トップPDF J151 e JETTA 2010 4 最近の更新履歴 Hideo Fujiwara J151 e JETTA 2010 4

To increase the testability of the complete design and to ease RT-level test generation, various DFT methods at RT-level have also been proposed. The most com- mon methods are based on full-scan or partial scan. However, a scan-based DFT technique leads to long test application time and it is less useful for at-speed testing. On the other hand, non-scan DFT technique [ 6 , 9 , 13 , 14 , 30 , 37 ] offer low test application time and they facilitate at-speed testing. In [ 6 ], non-scan DFT techniques are proposed to increase the testability of RT-level designs. In [ 30 ], the authors presented a method called orthogonal scan. It uses functional data- path flow for test data, instead of traditional scan-path flow; therefore, it reduces test application time. In [ 13 ], a technique was proposed to improve the hierarchical testability of the data path, which can aid hierarchi- cal test generation. In [ 14 ], the authors presented a DFT technique for extracting functional control- and data-flow information from RT-level description and illustrated its use in design for hierarchical testability. This method has low overhead and it leads to shorter test generation time, up to 2–4 orders of magnitude less than traditional sequential test generation due to the use of symbolic test generation. In [ 37 ], the au- thors presented a method based on strong testability, which exploits the inherent characteristic of datapaths to guarantee the existence of test plans (sequences of control signals) for each hardware element in the datapath. Compared to the full-scan technique, this method can facilitate at-speed testing and reduce test application time. However, it introduces hardware and delay overhead. To reduce overhead, the authors pro- posed a linear-depth time-bounded testability-based DFT method in [ 9 ]. It ensures the existence of a linear- depth time expansion for any testable fault and exper- iments showed that it offers lower hardware overhead than the method in [ 37 ].

[5] J. Lee, M. Tehranipoor, C. Patel, and J. Plusquellic, “Securing de- signs against scan-based side-channel attacks,” IEEE Trans. De- pendable and Secure Computing, vol.4, no.4, pp.325–336, 2007. [6] S. Paul, R.S. Chakraborty, and S. Bhunia, “VIm-Scan: A low over- head scan design approach for protection of secret key in scan-based secure chips,” Proc. 25th IEEE VLSI Test Symposium, pp.455–460, 2007.

The security of [ 1 , 5 , 9 , 11 ] rely on authentication mechanisms ([ 5 ] does not explicitly mention an au- thentication mechanism, but the proposed scan chain scrambling is used when some authentication fails.) Therefore, the circuits are secure against scan-based side-channel attacks as long as the authentication keys are well protected. Other works [ 4 , 13 ] and our pro- posed method do not need any authentication, and they provide special test modes to prevent secret informa- tion from leakage instead. Therefore, the circuits are secure against scan-based side-channel attacks as long as the test controllers can work well. In the work [ 4 ], JTAG test controller is augmented so that it resets all FFs before scan operation to eliminate secret informa- tion from FFs, and the function of the reset operation is checked online. However, verifying all the FFs is impractical since it needs large area overhead. In the work [ 11 ] and our proposed method, testing of the test controllers is discussed. Therefore, the security of the circuits are guaranteed.

Fig. 7 Heuristic of graph division. nection. Our proposed algorithm repeats the division process from a 0-partition, that is, only one block that includes all the memories, to obtain the target partition. As the algo- rithm divides the block, S total increases. To reduce S total, we use the following heuristics. As shown in Fig. 7, we intro- duce the weight of an edge that represents the sum of the reduced bit with the data generator and response analyzers resulting from the connection. M1–M5 are the same set of memories that were denoted in Fig. 4. For example, M1 and M2 have 32-bit data inputs and outputs. If these memories are connected using serial connection, we can reduce the 32-bit data generator and 32-bit response analyzer. So the weight of the edge {M1, M2} in the s-compatibility graph is calculated as 32 + 32 = 64. To ensure that the area is reduced as much as possible, the min-cut method [3], [4] is used. The following strategies are also used to decide the compatibility of each block of the partition. Serial connec- tion reduces the area more than parallel connection, and it also consumes less power. Therefore, it is possible that giv- ing priority to serial connection reduces S total . Based on this prospect, the proposed algorithm searches for the partition that minimizes S total using only s-compatibility in the first search.

