# 4<sup>th</sup> INTERNATIONAL CONFERENCE ON COMPUTATIONAL AND EXPERIMENTAL SCIENCE AND ENGINEERING (ICCESEN-2017)

4-8 October 2017, ANTALYA-TURKEY

## **Structure-Preserving Modeling for Safety Critical Digital Circuits**

Feim Ridvan RASIM\*, Sebastian M. SATTLER

Chair of Reliable Circuits and Systems, LZS, Friedrich-Alexander-University Erlangen-Nuremberg, Paul-Gordan-Str. 5, 91052 Erlangen, Germany, Email: <a href="mailto:feim.rasim@fau.de,sebastian.sattler@fau.de">feim.rasim@fau.de</a>, sebastian.sattler@fau.de

#### **Abstract**

In this paper, a representative digital circuit is visualized in various ways. In all these representations, however, it should be noted that the "structurally preserving modeling and transfer" is maintained. This means that the formally derived function must consistently match the function derived from the respective representation type. Both functions must in no case have inconsistencies, since only the fault-free function is included in the circuit. Functional safety can be guaranteed by the condition of the structure-based modeling and transfer.

It is observed that in digital circuits, undefined results can occur but these must be avoided in safety critical circuits. These events have to be secured in practice by costly and expensive verification and testing. In order to deal with the problem now, the structure preserving modeling has to be understood, since this is the only way to achieve a one-purpose, qualitative and cost effective search for errors.

Keywords: digital circuit, structure, modeling, symbolic analysis, boolean function, propositional logic

### I. Introduction

In order to ensure the functional safety of circuits or systems which are regarded as critical to safety, the mutual convert of models and functions is of great importance. The inconsistency problem is omnipresent; therefore the essential claim for conformity with the formal derived function and the function derived from the real structure has a present role [1]. The directed mode of operation of a system should be represented by a circuitry, by a block view and as a function, one-to-one in the sense of the encoding can be reproduced. In safety-critical circuits it is necessary to avoid not defined results, which often occur in complex circuits. The transferability of circuits into additional and other display possibilities is therefore a necessary property to ensure the functional safety of safety-critical circuits.

In this work, a representative digital circuit is visualized in various ways. In all these representations, however, it should be noted that the "structurally preserving modeling and transfer" is maintained. This means that the formally derived function must consistently match the function derived from the respective representation type. Both functions must in no case have inconsistencies, since only the fault-free function is included in the circuit. Functional safety can be guaranteed by the *condition* of the structure-based modeling and transfer [2].

To present the application we use an AND2 circuit as a use case. First, we provide the function and block view of the AND2 circuit in a structure-faithful manner. Then visualized it in various ways like Pseudo MOS, CMOS, Domino Logic and Multiplexer (Analog Transmit). During creation of other display

possibilities, we explain the rules of the structure-based modeling and transfer. In addition, the mathematical axioms, which are based on propositional algebra, are declared. The advantage of the method is that each type of representation has a depth of accuracy, clarity and compactness. The transferability of circuits into other possibilities of representation is a necessary property to ensure the functional safety of safety critical circuits.

**Organization of the paper:** First, the theoretical foundations are briefly explained in Chapter II. They are regarded as basic knowledge in order to understand this work. Subsequently, the implementation is described in detail in chapter III and visualized by sketches and models. In the end, the results and the core outline of the work are summarized again and an outlook is given.

## II. Theoretical foundations

A. Structural changeover and modeling

Structurally-faithful modeling unites function and structure oneby-one in the sense of a monomorphism injective - that is, the structure has at most one solution (this is the function) - and of a epimorphism surjective - that is, the function has at least one solution (that is the structure). Such a mapping enables a one-toone (local-bijective) and understandable description of a generating system. During transferring into various presentation possibilities the structurally-faithful modeling has a significant role. It is extraordinary important that the formally derived (modeled) function coincide with the function generated by the real structure. Consequently the function has to correspond to reality and shall not exhibit any inconsistencies. Only in this way the functionality of a circuit can be ensured. Structurally-faithfull therefore means that the relation to reality must never be lost during modeling. During the transfer, it is also important that the function generated from the real structure consistently match the function derived from the signal flow graph or any other type of presentation. In addition, there is a structure-based transfer only in the absence of inconsistencies. A transfer of the circuit into a function or block view must also be structurally-faithfull. Thus the function derived from the block view must correspond to the same function derived from the generated circuit [2].

#### B. Positive logic

In the positive logic the symbol "1" stands for a successful event. Unsuccessful events are called undefined. Positive logic is an event that occurs just as it is expected. This means that if a negative event is expected and it occurs, this event is considered successful. This also applies analogously to a positively expected event. If a positive event is expected and it occurs, then this event is also successful. In the positive logic, therefore, only the "1" exists as a value [3].

