- Email: [email protected]
Effects of design automation on the reliability and maintainability design of electronic systems
Pergamon Press Printed in U.S.A.
Microelectronics and Reliability Vol. 17, pp. 143-154, 1978
EFFECTS OF DESIGN AUTOMATION ON THE RELIABILITY AND MAINTAINABILITY DESIGN OF ELECTRONIC SYSTEMS P. DesMarais J.E. A r s e n a u l t Computing Devices Company Computing D e v i c e s Company C o n t r o l Data Canada, L t d . C o n t r o l Data Canada, L t d . P.O. Box 8508 P.O. Box 8508 Ottawa, O n t a r i o , K1G 3M9 Ottawa, O n t a r i o , K1G 3M9 Canada Canada The ability to design required reliability and maintainability performance into electronic systems has become more difficult due to system complexity. Design automotion offers an alternative to traditional approaches of managing the complexity problem. This alternative depends almost exclusively on the computer and is implemented via o set of tightly or loosely integrated programs. Introduction The point has been nearly reached in electronic system design where what can be conceived can, in fact, be realized practically. This state of affairs has evolved because of, (a) the progress of the semiconductor industry in increasing the level of hardware integration, (b) the efforts of system workers in optimizing system architectures, (c) the growing repertoire of mathematical techniques for information processing. So it is normal to expect complexity in systems, as the above factors are accommodated to achieve higher and wider performance requirements. However, complexity introduces its own set of related problems, i.e., how to design for sustained performance (reliability) and how to design for detection and isolation of faults (maintainability). The problem of complexity requires an approach whereby the designers can get above the problem of complexity and let the finer design details largely take care of themselves and also within economic and time constraints. Design Automation (DA) systems are conceived with this purpose in mind. The paper first discusses DA systems in general and then their respective influences on system reliability and maintainability design. DA Systems General Design a u t o m a t i o n has been a p t l y d e f i n e d I as " t h e a r t of u t i l i z i n g digital computers to help generate, check, and record the data and the documents that constitute the design of a digital system". Its objective is straightforward: to reduce the cost 143
144
J.E.
Arsenault & P. DesMarais
Vol.
17, No. 1
and development time required in engineering complex e l e c t r o n i c systems, from conceptual design to f i n a l i z e d production. This goal i s b a s i c a l l y achieved by r e l i e v i n g the design and manufact u r i n g engineers of t e d i o u s , e r r o r - p r o n e , and time-consuming manual tasks which, as w i l l be o u t l i n e d , involve the use of a wide v a r i e t y of computer-based techniques. Rapid advances in technology, and in p a r t i c u l a r the i n t r o d u c t i o n of LSI, has led to a l e v e l of s o p h i s t i c a t i o n such that i n c r e a s ing r e l i a n c e on computers proves necessary to surmount the complexity barrier. Today, a DA system i s t y p i c a l l y s t r u c t u r e d as i l l u s t r a t e d in Figure i , Supporting a wide range of engineering a c t i v i t i e s from design and i t s e v a l u a t i o n , to hardware implementat i o n , t o maintenance and documentation. The EDB and I t s Mana@ement As d e p i c t e d i n F i g u r e 1, t h e E n g i n e e r i n g Data Base (EDB) p l a y s a c e n t r a l r o l e w i t h i n a DA s y s t e m . In a d d i t i o n to storage of component model l i b r a r i e s , i t h o l d s d e s i g n and p r o d u c t i o n d a t a such as s i m u l a t i o n results, interconnection d a t a , p a r t s and wiring lists, etc., as w e l l as v a r i o u s management i n f o r m a t i o n , effectively providing the b a s i s f o r a f u l l y integrated DA scheme. As s u c h , t h e EDB c o n s t i t u t e s a key e l e m e n t t o w a r d s m a x i m i z i n g t h e cost-effectiveness of the system. On t h e one hand, i t p r o m o t e s efficient use o f t h e system v i a t h e c o m p a t i b i l i t y of the various DA modules w h e r e b y i n f o r m a t i o n r e p e a t e d l y used by d i f f e r e n t programs need be e n t e r e d o n l y once i n t o t h e EDB. Extensive consist e n c y and c r o s s - r e f e r e n c e c h e c k i n g i s u s u a l l y p e r f o r m e d on i n p u t data to ensure greater accuracy. On t h e o t h e r hand, the EDB p r o vides a readily accessible yet well-controlled s o u r c e o f document a t i o n t h r o u g h o u t t h e d e s i g n and p r o d u c t i o n p h a s e s , a c r i t i c a l r e q u i r e m e n t t o w a r d s a s s u r i n g f a s t and o r d e r l y d e v e l o p m e n t . Note h o w e v e r , t h a t t h e b e n e f i t s o f t h e EDB can be f u l l y reali z e d o n l y i f i t s management and i t s i n t e r a c t i o n w i t h DA p r o g r a m modules and I / O d e v i c e s i s s u p p o r t e d by an a d e q u a t e o p e r a t i n g system. Ideally, the l a t t e r should provide, in addition to straightforward batch procedures, highly flexible interactive capabilities t h a t p r o m o t e ease of use, hence f a s t e r d e s i g n t u r n around. Design Verification T e d e s i g n o f a system g e n e r a l l y goes t h r o u g h two main p h a s e s : ( a ) t h e c o n c e p t u a l phase ( o r system s p e c i f i c a t i o n ) , where t h e architecture o f t h e system i s d e f i n e d i n t e r m s o f m a j o r b u i l d i n g b l o c k s and t h e i r i n t e r f a c e s , and (b) t h e l o g i c i m p l e m e n t a t i o n p h a s e , where t h e f u n c t i o n s of each s u b s y s t e m a r e d e t a i l e d down to t h e l o g i c component l e v e l . Similarly, l o g i c s i m u l a t o r s o f f e r two l e v e l s o f a n a l y s i s : (a) high level design language (also called functional or r e g i s t e r transfer) simulation, w h i c h i s aimed a t p r o v i d i n g a d e t a i l e d evaluation of t h e c o n c e p t u a l d e s i g n w h i l e r e m a i n i n g e f f i c i e n t of b o t h c o m p u t e r t i m e and s t o r a g e , (b) g a t e l e v e l s i m u l a t i o n , which p r o v i d e s a more e x t e n s i v e v e r i f i c a t i o n of the l o g i c d e s i g n in t e r m s of p r e d i c t e d l o g i c b e h a v i o u r and d e t a i l e d timing analysis t o f l a g r a c e and h a z a r d c o n d i t i o n s . Immediate b e n e f i t s of l o g i c s i m u l a t i o n are s i g n i f i c a n t l y reduced d e b u g g i n g t i m e and much l o w e r l i k e l i h o o d of u n c o v e r i n g
Vol. 17, No. 1
Effects of Design Automation on the Reliability and Maintainability Design of Electronic Systems
145
c o s t l y d e s i g n e r r o r s l a t e i n the d e v e l o p m e n t p r o c e s s . This is most v a l u a b l e i n LSI d e s i g n where no r e p a i r i s p o s s i b l e once the circuit is fabricated. In a d d i t i o n , the e n g i n e e r i s a b l e t o exp l o r e new i d e a s and t e c h n i q u e s by u s i n g the computer t o o b t a i n f a s t and a c c u r a t e r e s u l t s , and he can q u i c k l y a c q u i r e a b e t t e r u n d e r s t a n d i n g of the p r o b l e m s a t hand w h i l e g a i n i n g v a l u a b l e e x p e r i e n c e of d i f f e r e n t design procedures. However, as o u t l i n e d above, the p a r t i c i p a t i o n of the computer i n the a c u t a l d e s i g n p r o c e s s i s s t i l l limited to a large extent to that of a passive verification role. I n d e e d , m a j o r problems have y e t to be s o l v e d i n the a r e a of complex system d e s i g n , namely the need f o r (a) more a c t i v e computer a s s i s t a n c e i n h i g h level specification of l o g i c c i r c u i t s , (b) i m p l e m e n t a t i o n t e c h n i q u e s based on subsystem modules, and ( c ) the d e v e l o p m e n t of a m e t h o d o l o g y f o r complex system d e s i g n and e v a l u a t i o n . P h y s i c a l Desi@n Upon c o m p l e t i o n , the system l o g i c d e s i g n must be i m p l e m e n t e d with hardware building blocks. A g a i n , DA p l a y s a v e r y i m p o r t a n t r o l e i n a s s u r i n g t h a t the v a r i o u s p h y s i c a l d e s i g n t a s k s are p e r formed r a p i d l y and a c c u r a t e l y . Electronic systems g e n e r a l l y c o n s i s t o f subsystem u n i t s , each h o l d i n g a number o f c i r c u i t c a r d a s s e m b l i e s , each i n t u r n h o l d i n g a number of IC components. E n d e a v o r i n g t o m i n i m i z e t o t a l assemb l y costs w h i l e p r o v i d i n g adequate r e l i a b i l i t y and m a i n t a i n a b i l i ty standards, physical design deals with three basic problems: (a) l o g i c p a r t i t i o n i n g , which i n v o l v e s , first, the s e l e c t i o n of ICs from a l i b r a r y of a v a i l a b l e components so as t o o p t i m i z e b o t h the number of ICs used and the number of i n t e r c o n n e c t i o n s req u i r e d , and s e c o n d l y , the a s s i g n m e n t of ICs to v a r i o u s c i r c u i t c a r d s so as t o m i n i m i z e the number of c a r d s needed w h i l e p r o m o t ing testability o f the system v i a a f u n c t i o n a l l y oriented partit i o n i n g scheme, (b) p l a c e m e n t , both