[3] B. Yang, K. Wu, and R. Karri. "Scan based side channel attack on dedicated hardware implementations of data encryption standard." International Test Conference 2004, pp. 339–344, 2004. [4] B. Yang, K. Wu, and R. Karri. "Secure scan: A design-for-test architecture for crypto chips." IEEE Trans. on Computer-Aided Design of Integrated Circuits and Systems, Vol. 25, No.10, pp. 2287–2293, Oct. 2006 ．

E-mail: {ohtake, hiroshi-i, fujiwara}@is.naist.jp Abstract—This paper proposes a new synthesis method for propagating information of paths from register transfer level (RTL) to gate level. The method enables false path identification at RTL without not only enforcing strong constraints on logic synthesis but also loss of the information about false paths identified. Experiments show that the proposed method can reduce hardware and timing overhead and improve propagability of false path information through logic synthesis compared with the previous methods.

近 の 並 列 計 算に お い て 重 要と され て い る 通 信コ スト を ，同 期 周 期 L，通信路帯域幅の 逆数 g，パケット サ イズ B といったパラ メータに より 表すことを 可能にし たモデ ル であ る．本論文では ，デ ータ数 n の選 択 問題に 対し ， p 個のプ ロセッサを 用いて BSP モデル上で任意の整数 d (1 < = d < = log n) に対し 内部計算時間 O( n

In Table 5, Columns 3 and 4 denote the system-level cost and the corresponding test time of [3] for each TAM width in the above two scenarios. Columns 5 and 6 denote the system-level cost and the corresponding test time for the proposed method when the value in Column 3 is used as the system-level cost constraint. First of all, remind that our proposed method does not consider test scheduling prob- lem and the test time is calculated assuming the serial test schedule while the dedicated TAMs in [3] were designed to minimize test time. Even though the proposed method does not consider the test time optimization, it can reduce the test time up to 20% and 45% in Scenario1 and Scenario2, re- spectively, for the case with 8-bit TAM. Even in case of 16-bit TAM, the propose method incurs only 6 to 7% test time overhead. This shows the potential of the proposed method for test time optimization, and by considering the test scheduling problem in our proposed test framework, we will further reduce the test time while keeping the advantage of low cost TAM design.

Science City, 630-0192 Japan. *{norlina,ooichiayee,zuri}@fke.utm.my, +fujiwara@is.naist.jp ABSTRACT This paper introduces a new class of assignment decision diagrams (ADD) called thru-testable ADDs based on a testability property called thru function. The thru-testable ADDs is an easily-testable set of thru functions that allows data transfer from its input to its output. We also define a design-for-testability (DFT) method to augment a given ADD with thru functions so that the ADD becomes thru-testable. We compare the circuits modified using our proposed method with the original circuits and partial scan designed circuits in terms of fault efficiency, area overhead, test generation time and test application time. Since the proposed DFT method is introduced at a high level, which deals with less number of gates, the information of thru functions can be extracted more easily. As a result, it lowers the area overhead compared to partial scan.

enumerated, where s is an integer and is initially 0. Since the number of modules in a circuit at RTL is very small, it is conceivable that the time required for obtaining the set of the minimum sub RTL paths is very short. This will be eval- uated in the experimental results. The signal line mapping in step 2 is described in the next subsection. We assume that at most one gate level net is functionally equivalent to a bit- sliced RTL signal line for simplifying the algorithm descrip- tion. In our experiments reported in Sect. 5, we did not face a case where more than one gate level net is mapped. How- ever, we can handle multiple nets by taking into account all the paths that go through the nets. In steps 3 and 4, not all gate level paths need to be listed; it is not practical. Instead, paths are represented just by specifying nets,  e G i j

In consideration of these tests, a fault-independent one- pattern test generation method and a fault-independent two- pattern test generation method that enable complete logical fault testing and timing fault testing have been proposed [7], [8]. However, when the number of state transitions in- creases, the test length drastically increases. It is necessary to detect a specified fault model (e.g. stuck-at fault) com- pletely and to detect main fault models such as bridging fault, transition fault, and path delay fault as much as pos- sible for state-observable FSMs. An n-detection test gen- eration method (FSOD) used to increase the fault sensiti- zation coverage [9] comparatively detected many bridging faults and transition faults.

るための十分条件を示し たが ，この十分条件での故障 検出率を実験的に 評価する．実験には ，ワークステー ションとし て Sun Blade 1000 を用い，テ スト 生成に は TestGen （ Synopsys ）を 用いた ．対象と す る 回 路 は ， DP4 及び ISB-RISC である． DP4 は四つのベン チマーク回路 Tseng ， 4thIIR ， LWF ， JWF を図 6 の ように 接続し た回路を， ISB-RISC は RISC のデ ータ パス部を ，それぞれ 核回路が 内部切換平衡構造となる