#### C. Boolean algebra

The switching algebra (boolean algebra) is based on decisions and comparisons, so it can explain and visualize logical links very well. Successful results are represented by a "1", unsuccessful results by a "0". These two symbols are complementary to one another. At any time, each pin must be occupied, because only then is the system a total system and can be calculated by the switching algebra. The switching algebra is not sufficient for a detailed representation of a circuit. However, it is suitable for the functional description without restrictions to the general [4].

### D. Propositional logic

The propositional logic comes from the formal logic and can be continued into the switching algebra without restrictions to the general. It describes the relationships between statements. Statements can be seen partially in the propositional logic. This means that there should be only one unary statement. The following example is intended to illustrate the propositional logic: The statement  $Y = (A \land B) \lor C$  contains two statements and is nevertheless unary, regardless whether Y is equal to a positive literal or a negative literal . The following statement contains only one statement and is also unary  $Y = A \land B$ . Thus, a statement is always true, only its content can be interpreted as "false" or "true". The logical sign for a true statement is "w" or " $\bar{f}$ " [5], [6].

## III. Implementation

In this chapter, a AND2 is considered at the transistor level in NMOS technology in Fig. 1. The circuit is indicated from the transistor level into the block view and function in a structured manner. It should be noted that the circuit, that is the circuit at transistor level, is described at the block view in propositional

logic. Subsequently, the circuit is converted into various possibilities like pseudo MOS, CMOS, domino logic and dual rail domino logic. With all these possibilities of representation, it should be noted that the respective derived function must not have any inconsistencies that means, the formally derived function must agree with a function generated from a real structure. Fig. 1 shows a AND2 at transistor level. It is a circuit with two inputs and an output (*OUT*) between which the logical link "AND" exists. A AND2 outputs "1" at the output when both inputs are assigned a "1".

This means that if one of the two inputs is assigned a "0", the output creates a "0".



Figure 1: AND2 at transistor level

In the first step subcircuits are described as concrete mathematical functions. The nodes OUT (pin OUT) and  $\overline{OUT}$  (pin  $\overline{OUT}$ ) are expressed functionally: The switch bevore  $\overline{OUT}$  "switches" the last part of the circuit (Formula 1).

$$\overline{OUT} = A \wedge B \qquad OUT = \neg \overline{OUT} = A \wedge B \qquad (1)$$

In the second step is now the AND2 transferred to the block view. Important is, that during all steps inconsistencies must not occur. In Fig. 2, the AND2 is now displayed in propositional logic at block view. The analysis of a circuit at the transistor level is more detailed than viewing in block view, since the representation as block is a "concrete model" which allows a simplified and clear view of the circuitry. The transfer of a structure at the transistor level into a structure in block view is therefore often called an abstraction and serves to increase the clarity and simplify the understanding of the structure. Nevertheless, from propositional logic and category point of view transistor level is the abstraction (parent) of the block view (child). Indeed, it means that block view is a concretization from transistor level.



Figure 2: Block view of the AND2 circuit

The block view shows the concreteness of the output circuit (Fig. 2). As described above, it was transferred from the transistor level to the block view in a structure preserving manner. The functions derived at the transistor level and the functions derived at the block view must be identical, this means the function of the circuit must not be changed by the transfer. Only then is the transfer a structurally-faithful one. The block view can be viewed as a model view. It serves to increase clarity as well as contribute to an understanding of the circuit.

#### A. Transfer to a pseudo MOS

The AND2 circuit is now transfered to a Pseudo NMOS AND2 circuit. For the transfer to Pseudo MOS, the resistors at the pull-up (PU) was replaced bei a PMOS transistor. And the gate of PMOS transistor is connected to ground so that the transistor is always on. This device is able to pull the output to  $V_{\rm DD}$  when the NMOS transistor is off.



Figure 3: AND2 circuit (psuodo NMOS)

The block view and the function remain the same as by the real AND2 circuit (Formula 2, Figure 4).

$$\overline{OUT} = A \wedge B \qquad OUT = \neg \overline{OUT} = A \wedge B \qquad (2)$$

$$A \longrightarrow A \longrightarrow A \longrightarrow OUT$$

$$B \longrightarrow OUT$$

Figure 4: Block view of the AND2 circuit (Pseudo NMOS)

## B. Transfer to a CMOS

The AND2 circuit is now transfered to a CMOS AND2 circuit. CMOS devices are comprised of PMOS and NMOS transistors. The AND2 circuit consists now of a NAND2 and an inverter. For the transfer to CMOS, the resistors at the pull-up (PU) were replaced by PMOS transistors. And the gate of the PMOS transistors are connected to primary inputs A and B of the NAND2 circuit .

