FPGA与SoC芯片设计中五步法CDC跨时钟域检查方法学
Advanced Verification White Paper Five Steps to Quality
CDC Verification
Ping Yeung Ph.D.
Mentor Graphics
CDC synchronizers are used to reduce the probability of metastable signals. Taking unpredictable metastable sig-
nals and creating predictable behavior, they prevent metastable values from reaching the receiving clock domain.Metastability Effects
Even when proper CDC synchronizers are used for all clock-domain crossings and all CDC protocols are cor-rectly implemented, metastability inevitably leads to unpredictable cycle-level timing [4, 5]. Traditional RTL simulation does not model metastability, therefore, it cannot be used to find functional problems that may arise when metastability manifests in hardware. We are going to show two scenarios in which the cycle-level timing of RTL simulation differs from the cycle-level timing of the actual hardware in the presence of metastability.In Figure 3, the incoming CDC signal, cdc_d , violates the register setup time. Although it is sampled correctly in RTL simulation, the register is metastable and the output settles to 0. As a result, the hardware transition is delayed by one cycle.
Figure 2: A two-register CDC synchronizer.
Figure 4: Hold time violation: hardware transition is advanced by one cycle.
Figure 3: Setup time violation: hardware transition is
delayed by one cycle.
In Figure 4, the incoming CDC signal, cdc_d, violates the register hold time. In RTL simulation, it is not sam-pled until the next cycle. However, the register is metastable and the output settles to 1. As a result, the hardware transitions one cycle before simulation.
CDC Verification
Many designers know that metastability can be controlled using synchronizers on CDC signals. The most com-mon solution is to use synchronizers made up of two D flip-flops (2-DFF), or more, in sequence to dramatically increase the mean time between failure (MTBF) of the crossings. It is important to point out that simply ensur-ing the presence of synchronizers on the appropriate signals, while necessary, is not nearly sufficient. There are three different aspects of CDC verification that must be carefully addressed:
?Structural verification. Each synchronizer must have the correct structure for the type of signal being sent across clock domains. For example, a 2-DFF synchronizer is usually the best solution for single-bit signals but should not be used for multi-bit signals unless they are gray-coded to ensure that only one bit changes at a time [1, 2]. Multi-bit signals may be synchronized across domains using a separate control signal, an asynchronous FIFO, or other methods. Also, there should be no combinational logic inside or before a synchronizer.
?Protocol verification. Each synchronizer must follow a set of rules, called a transfer protocol, to ensure that the CDC signal is properly transferred across clock domains. For example, even the simplest 2-DFF synchronizer requires that the transmitting signal be held stable long enough to guarantee that it is captured in the receiving domain. This may not occur if the transmitting clock is faster than the receiving clock. Synchronization structures for multi-bit signals require more complex protocol checks [2, 3]. When CDC transfer protocols are violated, an error may not occur in simulation but will eventually occur in real hardware.
?Metastability verification. Problems associated with the reconvergence of CDC signals must be avoided. Reconvergence occurs when multiple signals are synchronized separately from one clock domain to another and then used by the same logic in the receiving domain (Figure 5). If that logic assumes a timing relationship between the signals, the design is not tolerant of metasta-
Figure 5: Reconvergence of CDC signals.
running CDC verification at the chip-level is not ideal
as there are too many behavioral models. For this reason, designs with the RTL representation are
best suited for CDC verification. All multiple-bit regis-
ters and buses can be identified explicitly. As CDC
requirements for data and control signals are different,
they can be analyzed separately. Conversely, with a gate-
level representation, all buses have been synthesized into
single-bit wires. It is impossible to distinguish data from
control signals. Thus, only a subset of the CDC scheme
is applicable.
In addition, knowledge of the internal structure of the
design is essential for successful CDC verification.
Performing CDC analysis on third-party IP blocks or
legacy designs are not very beneficial. Without design
knowledge, you may not be able to confirm the bugs or
filter violations. You need access to the original design-
er; knowledge of the design is essential to understand
the results.
Document CDC requirements This step is important. It has the biggest impact on the quality of the result. You need to ensure that your CDC verification will be aware of all relevant design characteristics, clock relationships, and the external environ-ment. Although a set of CDC rules have been defined already in the tool, with this additional information, extra design rules and filters will be activated. As a result, the results will be more accurate and thorough. You should define the operational modes of the design, outline the clock structures, document the domains for interface sig-nals, and determine the acceptable or unacceptable synchronization rules.
?Define operational modes . Some users may be interested in verifying that all registers are driven by only the test clock when the design is in scan mode. However, in general, we want to perform CDC verification when the design is in normal operation. You should disable the non-functional modes (i.e., test, BIST, JTAG , etc.)and define the meaningful operational modes and configurations for the tool (Figure 8). In many cases, some parts of a design can be put into sleep or powered-down mode. The combinations can be countless. Hence, it is important to focus CDC verification on the important combinations.
?Outline clock structures . For a multiple-clock design, the primary clocks, the clock distribution structure, and the internal clock generators, dividers, and clock gating schemes are important and should be documented. The 0-In CDC tool [7] can understand these structures and extract the clock tree information automatically. It is useful to verify the original design intent with the extracted clock structures. Only crossings between asynchronous clocks should be analyzed, and there may be clock gating conditions that need to be set up properly. As the number of CDC paths Figure 7: Blocks suitable for running CDC verification are A, C, and D.
Figure 8: Define meaningful modes for CDC verification.
is proportional to the number of clock domains, it is much more efficient to limit analysis to the relevant clock domains only.
?Document interface signals.CDC verification will not check an interface signal if it does not know which clock domain it is coming from or fanning out to. You should group signals for each functional interface and clock domain and explicitly identify any input signals that are asynchronous to all clock domains. The tool will then determine whether input signals require synchronization before use. Asynchronous and synchro-nous reset signals should be labeled separately. The synchronization schemes used for reset signals are dif-ferent from normal interface signals.
?Define synchronization rules.Some companies require all CDC signals to be synchronized with a particular CDC scheme (for instance, 3-level DFFs) or with a custom synchronization cell. The 0-In CDC tool [7] rec-ognizes many CDC schemes. It is important to review those schemes first. Then you can categorize the legal or illegal synchronization schemes, turn off the unused schemes and capture the characteristics of the syn-chronization cells or modules.
Some detail-oriented designers will specify the clock domain information and capture the CDC paths in the design document. This is a practice we encourage. With this information, you can pay special attention to the specified CDC paths to ensure they are well covered.
Formalize known exceptions
It is not unusual that a simple CDC error will generate a lot of violations, especially when the CDC signal fans out to a large number of asynchronous domains. Hence, we want to identify upfront all registers that can be con-sidered stable and do not require synchronization. This is especially true for configuration registers, status regis-
ters, or control registers that are programmed by software before the design enters into normal operation. Usually this information is in the design specification. Often these control registers all reside within a single module or follow a common naming scheme. It is useful to leverage this information for CDC verification.
In addition to registers, some of the interface or internal signals are known to be stable during normal opera-tion; for example, the internally generated reset signals, the power-down signals, the chip select, and functional enable and disable signals. These are all useful in improving the efficacy of CDC verification. Finally, in previ-ous revisions of the chip, there may be known CDC bugs and issues found using manual or gate-level method-ologies.. These are painful lessons which should be captured in the verification plan. During CDC verification, you should ensure that those CDC paths are analyzed and that all problems were fixed correctly.