of components on a c a r d , and c a r d s on a b a c k p l a n e , where o p t i m i z a t i o n aims g e n e r a l l y a t m i n i mizing interconnection wire length. Note however, t h a t s e v e r a l o t h e r (sometimes c o n f l i c t i n g ) g o a l s must a l s o be s a t i s f i e d , such as a v o i d i n g l a r g e w i r e b u i l d u p i n the r o u t i n g c h a n n e l s , e l i m i n a t ing signal cross-talk and echoes, p r o v i d i n g w e l l - d i s t r i b u t e d heat dissipation i n o r d e r to a v o i d severe heat source c o n c e n t r a t i o n s , and, a l l the w h i l e , . r e d u c e m a n u f a c t u r i n g and m a i n t e n a n c e c o s t s by p r o m o t i n g ease and n e a t n e s s o f w i r a b i l i t y , (c) routing, which c o n s i s t s of d e f i n i n g , a g a i n b o t h a t c a r d and b a c k p l a n e l e v e l , the precise conductor paths required to properly interconnect system components. In t h i s case, the main p r o b l e m i s t h a t c o n d u c t o r s c a n n o t be a l l o w e d t o c r o s s , w h i l e s a t i s f y i n g other requirements such as minimum w i r e s i z e and s p a c i n g , number of board l a y e r s e~c. Given the c o m p l e x i t y of p r e s e n t - d a y s y s t e m s , a p u r e l y manual a p p r o a c h t o s o l v i n g t h e s e p r o b l e m s becomes t o t a l l y inadequate. On the o t h e r hand, DA systems o f f e r a l v a r i e t y of g r a p h i c a l and l i n e a r i n t e g e r programming t e c h n i q u e s yielding heuristically good s o l u t i o n s w h i c h may not be m i n i m a l but p r o v i d e an a c c e p t a b l e compromise between a l l too o f t e n c o n f l i c t i n g goals. M a i n t e n a n c e and D o c u m e n t a t i o n Much' i n the same w a y ' t h a t d e s i g n s i m u l a t i o n v e r i f i e s that a g i v e n l o g i c d e s i g n behaves as i n t e n d e d , f a u l t s i m u l a t i o n p r e d i c t s
146
J.E. Arsenault & P. DesMarals
Vol. 17, No.l
how f a u l t y v e r s i o n s of t h i s same d e s i g n can be e x p e c t e d to r e spond, t h e r e b y p r o v i d i n g a v e r y s t r o n g b a s i s upon which to d i a g nose f a u l t y c i r c u i t s , ideally t h r o u g h the use of A u t o m a t i c Test Equipment (ATE). In f a c t , at a l l system l e v e l s , the t a s k of t e s t i n g l o g i c n e t w o r k s has become so complex t h a t o n l y t h r o u g h the use of c o m p u t e r i z e d t e c h n i q u e s can i t be e f f i c i e n t l y achieved to an adequate l e v e l of d i a g n o s t i c e f f e c t i v e n e s s . In r e t u r n , f a u l t s i m u l a t i o n e x e r c i s e s a s t r o n g i n f l u e n c e on l o g i c d e s i g n t e s t a bility r e q u i r e m e n t s s w h i c h , however, proves to be a v e r y s m a l l p r i c e to pay f o r i t s tremendous b e n e f i t s . F a u l t s i m u l a t i o n i s aimed p r i m a r i l y at supporting production t e s t i n g and f i e l d m a i n t e n a n c e , and f o r t h a t r e a s o n , i t i s g e n e r a l l y used o n l y a t l a t e s t a g e s of system development when l o g i c d e s i g n has s t a b i l i z e d . However~ r e c o g n i z i n g the i m p o r t a n c e of designing testability e a r l y i n the d e v e l o p m e n t process~ i t becomes d e b a t a b l e w h e t h e r , i n s p i t e of i t s r e l a t i v e l y high cost in computer t i m e , f a u l t s i m u l a t i o n s h o u l d not be used d u r i n g the des i g n phase as a means of e v a l u a t i n g the d i a g n o s a b i l i t y o f the system. A n o t h e r i m p o r t a n t a s p e c t of m a i n t e n a n c e i s the need f o r comp l e t e and a c c u r a t e d o c u m e n t a t i o n . In t h a t r e s p e c t , DA systems g e n e r a l l y i n c l u d e programs t h a t can q u i c k l y produce a wide v a r i e t y of documents t h r o u g h o u t system d e v e l o p m e n t , such as p a r t s lists, wiring lists, circuit-location c h a r t s , systems d i a g r a m s , maintenance schedules~ etc. More importantly however, DA provides the capability to readily ond occurately mointoin up-tod a t e d o c u m e n t a t i o n t h r o u g h o u t the l i f e of the system. Reliability
and DA
General The most s i g n i f i c a n t e f f e c t a f u l l DA system has on e l e c t r o n i c system r e l i a b i l i t y , r e s u l t s from the r a p i d t h r o u g h p u t of t h i s approach t o d e s i g n . T h i s p e r m i t s , (a) s e v e r a l s i g n i f i c a n t l y diff e r e n t d e s i g n s o l u t i o n s to be i m p l e m e n t e d ( e . g . , d i f f e r e n t part technologies, different p a c k a g i n g a p p r o a c h e s ) w i t h i n the u s u a l development c y c l e and t h u s p r o v i d e s f o r a f i n a l selection for production after extensive testing, (b) m i n i m i z a t i o n of e x t e n s i v e r e - d e s i g n a s s o c i a t e d w i t h development p r o g r a m s , t h u s p e r m i t t i n g the d e v e l o p m e n t of a d e s i g n s o l u t i o n a p p r o a c h i n g the i n h e r e n t reliability w i t h o u t a l o n g p e r i o d of r e l i a b i l i t y growth. The e f f e c t s of DA on system r e l i a b i l i t y are d i s c u s s e d below under f o u r t o p i c s , i . e . , (a) P a r t , (b) C i r c u i t D e s i g n , ( c ) System, and (d) M a n u f a c t u r i n g C o n s i d e r a t i o n s . Part Considerations As parts play a critical rolelin determining system reliability, v a r i o u s t e c h n i q u e s have e v o l v e d aver the y e a r s t o (a) ensure t h a t o n l y p o r t s w i t h a proven r e l i a b i l i t y h i s t o r y are used, (b) t h a t t h e y are second sourced and, ( c ) t h a t t h e y are r e a d i l y a v a i l able at competitive prices. Some o r g a n i z a t i o n s approach the p r o b lem by p r e p a r i n g a P r e f e r r e d P a r t s L i s t (PPL) which i s c o n t i n u o u s l y updated and i s s u e d as a s t a n d a r d . Large p r o j e c t s w i l l somet i m e s have a PPL imposed by c o n t r a c t . Large p r o j e c t s a l s o may employ a P a r t s C o n t r o l Board whereby the p r i m e c o n t r a c t o r h o l d s r e g u l a r m e e t i n g s a t each of h i s m a j o r s u b c o n t r a c t o r s i n o r d e r
Vol. 17, No. 1
Effects of Design Automation on the Reliability and Maintainability Design of Electronic Systems
147
that part commonality is ensured 1o the maximum extent possible. Despite the above efforts, control is still an elusive goal far reasons due mainly %o project pressures. However, with DA the designer is constrained at least initially %o implement his design only with those parts available in the EDB. Since from the start of the design, the designer is limited automatically in the choice of ports he may use, then, an ideal PPL situation has been achieved. If new parts are found %o be required, for any reason, first they must satisfy criteria (a) %o (c) mentioned above, to the maximum extent possible, and thereafter be placed an the EDB for use. The complexity of ports an the £DB can range from the simplest to the most complex available in the industry. Modelling at the gate level is a feasible solution far parts up %o about 500 gates, beyond this functional simulation con be used. Circuit Desiqn Considerations Some of %~e tasks now p~'rformed manually and/or individually by reliability engineers can be integrated within a DA system %o give the design rapid reliability assessments. Stress Analysis For purely digital systems, stress analysis is usually confined %o ensuring that integrated circuit loading rules are nat exceeded, in some cases ensuring that the number of loads is some percent of the rated loading. This activity is quite manageable when dealing with, for example, a single area of circuitry bounded by a schematic where all lines between parts are immediately apparent. However, such is not the situation for those cases where circuitry is represented by multiple schematics or where a wiring list must be consulted to check intercannection, thence loading. For all of the above cases, a program can be devised to check device loading and report those cases where overloading has occurred. For extensive analog circuitry some programs 3 contain features where component stress is computed and provided to the user. A case in point i s SYSCAP ~ w h i c h c o n s i s t s of a number of computer programs with an extensive choice of options. Two useful
options are DICAP and TRACAP, which when used together can analyze electrical stresses on the parts comprising o circuit. DICAP can be used to obtain DC stresses far nominal and worstcase conditions and TRACAP can simulate parts stresses from transient and/or duty-cycle circuit operations. The SOPSTO option of DICAP also detects any potential overstress arising from multiple power supplies that increase from zero to rated voltage in a disporportionate manner. A nominal DC analysis is given in Figure 2. Wors~ Case Analysis In digital systems many problems are related %o timing such as clock skew, hazard conditions, race and oscillation conditions. With an accurate ED8, i.e., accurate timing relationships for the parts being used in a detailed design, these conditions can be predicted. Figure 3 shows on example of a timing analysis. Programs ore available for analog circuitry which provide worst case analysis where the effect of parameter drift caused by
148
J.E.
