In the first module we introduced programmable logic devices in the FPGA. In this module, we will extend our knowledge of FPGA capabilities so that we can choose the right one when working on a design. Designing digital devices is a creative process, much like cooking up a new recipe or painting a new picture. To be proficient, we need to know what ingredients are available to make our new creation. Xilinx, Altera, Microsemi and Lattice all make great programmable logic devices, but none of them will work for every application.
|Genre:||Health and Food|
|Published (Last):||28 July 2011|
|PDF File Size:||12.16 Mb|
|ePub File Size:||20.1 Mb|
|Price:||Free* [*Free Regsitration Required]|
Rajiv Jain QuickLogic - Leave a Comment Most FPGA technologies fail to address key mission-critical design requirements, but anti-fuse-based architectures succeed, providing essential attributes such as radiation resistance and design security. But for military and aerospace applications, memory-based FPGA technology is known to fall short in addressing several important requirements, including radiation resistance and design security.
Anti-fuse FPGA technology successfully addresses these requirements to bring the advantages of programmable logic to mission-critical system design. Many developers understand that mission-critical systems must be designed for reliable operation in extreme environmental conditions, but find that most FPGA technologies are hard-pressed to meet these needs. Our discussion will focus on three of these other key requirements: nonvolatile configuration, reliable operation in a radiation environment, and design security Table 1.
Table 1 Click graphic to zoom by 2. Replacing live system components during maintenance or repair, lapses when switching from line to battery power, and brownouts can all trigger a need for the system to recover from power interruptions. A nonvolatile system configuration simplifies the recovery process, eliminating the need to reload system settings and parameters.
This makes system recovery quicker and less error-prone than when the configuration must be reloaded, increasing system availability to perform its mission. Additionally, with the end of the Cold War, the need for mil-aero systems to operate in radiation environments has faded from general awareness.
This requirement does not just come from the need to survive nuclear events, however. Even in daily operation, mission-critical systems might be exposed to high radiation levels. The radiation comes in the form of cosmic rays and solar wind along with the high-energy secondary particles these sources generate at high altitudes see Figure 1.
Figure 1 Click graphic to zoom by 2. Such a change could wreak havoc with system operation if it occurs in a critical location within the FPGA. Design security is a third requirement of mission-critical system design, particularly military systems. If designs are not secure, enemies can quickly erase any technical advantages that such designs provide by reverse engineering and cloning captured equipment for their own use.
Systems might also embed sensitive information such as passwords, encryption keys, and frequency-hopping algorithms. Extracting such information from a captured system would allow an enemy to create equipment that can intercept and interpret coded communications or generate mimicry signals to confound command and control activity.
Designs that are difficult, expensive, and time consuming to reverse engineer can prevent such compromises by delaying results until they are no longer useful. Using FPGA devices gives developers design flexibility and integration levels comparable to using ASICs, but at much lower cost and with more immediate availability. Not every FPGA technology suits the needs of mission-critical design, however.
Figure 2 Click graphic to zoom by 2. The typical approach is to employ a small, external, nonvolatile memory source such as a serial EEPROM to hold the configuration data.
The rest of the system must wait until the FPGA is ready in order to become fully operational. The SRAM approach to programmable logic also has several unfortunate design attributes. One is that the circuit needed at each connection point is fairly large, requiring multiple transistors to form the SRAM cell and resulting in lowered interconnect density. The architecture still requires a switch transistor at each connection point, limiting interconnect density and signal speed through the connection.
The floating gate receives or loses its charge when a high-voltage programming signal drives electrons onto or off of the gate by tunneling through an oxide layer. In normal operation, the gate has no discharge path available, thus making the FPGA configuration nonvolatile. An alternative approach to providing nonvolatility is to use anti-fuse technology. The anti-fuse is an amorphous silicon via at each configurable circuit junction in the FPGA.