Define coverage goals
Based on our experience, CDC paths are poorly verified by traditional functional verification because, in a functional simulation environment, the clock periods are defined to be constants, the clock skews and relation-ships are fixed, and the clock signals are well-behaved without any buffer or propagation delay. To ensure metastability effects on CDC paths are better verified, companies use various ad-hoc approaches. Some ran-domly reduce or prolong the clock periods. Some randomly change the skews and relationships among multiple asynchronous clocks.
Regardless of the technique used, when verifying CDC transfer protocols in simulation, it is important to moni-tor protocol coverage to make sure the CDC paths are adequately verified. This can be done by using a checker from an assertion library [9, 10, 11] to capture the semantics of the protocol. Checkers collect coverage infor-mation to ensure that each CDC protocol is fully exercised. Insufficient coverage means that the design may contain undiscovered bugs.
CDC Handshake:
- Assertion:
i.multiple requests violation
ii.acknowledge without request violation
iii.request drop violation
iv.acknowledge timeout violation
- Coverage:
i.#request asserted
ii.#acknowledge asserted
CDC FIFO:
- Assertion:
i.FIFO overflow violation
ii.FIFO underflow violation
iii.Simultaneous push and pop violation
- Coverage:
i.#push asserted
ii.#pop asserted
iii.maximum FIFO entry
You start by itemizing the protocols used in the CDC paths, ordering them from most important to least, and identifying the protocols that require coverage. For each CDC protocol, you will determine the assertion and coverage items, as in the code shown above. To measure how well your simulation is verifying the metastability effects, you should also monitor the alignments of the RX and the TX clocks.
Select a verification strategy
You may choose to perform exhaustive verification on each individual block or use a hierarchical approach on the entire top-level of a chip. The top-level represents the highest functional hierarchy of the design, excluding the pad ring, the test logic, the power controls, etc. You may be looking for a known bug or hunting for a prob-lem that has appeared in the lab. The strategies you choose will determine how to run your CDC analysis tools. Based on our experience, there are four common strategies
?Block-level verification.During block-level design, static analysis of the CDC structures should be run before checking in the RTL code. This ensures strict compliance with CDC schemes. If issues are discov-ered, they can be identified and debugged quickly at this level. The generated CDC protocol monitors can also be used with block-level functional verification methodologies, such as formal verification [8] and simulation. These ensure that CDC protocols are followed without any data loss.
?Top-level verification. During top-level integration, static analysis of the CDC structures should be re-run to check the new CDC signals created when multiple blocks are integrated together. The number of CDC signals goes up exponentially at the top-level. Hence, it is important to follow the five-step planning process
described above. For large and complex designs, especially ones with a lot of IP modules, a hierarchical veri-fication approach can be used. The generated CDC protocol monitors should be included in the regression for system-level functional verification.
?Bug hunting and triage. This is performed to identify known or suspected CDC issues in the design. It is important to distinguish timing from CDC issues. Timing issues tend to cause the chip to fail consistently. By changing the frequencies of the clocks or of some of the signals, the problems may disappear permanently. On the other hand, as metastability is unpredictable, CDC problems will cause the chip to fail randomly. Based on our experience, it is extremely difficult to look for CDC issues at the system or chip level. There are just too many potential candidates. Hence, the first task is to narrow down the problem to the block or subsystem level.
You should focus on blocks with asynchronous clock domains. Blocks with CDC reconvergence are especially suspicious. The random delays from different CDC paths may cause the data to be sampled incorrectly or cor-rupted completely. Once the candidate blocks are identified, the block-level verification strategy can be applied.?Targeting coverage.This can be an extension of the block-level or top-level verification strategy. The goal is to ensure that all CDC protocols have been fully exercised and that the metastability effects are fully verified on all CDC paths. The coverage on the CDC protocols monitors should be examined and additional tests created to fill any coverage holes. Once the bug rate of system-level regression has stabilized, metastability can be injected into simulation. Metastability effects will change the timing of the CDC paths. If the block is not designed to handle the random delays of the CDC paths, it may fail functionally. To make debugging easier, it is better to start with a representative subset of the regression.
In the next two sections, we will elaborate on the two most commonly used strategies: block-level and
top-level verification.
?Correctly implemented synchronizers
?Missing and incorrectly implemented synchronizers
?Complex synchronizers that require protocol verification
?Potential reconvergence problems
At this level, since the design description contains a lot of modules with a lot of asynchronous clock domains, most of the CDC paths fall into the complex and reconvergence categories. The GUI environment is particularly useful in this case as the CDC path may span multiple levels of hierarchy and several modules.
2. Run protocol verification with simulation. With the testbench environment already available for functional veri-fication, we can run the CDC protocol monitors within the simulation environment. These monitors ensure that the CDC signal is stable when going from the TX to the RX domain; the multiple-bit CDC data is gray-coded, or it is stable when it is sampled. Any assertion failure caught by the monitors means that the CDC protocol is vio-lated and should be fixed. Functional simulation gives lengthy margins for CDC signals. They tend to be suffi-ciently stable when going through the clock domains. This approach does a poor job stressing the timing of the CDC paths. Hence, when running CDC protocol monitors with functional simulation, it is important to examine the corner case coverage of the protocol monitors. Monitors which pass should have adequate coverage when the results from the whole regression suite are merged together. In order to stress the timing of the CDC paths explic-itly, we can add some direct tests into the regression suite. With a constrained-random verification environment, we can tighten the timing of the stimulus generator.
3. Run metastability verification with simulation and effect injection.If your design contains potential reconver-gence violations that cannot be easily waived after manual inspection, the 0-In CDC tool [7] can be used to iden-tify reconvergence problems by injecting metastability effects dynamically. In simulation, metastability effect injectors will change the delays through synchronizers. As a result, any logic that assumes a fixed timing rela-tionship between the outputs of the synchronizers is likely to fail. Running simulation with the effect injectors is the most cost effective way to imitate CDC metastability effects during functional verification. It enables any potential problems to be discovered quickly, before any hardware is built.
Debugging CDC Violations
In this section, we will describe a few common CDC violations and the techniques you can use to determine whether they are real design issues or not.
Missing synchronizer violation
An unsynchronized CDC signal is the most common violation reported during structural verification. For instance, in Figure 11, depending on the clock frequency, the RX register may not be able to sample its input reliability. This is a real problem. In other cases, violation are due to the following exceptions.