Arsenault & P. DesMarais
Vol. 17, No. 1
a g i n g , f o r e x a m p l e , can be t a k e n i n t o a c c o u n t . Design t o l e r a n c e a n a l y s i s a l s o may be p r o v i d e d by u s i n g Monte C a r l o t e c h n i q u e s . System C o n s i d e r a t i o n s T h i s e q u i p m e n t l e v e l r e p r e s e n t s the h i g h e s t l e v e l o f c o n c e r n a t w h i c h t h e d e s i g n e r can e v a l u a t e t h e v a r i o u s system t r a d e - o f f s . A l t h o u g h t h e r e has been some p r o g r e s s i n h i g h l e v e l system s i m u l a t i o n t h r o u g h t h e use o f R e g i s t e r T r a n s f e r Language (RTL), t h e s e l a n g u a g e s are most u s e f u l i n system c o n c e p t i o n a l d e s i g n . RTL and l i k e l a n g u a g e s , are used t o d e c l a r e a p r o p o s e d r e g i s t e r structure and t h e l o g i c a l o p e r a t i o n s between them. M i c r o p r o g r a m s are t h e n d e v i s e d t o c o n t r o l t h e d a t a - p r o c e s s i n g o p e r a t i o n s between t h e r e g isters. The b u l k of s i m u l a t i o n f o r d e s i g n c o n t i n u e s t o be done u s i n g p a r t models as t h e b a s i c e l e m e n t s . Mean Time Between F a i l u r e (MTBF) Typically, reliability e n g i n e e r s c a l c u l a t e MTBF based on f a i l ure r a t e s o u r c e s s e i t h e r c o m p l e t e l y by manual methods or by a s t a n d - a l o n e computer p r o g r a m . This approach a l s o a p p l i e s to s y s tem r e l i a b i l i t y m o d e l l i n g w h i c h i s a c c o m p l i s h e d m a n u a l l y or v i a a s t a n d - a l o n e computer program. Because a d e s i g n e r e v e n t u a l l y w i l l implement h i s d e s i g n a t t h e part level, a s e t o f programs can be i n t e r f a c e d w i t h the EDB t o compute the MTBF f o r any d e s i g n s p e c i f i e d . An a d d i t i o n a l set of programs can be used t o p e r f o r m system m o d e l l i n g , f o r e x a m p l e , r e dundancy g i v e n i n MTBFs of t h e i n d i v i d u a l designs involved. In addition, it will be p o s s i b l e t o v a r y p a r a m e t e r s such as the env i r o n m e n t i n w h i c h t h e system i s r e q u i r e d t o p e r f o r m , p a r t q u a l ity, t e m p e r a t u r e , and so on, a l l o f w h i c h i m p a c t MTBF. Figure 4 shows an example of t h e o u t p u t from such a program w h i c h can be interfaced t o an EDB f o r g e n e r a t i n g MTBF e s t i m a t e s l e a d i n g t o design trade-offs. Sneak C i r c u i t Analysis This type of a n a l y s i s 6 i s growing in p o p u l a r i t y as a u s e f u l t o o l a t t h e system l e v e l . I t seeks t o i d e n t i f y a l a t e n t p a t h or c o n d i t i o n which i n h i b i t s a d e s i r e d a c t i o n or i n i t i a t e s an u n i n t e n d e d or unwanted a c t i o n . A sneak c i r c u i t i s n o t caused by p a r t failure b u t i s a c o n d i t i o n t h a t has been d e s i g n e d i n a d v e r t e n t l y i n t o a system. A u t o m a t i o n has been used i n a n a l y s i s o f t h i s t y p e s i n c e 1970, u s i n g s c h e m a t i c s , w i r i n g l i s t s and o p e r a t i o n a l scenarios (operational and m a i n t e n a n c e sequences) as a d a t a base. So f a r , t h i s a n a l y s i s has been a c c o m p l i s h e d as a s e p a r a t e a c t i v i t y and o b v i o u s l y u s i n g the EDB g e n e r a t e d f o r a system and a p p r o p r i a t e s c e n a r i o s t h e a n a l y s i s can be a c h i e v e d by s i m u l a t i o n . Sneak c i r c u i t a n a l y s i s i s concerned b a s i c a l l y w i t h the t o p o l o g y o f a system and i n essence so i s F a u l t Tree A n a l y s i s . Theref o r e , t h e g e n e r a t i o n of F a u l t Trees from the system EDB s h o u l d be relatively straight forward. Manufacturing Considerations I n m a n u f a c t u r i n g a system s e v e r a l from DA s y s t e m s . -
PCB R e p e a t a b i l i t y Because a u t o m a t i c
artwork
important
generation
benefits
equipment
can o c c u r
can h o l d
taler-
Vol. 17, No. i
Effects of Design Automation on the Reliability and Maintainability Design of Electronic Systems
149
ance as c l o s e as (a) +0.002 i n c h , (b) r e g i s t r a t i o n between l a y e r s t o + 0 . 0 0 1 5 i n c h and (~) d r i l l h o l e s p o s i t i o n e d on a g r i d as f i n e as ~ . 0 0 2 i n c h e x c e l l e n t repeatability and u n i f o r m q u a l i t y can be a c h i e v e d i n PCB m a n u f a c t u r i n g 7 A description of a program f o r a u t o m a t i c a r t w o r k g e n e r a t i o n i s g i v e n by A l l u m 8. E f f e c t s o f Change Uecause of the many and v a r i e d c o n s i s t e n c y checks a s s o c i a t e d w i t h DA s y s t e m s , b e f o r e changes a r e i m p l e m e n t e d , t h e i r e f f e c t s on e l e c t r o n i c system p e r f o r m a n c e can be a c c u r a t e l y f o r e c a s t and assessed f o r s u i t a b i l i t y . When changes a r e i m p l e m e n t e d , t h e y are p r o p a g a t e d a c c u r a t e l y i n t o the m a n u f a c t u r i n g p r o c e s s and p r e c l u d e reliability p r o b i e m s due t o poor d o c u m e n t a t i o n . Maintainability
and DA
As e l e c t r o n i c systems grow i n p e r f o r m a n c e t h e y grow a l s o i n complexity, leading to correspondingly i n c r e a s e d problems i n the a r e a o f f a u l t d e t e c t i o n and f a u l t i s o l a t i o n . This is true for a l l equipment l e v e l s , i . e . p a r t , a s s e m b l y , u n i t and system. Ultimately the s o l u t i o n i s t o d e s i g n i n f e a t u r e s a t a l l e q u i p m e n t levels, b e a r i n g i n mind t h a t a b a l a n c e between h a r d w a r e and s o f t ware a p p r o a c h e s t o t h e p r o b l e m must be s t r u c k . DA h e l p s to make this goal a reality, so t h a t i t w i l l be p o s s i b l e t o d e s i g n l a r g e systems and s m a l l complex o n e s as w e l l , so t h a t t h e y w i l l e x h i b i t optimum f a u l t d e t e c t i o n and i s o l a t i o n characteristics. The main DA t o o l i n a c c o m p l i s h i n g t h i s i s s i m u l a t i o n , the s t a r t i n g point of system d e s i g n . T h i s i s d i s c u s s e d under f i v e t o p i c s , i . e . , (a) P a r t , (b) C i r c u i t D e s i g n , ( c ) System, (d) M a n u f a c t u r i n g , and (e) Field Considerations. Part Considerations De'signing m a i n t a i n a b i l i t y i n t o p a r t s i s n o r m a l l y not the t a s k o f the system d e s i g n e r . However, t h i s i s c h a n g i n g as i n the case of the TMS-i000 m i c r o p r o c e s s o r n o t e d by F a l k 9 where a d d i t i o n a l circuitry i s added t o Lhe ~ h i p , a l o n g w i t h e x t e r n a l t e s t p i n s f o r testing purposes. A d e s i g n e r who i s a i m i n g t o meet s p e c i f i e d maintainability t a r g e t s w i l l o b v i o u s l y e x p l o i t any f e a t u r e s p r o v i d e d a t the p a r t l e v e l , i n f a c t , t h i s c o u l d i n f l u e n c e t o some degree the c h o i c e of p a r t s . Circuit Design C o n s i d e r a t i o n s B r o a d l y s p e a k i n g , the d e s i g n e r w i l l be f a c e d w i t h the problems o f (a) where to l o c a t e t e s t p o i n t s ( h a r d w a r e a n d / o r s o f t w a r e ) and ( b ) what s t i m u l u s / r e s p o n s e regime i s n e c e s s a r y t o p r o v i d e adequate or s p e c i f i e d m a i n t a i n a b i l i t y characteristics. Circuit Card Assembly We will assume f i r s t t h a t the d e s i g n has been l o g i c a l l y partitioned onto Circuit Card A s s e m b l i e s (CCAs) and now we w i s h t o d e s i g n each CCA so t h a t i t i s t e s t a b l e i n a d d i t i o n t o m e e t i n g the r e q u i r e d p e r f o r m a n c e c h a r a c t e r i s t i c s . With a DA system, each CCA i s m o d e l l e d , u s i n g the p a r t models i n the EDB and c o n n e c t i n g them i n t o n e t w o r k s r e p r e s e n t i n g the c i r c u i t s n e c e s s a r y t o meet the s p e c i f i e d p e r f o r m a n c e . We can assume f u r t h e r t h a t the v a r i o u s
150
J.E. Arsenault & P. DesMarais
Vol. 17, No. I
simulation possibilities have indeed proven that the CCA meets the performonce requirements and is free of logical errors. At this point a set of test inputs con be devised, which ore combined with the CCA logic network description and looded for running with a fault simulator such as CCTEGAS3 I°. A fault list is compiled, which in essence leads back to the faulty port on the CCA (based on the observed output from the CCA with the specified input) and fault detection and isolation percentages ore computed. Before the CCA is released for layout it is highly testable ond it hos developed for it o test program for use on ATE when the CCA is finally manufactured. Figure 5 shows an example of the output from a fault simulator.
