2. The details like terms, references, abbreviations, definitions, as well as inputs for failure rates based on the target technology are listed in a template.
3. Since the Ethernet IP block is too large to analyze, it is broken down into several block subsets – Media Access Control (MAC), memory controller, Direct Memory Access (DMA), AMBA interface – for simpler testing. However, even at this level, the Ethernet IP block is too large and needs to be broken down further for a closer look inside each block. Ultimately, the Ethernet IP is broken down into 36 different blocks.
4. Each block is then mapped into a template which includes names of blocks, descriptions, locations, etc.
5. Synthesis results are then mapped into the template to calculate the failure rate for each of the 36 blocks based on the International Electrotechnical Commission (IEC) TR 62380 standard.
6. Each of the 36 blocks has associated group of signals for clocking, programming, etc., which are broken down into different categories like clock and rest, programming controls, packet data controls, packet data and packet status. The signals are analyzed using a percentage approach based on the number of signals. The percentage approach is used because the area/gate count is relatively small and the Ethernet design is a datapath-centric design, meaning the data flows through the design in a predictable manor and thus the number of I/O signals is more of a contributing factor than the slight area differences. The percentage approach is approved by the SGS-TÜV, which is critical in the certification process.
7. Each sub-block is tested using the safety goal violations as a guide to determine if a violation can occur. This manual step enables us to look through the circuits, run analysis and simulation, analyze the blocks that failed, etc. The possible failures are then documented.
8. The safety goal violations are then mapped across the faults in the template. Across each block, one of three error conditions must be applied – single point fault, multi-point fault, safe – and in any case where there is error, an associated diagnostic test is created. For example, the designer may create a diagnostic test to understand the number of cycles required to assess a failure. Table 2 shows this section of the template for fault analysis.