References
1. Clifford E. Cummings, “Synthesis and Scripting Techniques for Designing Multi-Asynchronous Clock Designs,” SNUG-2001. Downloadable from https://www.360docs.net/doc/1b9337622.html,/papers
2. Tai Ly, “The Need for an Automated Clock Domain Crossing Verification Solution,” White Paper, Downloadable from https://www.360docs.net/doc/1b9337622.html,/fv
3. Chris Kwok, et al, “Using Assertion-Based Verification to Verify Clock Domain Crossing Signals,” DVCon 2003
4. Tai Ly, et al, “Formally Verifying Clock Domain Crossing Jitter Using Assertion-Based Verification,” DVCon 2004
5. Tai Ly, et al, “A Methodology for Verifying Sequential Reconvergence of Clock Domain Crossing Signals,” DVCon 2005
6. Harry Foster, et al, “Assertion-Based Design,” Kluwer Academic Publishers, 2003
7. Mentor Graphics, “CDC Compiler User Guide V2.5,” Feb 2007
8. Mentor Graphics, “Formal Verification User Guide V2.5,” Feb 2007
9. Accellera, “Accellera Standard OVL Library Reference Manual,” July 2006
10. Mentor Graphics, “QuestaTM Verification Library Checkers Data Book V6.2f,” Jan 2007.
11. Mentor Graphics, “CheckerWare Data Book Assertion Library V2.5,” Feb 2007
Corporate Headquarters Mentor Graphics Corporation 8005 S.W. Boeckman Road
Pacific Rim
Mentor Graphics Taiwan
Room 1603, 16F,
Europe
Mentor Graphics
Deutschland GmbH
Silicon Valley
Mentor Graphics Corporation
1001 Ridder Park Drive
Japan
Mentor Graphics Japan Co., Ltd.
Gotenyama Hills
Copyright ? 2007 Mentor Graphics Corporation. This document contains information that is proprietary to Mentor Graphics Corporation and may be duplicated in whole or in part by the original recipient for internal business purposed only, provided that this entire notice appears in all copies. In accepting this document, the recipient agrees to make every reasonable effort to prevent the unauthorized use of this information. 0-In and Mentor Graphics are registered trademarks of Mentor Graphics Corporation. All other trademarks are the property of their respective owners.
For more information, visit https://www.360docs.net/doc/1b9337622.html,/fv
SOC设计方法与实现
关于对 《SoC设计方法与实现》的一点认识 '
| 目录 摘要 (3) 一 SoC概述 (3) 二SoC设计现状 (4) 1 芯核的设计流程 (7) 2 软硬件协同设计的流程 (8) 3 Soc的系统级设计流程 (8) 三 SoC发展的现状 (10) ( 1 SoC在中国发展的现状 (10) 2 国外SOC的发展现状 (11) 四SOC的未来发展趋势 (12) ;
\ 摘要 通过将近四周的学习,我已经对SoC有了一些基本的认识。在任课教师的指导下,我完成了此篇论文。本文主要从什么是SoC ,SoC 有什么用途,SoC的设计,SOC发展的现状和未来趋势这五个方面来简单论述的,在论述的过程中查阅了一部分文献资料,并且兼顾含有了集成电路的相关知识。 关键词 SoC 用途发展趋势 一 SoC概述 \ 随着集成电路1技术进入新的阶段,市场开始转向追求体积更小、成本更低、功耗更少的产品,因此出现了将多个甚至整个系统集成在一个芯片2上的产品––系统芯片(system on a chip,SoC)。系统芯片将原来由多个芯片完成的功能,集中到单个芯片中完成。更具体地说,它在单一硅芯片上实现信号采集、转换、存储、处理和I/O等功能,或者说在单一硅芯片上集成了数字电路、模拟电路、信号采集、 1 1952年5月,英国皇家研究所的达默就在美国工程师协会举办的座谈会第一次提到了集成电路的设想。他说:“可以想象,随着晶体管和半导体工业的发展,电子设备可以在一块固体块上实现,而不需要外部的连接线。这块电路将有绝缘层、导体和具有整流放大作用的半导体等材料组成”,这就是最早的集成电路的概念。 2通常所说的“芯片”是指集成电路,它是微电子产业的主要产品。
跨时钟域处理
快时钟域信号到慢时钟域有可能的情况是: 快时钟域信号宽度比慢时钟信号周期窄,导致漏采。 解决的方法有: 1.将快时钟域信号延长,至少有慢时钟周期的一到两个周期宽 2.使用反馈的方法,快时钟域信号有效直到慢时钟域有反馈信号,表示已经正确采样此信 号,然后快时钟域信号无效。
通过反馈的方式很安全,但是从上图可以看出来延时是非常大的。慢时钟采快时钟信号,然后反馈信号再由快时钟采。 以上是简单的单个信号同步器的基本方法。 多个信号跨时钟域 多个控制信号跨时钟域仅仅通过简单的同步器同步有可能是不安全的。 简单举例,b_load和b_en同步至a_clk时钟域,如果这两个信号有一个小的skew,将导致在a_clk时钟域中两个信号并不是在同一时刻起作用,与在b_clk中的逻辑关系不同。解决的方法应该比较简单,就是将b_load和b_en信号在b_clk时钟域中合并成一个信号,然后同步至a_clk中。 如果遇到不能合并的情况,如译码信号。如下图
如果Bdec[0]、bdec[1]间存在skew将导致同步至a_clk中后译码错误,出现误码。在这种情况下,建议加入另一个控制信号,确保bdec[0]、bec[1]稳定时采。例如在bdec[0]、bec[1]稳定输出后一到两个周期b_clk域输出一个en信号,通知a_clk域此时可以采bdec[0]、bec[1]信号。这样可确保正确采样。 数据路径同步 对数据进行跨时钟域处理时,如果采用控制信号同步的方式进行处理的话,将是非常浩大的工程,而且是不安全的。 简单来说,数据同步有两种常见的方式: 1.握手方式 2.FIFO 简要说下握手方式,无非就是a_clk域中首先将data_valid信号有效,同时数据保持不变,然后等待b_clk中反馈回采样结束的信号,然后data_valid信号无效,数据变化。如有数据需要同步则重复上述过程。握手方式传输效率低,比较适用于数据传输不是很频繁的,数据量不大的情况。 FIFO则适合数据量大的情况,FIFO两端可同时进行读/写操作,效率较高。而且如果控制信号比较多,也可采用fifo方式进行同步,将控制信息与数据打包,写入FIFO,在另一端读取,解码,取得数据和控制信息。
SOC的软硬件协同设计方法和技术