F a i l u r ~ Mode And E f f e c t s A n a l y s i s (FMEA) FMEA produces a c a t a l o g u e o f p o t e n t i a l part failures (opens, s h o r t s and Power Supply o v e r - v o l t a g e s ) and the r e l a t e d s e c o n d a r y overstress, secondary failure and c i r c u i t failure symptoms which would r e s u l t . This catalogue is useful in fault isolation studi e s and system l e v e l f a i l u r e mode a n a l y s i s . FMEA i s p a r t i c u l a r l y useful for analog circuits whereas d i g i t a l circuits can have a practically limitless member of machine s t a t e s . T h i s makes exh a u s t i v e a n a l y s i s of t h i s t y p e of f a i l u r e mode, t h r o u g h f a u l t s i m ulator programs, expensive. An e c o n o m i c a l approach i s t o be s a t i s f i e d w i t h f a u l t d e t e c t i o n and i s o l a t i o n p e r c e n t a g e s o f the o r der of 98% eoch. A computer g e n e r a t e d FMEA f o r an a n a l o g case i s g i v e n i n F i g u r e 6. System C o n s i d e r a t i o n s The system l e v e l r e p r e s e n t s the h i g h e s t e q u i p m e n t l e v e l w i t h which the d e s i g n e r i s c o n c e r n e d . The o b j e c t i v e w i l l be t o f a u l t d e t e c t and i s o l a t e i n some cases t o the f a u l t y r e p l a c e a b l e u n i t , w h i l e i n o t h e r s t o the f a u l t y r e p l a c e a b l e a s s e m b l y . In the f o r m e r case, the system i s r e p a i r e d b y u n i t replacement. The f a u l t y u n i t w i l l be f a u l t i s o l a t e d t o the f a u l t y r e p l a c e a b l e assembly by the use of g e n e r a l i z e d ATE. System In many cases systems are d e s i g n e d so t h a t , d u r i n g system startup, central computing circuitry can, v i a B u i l t In T e s t ( B I T ) , run t e s t sequences t o check t h a t i t i s o p e r a t i n g n o r m a l l y . When c o r r e c t o p e r a t i o n of t h i s c i r c u i t r y i s c o n f i r m e d , then the s y s t e m ' s p e r i p h e r a l s are checked, i n t u r n , under c o n t r o l of the central computing circuitry u s i n g BIT a s s o c i a t e d w i t h each p e r i p h e r al. To a l a r g e degree the development of BIT can be a c c o m p l i s h e d by a h i g h l e v e l s i m u l a t i o n , especially when the system i s c a r e fully partitioned into function areas. Once the t o t a l system i s up and r u n n i n g , then b a c k g r o u n d t e s t s c o n t i n u o u s l y m o n i t o r the system i n a n o n - i n t e r r u p t i v e fashion.
Unit Level T h i s e q u i p m e n t l e v e l i s e x e m p l i f i e d by a s s e m b l i e s grouped t o g e t h e r both p h y s i c a l l y and e l e c t r i c a l l y to p e r f o r m a f u n c t i o n ( s ) . Typically, a f a u l t y u n i t can be removed from the system and r e p l a c e d by a good u n i t , t h u s r e s t o r i n g the system t o normal o p e r a tion. In many i n s t a n c e s the u n i t i s t h e n c o n n e c t e d t o ATE f o r f a u l t d e t e c t i o n and i s o l a t i o n t o the f a u l t y a s s e m b l y . In g e n e r a l , t e s t c o n n e c t o r s , b r i n g i n g out the n e c e s s a r y t e s t p o i n t s , are used
Vol. 17, No. I
Effectsof Design Automation on the Reliability and Maintainability Design of Electronic Systems
151
to accomplish this task and are strategically placed, based largely upon intuition and knowledge of the design. However, programs such as described by DesMarais and Williams II ore available, which can be adopted to reading an EDB and are capable of assigning o minimum number of test points to permit isolation to
the f a u l t y assembly. Mean Time To Repair (MTTR) Programs can be developed to compute the MTTR in association with the EDB, with the user supplying only that information which is not readily available in the EDB. An example of a computer generated MTTR Estimate is shown in Figure 7. ManufacturinB Considerations OA will have considerable impact on manufacturing processes in that when a design is released for manufacturing it will be testable at all equipment levels. This will result in faster throughput from design to finished produc~ as maintainability characteristics will have been designed in. When hardware is built in manufacturing, test programs will be available for use on ATE. Figure 8 depicts typical factory equipment used for both uni~ and circuit card production testing. In many cases the ATE used for unit testing will be completely different from ATE used for circuit card testing. Another factor is the availability of a set of complete and accurate documentation generated by the DA system at the detailed level. Field Considerations DA systems provide significant benefits when electronic systems are placed in the operational environment and are, therefore, subject to maintenance actions. One of the real benefits is a complete and accurate set of documentation for use by Field Service Engineers (FSEs) as an integrated DA system is capable of producing documentation such as the following, (a) Wiring Lists, (b) Simulation Results, (c) Logic Schematics, (d) Printed Wiring Board.(PWB) Artwork, (e) Test Programs, I~ ) Parts L i s t s . Advances in low-cast portable testers permit FSEs to confirm the f a i l u r e of suspect CCAs and even repair products on s i t e . Most manufacturers make available ~ranslators, capable of i n t e r facing diagnostics generated under a simulation system, to the tester. Otherwise, it is possible to write a translator program to link diagnostics developed under a DA system to the particular tester. Test programs for portable testers con be kept on cosseries. Conclusion A greater awareness of DA techniques and their introduction and practical application provides the key to designing electronic systems with required reliability and maintainability performance. DA will play an increasingly important role with respect to the global problems of system Life Cycle Cost (LCC). Larger organizations tend to choose and/or develop on integrated approach to DA to minimize manual input to the design process. Smaller organizationswill usually be constrained by economics to
152
J.E. Arsenault & P. DesMarais
Vol. 17. No. 1
s e l e c t a mix of DA programs and t r a d i t i o n a l approaches t h a t gether provide an economical s o l u t i o n to t h e i r needs.
to-
Acknowledgement The authors would l i k e to thank C. Kennedy, J. Daley and 3. R i e g l e r w i t h o u t whose a s s i s t a n c e t h i s paper could not have been produced. References 1. Brewer, M.A., Ed., Design Automation of D i g i t a l Systems r Vol. I Theory And Techniques, P r e n t i c e - H a l l , I n c . , Englewood ' C l ' i f f s , N.J.,l'972': 2. DesMarais, P., and K r i e g e r , M., F a u l t S i m u l a t i o n and D i g i t a l Circuit Testability, M i c r o e l e c t r o n i c s and R e l i a b i l i t y , Vol. 15 Supplement, June 1976, pp. 5-13. 3. Kaplan, G., Computer-Aided Design, IEEE Spectrum, IEEE, N.Y. October, 1975, p. 40-47. 4. , SYSCAP I I System Of C i r c u i t A n a l y s i s Programs, User I6forma~ioh ' Manual, C o n t r o l Data C o r p o r a t i o n , 1 S e p t . , 1975. 5. , Reliabilit Z Prediction Of Electronic E@uipment, MIL-HDBK-217B, U.S. Dept2 Of Defence, 20 Sept. 1975 6. Clardy, R.C., Sneak Circuit Analysis Development And Application, 1976 Region V IEEE Conference, April 14-16, 1976, IEEE ~'a'~log No. 76CHI068-REG 5. 7. , Computer-Aided Drafting and Documentation Systems, ~TE Lenkurt Demod'ulator, January 1974. " 8. Allum, B., et a l , Com~uter S~stem A c c e l e r a t e s Design Of P r i n t ed C i r c u i t Boards, Tezesis, e l l - N o r t h e r n Research, 1976/1, p. 144-150. 9. Falk, H., Design For Production, IEEE Spectrum, IEEE, N.Y. October, 1975, p. 52. I0. , CCTEGAS3-Test Generation And Simulation System, User Information Manual, Cont'rol Data Corporation, 4 Jan.,1975. l l DesMarois, P and Williams, System Diagnosis with FLIP, Microelectronics and Reliabi y, this issue. " 12. Franson, P., Portable Tester Checks Complex Logic, Electronics July ii, 1974, p. 125.
(ENGINEERING
FIGURE
1.
eaTA ~ S E ~
TYPICAL
DA
SYSTEM
Effects of DesignAutomatlon on the Reliability and Maintainability Deslgn of Electronic Systems
Vol. 17, No. 1
153
INITIAL CO~OITION~
SSI (G
MSI (10
LSI (100
VLSI (G>1000) ~oo[
5400(NAND) 5404(HEX I N V ) 5474(FF) G=Equivalent Gates
5480(ADD} 54150(MUX) 54195(SR)
TABLE
1.
PART
2901(pP) 8080(pP)
EDB
2107(RAM) 2708(EPROM) 9900(~P)
a
.iooooe.o~
,
~
~
.l~oe~[.oo
as
[ptsx
-.~oooo[.o~
~O~E
.lenz~.ol ..1138~[*00
is
.*3OO00[*0Z
30 O3 31 °s ~
.le3~6(.oa
19
IS NODE 19
-.t~eE*o~
NOC[
NO©E 2
-*15000E*02
+l
mOO( 29
-.16765[*02
33
.I?S0I[-Ol
COMPLEXITY
FIGURE
~ooz
.eqoz6[.oo .~13*SE-~S
DC
2.
NOMINAL
Ol
lot
'601f~['03
ANALYSl9
~e
i .......................................
i *o. co~o~(,+ ~ . , , y
!!!i .......... i_i L V L
FIGURE
........
FIGURE
,o
~o,L, d , ; .
5.
~ +E.~ s..
,.isl
,.o ~.. . r++E[ s-.
,.,s~
o
3,
TIMING
!-i_i
Li
i ......
ANALYSIS
FIGURE
[ ~OCE ~ P
.Tsooo(.oo
NOCE
~
*.383~E-07
~OC[
~
.133~E*0~
4.
I~
M T S F
,0o~
SIMULATION
OUTPUT
FIGURE
6.
13
L~ NOOE 16 ]~
~OOE le
.I I. . . ~0C[ . . . . . . ..,e. . . . . .-.lsoeo[.oa .*qa~3~[*0n . . . . . . . . . . . . .e~, .l . . .NO0~ .. NOCE 11 ~3 NOD[
.................
FAULT
°*.
