This includes developing plans to track, address and create workarounds for the failure.

The plan typically involves collaboration among representatives from architecture, design and implementation as well as personnel with expertise in specific design features exercised in the failing tests for example, power management and secure boot. Bug resolution Once a plan of action has been developed for a sighting, it is referred to as a bug. A team is assigned for ensuring that it is resolved in a timely manner based on the plan.

Resolution includes finding a workaround for the failure to enable exploration of other bugs and triaging, and identifying the root cause for the bug. Triaging and root causing bugs are two of the most complex challenges in post-silicon validation. In particular, root cause for a failure observed on a specific design component can be in a completely different part of the design. One of the first challenges is to determine whether the bug is a silicon issue or a problem with design logic.

If it is determined to be a logic error, the goal is typically to recreate it on a pre-silicon platform such as RTL simulation and FPGA. The exact post-silicon scenario cannot be exercised in a pre-silicon platform. One second of silicon execution takes several weeks or months to exercise on RTL simulation. Consequently, bulk of the creative effort in post-silicon creates a scenario that exhibits the same behaviour as the original post-silicon failure but involves an execution small enough to be replayable in pre-silicon platforms.

In addition to this key effort, other activities for bug resolution include grouping and validating the bug fix. The same design error might result in different observable failures for different tests. For example, a deadlock in a protocol might result in a system crash in one test and a hang in another.

Given aggressive validation schedules, it is imperative not to waste resources to debug the same error twice. Consequently, it is critical to group together errors arising from the same root cause. This is a highly non-trivial exercise. One must bucket errors with the same or similar root cause but with possibly different observable failures before analysing these. Finally, once a fix has been developed, one must validate the fix itself to ensure that neither does it correct the original error nor introduce a new one.

Given the scope and complexity of post-silicon validation and the aggressive schedule under which it must be performed, it is clear that it needs meticulous planning. Other requirements include defining post-silicon tests, test cards, custom boards and more. In fact, a crucial activity during the pre-silicon time frame is post-silicon readiness, that is, activities geared towards streamlined execution of post-silicon validation.

Post-silicon readiness activities proceed concurrently with system architecture, design, implementation and pre-silicon validation. The objective is to identify different coverage targets, corner cases and functionalities that need to be tested for the system being deployed. Post-silicon test plans are typically more elaborate than pre-silicon plans, since these often target system-level use-cases of the design that cannot be exercised during pre-silicon validation.

Test plan development starts concurrently with design planning. When the test plan development starts, a detailed design or even an elaborate microarchitecture for the most part is unavailable. Initial test planning, correspondingly, depends on high-level architectural specifications.

As the design matures and more and more design features are developed, test plans undergo refinement to account for these features. The plans also need to account for target applications, the new versus legacy IPs used in the system design and so on. On-chip instrumentation On-chip instrumentation refers to the DfD features integrated into the silicon to facilitate post-silicon debug and validation.

A key target of DfD is observability. Modern SoC designs include a significant amount of hardware for this purpose, with estimates running up to 20 per cent or more in silicon real estate in some cases. Two critical observability features are scan chains and signal tracing. Scan chains enable observability of the internal state of design. These are highly-mature architectures originally developed for identifying manufacturing defects in the circuit.

However, these also provide critical observability during post-silicon validation. Signal tracing, on the other hand, specifically targets post-silicon validation. The objective is to identify a small set typically s of internal signals of the design to be observed for each cycle during silicon execution. To achieve this, relevant signals are routed to an observation point, which can be either an output pin or a designated section of the memory referred to as trace buffer.

In addition to these two architectures, there are also instrumentations to transport internal register values off-chip, quickly access large memory arrays and so on. For example, in recent SoC designs, data transport mechanisms may re-purpose some of the communication mechanisms already present in the system, like USB ports. This requires a thorough understanding of both functionality and validation use-cases to ensure that these do not interfere when using the same interface.

Finally, there is instrumentation to provide controllability of execution, for example, by overriding system configuration, updating microcode on-the-fly during execution and so on. There has recently been significant research on improving post-silicon observability through disciplined DfD architecture.

Debug software is another crucial component of post-silicon validation readiness. It includes any software tool and infrastructure necessary to enable running post-silicon tests and facilitating debug, triage or validation of different coverage goals.

To achieve this, one needs to run an application software stack on the target system. Doing this by executing an application on top of an off-the shelf operating system is difficult. Modern operating systems like Linux, Windows, Android and MacOS are highly optimised for performance and power consumption, and are significantly complex. To enable debug of underlying hardware issues, one needs a highly-customised system software, with a reduced set of bells and whistles while including a number of hooks or instrumentations to facilitate debug, observability and control.

For example, one may want to trace the sequence of branches taken by an application in order to excite a specific hardware problem. To achieve this, often specialised operating systems are implemented that are targeted for silicon debug. Such system software may be written by silicon debug teams from scratch or by significantly modifying off-the-shelf implementations.

Tracing, triggers and configurations Some customised software tools are also developed for controlling, querying and configuring the internal state of the silicon. In particular, there are tools to query or configure specific hardware registers, setting triggers for tracing and so on.

For example, one may wish to trace specific signal S only when internal register R contains specific value v. Assuming that both S and R are observable, one needs software tools to query R and configure signal tracing to include S when R contains v. Transport software Access software refers to tools that enable transport of data off-chip from silicon. Data can be transferred off-chip either directly through pins, or by using available ports from the platform USB, PCIe, etc.

For example, transporting through the USB port requires instrumentation of the USB driver to interpret and route the debug data while ensuring that USB functionality is not affected during normal execution. This can become highly complex and subtle, particularly in the presence of other features in the SoC, such as power management. Power management may, in fact, power down the USB controller when the USB port is not being used by the functional activity of the system.

The instrumented driver ensures that debug data is still being transported while facilitating the power-down functionality of the hardware to be exercised during silicon validation. Analysis software Finally, there are software tools to perform analysis on the transported data. One critical challenge in developing and validating debug software is its tight integration with the target hardware design to be validated. Typically, software development and validation make use of a stable hardware platform, that is, developing application software on top of a general-purpose hardware instruction set architecture such as X86 or ARM.

However, debug software is developed for an under-development target platform often with evolving and changing features like, in response to design or architectural challenges discovered late.