The Community for Technology Leaders
Green Image
The development of the Fail-Stop Controller AE11 aimed at the replacement of the classic safety structure, using two identical controllers, by a single controller with various online fault detection measures. Target applications are high-volume products like automotive and railway safety electronics. For these applications the reduction of chip area related costs without reducing the degree of safety is an important task. A short reaction time to occurring faults is needed, too. These requirements lead to the use of a combination of Concurrent Checking, Built-In Self-Test and Built-In Current-Monitoring (IDDQ-Test) which give the controller the so called "fail-stop" property. On-chip measurement of the quiescent current (IDDQ) of the logic circuitry provides a way of detecting a class of hardware faults that cause an abnormal leakage current and is achieved by inserting current monitoring cells in the power supply lines of the (appropriately partitioned) functional logic of the module. On the other hand Concurrent Checking is an indispensable part of the test concept at least for such components which contain vital information within the application (e.g. ALU registers and RAM). To incorporate all these on-chip fault detection measures the standard cell based design flow had to be considerably extended. This paper outlines the design of an appropriate current monitor cell as well as the methodologies and in-house tools supplementing a modern standard design flow to constitute a consistent and robust design environment for this controller.

M. Meerwein, E. Böhl and T. Lindenkreuz, "On-Chip IDDQ Testing in the AE11 Fail-Stop Controller," in IEEE Design & Test of Computers, vol. 15, no. , pp. 57-65, 1998.
96 ms
(Ver 3.3 (11022016))