C に 対 し て v 1 , v 2  を 印 加 し た と き ， g i に 対 し て g i (v 2 ) = ncv(f i ) が成立するとき，その g i をノンロ バストパス外入力と呼ぶ． ✷ ［定義 4 ］ （ ノ ン ロ バ スト テ ス ト 可 能な パ ス 遅 延 故障 ） 組 合 せ 回 路 の パ ス 遅 延 故 障 P ↑ (P ↓) に 対 し て ， 2 パ タ ー ン テ ス ト v 1 , v 2  が 存 在 し ，す べ て の パ ス 外 入力がノンロバストパス外入力の条件を満たすとき，

完全スキャン設計法での問題点を解消する手法とし て強可検査性に基づくテスト容易化設計法 [4] や固定 制御可検査性に基づくテスト容易化設計法 [5] がある． これらの手法では，データパスの強可検査性を利用し ている．強可検査性とは，すべての回路要素に対して， 任意の値の印加・観測を可能とするテストプラン（制 御入力の時系列）の存在を保証する性質である．強可 検査性を満たすために，レジスタへのホールド機能の 付加を行い，すべての演算回路にスルー機能をもたせ る．スルー機能は，回路要素の入力に印加した値を変 化させることなく回路要素の出力へ伝搬させる機能で ある．これにより，各回路要素ごとにテストプランを 用いて，各回路要素に対するテスト系列の印加と観測 を行うことでデータパス全体に対して完全故障検出効 率を達成可能である．これらの手法では，実動作速度 でのテストが可能であり，完全スキャン設計と比較し て面積オーバヘッドの削減が可能となっている．しか し，すべての演算モジュールにスルー機能をもたせず とも任意の値が伝搬できる回路要素が存在する．また， 完全故障検出効率を達成するためには，すべての回路 要素に対して任意の値を伝搬する必要はなく，外部入 力から正当化可能なすべての値の集合（値域）の任意

“Economic Theories of Middle Management: Monitoring, Communication, and the Middle Man- ager’s Dilemma,” Japan Labor Review Vol.7, No,4 (2010), 5–22 (with Fumitoshi Moriya). “Complementarities among Authority, Accountability, and Monitoring: Evidence from Japanese Business Groups,” Journal of the Japanese and International Economies 22 (2008): 207-228 (with Tatsuya Kikutani and Osamu Hayashida).

図 4 ∆ z < 0 のケース xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

ス ト パ タ ー ン を 利 用 し て テ ス ト プ ロ グ ラ ム を 合 成 す る．本論文では，モジュールとして ALU などの組合 せモジュール，及びコントローラなどの順序モジュー ルを考える．モジュール単体に対するテストパターン （順序モジュールの場合はテスト系列）及びテスト応答 は，命令列を用いて正当化及び観測する．よって，モ ジュール単体へテストパターンとして用いることがで きる値，テスト応答として観測できる値には制約があ る．一般に，モジュール単体への入出力に関する制約 を正確に求めるのは困難な問題である．制約が正確で ない場合，モジュールに対して生成したテストパター ンがテストプログラムに変換できない場合がある．こ の場合，テストプログラムが存在しない故障，すなわ ち，命令レベル自己テストの下で冗長である故障にモ ジュール単体へのテストパターンを求めてしまうだけ でなく，実際には検出可能である故障に対してテスト プログラムに変換できないテストパターンを求めてし まい故障検出効率が低下するなどの問題が生じる．

 この定義のポイントは、「相互利用性」にありま す。データをオープンに公開し相互利用性を高める ことで、さまざまなデータセットを組み合わせるこ とが可能となるからです。データセットを公開する ことで、その組織がもともと目的としていた利用用 途以外の価値が生まれたり、新たなイノベーション が生まれることがオープンデータの狙いと言っても いいでしょう。政府や自治体がデータプラット フォームになり、民間や大学がそのデータを使って より良いアプリケーションを作るというわけです。  ワールド・ワイド・ウェブ（WWW）の生みの親で あるティム・バーナーズ＝リーは、2009年のTED で、「生のデータを今すぐに」という呼びかけを政府 や科学者などに行い、翌年の2010年には、「オープ ンデータとマッシュアップで変わる世界 注2 」という

Delete po from PO if the path list P(po) has been empty.[r]

早く公開し、更新を続ける  製品がユーザに受け入れられ、要求を満足させて いるかどうかは、公開してユーザの反応を見てみる までわかりません。今回の原発事故に関しては、正 確な状況の把握ができないにもかかわらず迅速に届 けることが求められていました。そのために、でき るだけ早く開発してユーザからの意見を得て、更新 を続けてゆくというプロセスを採用しました。  実際に施した工夫としては、ユーザからのフィー ドバックを得やすくするために筆者の連絡先を公開 し、アプリケーションにはメール送信のボタンを備 えました。変化する状況への対応やユーザの要望に 応えるために、これまでに50回以上の更新を行っ てきました。ユーザから寄せられた要望には次のよ うなものがありました。