Unprogrammed, the via is an insulator and there is no connection at that site. Programming the via by applying a high voltage to it changes its state to become a conductor, thus making a connection at that site. The state change is permanent, making the anti-fuse FPGA nonvolatile. Because no transistors are involved in maintaining the logic connection, interconnect density is high and there is no leakage current.
Interconnect capacitance is low, reducing dynamic power. Addressing radiation Aside from the issue of volatility, the need to operate in a radiation environment is a second strike against memory-based FPGA technologies.
Highly energetic particles passing through an active semiconductor device create temporary ionization paths through the silicon. These pathways can briefly short circuit transistors, creating the transient pulses called SEUs.
While memory used in processor applications often includes error correction and detection to handle such events, the configuration memory of FPGAs has no such protection. The anti-fuse FPGA has no such vulnerability. The energy of an SEU is not high enough to program a via, and the transient pulses have no significant effect on the logic.
To completely characterize a programmed FPGA, two pieces of information are required: the configuration details and the underlying structure. Configuration details are the easiest to capture in memory-based FPGAs. Both approaches are relatively quick to perform and inexpensive to implement.
The approach is to strip away each layer of a logic device, one at a time, using plasma for passivation and oxide layers or chemical for metal layers etching, then take a high-resolution photograph as each layer is revealed Figure 3. The photographs allow reconstruction of the mask sets used to fabricate the device. This then permits the device to be analyzed or even cloned. Figure 3: 3A and 3B Click graphic to zoom by 1. This results in part because the programmable element lies within a multi-layer structure, so surface scanning is ineffective.
Also, there are no signals or stored charges to probe; program storage is a structural change that affects resistance, not an accumulation of charge.
Only physical examination will show the programming state of the anti-fuses, and the layer-stripping method will not work effectively. The cross-section of the altered region in the anti-fuse is too small to observe from above, so the only way to reliably see the structure is from the side see again Figure 3.
Obtaining this view requires the use of a Focused Ion Beam FIB to create a trench in the device, then milling the edge to expand the trench in steps. Taking photographs at each step allows creation of a 3-D image of the circuit.
This procedure requires expensive equipment, however, and is prohibitively time consuming without foreknowledge of where to look. Even with foreknowledge, the number of anti-fuses requiring examination makes the task impractical. Anti-fuse satisfies mission-critical needs The design security needs of mil-aero applications, along with radiation resistance and nonvolatility, are often neglected in literature, but cannot be ignored by designers.
Of the FPGA technologies, anti-fuse programmability is the only one that meets all the requirements of mission-critical designs. Rajiv Jain is director of process technology at QuickLogic Corporation, where he has been employed since He can be contacted at Jain quicklogic. Mehul Kochar, marketing manager FPGA solutions, has been working at QuickLogic for five years, three of which have been in his current position. He can be contacted at Kochar quicklogic. QuickLogic www.
Wilson, I. Jones, and D.
FPGAs for mission-critical applications
Whether security fuse is programmed or not Programmed g state of fuse can only y be detected in cross-section? Ground level and airborne applications are affected by radiation too! Can be corrected with EDAC. Requires device or system-level reload or reset. Improved High Fanout Performance? Superior p Clock management g?
1. Many types of FPGAs
Introduction Higher mask cost and increasing minimum lot sizes, two economic trends of the semiconductor industry, are making FPGAs increasingly more cost effective compared to the competing ASIC solutions. A new business model enabled by the security capabilities of nonvolatile antifuse and Flash-based FPGAs will also be discussed. Data security: the designer wants to prevent the data being sent to or from the FPGA or ASIC platform from being copied, corrupted, or otherwise interfered with. Figure 1: Classes of Design Security Needs IP security is the primary concern of companies or IP developers whose competitive advantage is derived from their ability to implement the design. It is also the primary concern for manufacturers of mid to high volume consumer electronics whose market share and profitability is eroded by "knock-off," "cloned," or counterfeit versions of their product. Data security is the primary concern in cryptographic or financial applications.