~ ~
FMEA
E S T I M A T E
.~o~z-oz -+?O~00E*0Z .3oooo[.oz -.~09~(.0~ *l~000E*0~
ANALOG
2s ,OOE SZ
*T3191E*00
~s ~
.13~SaE*0I
31
~3 ol zo~ !! !! .lOT . . . . . . . . ..z~e~[.eo ... *~0783E.0~
NETWORK
t.,~,
.<
FIGURE
?,
MTTR
ESTIMATE
FIGURE
8,
TYPICAL
ATE
-.H3S~.OZ
~8 04 PT
COMPLEX
Microelectronics and Reliability Vol. 17, pp. 143-154, 1978
EFFECTS OF DESIGN AUTOMATION ON THE RELIABILITY AND MAINTAINABILITY DESIGN OF ELECTRONIC SYSTEMS P. DesMarais J.E. A r s e n a u l t Computing Devices Company Computing D e v i c e s Company C o n t r o l Data Canada, L t d . C o n t r o l Data Canada, L t d . P.O. Box 8508 P.O. Box 8508 Ottawa, O n t a r i o , K1G 3M9 Ottawa, O n t a r i o , K1G 3M9 Canada Canada The ability to design required reliability and maintainability performance into electronic systems has become more difficult due to system complexity. Design automotion offers an alternative to traditional approaches of managing the complexity problem. This alternative depends almost exclusively on the computer and is implemented via o set of tightly or loosely integrated programs. Introduction The point has been nearly reached in electronic system design where what can be conceived can, in fact, be realized practically. This state of affairs has evolved because of, (a) the progress of the semiconductor industry in increasing the level of hardware integration, (b) the efforts of system workers in optimizing system architectures, (c) the growing repertoire of mathematical techniques for information processing. So it is normal to expect complexity in systems, as the above factors are accommodated to achieve higher and wider performance requirements. However, complexity introduces its own set of related problems, i.e., how to design for sustained performance (reliability) and how to design for detection and isolation of faults (maintainability). The problem of complexity requires an approach whereby the designers can get above the problem of complexity and let the finer design details largely take care of themselves and also within economic and time constraints. Design Automation (DA) systems are conceived with this purpose in mind. The paper first discusses DA systems in general and then their respective influences on system reliability and maintainability design. DA Systems General Design a u t o m a t i o n has been a p t l y d e f i n e d I as " t h e a r t of u t i l i z i n g digital computers to help generate, check, and record the data and the documents that constitute the design of a digital system". Its objective is straightforward: to reduce the cost 143
144
J.E.
Arsenault & P. DesMarais
Vol.
17, No. 1
and development time required in engineering complex e l e c t r o n i c systems, from conceptual design to f i n a l i z e d production. This goal i s b a s i c a l l y achieved by r e l i e v i n g the design and manufact u r i n g engineers of t e d i o u s , e r r o r - p r o n e , and time-consuming manual tasks which, as w i l l be o u t l i n e d , involve the use of a wide v a r i e t y of computer-based techniques. Rapid advances in technology, and in p a r t i c u l a r the i n t r o d u c t i o n of LSI, has led to a l e v e l of s o p h i s t i c a t i o n such that i n c r e a s ing r e l i a n c e on computers proves necessary to surmount the complexity barrier. Today, a DA system i s t y p i c a l l y s t r u c t u r e d as i l l u s t r a t e d in Figure i , Supporting a wide range of engineering a c t i v i t i e s from design and i t s e v a l u a t i o n , to hardware implementat i o n , t o maintenance and documentation. The EDB and I t s Mana@ement As d e p i c t e d i n F i g u r e 1, t h e E n g i n e e r i n g Data Base (EDB) p l a y s a c e n t r a l r o l e w i t h i n a DA s y s t e m . In a d d i t i o n to storage of component model l i b r a r i e s , i t h o l d s d e s i g n and p r o d u c t i o n d a t a such as s i m u l a t i o n results, interconnection d a t a , p a r t s and wiring lists, etc., as w e l l as v a r i o u s management i n f o r m a t i o n , effectively providing the b a s i s f o r a f u l l y integrated DA scheme. As s u c h , t h e EDB c o n s t i t u t e s a key e l e m e n t t o w a r d s m a x i m i z i n g t h e cost-effectiveness of the system. On t h e one hand, i t p r o m o t e s efficient use o f t h e system v i a t h e c o m p a t i b i l i t y of the various DA modules w h e r e b y i n f o r m a t i o n r e p e a t e d l y used by d i f f e r e n t programs need be e n t e r e d o n l y once i n t o t h e EDB. Extensive consist e n c y and c r o s s - r e f e r e n c e c h e c k i n g i s u s u a l l y p e r f o r m e d on i n p u t data to ensure greater accuracy. On t h e o t h e r hand, the EDB p r o vides a readily accessible yet well-controlled s o u r c e o f document a t i o n t h r o u g h o u t t h e d e s i g n and p r o d u c t i o n p h a s e s , a c r i t i c a l r e q u i r e m e n t t o w a r d s a s s u r i n g f a s t and o r d e r l y d e v e l o p m e n t . Note h o w e v e r , t h a t t h e b e n e f i t s o f t h e EDB can be f u l l y reali z e d o n l y i f i t s management and i t s i n t e r a c t i o n w i t h DA p r o g r a m modules and I / O d e v i c e s i s s u p p o r t e d by an a d e q u a t e o p e r a t i n g system. Ideally, the l a t t e r should provide, in addition to straightforward batch procedures, highly flexible interactive capabilities t h a t p r o m o t e ease of use, hence f a s t e r d e s i g n t u r n around. Design Verification T e d e s i g n o f a system g e n e r a l l y goes t h r o u g h two main p h a s e s : ( a ) t h e c o n c e p t u a l phase ( o r system s p e c i f i c a t i o n ) , where t h e architecture o f t h e system i s d e f i n e d i n t e r m s o f m a j o r b u i l d i n g b l o c k s and t h e i r i n t e r f a c e s , and (b) t h e l o g i c i m p l e m e n t a t i o n p h a s e , where t h e f u n c t i o n s of each s u b s y s t e m a r e d e t a i l e d down to t h e l o g i c component l e v e l . Similarly, l o g i c s i m u l a t o r s o f f e r two l e v e l s o f a n a l y s i s : (a) high level design language (also called functional or r e g i s t e r transfer) simulation, w h i c h i s aimed a t p r o v i d i n g a d e t a i l e d evaluation of t h e c o n c e p t u a l d e s i g n w h i l e r e m a i n i n g e f f i c i e n t of b o t h c o m p u t e r t i m e and s t o r a g e , (b) g a t e l e v e l s i m u l a t i o n , which p r o v i d e s a more e x t e n s i v e v e r i f i c a t i o n of the l o g i c d e s i g n in t e r m s of p r e d i c t e d l o g i c b e h a v i o u r and d e t a i l e d timing analysis t o f l a g r a c e and h a z a r d c o n d i t i o n s . Immediate b e n e f i t s of l o g i c s i m u l a t i o n are s i g n i f i c a n t l y reduced d e b u g g i n g t i m e and much l o w e r l i k e l i h o o d of u n c o v e r i n g
Vol. 17, No. 1
Effects of Design Automation on the Reliability and Maintainability Design of Electronic Systems
145
c o s t l y d e s i g n e r r o r s l a t e i n the d e v e l o p m e n t p r o c e s s . This is most v a l u a b l e i n LSI d e s i g n where no r e p a i r i s p o s s i b l e once the circuit is fabricated. In a d d i t i o n , the e n g i n e e r i s a b l e t o exp l o r e new i d e a s and t e c h n i q u e s by u s i n g the computer t o o b t a i n f a s t and a c c u r a t e r e s u l t s , and he can q u i c k l y a c q u i r e a b e t t e r u n d e r s t a n d i n g of the p r o b l e m s a t hand w h i l e g a i n i n g v a l u a b l e e x p e r i e n c e of d i f f e r e n t design procedures. However, as o u t l i n e d above, the p a r t i c i p a t i o n of the computer i n the a c u t a l d e s i g n p r o c e s s i s s t i l l limited to a large extent to that of a passive verification role. I n d e e d , m a j o r problems have y e t to be s o l v e d i n the a r e a of complex system d e s i g n , namely the need f o r (a) more a c t i v e computer a s s i s t a n c e i n h i g h level specification of l o g i c c i r c u i t s , (b) i m p l e m e n t a t i o n t e c h n i q u e s based on subsystem modules, and ( c ) the d e v e l o p m e n t of a m e t h o d o l o g y f o r complex system d e s i g n and e v a l u a t i o n . P h y s i c a l Desi@n Upon c o m p l e t i o n , the system l o g i c d e s i g n must be i m p l e m e n t e d with hardware building blocks. A g a i n , DA p l a y s a v e r y i m p o r t a n t r o l e i n a s s u r i n g t h a t the v a r i o u s p h y s i c a l d e s i g n t a s k s are p e r formed r a p i d l y and a c c u r a t e l y . Electronic systems g e n e r a l l y c o n s i s t o f subsystem u n i t s , each h o l d i n g a number o f c i r c u i t c a r d a s s e m b l i e s , each i n t u r n h o l d i n g a number of IC components. E n d e a v o r i n g t o m i n i m i z e t o t a l assemb l y costs w h i l e p r o v i d i n g adequate r e l i a b i l i t y and m a i n t a i n a b i l i ty standards, physical design deals with three basic problems: (a) l o g i c p a r t i t i o n i n g , which i n v o l v e s , first, the s e l e c t i o n of ICs from a l i b r a r y of a v a i l a b l e components so as t o o p t i m i z e b o t h the number of ICs used and the number of i n t e r c o n n e c t i o n s req u i r e d , and s e c o n d l y , the a s s i g n m e n t of ICs to v a r i o u s c i r c u i t c a r d s so as t o m i n i m i z e the number of c a r d s needed w h i l e p r o m o t ing testability o f the system v i a a f u n c t i o n a l l y