SOC的软硬件协同设计方法和技术 摘要: 随着嵌入式系统与微电子技术的飞速发展,硬件的集成度越来越高,这使得将CPU、存储器和I/O设备集成到一个硅片上成为可能,SOC应运而生,并以其集成度高、可靠性好、产品问世周期短等特点逐步成为当前嵌入式系统设计技术的主流。传统的嵌入式系统设计开发方法无法满足Soc设计的特殊要求,这给系统设计人员带来了巨大的挑战和机遇,因此针对Soc的设计方法学己经成为当前研究的热点课题。 论文首先分析了嵌入式系统设计的发展趋势,论述了传统设计开发方法和工具的局限性,针对Soc设计技术的特点探究了Soc软硬件协同设计方法的流程,并讨论了目前软硬件协同设计的现状。 关键词: 软硬件协同设计,可重用设计,SOC 背景: 计算机从1946年诞生以来,经历了一个快速发展的过程,现在的计算机没有变成科幻片电影中那样贪婪、庞大的怪物,而是变得小巧玲珑、无处不在,它们藏身在任何地方,又消失在所有地方,功能强大,却又无影无踪,这就是嵌入式系统。嵌入式系统是以应用为中心、计算机技术为基础、软件硬件可剪裁、适应应用系统对功能、可靠性、成本、体积、功耗严格要求的专用计算机系统。嵌入式系统是将先进的计算机技术、微电子技术和现代电子系统技术与各个行业的具体应用相结合的产物,这一点决定了它必然是一个技术密集、高度分散、不断创新的知识集成系统。嵌入式系纫‘泛应用于国民经济和国防建设的各个领域,发展非常迅速,调查数据表明,嵌入式系统的增长为每年18%,大约是整个信息技术产业平均增长的两倍[1],目前世界上大约有2亿台通用计算机,而嵌入式处理器大约60亿个,嵌入式系统产业是二十一世纪信息产业的重要增长点。 随着集成电路制造工艺的飞速发展,嵌入式系统硬件的集成度越来越高,这使得将嵌入式微处理器、存储器、I/O设备等硬件组成部件集成到单个芯片上成为可能,片上系统SoC (System on Chip)应运而生[2]。SOC极大地缩小了系统体积;减少了板级系统SoB(System on Board)中芯片与芯片之间的互连延迟,从而提高了系统的性能; 强调设计重用思想,提高了设计效率,缩短了设计周期,减少了产品的上市时间。因此SOC以其集成度高、体积小、功耗少、可靠性好、产品问世周期短等优点得到了越来越广泛地应用,并且正在逐渐成为当前嵌入式系统设计的主流技术[3]。但Soc设计不同于传统嵌入式系统的开发,如何快速、有效地开发和设计Soc产品是当前嵌入式设计开发方法学的一个十分重要的研究领
FPGA_ASIC-基于FPGA的ECC算法高速实现
基于FPGA 的ECC 算法高速实现? 武玉华,黄允,李艳俊,欧海文 (北京电子科技学院,北京 100070) 摘要:椭圆曲线密码体制(Elliptic Curve Cryptosystem ,ECC)是目前已知的所有公钥密码体制中能提供最高比特强度(strength-per-bit )的一种公钥加密体制。研究椭圆曲线密码算法的芯片设计有较大的研究价值和实用价值。本文在深入研究椭圆曲线加解密理论基础上,使用Verilog 硬件描述语言实现了一种ECC 加密算法,具有高速低功耗的特点。 关键词:ECC ;FPGA ;高速 中图分类号:TP309 文献标识码:A The FPGA design of ECC encryption algorithm WU Yu-hua, HUANG Yun, LI Yan-jun, OU Hai-wen (Beijing Electronic Science and Technology Institute ,Beijing 100070 China) Abstract :ECC is one of the known public crypto methods that provide the best strength-per-bit. Researching in the hardware design of ECC have much value. In this paper, we lucubrate the ECC’s theory, and implement a sort of ECC encryption algorithm, it has some advantages such as high-speed and low-exploit. Keywords :ECC; FPGA; high-speed 1 引言 1985年,Neal Koblitz 和V https://www.360docs.net/doc/1b9337622.html,ler 提出了基于椭圆曲线群上离散代数问题的公钥密码体制——椭圆曲线密码体制(简记为ECC)。ECC 与RSA 相比具有密钥更短、安全性更高的特点,通常认为163位的ECC 密钥长度能够提供相当于1024位RSA 密钥长度的安全性,571位的ECC 密钥长度能够提供相当于15360位RSA 密钥长度的安全性。ECC 是目前所有公钥密码系统中单位密钥安全性最高的密码系统。因为ECC 的密钥较短,所以运算耗费的资源较少,目前ECC 广泛应用于无线连接设备中,譬如PDA, smart cards 等等。目前,欧洲、俄罗斯、韩国和中国等都己经或打算将ECC 作为国家密码标准。 椭圆曲线密码系统的基域包括素域GF (P)和二进制域GF(n 2),在硬件实现上GF(n 2)椭圆曲线密码系统占用系统资源更少,效率更高。因此最近几年有限域GF(n 2)上基本运算的硬件实现、有限域GF(n 2)上椭圆曲线密码系统的硬件实现都得到了业内重视。相对于软件实现的椭圆曲线加密/解密体制,硬件实现可以提供更高的安全性和更快的速度。本文在深入研究椭圆曲线加解密理论基础上,使用Verilog 硬件描述语言实现了一种ECC 加密算法,并通过QuartusII5.0工具进行了编译仿真,实验结果表明其功能正确,具有高速低功耗的特点。 2 椭圆曲线算法理论 2.1 椭圆曲线数学基础 2.1.1 椭圆曲线定义 椭圆曲线E 是一个光滑的Weierstrass 方程在P(K)中的全部解(x ,y)的集合。K 为域。K 上的摄影平面P(K)是一些等价类的集合{(XY :Z)}。 22322313246:E Y Z a XYZ a YZ X a X Z a XZ a Z ++=+++ 其中曲线上唯一的一个无穷远点是(0:1:0)。这个点对应于点∞。 经过上述方程作如下转化可得: 设x =X/Z,y =Y/Z ?基金项目:国家自然科学基金资助项目(70431002);北京电子科技学院信息安全与保密重点实验室基金项目(YZDJ0509)
FPGA与SoC芯片设计中五步法CDC跨时钟域检查方法学
Advanced Verification White Paper Five Steps to Quality CDC Verification Ping Yeung Ph.D. Mentor Graphics
CDC synchronizers are used to reduce the probability of metastable signals. Taking unpredictable metastable sig- nals and creating predictable behavior, they prevent metastable values from reaching the receiving clock domain.Metastability Effects Even when proper CDC synchronizers are used for all clock-domain crossings and all CDC protocols are cor-rectly implemented, metastability inevitably leads to unpredictable cycle-level timing [4, 5]. Traditional RTL simulation does not model metastability, therefore, it cannot be used to find functional problems that may arise when metastability manifests in hardware. We are going to show two scenarios in which the cycle-level timing of RTL simulation differs from the cycle-level timing of the actual hardware in the presence of metastability.In Figure 3, the incoming CDC signal, cdc_d , violates the register setup time. Although it is sampled correctly in RTL simulation, the register is metastable and the output settles to 0. As a result, the hardware transition is delayed by one cycle. Figure 2: A two-register CDC synchronizer. Figure 4: Hold time violation: hardware transition is advanced by one cycle. Figure 3: Setup time violation: hardware transition is delayed by one cycle.
