white paper

Systematic Methodology to Solve Reset Challenges in Automotive SoCs

A hierarchical solution with distinct accuracy, capacity and reporting advantages over previous methodologies.

Modern automotive SoCs typically contain multiple asynchronous reset signals to ensure systematic functional recovery from unexpected situations and faults. This complex reset architecture leads to a new set of problems such as possible reset domain crossing (RDC) issues. The conventional clock domain and CDC verification methodologies cannot identify such critical bugs. In this paper, we present a systematic methodology to identify and solve critical RDC bugs in automotive SoCs.

Techniques to address RDC issues

There are multiple ways to solve RDC issues such as the use of synchronizers (2-DFF, shift register synchronizer, pulse synchronizer) in RDC paths, reset sequencing and isolation strategies. Prominent techniques employed by automotive designers are:

A – Reset sequencing

The methodology involves ensuring that the asynchronous reset signal in the receiver’s domain is always asserted before the asynchronous reset in the transmitter’s domain. If the receiver’s domain flop is reset before the asynchronous event in the transmitter’s domain, metastability cannot propagate in the design as shown in figure 3 and figure 4.

B – Isolation techniques

In this technique, the designer blocks one of the input of the receiving domain before the occurrence of an asynchronous event in the transmitter domain. This is done by generating a gating signal in the receiving domain that isolates the receiving registers before the transmitting domain is asserted. Isolation can happen through clock path or data path and subsequently termed as:

Clock gating isolation (as shown in figure 5 and 6)
Data Isolation

Techniques to address RDC issues

A – Reset sequencing

B – Isolation techniques

Share