oriented partit i o n i n g scheme, (b) p l a c e m e n t , both of components on a c a r d , and c a r d s on a b a c k p l a n e , where o p t i m i z a t i o n aims g e n e r a l l y a t m i n i mizing interconnection wire length. Note however, t h a t s e v e r a l o t h e r (sometimes c o n f l i c t i n g ) g o a l s must a l s o be s a t i s f i e d , such as a v o i d i n g l a r g e w i r e b u i l d u p i n the r o u t i n g c h a n n e l s , e l i m i n a t ing signal cross-talk and echoes, p r o v i d i n g w e l l - d i s t r i b u t e d heat dissipation i n o r d e r to a v o i d severe heat source c o n c e n t r a t i o n s , and, a l l the w h i l e , . r e d u c e m a n u f a c t u r i n g and m a i n t e n a n c e c o s t s by p r o m o t i n g ease and n e a t n e s s o f w i r a b i l i t y , (c) routing, which c o n s i s t s of d e f i n i n g , a g a i n b o t h a t c a r d and b a c k p l a n e l e v e l , the precise conductor paths required to properly interconnect system components. In t h i s case, the main p r o b l e m i s t h a t c o n d u c t o r s c a n n o t be a l l o w e d t o c r o s s , w h i l e s a t i s f y i n g other requirements such as minimum w i r e s i z e and s p a c i n g , number of board l a y e r s e~c. Given the c o m p l e x i t y of p r e s e n t - d a y s y s t e m s , a p u r e l y manual a p p r o a c h t o s o l v i n g t h e s e p r o b l e m s becomes t o t a l l y inadequate. On the o t h e r hand, DA systems o f f e r a l v a r i e t y of g r a p h i c a l and l i n e a r i n t e g e r programming t e c h n i q u e s yielding heuristically good s o l u t i o n s w h i c h may not be m i n i m a l but p r o v i d e an a c c e p t a b l e compromise between a l l too o f t e n c o n f l i c t i n g goals. M a i n t e n a n c e and D o c u m e n t a t i o n Much' i n the same w a y ' t h a t d e s i g n s i m u l a t i o n v e r i f i e s that a g i v e n l o g i c d e s i g n behaves as i n t e n d e d , f a u l t s i m u l a t i o n p r e d i c t s
146
J.E. Arsenault & P. DesMarals
Vol. 17, No.l
how f a u l t y v e r s i o n s of t h i s same d e s i g n can be e x p e c t e d to r e spond, t h e r e b y p r o v i d i n g a v e r y s t r o n g b a s i s upon which to d i a g nose f a u l t y c i r c u i t s , ideally t h r o u g h the use of A u t o m a t i c Test Equipment (ATE). In f a c t , at a l l system l e v e l s , the t a s k of t e s t i n g l o g i c n e t w o r k s has become so complex t h a t o n l y t h r o u g h the use of c o m p u t e r i z e d t e c h n i q u e s can i t be e f f i c i e n t l y achieved to an adequate l e v e l of d i a g n o s t i c e f f e c t i v e n e s s . In r e t u r n , f a u l t s i m u l a t i o n e x e r c i s e s a s t r o n g i n f l u e n c e on l o g i c d e s i g n t e s t a bility r e q u i r e m e n t s s w h i c h , however, proves to be a v e r y s m a l l p r i c e to pay f o r i t s tremendous b e n e f i t s . F a u l t s i m u l a t i o n i s aimed p r i m a r i l y at supporting production t e s t i n g and f i e l d m a i n t e n a n c e , and f o r t h a t r e a s o n , i t i s g e n e r a l l y used o n l y a t l a t e s t a g e s of system development when l o g i c d e s i g n has s t a b i l i z e d . However~ r e c o g n i z i n g the i m p o r t a n c e of designing testability e a r l y i n the d e v e l o p m e n t process~ i t becomes d e b a t a b l e w h e t h e r , i n s p i t e of i t s r e l a t i v e l y high cost in computer t i m e , f a u l t s i m u l a t i o n s h o u l d not be used d u r i n g the des i g n phase as a means of e v a l u a t i n g the d i a g n o s a b i l i t y o f the system. A n o t h e r i m p o r t a n t a s p e c t of m a i n t e n a n c e i s the need f o r comp l e t e and a c c u r a t e d o c u m e n t a t i o n . In t h a t r e s p e c t , DA systems g e n e r a l l y i n c l u d e programs t h a t can q u i c k l y produce a wide v a r i e t y of documents t h r o u g h o u t system d e v e l o p m e n t , such as p a r t s lists, wiring lists, circuit-location c h a r t s , systems d i a g r a m s , maintenance schedules~ etc. More importantly however, DA provides the capability to readily ond occurately mointoin up-tod a t e d o c u m e n t a t i o n t h r o u g h o u t the l i f e of the system. Reliability
and DA
General The most s i g n i f i c a n t e f f e c t a f u l l DA system has on e l e c t r o n i c system r e l i a b i l i t y , r e s u l t s from the r a p i d t h r o u g h p u t of t h i s approach t o d e s i g n . T h i s p e r m i t s , (a) s e v e r a l s i g n i f i c a n t l y diff e r e n t d e s i g n s o l u t i o n s to be i m p l e m e n t e d ( e . g . , d i f f e r e n t part technologies, different p a c k a g i n g a p p r o a c h e s ) w i t h i n the u s u a l development c y c l e and t h u s p r o v i d e s f o r a f i n a l selection for production after extensive testing, (b) m i n i m i z a t i o n of e x t e n s i v e r e - d e s i g n a s s o c i a t e d w i t h development p r o g r a m s , t h u s p e r m i t t i n g the d e v e l o p m e n t of a d e s i g n s o l u t i o n a p p r o a c h i n g the i n h e r e n t reliability w i t h o u t a l o n g p e r i o d of r e l i a b i l i t y growth. The e f f e c t s of DA on system r e l i a b i l i t y are d i s c u s s e d below under f o u r t o p i c s , i . e . , (a) P a r t , (b) C i r c u i t D e s i g n , ( c ) System, and (d) M a n u f a c t u r i n g C o n s i d e r a t i o n s . Part Considerations As parts play a critical rolelin determining system reliability, v a r i o u s t e c h n i q u e s have e v o l v e d aver the y e a r s t o (a) ensure t h a t o n l y p o r t s w i t h a proven r e l i a b i l i t y h i s t o r y are used, (b) t h a t t h e y are second sourced and, ( c ) t h a t t h e y are r e a d i l y a v a i l able at competitive prices. Some o r g a n i z a t i o n s approach the p r o b lem by p r e p a r i n g a P r e f e r r e d P a r t s L i s t (PPL) which i s c o n t i n u o u s l y updated and i s s u e d as a s t a n d a r d . Large p r o j e c t s w i l l somet i m e s have a PPL imposed by c o n t r a c t . Large p r o j e c t s a l s o may employ a P a r t s C o n t r o l Board whereby the p r i m e c o n t r a c t o r h o l d s r e g u l a r m e e t i n g s a t each of h i s m a j o r s u b c o n t r a c t o r s i n o r d e r
Vol. 17, No. 1
Effects of Design Automation on the Reliability and Maintainability Design of Electronic Systems
147
that part commonality is ensured 1o the maximum extent possible. Despite the above efforts, control is still an elusive goal far reasons due mainly %o project pressures. However, with DA the designer is constrained at least initially %o implement his design only with those parts available in the EDB. Since from the start of the design, the designer is limited automatically in the choice of ports he may use, then, an ideal PPL situation has been achieved. If new parts are found %o be required, for any reason, first they must satisfy criteria (a) %o (c) mentioned above, to the maximum extent possible, and thereafter be placed an the EDB for use. The complexity of ports an the £DB can range from the simplest to the most complex available in the industry. Modelling at the gate level is a feasible solution far parts up %o about 500 gates, beyond this functional simulation con be used. Circuit Desiqn Considerations Some of %~e tasks now p~'rformed manually and/or individually by reliability engineers can be integrated within a DA system %o give the design rapid reliability assessments. Stress Analysis For purely digital systems, stress analysis is usually confined %o ensuring that integrated circuit loading rules are nat exceeded, in some cases ensuring that the number of loads is some percent of the rated loading. This activity is quite manageable when dealing with, for example, a single area of circuitry bounded by a schematic where all lines between parts are immediately apparent. However, such is not the situation for those cases where circuitry is represented by multiple schematics or where a wiring list must be consulted to check intercannection, thence loading. For all of the above cases, a program can be devised to check device loading and report those cases where overloading has occurred. For extensive analog circuitry some programs 3 contain features where component stress is computed and provided to the user. A case in point i s SYSCAP ~ w h i c h c o n s i s t s of a number of computer programs with an extensive choice of options. Two useful
options are DICAP and TRACAP, which when used together can analyze electrical stresses on the parts comprising o circuit. DICAP can be used to obtain DC stresses far nominal and worstcase conditions and TRACAP can simulate parts stresses from transient and/or duty-cycle circuit operations. The SOPSTO option of DICAP also detects any potential overstress arising from multiple power supplies that increase from zero to rated voltage in a disporportionate manner. A nominal DC analysis is given in Figure 2. Wors~ Case Analysis In digital systems many problems are related %o timing such as clock skew, hazard conditions, race and oscillation conditions. With an accurate ED8, i.e., accurate timing relationships for the parts being used in a detailed design, these conditions can be predicted. Figure 3 shows on example of a timing analysis. Programs ore available for analog circuitry which provide worst case analysis where the effect of parameter drift caused by
148
J.E.