Xilinx FPGA 设计中的跨时钟域问题
浅谈XLINX FPGA设计中跨时钟域的同步设计问题 摘要 本文介绍了FPGA设计中的同步设计原则并对FPG A设计中的触发器亚稳态问题进行了阐述本文通过具体的设计实例论证了跨时钟域同步处理的必要性并介绍了一种实现跨时 钟域同步处理的方法和其具体电路 关键字 同步设计异步设计触发器亚稳态时序稳定 一同步设计的原则 尽量使用同步电路避免使用异步电路这句话是电路设计的几个原则之一同异步设计相比同步设计设计出来的电路更稳定可靠在XILINX FPGA设计中时常 有设计人员遇到如下类似的问题 设计的电路升级困难可移植性差也就是说一些原本工作正常的电路移植到高端的FPGA中就根本工作不起来了 设计的电路一致性差同一电路设计每次布线后工作的结果不同 设计的电路时序仿真正常但实际电路上却工作不起来 设计的电路极易受毛刺的干扰 通常这些类似的问题都于电路的异步设计有关 二亚稳态 图1 触发器的亚稳态示意图 对于触发器当时钟沿到来时其输入要求是稳定的这时其输出也是稳定的但假如时钟沿到来时其输入也正在变化即翻转这时触发器会瞬时进入亚稳态通 常触发器对输入信号都有一个建立时间的要求也即setup时间当这一建立时间得 不到满足时触发器也会进入瞬时亚稳态如图1 通常触发器即使进入亚稳态也会很快进入稳态但其输出值是不定的这有可能对使我们设计的FPGA模块尤其是哪些有复杂状态机的模块产生错误的逻辑对于亚稳态问题我们还应明白亚稳态问题并非指输出结果数据的不确定性而是指输出变化的时序不确定性 遵循同步设计的原则有助于解决亚稳态问题使我们设计出稳定可靠的电路模块对于单时钟系统我们可以很方便地设计出稳定易于设计及仿真的同步单一时钟系统但在电信和数据通讯领域中我们设计的系统中往往具有多个时钟往往需要将数据或时序由一个时钟域传到另一个时钟域这类设计的难点在于实现不同时钟域之间数据和时序变化的稳定可靠地传递采用经验证的设计技术可以实现跨时钟域的同步设计进而设计出可靠工作的电路 三跨时钟域的异步设计案例 本人曾经设计过如下几个模块这些模块中的几个子模块分别工作在各自的时钟域
S盒的构造及C语言实现
S盒的构造及C语言实现 在AES算法中,字节代换的设计是加密算法设计的主要部分之一.其设计不仅考虑到抗差分密码分析和线性密码分析,而且还考虑到抗代数计算的攻击,目的是保证整个密码系统的安全性.字节代换要求Nr轮的加密过程都要对状态矩阵中的字节求其在有限域GF(2。)上的乘法逆元和作GF(2)上的仿射变换,以使它的差分均匀性和线性偏差都达到最佳,这就要多次用到大运算量的非线性字节变换操作.由于在有限域GF(2。)上共有256个元素,而每个元素在特定的模运算下存在逆元,我们则可以预先通过一定的算法计算出每个元素的乘法逆元,再经相应的仿射变换后做成一个8位输入8位输出的s盒,供各轮字节代换和密钥操作的调用,从而可以缩短明文加密时间,提高整体加密效率. 2.1 有限域GF(2。)乘法逆元 算法中,状态的每一个字节的8位二进制数都可以以多项式的形式表示成有限域GF(2 )上的元 素,如,表示成多项式的形式: 要计算上的乘法,必须先确定一个上的8次不可约多项式m(x ),对于AES 密码,这个8次不可约多项式确定为: (十六进制表示为 “11B”).有限域GF(2 )上的乘法取逆可用:表示,a(x)是用多 项式表示的状态字节,为乘法取逆后的输出. 2.2 GF(2)仿射变换 仿射变换对状态字节在有限域GF(2。)上的乘法逆元进行字节变换操作,设输入字节为 ,经过仿射变换后的输出字节为,则有下面 的变换关系: 为二进制数01100011或十六进制的63.用矩阵表示的仿射变换为: 此矩阵运算,实际可以转换成字节的位运算:矩阵第一行由低位到高位二进制为:[1 0 0 0 1 1 1 1],换成16进制为:0xF1。类似的,剩下的几行可以顺次表示成:0xe3,0xc7,0x8f,0x1f,0x3e,0x7c,0xf8。这些十六进制数存放在数组b[]中。实现上述矩阵的乘法就可以转化成
跨时钟域问题
Metastability in the asynchronous clocks and Synchronizer 摘要:相较纯粹的单一时钟的同步电路设计,设计人员更多遇到的是多时钟域的异步电路设计。因此,异步电路设计在数字电路设计中的重要性不言而喻。本文主要就异步设计中涉及到的亚稳态问题,作简要介绍,并提出常用的解决办法——即同步器的使用。 关键词:异步电路设计、亚稳态、同步器。 Abstract: Compared with the pure one-clock synchronous designs,the designers more often deal with the multi-clock asychronous designs. Therefore, asynchronous circuit design is very important in the field of digital circuit design. This paper briefly describes the problematic metastability in the asynchronous designs and presents a regular solution——synchronizer. Key words: Asynchronous circuit design, Metastability, Synchronizer. 毫无疑问,单一时钟域的电路设计是数字电路中最基本的技能,其时序分析(Timing Analysis)也是最简单的。与之相对,在多时钟域中跨时钟域传输信号易出现亚稳态,加上自动时序分析工具对异步信号处理的力不从心,这些都使得多时钟域的异步设计和分析较为困难。不幸的是,现实世界是异步的。如我们常常看见的键盘输入、磁盘文件传输、UART(通用异步收发器)等等,都是异步时序的事例。 1 亚稳态(metastability) 时序电路采用触发器和锁存器作为存储单元,这两种器件都易进入亚稳态[1]。所谓亚稳态是指触发器无法在某个规定的时间段内达到一个可确认的状态。如图1所示,对任何一种触发器,在时钟触发沿前后存在一个小的时间窗口(称为判决窗口,decision window),输入信号在判决窗口内必须保持稳定,否则,触发器就会进入亚稳态,既无法预测该单元的的输出电平,也无法预测何时输出才能稳定在某个电平上。 这个判决窗口由建立时间(setup time)和保持时间(hold time)两部分组成。并且时间窗口也是多种因素的函数,包括触发器设计、实现技术、运行环境以及无缓冲输出的负载等。输入信号陡峭的边沿可以将此窗口减至最小,随着时钟频
跨时钟域问题(Clock Domain Crossing)
跨时钟域问题(Clock Domain Crossing) –同两个时钟域打交道! 引言:设计者有时候需要将处于两个不同时钟域的系统对接,由于接口处是异步(会产生setuptime 和holdtime violation,亚稳态以及不可靠的数据传输)的,因此处理起来较同步逻辑更棘手,需要寻求特殊处理来进行接口界面的设计。 任意的两个系统如果满足以下条件之一,就可称其为异步的: (1)工作在不同的时钟频率上; (2)工作频率相同,但是相位不相同; 处理跨时钟域的数据传输,有两种实现方案: (1)采用握手信号来交互 (2)以异步FIFO来实现 1.1、以握手信号交互: 假设系统A以这种方式向系统B传递数据,握手信号分别为req和ack。 握手协议: Transmitter asserts the req (request) signal, asking the receiver to accept the data on the data bus.