The nodes OUT (pin OUT ) and  $\overline{OUT}$  (pin  $\overline{OUT}$ ) are expressed functionally:

The switch bevore  $\overline{OUT}$  "switches" the last part of the circuit (Formula 3).



Figure 5: AND2 circuit (CMOS)

$$\overline{OUT} = A \wedge B \qquad OUT = \neg \overline{OUT} = A \wedge B \qquad (3)$$

Now the AND2 transferred to the block view. In Fig. 6, the AND2 CMOS is now displayed in propositional logic at block view.



Figure 6: Block view of the AND2 circuit (CMOS)

The block view and the function again remain the same as by the real AND2 circuit.

#### C. Transfer to a domino logic



Figure 7: General structure of a dynamic gate

In the Figure 7, the general structure of a dynamic gate is shown. Dynamic gate plus inverter give us the domino logic. To create the AND2 in domino logic, the desired function  $\overline{\textit{OUT}}$  (pin  $\overline{\textit{OUT}}$ ) is implemented in the NMOS complex of a dynamic gate. Transistors Mp and MN are the precharge and evaluate transistors, respectively.



Figure 8: AND2 circuit (domino logic)

The nodes OUT (pin OUT) and  $\overline{OUT}$  (pin  $\overline{OUT}$ ) are expressed functionally: The switch bevore  $\overline{OUT}$  "switches" the last part of the circuit (Formula 4).

$$\overline{OUT} = A \wedge B \qquad OUT = \neg \overline{OUT} = A \wedge B \qquad (4)$$

Now the AND2 transferred to the block view. In Fig. 9, the AND2 CMOS is now displayed in propositional logic at block view.



Figure 9: Block view of the AND2 circuit (domino logic)

#### D. Transfer to a MUX (Multiplexer) (Analog Transmit)

| $\boldsymbol{A}$ | B | $OUT = A \wedge B$ |
|------------------|---|--------------------|
| 0                | 0 | 0                  |
| 0                | 1 | 0                  |
| 1                | 0 | 0                  |
| 1                | 1 | 1                  |

Table 1: Truth table of AND2



Figure 10: AND2 circuit (MUX)

The AND2 circuit is now transferred to a MUX circuit. Table 1 was used for this purpose. From the table 1 it can be seen that to get a 1, both A and B must be assigned with 1. These switches are connected in series with the  $V_{\rm DD}$ . To get a 0, either A or B with 0 must be assigned. These switches are connected in parallel with the  $\overline{\rm GND}$ . Then the control parameters were determined from the table 1. Then the MUX circuit was created. The nodes OUT (pin OUT) and  $\overline{OUT}$  (pin  $\overline{OUT}$ ) are expressed functionally (Formula 5).

$$\overline{OUT} = \overline{A} \vee \overline{B} \qquad OUT = A \wedge B \qquad (5)$$

Now in Fig. 11, the AND2 MUX is displayed in propositional logic at block view.



Figure 11: Block view of the AND2 circuit (MUX)

## **IV. Conclusion**

The transferability of circuits into other possibilities of representation is a necessary property to ensure the functional safety of safety critical circuits. In this work an output circuit has been visualized in various display possibilities. Each type of presentation has its advantages and disadvantages. Moreover, each type of representation has a depth of accuracy, clarity and compactness. However, all of these representations are common in that their "structurally-faithful modeling and transition" must be preserved. This means that a formally derived function has to match consistently with the function derived from the respective representation type. Both functions must in no case have inconsistencies, because only then the fault-free function of the circuit can be maintained.

## References

- G. Uygur, S. M. Sattler: Structure Preserving Modeling for Safety Critical Systems. Mixed-Signal Testing Workshop (IMSTW), 2015
- [2] F. Rasim, C. Kocar, S. M. Sattler: Structure Preserving Modeling of Safety-Critical Combinational Circuits, (DDECS), 2017, 04-08 October, Dresden, Deutschland
- [3] C. Basaran, M.Sc. Thesis, Institute for Reliable Circuits and Systems, Friedrich-Alexander-University Erlangen-Nürnberg, Germany, 2017
- [4] Whitesitt, J. E.: Boolesche Algebra und Ihre Anwendungen. Friedr. Vieweg + Sohn GmbH, Braunschweig, Germany, 1969
- [5] Ch. Posthoff, D. Bochmann and K. Haubold: Diskrete Mathematik. BSB Teubner, Leipzig, DDR, 1986
- [6] Posthoff Ch., Steinbach B.: Logic Functions and Equations. Springer. 2004