Arsenault & P. DesMarais
Vol. 17, No. 1
a g i n g , f o r e x a m p l e , can be t a k e n i n t o a c c o u n t . Design t o l e r a n c e a n a l y s i s a l s o may be p r o v i d e d by u s i n g Monte C a r l o t e c h n i q u e s . System C o n s i d e r a t i o n s T h i s e q u i p m e n t l e v e l r e p r e s e n t s the h i g h e s t l e v e l o f c o n c e r n a t w h i c h t h e d e s i g n e r can e v a l u a t e t h e v a r i o u s system t r a d e - o f f s . A l t h o u g h t h e r e has been some p r o g r e s s i n h i g h l e v e l system s i m u l a t i o n t h r o u g h t h e use o f R e g i s t e r T r a n s f e r Language (RTL), t h e s e l a n g u a g e s are most u s e f u l i n system c o n c e p t i o n a l d e s i g n . RTL and l i k e l a n g u a g e s , are used t o d e c l a r e a p r o p o s e d r e g i s t e r structure and t h e l o g i c a l o p e r a t i o n s between them. M i c r o p r o g r a m s are t h e n d e v i s e d t o c o n t r o l t h e d a t a - p r o c e s s i n g o p e r a t i o n s between t h e r e g isters. The b u l k of s i m u l a t i o n f o r d e s i g n c o n t i n u e s t o be done u s i n g p a r t models as t h e b a s i c e l e m e n t s . Mean Time Between F a i l u r e (MTBF) Typically, reliability e n g i n e e r s c a l c u l a t e MTBF based on f a i l ure r a t e s o u r c e s s e i t h e r c o m p l e t e l y by manual methods or by a s t a n d - a l o n e computer p r o g r a m . This approach a l s o a p p l i e s to s y s tem r e l i a b i l i t y m o d e l l i n g w h i c h i s a c c o m p l i s h e d m a n u a l l y or v i a a s t a n d - a l o n e computer program. Because a d e s i g n e r e v e n t u a l l y w i l l implement h i s d e s i g n a t t h e part level, a s e t o f programs can be i n t e r f a c e d w i t h the EDB t o compute the MTBF f o r any d e s i g n s p e c i f i e d . An a d d i t i o n a l set of programs can be used t o p e r f o r m system m o d e l l i n g , f o r e x a m p l e , r e dundancy g i v e n i n MTBFs of t h e i n d i v i d u a l designs involved. In addition, it will be p o s s i b l e t o v a r y p a r a m e t e r s such as the env i r o n m e n t i n w h i c h t h e system i s r e q u i r e d t o p e r f o r m , p a r t q u a l ity, t e m p e r a t u r e , and so on, a l l o f w h i c h i m p a c t MTBF. Figure 4 shows an example of t h e o u t p u t from such a program w h i c h can be interfaced t o an EDB f o r g e n e r a t i n g MTBF e s t i m a t e s l e a d i n g t o design trade-offs. Sneak C i r c u i t Analysis This type of a n a l y s i s 6 i s growing in p o p u l a r i t y as a u s e f u l t o o l a t t h e system l e v e l . I t seeks t o i d e n t i f y a l a t e n t p a t h or c o n d i t i o n which i n h i b i t s a d e s i r e d a c t i o n or i n i t i a t e s an u n i n t e n d e d or unwanted a c t i o n . A sneak c i r c u i t i s n o t caused by p a r t failure b u t i s a c o n d i t i o n t h a t has been d e s i g n e d i n a d v e r t e n t l y i n t o a system. A u t o m a t i o n has been used i n a n a l y s i s o f t h i s t y p e s i n c e 1970, u s i n g s c h e m a t i c s , w i r i n g l i s t s and o p e r a t i o n a l scenarios (operational and m a i n t e n a n c e sequences) as a d a t a base. So f a r , t h i s a n a l y s i s has been a c c o m p l i s h e d as a s e p a r a t e a c t i v i t y and o b v i o u s l y u s i n g the EDB g e n e r a t e d f o r a system and a p p r o p r i a t e s c e n a r i o s t h e a n a l y s i s can be a c h i e v e d by s i m u l a t i o n . Sneak c i r c u i t a n a l y s i s i s concerned b a s i c a l l y w i t h the t o p o l o g y o f a system and i n essence so i s F a u l t Tree A n a l y s i s . Theref o r e , t h e g e n e r a t i o n of F a u l t Trees from the system EDB s h o u l d be relatively straight forward. Manufacturing Considerations I n m a n u f a c t u r i n g a system s e v e r a l from DA s y s t e m s . -
PCB R e p e a t a b i l i t y Because a u t o m a t i c
artwork
important
generation
benefits
equipment
can o c c u r
can h o l d
taler-
Vol. 17, No. i
Effects of Design Automation on the Reliability and Maintainability Design of Electronic Systems
149
ance as c l o s e as (a) +0.002 i n c h , (b) r e g i s t r a t i o n between l a y e r s t o + 0 . 0 0 1 5 i n c h and (~) d r i l l h o l e s p o s i t i o n e d on a g r i d as f i n e as ~ . 0 0 2 i n c h e x c e l l e n t repeatability and u n i f o r m q u a l i t y can be a c h i e v e d i n PCB m a n u f a c t u r i n g 7 A description of a program f o r a u t o m a t i c a r t w o r k g e n e r a t i o n i s g i v e n by A l l u m 8. E f f e c t s o f Change Uecause of the many and v a r i e d c o n s i s t e n c y checks a s s o c i a t e d w i t h DA s y s t e m s , b e f o r e changes a r e i m p l e m e n t e d , t h e i r e f f e c t s on e l e c t r o n i c system p e r f o r m a n c e can be a c c u r a t e l y f o r e c a s t and assessed f o r s u i t a b i l i t y . When changes a r e i m p l e m e n t e d , t h e y are p r o p a g a t e d a c c u r a t e l y i n t o the m a n u f a c t u r i n g p r o c e s s and p r e c l u d e reliability p r o b i e m s due t o poor d o c u m e n t a t i o n . Maintainability
and DA
As e l e c t r o n i c systems grow i n p e r f o r m a n c e t h e y grow a l s o i n complexity, leading to correspondingly i n c r e a s e d problems i n the a r e a o f f a u l t d e t e c t i o n and f a u l t i s o l a t i o n . This is true for a l l equipment l e v e l s , i . e . p a r t , a s s e m b l y , u n i t and system. Ultimately the s o l u t i o n i s t o d e s i g n i n f e a t u r e s a t a l l e q u i p m e n t levels, b e a r i n g i n mind t h a t a b a l a n c e between h a r d w a r e and s o f t ware a p p r o a c h e s t o t h e p r o b l e m must be s t r u c k . DA h e l p s to make this goal a reality, so t h a t i t w i l l be p o s s i b l e t o d e s i g n l a r g e systems and s m a l l complex o n e s as w e l l , so t h a t t h e y w i l l e x h i b i t optimum f a u l t d e t e c t i o n and i s o l a t i o n characteristics. The main DA t o o l i n a c c o m p l i s h i n g t h i s i s s i m u l a t i o n , the s t a r t i n g point of system d e s i g n . T h i s i s d i s c u s s e d under f i v e t o p i c s , i . e . , (a) P a r t , (b) C i r c u i t D e s i g n , ( c ) System, (d) M a n u f a c t u r i n g , and (e) Field Considerations. Part Considerations De'signing m a i n t a i n a b i l i t y i n t o p a r t s i s n o r m a l l y not the t a s k o f the system d e s i g n e r . However, t h i s i s c h a n g i n g as i n the case of the TMS-i000 m i c r o p r o c e s s o r n o t e d by F a l k 9 where a d d i t i o n a l circuitry i s added t o Lhe ~ h i p , a l o n g w i t h e x t e r n a l t e s t p i n s f o r testing purposes. A d e s i g n e r who i s a i m i n g t o meet s p e c i f i e d maintainability t a r g e t s w i l l o b v i o u s l y e x p l o i t any f e a t u r e s p r o v i d e d a t the p a r t l e v e l , i n f a c t , t h i s c o u l d i n f l u e n c e t o some degree the c h o i c e of p a r t s . Circuit Design C o n s i d e r a t i o n s B r o a d l y s p e a k i n g , the d e s i g n e r w i l l be f a c e d w i t h the problems o f (a) where to l o c a t e t e s t p o i n t s ( h a r d w a r e a n d / o r s o f t w a r e ) and ( b ) what s t i m u l u s / r e s p o n s e regime i s n e c e s s a r y t o p r o v i d e adequate or s p e c i f i e d m a i n t a i n a b i l i t y characteristics. Circuit Card Assembly We will assume f i r s t t h a t the d e s i g n has been l o g i c a l l y partitioned onto Circuit Card A s s e m b l i e s (CCAs) and now we w i s h t o d e s i g n each CCA so t h a t i t i s t e s t a b l e i n a d d i t i o n t o m e e t i n g the r e q u i r e d p e r f o r m a n c e c h a r a c t e r i s t i c s . With a DA system, each CCA i s m o d e l l e d , u s i n g the p a r t models i n the EDB and c o n n e c t i n g them i n t o n e t w o r k s r e p r e s e n t i n g the c i r c u i t s n e c e s s a r y t o meet the s p e c i f i e d p e r f o r m a n c e . We can assume f u r t h e r t h a t the v a r i o u s
150
J.E. Arsenault & P. DesMarais
Vol. 17, No. I
simulation possibilities have indeed proven that the CCA meets the performonce requirements and is free of logical errors. At this point a set of test inputs con be devised, which ore combined with the CCA logic network description and looded for running with a fault simulator such as CCTEGAS3 I°. A fault list is compiled, which in essence leads back to the faulty port on the CCA (based on the observed output from the CCA with the specified input) and fault detection and isolation percentages ore computed. Before the CCA is released for layout it is highly testable ond it hos developed for it o test program for use on ATE when the CCA is finally manufactured. Figure 5 shows an example of the output from a fault simulator.