Receiver asserts the ack (acknowledge) signal, asserting that it has accepted the data. 这种处理跨时钟域的方式很直接,但是也最容易产生亚稳态,由于系统A发送的req信号需要系统B中的时钟去sample,而系统B发出的ack信号又需要系统A中的时钟去sample,这样两边都存在着setup time和hold time violation的问题。为了避免由于setup time和hold time vilation所造成的亚稳态,通常我们可以将异步时钟域交互的信号用local system的时钟打两级甚至三级寄存器,以此来消除亚稳态的影响。下图以系统A发送到系统B的req信号示例消除亚稳态的方法: 当然,这种处理方式是以损失传输速率为代价的,加入两到三级寄存器同步异步时钟域的信号,会有许多时钟周期浪费在了系统的“握手”。 有时候,我们也会对数据多打两拍reg来同步,但通常情况下,我们并不会采取这种方式,它不仅需要较多逻辑,而且收效甚微。通常对数据的同步是以异步FIFO来实现的。下图给出了1bit数据传输打两拍reg所做的同步,从中可以发现,与前面的握手信号处理完全一致。 1.2 结合实际工作谈谈以握手信号处理的跨时钟域问题 由于所在项目的逻辑设计相当庞大,超出了最初的预估,同时也鉴于产品化方向考虑可以单独流片,因此对整个逻辑结构进行了划分,在做FPGA原型验证的时候,将这两块逻辑分别映射到不同的器件单元中,这里暂且称它们为wrapper0和wrapper1。实践结果表明,wrapper0和wrapper1的相位需要存在180度的反相,弥补板级走线的延迟影响。
AES算法的数学理论基础分析
AES算法的数学理论基础分析 一、AES算法 随着计算机技术和通信技术的深入发展,解密技术的快速演进已经严重影响了DES 密码系统的安全性, 用户对信息的安全存储、安全处理和安全传输的需求越来越高。Rijndael 算法以它在广泛的计算环境中硬件和软件实现都能表现出的良好性能、建立密钥时间短, 灵敏性高以及能够抵抗强力攻击和时间选择攻击被NIST 不加修改的作为AES 的唯一算法。AES 是一种迭代分组加密算法。 二、AES的数学基础 1.有限域GF(28):特征为2的具有28元素的有限域 有限域中的元素表示方法: ①二进制表示法(字节表示):字节B=b7b6b5b4b3b2b1b0=01010111 ②十六进制表示法:“57” ③多项式表示法:b7x7b6x6b5x5b4x4b3x3b2x2b1x1b0x0 “57”表示为x6+x4+x2+x+1 2.字节运算:有限域GF(28)上的运算 在多项式表示中,GF(28)上两个元素的和仍然是一个次数不超过7的多项式,其系数等于两个元素对应系数的模2加(比特异或)。由于每个元素的加法逆元等于自己,所以减法和加法相同。 要计算GF(28)上的乘法,必须先确定一个GF(2) 上的8次不可约多项式;GF(28)上两个元素的乘积就是这两个多项式的模乘(以这个8次不可约多项式为模)。 在Rijndael密码中,这个8次不可约多项式确定为m(x)= x8+x4+x3+x+1十六进制表示为‘11B’。3.AES的字表示与运算 AES处理的单位是字节和字,字是4个字节构成的向量。一个字表示为系数在GF(28)上的次数小于4的多项式。 字加法:两多项式系数按位模2 加; 字乘法:设ac是两个字,a(x)和c(x)是其字多项式,乘积为a(x)c(x)mod(x4+1) 三、AES算法实现 1.加密算法过程实现 以分组长度为128bit, 密钥长度为128bit 介绍AES 算法实现。因Nb=4,Nk=4, 所以与之相应
跨时钟域信同步方法种
跨时钟域信号同步方法6种 ASIC中心 1 引言 基于FPGA的数字系统设计中大都推荐采用同步时序的设计,也就是单时钟系统。但是实际的工程中,纯粹单时钟系统设计的情况很少,特别是设计模块与外围芯片的通信中,跨时钟域的情况经常不可避免。如果对跨时钟域带来的亚稳态、采样丢失、潜在逻辑错误等等一系列问题处理不当,将导致系统无法运行。本文总结出了几种同步策略来解决跨时钟域问题。 2 异步设计中的亚稳态 触发器是FPGA设计中最常用的基本器件。触发器工作过程中存在数据的建立(setup)和保持(hold)时间。对于使用上升沿触发的触发器来说,建立时间就是在时钟上升沿到来之前,触发器数据端数据保持稳定的最小时间。而保持时间是时钟上升沿到来之后,触发器数据端数据还应该继续保持稳定的最小时间。我们把这段时间成为setup-hold时间(如图1所示)。在这个时间参数内,输入信号在时钟的上升沿是不允许发生变化的。如果输入信号在这段时间内发生了变化,输出结果将是不可知的,即亚稳态 (Metastability) 图1 一个信号在过渡到另一个时钟域时,如果仅仅用一个触发器将其锁存,那么采样的结果将可能是亚稳态。这也就是信号在跨时钟域时应该注意的问题。如图2所示。 信号dat经过一个锁存器的输出数据为a_dat。用时钟b_clk进行采样的时候,如果a_dat正好在b_clk的setup-hold时间内发生变化,此时b_ dat就既不是逻辑"1",也不是逻辑"0",而是处于中间状态。经过一段时间之后,有可能回升到高电平,也有可能降低到低电平。输出信号处于中间状态到恢复为逻辑"1"或逻辑"0"的这段时间,我们
基于ARM的SoC设计入门.
基于ARM的SoC设计入门 2005-12-27 来源:电子工程专辑阅读次数: 1033 作者:蒋燕波 我们跳过所有对ARM介绍性的描述,直接进入工程师们最关心的问题。 要设计一个基于ARM的SoC,我们首先要了解一个基于ARM的SoC的结构。图1是一个典型的SoC的结构:
图1 从图1我们可以了解这个的SoC的基本构成: ARM core:ARM966E
?AMBA 总线:AHB+APB ?外设IP(Peripheral IPs):VIC(Vector Interrupt Controller), DMA, UART, RTC, SSP, WDT ?Memory blocks:SRAM, FLASH ?模拟IP:ADC, PLL 如果公司已经决定要开始进行一个基于ARM的SoC的设计,我们将会面临一系列与这些基本构成相关的问题,在下面的篇幅中,我们尝试讨论这些问题。 1. 我们应该选择那种内核? 的确,ARM为我们提供了非常多的选择,从下面的表-1中我们可以看到各种不同ARM内核的不同特点:
表1 ARM已经给出了基本的参考意见:
?如果您在开发嵌入式实时系统,例如汽车控制、工业控制或网络应用,则应该选择Embedded core。 ?如果您在开发以应用程序为主并要使用操作系统,例如Linux, Palm OS, Symbian OS 或Windows CE等等,则应选择Application core。 ?如果您在开发象Smart card,SIM卡或者POS机一样的需要安全保密的系统,则需要选择Secure Core。 举个例子,假如今天我们需要设计的是一个VoIP电话使用的SoC,由于这个应用不需要使用到操作系统,所以我们可以考虑使用没有MMU的内核。另外由于网络协议盏对实时性的要求较高,所以我们可以考虑ARM9系列的内核。又由于VoIP有语音编解码方面的需求,所以需要有DSP功能扩展的内核,所以ARM946E-S或ARM966E-S应该是比较合适的选择。 当然,在实际工作中的问题要比这个例子要复杂的多,比如在上一个例子中,我们也可以选择ARM7TDMI内核加一个DSP的解决方案,由ARM来完成系统控制以及网络协议盏的处理,由单独的DSP来完成语音编解码的功能。我们需要对比不同方案的面积,功耗和性能等方面的优缺点。同时我们还要考虑Cache size,TCM size,实际的内核工作频率等等相关问题,所以我们需要的一个能构快速建模的工具来帮助我们决定这些问题。现在的EDA工具为我们提供了这样的可能,例如Synopsys?的CCSS(CoCentric System Studio)以及Axys?公司的Maxsim?等工具都可以帮助我们实现快速建模,并在硬件还没有实现以前就可以提供一个软件的仿真平台,让我们在这个平台上进行软硬联仿,评估我们设想的硬件是否满足需求。 2.我们应该选择那种总线结构? 在提供内核给我们的同时,ARM也提供了多种的总线结构。例如ASB,AHB,AHB lite,AXI等等,在定义使用何种总线的同时,我们还要评估到底怎样的总线频率才能满足我们的需求,而同时不会消耗过多的功耗和片上面积。这就是我们平时常说的Architecture Exploration的问题。 和上一个问题一样,这样的问题也需要我们使用快速建模的工具来帮我们作决定。通常,这些工具能为我们提供抽象级别很高的TLM(Transaction Level Models)模型来帮助我们建模,常用的IP在这些工具提供的库中都可以找到,例如各种ARM core,AHB/APB BFM(Bus Function Model),DMAC以及各种外设IP。这些工具和TLM模型提供了比RTL仿真快100~10000倍的软硬联仿性能,并提供系统的分析功能,如果系统架构不能满足需要,那么瓶颈在系统的什么地方,是否是内核速度不够?总线频率太低?Cache太小?还是中断响应开销太多?是否需要添加DMA?等等,诸如此类的问题,我们多可以在工具的帮助下解决。
跨时钟域设计问题与方法
1.1ASYNCHRONOUS INTERFACE – CDC GUIDELINE 1.1.1INTRODUCTION ASIC design is becoming more complex due to more and more IP integrated in a chip, and data is frequently transferred from one clock domain to another domain. Clock domain crossing issue becomes more and more important vector in a multi-clock, stable work chip. This document mainly introduce below topics: a. Where will occur CDC; b. What problem will occur due to CDC issue; c. How to design CDC logic correctly. 1.1.2APPLICATION AREA In a multi-clock design, clock domain crossing occurs whenever data is transferred from a flop driven by one clock to a flop driven by another clock. As it is shown in Figure 1-1, Figure 1-1 Clock domain crossing *Note: definition of terminology: Source clock: Clock A in figure 1-1 is defined as source clock; Destination clock: Clock B in figure 1-1 is defined as destination clock; Source clock domain: All the logic design whose reference clock is Clock A, like flip-flop FA in figure 1-1; Destination clock domain: All the logic design whose reference clock is Clock B, like flip-flop FB in figure 1-1; 1.1.3PROBLEM DEFINITION Meta-stability, glitch, multi-fanout and re-convergence may occur in an asynchronous design, they may cause design entering an un-anticipant state and result in function error.
SOC设计方法
SOC设计方法 时间:2011-01-13 19:02:31 来源:作者: 本文通过对集成电路IC技术发展现状的讨论和历史回顾,特别是通过对电子整机设计技术发展趋势的探讨,引入系统芯片(System on Chip,简称SOC)的定义,主要特点及其设计方法学等基本概念,并着重探讨面向SOC的新一代集成电路设计方法学的主要研究内容和发展趋势。 关键词:SOC 软硬件协同设计超深亚微米高层次综合IP核设计再利用引言 人类进入21世界面临的一个重要课题就是如何面对国民经济和社会发展信息化的挑战。以网络通信、软件和微电子为主要标志的信息产业的飞速发展既为我们提供了一个前所未有的发展机遇,也营造了一个难得的市场与产业环境。 集成电路作为电子工业乃至整个信息产业的基础得益于这一难得的机遇,呈现出快速发展的态势。以软硬件协同设计(Software/Hardware Co-Design)、具有知识产权的内核(IP核)复用和超深亚微米(Very Deep Sub-M集成电路ron,简称VDSM)技术为支撑的SOC是国际超大规模集成电路(VLSI)的发展趋势和新世纪集成电路的主流。 与此同时,集成电路设计技术的进步滞后于集成电路制造技术的进步已成为制约未来集成电路工业进一步健康发展的关键。传统的、基于标准单元库的设计方法已被证明不能胜任SOC的设计;现行的面向逻辑的集成电路设计方法在深亚微米集成电路设计中遇到了难以逾越的障碍;芯片设计涉及的领域不再局限于传统的半导体而且必须与整机系统结合;集成电路设计工程师们从来没有像今天这样迫切地需要汲取新知识,特别是有关整机系统的知识。所以尽快开展面向SOC的新一代集成电路设计方法学研究对于推动集成电路的发展是至关重要的。 回顾20世纪后半叶集成电路工业的历史,不难看出著名的MOORE(摩尔)定律一直在准确地描述着集成电路技术的发展。专家们普遍认为,在新的世纪中,这一著名定律仍将长期有效。尽管MOORE定律揭示的集成电路工艺技术的进步规律是那样的诱人,且其发展速度之高在现代社会是少有的,但是今天正在蓬勃发展的网络技术的进步相比(见图1)还是相形见绌,远远不能满足信息产业发展的要求。
跨时钟域信号同步方法6种
种6跨时钟域信号同步方法. 跨时钟域信号同步方法6种 ASIC中心 1 引言 基于FPGA的数字系统设计中大都推荐采用同步时序的设计,也就是单时钟系统。但是实际的工程中,纯粹单时钟系统设计的情况很少,特别是设计
模块与外围芯片的通信中,跨时钟域的情况经常不可避免。如果对跨时钟域带 来的亚稳态、采样丢失、潜在逻辑错误等等一系列问题处理不当,将导致系统无法运行。本文总结出了几种同步策略来解决跨时钟域问题。 2 异步设计中的亚稳态 触发器是FPGA设计中最常用的基本器件。触发器工作过程中存在数据的建立(setup)和保持(hold)时间。对于使用上升沿触发的触发器来说,建立时间就是在时钟上升沿到来之前,触发器数据端数据保持稳定的最小时间。而保持时间是时钟上升沿到来之后,触发器数据端数据还应该继续保持稳定的最小时间。我们把这段时间成为setup-hold时间(如图1所示)。在这个时间参数内,输入信号在时钟的上升沿是不允许发生变化的。如果输入信号在这段时间内发生了变化,输出结果将是不可知的,即亚稳态 (Metastability) 图1 一个信号在过渡到另一个时钟域时,如果仅仅用一个触发器将其锁存,那么