F a i l u r ~ Mode And E f f e c t s A n a l y s i s (FMEA) FMEA produces a c a t a l o g u e o f p o t e n t i a l part failures (opens, s h o r t s and Power Supply o v e r - v o l t a g e s ) and the r e l a t e d s e c o n d a r y overstress, secondary failure and c i r c u i t failure symptoms which would r e s u l t . This catalogue is useful in fault isolation studi e s and system l e v e l f a i l u r e mode a n a l y s i s . FMEA i s p a r t i c u l a r l y useful for analog circuits whereas d i g i t a l circuits can have a practically limitless member of machine s t a t e s . T h i s makes exh a u s t i v e a n a l y s i s of t h i s t y p e of f a i l u r e mode, t h r o u g h f a u l t s i m ulator programs, expensive. An e c o n o m i c a l approach i s t o be s a t i s f i e d w i t h f a u l t d e t e c t i o n and i s o l a t i o n p e r c e n t a g e s o f the o r der of 98% eoch. A computer g e n e r a t e d FMEA f o r an a n a l o g case i s g i v e n i n F i g u r e 6. System C o n s i d e r a t i o n s The system l e v e l r e p r e s e n t s the h i g h e s t e q u i p m e n t l e v e l w i t h which the d e s i g n e r i s c o n c e r n e d . The o b j e c t i v e w i l l be t o f a u l t d e t e c t and i s o l a t e i n some cases t o the f a u l t y r e p l a c e a b l e u n i t , w h i l e i n o t h e r s t o the f a u l t y r e p l a c e a b l e a s s e m b l y . In the f o r m e r case, the system i s r e p a i r e d b y u n i t replacement. The f a u l t y u n i t w i l l be f a u l t i s o l a t e d t o the f a u l t y r e p l a c e a b l e assembly by the use of g e n e r a l i z e d ATE. System In many cases systems are d e s i g n e d so t h a t , d u r i n g system startup, central computing circuitry can, v i a B u i l t In T e s t ( B I T ) , run t e s t sequences t o check t h a t i t i s o p e r a t i n g n o r m a l l y . When c o r r e c t o p e r a t i o n of t h i s c i r c u i t r y i s c o n f i r m e d , then the s y s t e m ' s p e r i p h e r a l s are checked, i n t u r n , under c o n t r o l of the central computing circuitry u s i n g BIT a s s o c i a t e d w i t h each p e r i p h e r al. To a l a r g e degree the development of BIT can be a c c o m p l i s h e d by a h i g h l e v e l s i m u l a t i o n , especially when the system i s c a r e fully partitioned into function areas. Once the t o t a l system i s up and r u n n i n g , then b a c k g r o u n d t e s t s c o n t i n u o u s l y m o n i t o r the system i n a n o n - i n t e r r u p t i v e fashion.
Unit Level T h i s e q u i p m e n t l e v e l i s e x e m p l i f i e d by a s s e m b l i e s grouped t o g e t h e r both p h y s i c a l l y and e l e c t r i c a l l y to p e r f o r m a f u n c t i o n ( s ) . Typically, a f a u l t y u n i t can be removed from the system and r e p l a c e d by a good u n i t , t h u s r e s t o r i n g the system t o normal o p e r a tion. In many i n s t a n c e s the u n i t i s t h e n c o n n e c t e d t o ATE f o r f a u l t d e t e c t i o n and i s o l a t i o n t o the f a u l t y a s s e m b l y . In g e n e r a l , t e s t c o n n e c t o r s , b r i n g i n g out the n e c e s s a r y t e s t p o i n t s , are used
Vol. 17, No. I
Effectsof Design Automation on the Reliability and Maintainability Design of Electronic Systems
151
to accomplish this task and are strategically placed, based largely upon intuition and knowledge of the design. However, programs such as described by DesMarais and Williams II ore available, which can be adopted to reading an EDB and are capable of assigning o minimum number of test points to permit isolation to
the f a u l t y assembly. Mean Time To Repair (MTTR) Programs can be developed to compute the MTTR in association with the EDB, with the user supplying only that information which is not readily available in the EDB. An example of a computer generated MTTR Estimate is shown in Figure 7. ManufacturinB Considerations OA will have considerable impact on manufacturing processes in that when a design is released for manufacturing it will be testable at all equipment levels. This will result in faster throughput from design to finished produc~ as maintainability characteristics will have been designed in. When hardware is built in manufacturing, test programs will be available for use on ATE. Figure 8 depicts typical factory equipment used for both uni~ and circuit card production testing. In many cases the ATE used for unit testing will be completely different from ATE used for circuit card testing. Another factor is the availability of a set of complete and accurate documentation generated by the DA system at the detailed level. Field Considerations DA systems provide significant benefits when electronic systems are placed in the operational environment and are, therefore, subject to maintenance actions. One of the real benefits is a complete and accurate set of documentation for use by Field Service Engineers (FSEs) as an integrated DA system is capable of producing documentation such as the following, (a) Wiring Lists, (b) Simulation Results, (c) Logic Schematics, (d) Printed Wiring Board.(PWB) Artwork, (e) Test Programs, I~ ) Parts L i s t s . Advances in low-cast portable testers permit FSEs to confirm the f a i l u r e of suspect CCAs and even repair products on s i t e . Most manufacturers make available ~ranslators, capable of i n t e r facing diagnostics generated under a simulation system, to the tester. Otherwise, it is possible to write a translator program to link diagnostics developed under a DA system to the particular tester. Test programs for portable testers con be kept on cosseries. Conclusion A greater awareness of DA techniques and their introduction and practical application provides the key to designing electronic systems with required reliability and maintainability performance. DA will play an increasingly important role with respect to the global problems of system Life Cycle Cost (LCC). Larger organizations tend to choose and/or develop on integrated approach to DA to minimize manual input to the design process. Smaller organizationswill usually be constrained by economics to
152
J.E. Arsenault & P. DesMarais
Vol. 17. No. 1
s e l e c t a mix of DA programs and t r a d i t i o n a l approaches t h a t gether provide an economical s o l u t i o n to t h e i r needs.
to-
Acknowledgement The authors would l i k e to thank C. Kennedy, J. Daley and 3. R i e g l e r w i t h o u t whose a s s i s t a n c e t h i s paper could not have been produced. References 1. Brewer, M.A., Ed., Design Automation of D i g i t a l Systems r Vol. I Theory And Techniques, P r e n t i c e - H a l l , I n c . , Englewood ' C l ' i f f s , N.J.,l'972': 2. DesMarais, P., and K r i e g e r , M., F a u l t S i m u l a t i o n and D i g i t a l Circuit Testability, M i c r o e l e c t r o n i c s and R e l i a b i l i t y , Vol. 15 Supplement, June 1976, pp. 5-13. 3. Kaplan, G., Computer-Aided Design, IEEE Spectrum, IEEE, N.Y. October, 1975, p. 40-47. 4. , SYSCAP I I System Of C i r c u i t A n a l y s i s Programs, User I6forma~ioh ' Manual, C o n t r o l Data C o r p o r a t i o n , 1 S e p t . , 1975. 5. , Reliabilit Z Prediction Of Electronic E@uipment, MIL-HDBK-217B, U.S. Dept2 Of Defence, 20 Sept. 1975 6. Clardy, R.C., Sneak Circuit Analysis Development And Application, 1976 Region V IEEE Conference, April 14-16, 1976, IEEE ~'a'~log No. 76CHI068-REG 5. 7. , Computer-Aided Drafting and Documentation Systems, ~TE Lenkurt Demod'ulator, January 1974. " 8. Allum, B., et a l , Com~uter S~stem A c c e l e r a t e s Design Of P r i n t ed C i r c u i t Boards, Tezesis, e l l - N o r t h e r n Research, 1976/1, p. 144-150. 9. Falk, H., Design For Production, IEEE Spectrum, IEEE, N.Y. October, 1975, p. 52. I0. , CCTEGAS3-Test Generation And Simulation System, User Information Manual, Cont'rol Data Corporation, 4 Jan.,1975. l l DesMarois, P and Williams, System Diagnosis with FLIP, Microelectronics and Reliabi y, this issue. " 12. Franson, P., Portable Tester Checks Complex Logic, Electronics July ii, 1974, p. 125.
(ENGINEERING
FIGURE
1.
eaTA ~ S E ~
TYPICAL
DA
SYSTEM
Effects of DesignAutomatlon on the Reliability and Maintainability Deslgn of Electronic Systems
Vol. 17, No. 1
153
INITIAL CO~OITION~
SSI (G
MSI (10
LSI (100
VLSI (G>1000) ~oo[
5400(NAND) 5404(HEX I N V ) 5474(FF) G=Equivalent Gates
5480(ADD} 54150(MUX) 54195(SR)
TABLE
1.
PART
2901(pP) 8080(pP)
EDB
2107(RAM) 2708(EPROM) 9900(~P)
a
.iooooe.o~
,
~
~
.l~oe~[.oo
as
[ptsx
-.~oooo[.o~
~O~E
.lenz~.ol ..1138~[*00
is
.*3OO00[*0Z
30 O3 31 °s ~
.le3~6(.oa
19
IS NODE 19
-.t~eE*o~
NOC[
NO©E 2
-*15000E*02
+l
mOO( 29
-.16765[*02
33
.I?S0I[-Ol
COMPLEXITY
FIGURE
~ooz
.eqoz6[.oo .~13*SE-~S
DC
2.
NOMINAL
Ol
lot
'601f~['03
ANALYSl9
~e
i .......................................
i *o. co~o~(,+ ~ . , , y
!!!i .......... i_i L V L
FIGURE
........
FIGURE
,o
~o,L, d , ; .
5.
~ +E.~ s..
,.isl
,.o ~.. . r++E[ s-.
,.,s~
o
3,
TIMING
!-i_i
Li
i ......
ANALYSIS
FIGURE
[ ~OCE ~ P
.Tsooo(.oo
NOCE
~
*.383~E-07
~OC[
~
.133~E*0~
4.
I~
M T S F
,0o~
SIMULATION
OUTPUT
FIGURE
6.
13
L~ NOOE 16 ]~
~OOE le
.I I. . . ~0C[ . . . . . . ..,e. . . . . .-.lsoeo[.oa .*qa~3~[*0n . . . . . . . . . . . . .e~, .l . . .NO0~ .. NOCE 11 ~3 NOD[
.................
FAULT
°*.
~ ~
FMEA
E S T I M A T E
.~o~z-oz -+?O~00E*0Z .3oooo[.oz -.~09~(.0~ *l~000E*0~
ANALOG
2s ,OOE SZ
*T3191E*00
~s ~
.13~SaE*0I
31
~3 ol zo~ !! !! .lOT . . . . . . . . ..z~e~[.eo ... *~0783E.0~
NETWORK
t.,~,
.<
FIGURE
?,
MTTR
ESTIMATE
FIGURE
8,
TYPICAL
ATE
-.H3S~.OZ
~8 04 PT
COMPLEX