采样的结果将可能是亚稳态。这也就是信号在跨时钟域时应该注意的问题。如图2所示。 信号dat经过一个锁存器的输出数据为a_dat。用时钟b_clk进行采样的时候,如果a_dat正好在b_clk的setup-hold时间内发生变化,此时b_ dat,而是处于中间状态。经过一段时间之后,ぜ,也不是逻辑?就既不是逻辑. 有可能回升到高电平,也有可能降低到低电平。输出信号处于中间状态到恢复为逻辑?或逻辑ぜ的这段时间,我们称之为亚稳态时间。 触发器进入亚稳态的时间可以用参数MTBF(Mean Time Between Failures)来描述,MTBF即触发器采样失败的时间间隔,表示为:
FPGA_跨时钟域
跨时钟域 4.1跨时钟域处理(20160620) 时钟对于FPGA就像我们的心脏,时刻控制着“跳动”的频率以及“血液”的流速;时钟域好比通过心脏的血液血型,不同血型的血液会产生排斥作用。在设计中建议时钟越少越好,好比于人有两个甚至更多的心脏,其内脏工作将会多么混乱。 但是某些情况下多时钟又不可避免,比如从FPGA外部输入的数据,其自带有个随路时钟,数据终归要在FPGA内部时钟域下处理,这来自外部的“血液”如何处理才能与内部的“血液”融合呢?配对及转换工作则是必不可少的,这就引入本节的主题:跨时钟域处理(Clock Domain Crossing): 跨时钟域处理需要两方面的工作:1、设计者处理;2、FPGA工具(Vivado)处理。 1.设计者处理 首先讲解一下如果不进行跨时钟域处理,会出现什么问题呢?如图1所示路径,QA属于CLKA时钟域的数据输出,另一个时钟CLKB去捕获节点REG A 的输出QA,假定CLKA与CLKB是异步时钟,它们之间的相位并不固定,因此捕获过程中可能会出现建立冲突(setup violation)和保持冲突(hold violation),如图2所示,左右分别为发生建立冲突和保持冲突的情况。 图1
图2 当冲突出现时(我感觉整个人都不好了),会发生什么事情呢?在发生建立冲突或者保持冲突,捕获节点(REG B)会处于一个不定的状态,正常的状态是高电平或者低电平,而此时的状态停留在高电平和低电平的中间,无效的电平X,称这个状态为亚稳态。 如图3所示,捕获节点输出保持在亚稳态,可能在整个时钟周期内都保持在亚稳态,由于不正确的状态,其后连接的逻辑在功能实现上就会出现问题,比如一个判断信号上升沿的逻辑,通常判断D==HIGH&&D_PREV==LOW(D为信号当前电平状态,D_PREV为信号上个时钟的电平状态)是否成立,而发生亚稳态时则D_PREV==X,这个上升沿将会错过。因此,加入跨时钟域处理设计是必须的。 图3 对于单比特信号的跨时钟域处理,常用的方法是“打两拍”,即在捕获时钟域中加入两个寄存器进行时钟转换,如图4所示,加入REG B1和REG B2,虽然REG B1处于亚稳态状态。 但是REG B2的输出QB2能稳定在正常的电平上,由于REG B1和REG B2之间没有多余的逻辑,REG B1能有充裕的时间稳定状态,此情况下REG B2能完美地隐藏REG B1的亚稳态。在捕获时钟的频率比较高的情况下,如果一个REG B2还未能隐藏亚稳态,拍数也可以增加三个或者更多,当然一般情况下,两拍足矣。
异步fifo跨时钟域处理
异步FIFO结构及FPGA设计---跨时钟域设计 2008/12/17 17:17[未分类 ] 异步FIFO 结构及FPGA 设计 吴自信,张嗣忠. 单片机及嵌入式系统应用,2000 摘要:首先介绍异步FIFO的概念、应用及其结构,然后分析实现异步FIFO的难点问题及其解决办法; 在传统设计的基础上提出一种新颖的电路结构并对其进行综合仿真和FPGA实现。 1、异步FIFO介绍 在现代的集成电路芯片中,随着设计规模的不断扩大,一个系统中往往含有数个时钟。多时钟域带来的一个问题就是,如何设计异步时钟之间的接口电路。异步FIFO(First In First Out)是解决这个问题一种简便、快捷的解决方案。使用异步FIFO可以在两个不同时钟系统之间快速而方便地传输实时数据。在网络接口、图像处理等方面, 异步FIFO得到了广泛的应用。 异步FIFO是一种先进先出的电路,使用在需要产时数据接口的部分,用来存储、缓冲在两个异步时钟之间的数据传输。在异步电路中,由于时钟之间周期和相位完全独立,因而数据的丢失概率不为零。如何设计一个高可靠性、高速的异步FIFO电路便成为一个难点。本文介绍解决这一问题的一种方法。 由图1可以看出:整个系统分为两个完全独立的时钟域--读时钟域和写时间域; FIFO的存储介质为一块双端口RAM,可以同时进行读写操作。在写时钟域部分,由写地址产生逻辑产生写控制信号和写地址; 读时钟部分由读地址产生逻辑产生读控制信号和读地址。在空/满标志产生部分,由读写地址相互比较产生空/满标志。 2、异步FIFO的设计难点 设计异步FIFO有两个难点:一是如何同步异步信号,使触发器不产生亚稳态; 二是如何正确地设计空、满以及几乎满等信号的控制电路。 下面阐述解决问题的具体方法。 2.1 亚稳态问题的解决
SOC设计中多bits数据跨时钟域问题解决以及FIFO设计
SOC设计中多bits数据跨时钟域问题解决 胡昌顺1,2高嵩1吴春瑜1张文婧2 (1 辽宁大学,辽宁沈阳110036,2 北京宏思电子技术有限责任公司) 摘要:在SOC设计中,随着数字系统复杂性的提高,系统芯片中集成了越来越多的模块,这些模块通常工作在不同的时钟频率下。各控制器或者模块之间进行数据访问时,需要在不同的时钟之间进行稳定的多bits的数据传输。本文从跨时钟域时异步信号带来的亚稳态问题及其造成的影响,提出了针对不同的异步信号传输进行不同的跨时钟设计。 关键词:跨时钟域;亚稳态;同步化;握手信号;FIFO Abstract:In SOC design,digital design are increasingly sophisticated; having multiple clocks driving different circuits and circuits that must reliably communicate with each other.This paper explores the fundamentals of signal synchronization and demonstrates circuits a designer can used to handle signals that cross clock domains.It examines design methodologies for synchronizing single signals and ways of handling groups of signals including data busses that cross clock domains. Key words: Multi-clock domain; Metastability; Synchronization; handshake;FIFO 一、引言 在现实的数字系统中,单一的时钟构成的系统逻辑非常的少见。一款SOC往往由多个互不关联的时钟逻辑穿插而成,各个时钟之间的胶合逻辑和数据之间的传递是许多系统设计时必须考虑的问题,多bits数据的传输问题尤其突出。在某些设计中,多bits数据的传输甚至影响系统工作频率,如何解决多bits数据的传输变得至关重要。 二、亚稳态 当在一个时钟下对信号进行采样时,信号变化的快慢直接影响触发器对信号的判断时间,信号变化的越快,触发器花费越多的时间对信号进行判断。当信号变化的速度非常快以至于触发器无法在规定的时间内对信号进行判断采样时(建立时间或者保持时间不满足),将会出现触发器采样的失败,我们称之为这种状态为亚稳态。 图1 亚稳态的出现 当触发器进入亚稳态时,我们无法预测触发器的输出状态,也无法预测触发器何时能够进入一个稳定的状态。在这个状态中,触发器输出一些中间级电平,或者可能处于振荡状态,并且这种无用的输出电平可以沿信号通道上的各个触发器级联式传播下去,造成亚稳态的传播,使系统发生一系列的错误,甚至引起系统的崩溃。 当在不同的时钟进行数据传递时,由于无法确定输入信号跟接收时钟上升沿之间的时间关系,不能够保证接收触发器的建立-保持时间,极易造成接收端亚稳态的出现。 三、单bit数据的跨时钟域 触发器进入亚稳态的几率可以用平均无故障时间即触发器采样失败的时间间隔