=Paper=
{{Paper
|id=Vol-2608/paper24
|storemode=property
|title=A method of hidden faults opposition for FPGA-based components of safety-related systems
|pdfUrl=https://ceur-ws.org/Vol-2608/paper24.pdf
|volume=Vol-2608
|authors=Oleksandr Drozd,Vitaliy Romankevich,Alexei Romankevich,Mykola Kuznietsov,Myroslav Drozd
|dblpUrl=https://dblp.org/rec/conf/cmis/DrozdRRKD20
}}
==A method of hidden faults opposition for FPGA-based components of safety-related systems==
https://ceur-ws.org/Vol-2608/paper24.pdf
A Method of Hidden Faults Opposition for FPGA-Based
Components of Safety-Related Systems
Oleksandr Drozd1[0000-0003-2191-6758], Vitaliy Romankevich2[0000-0003-4696-5935],
Alexei Romankevich3[0000-0001-5634-8469], Mykola Kuznietsov4[0000-0002-3043-5924],
Myroslav Drozd5[0000-0003-0770-6295]
1,4,5
Odessa National Polytechnic University, Ave. Shevchenko 1,
65044, Odessa, Ukraine
2,3
National Technical University of Ukraine “Igor Sikorsky Kyiv
Polytechnic Institute”, Victory avenue, 37, Kyiv, Ukraine
1
drozd@ukr.net, 2,3romankev@scs.kpi.ua,
4
koliaodessa@ukr.net, 5myroslav.drozd@opu.ua
Abstract. The paper is devoted to the problem of hidden faults, which is inher-
ent in safety-related systems aimed at ensuring the functional safety of high-risk
facilities to counter accidents. The problem of hidden faults is considered from
the perspective of a resource-based approach as a problem of growth from a
lower level of replication to the next level of diversification in the development
of models, methods and means. Computer systems in critical applications have
risen to the level of diversification in the division of the operating mode into
normal and emergency, in the input data and structurally functional checkabil-
ity, which for digital components have become different in these modes. Digital
components continue to be traditionally stamped based on matrix structures that
reflect the level of replication. The lag of the components from the development
of the system creates a problem of hidden faults which can be accumulated dur-
ing the normal mode and reduce the fault tolerance of the components and the
functional safety of the system in emergency mode. We propose a method of
counteracting hidden faults by raising components to the level of diversification
in the promising field of FPGA designing. The proposed method uses the natu-
ral version redundancy inherent in the program code of the FPGA projects with
LUT-oriented architecture. The method generates and selects versions of the
program code, reducing many hidden faults of short circuits between neighbor-
ing inputs of LUT units. Possible hidden faults are eliminated by increasing the
checkability of the FPGA project in normal mode and the trustworthiness of the
results calculated in emergency mode.
Keywords: safety-related system, digital component, FPGA project, LUT unit,
program code, hidden fault, resource-based approach, growth problem, check-
ability, trustworthiness, version redundancy
Copyright © 2020 for this paper by its authors. Use permitted under Creative
Commons License Attribution 4.0 International (CC BY 4.0).
�1 Introduction and Related Works
The most important direction in the development of information technologies is their
improvement in the field of critical applications. This area, which is exceptional in
nature, has already acquired a scale commensurate with the living space of mankind.
Power grids and power plants, high-speed ground and air transport, hazardous chemi-
cal production, space technology and weapons are high-risk facilities [1, 2].
Risk assessment includes two factors related to the probability of an accident and
the cost of its consequences. The factor of emergency consequences has a tendency of
constant growth, which is caused by development of objects of high risk in the direc-
tion of their complication and increase of capacity, as well as increase of their num-
ber, density of location and proximity to densely populated areas [3, 4].
Only reducing the probability of accidents can counteract the growth of this factor.
This mission is devoted to information technology implemented in safety-related
systems, which, according to international standards, are aimed at "ensuring func-
tional safety of both the system and the control object for preventing accidents and
reducing the consequences if they occur" [5, 6].
The challenge in achieving functional safety “is to design the system in such a way
as to prevent dangerous failures or to control them when they arise” [7]. This provi-
sion automatically includes hidden faults in the concept of "dangerous failures", as
they pose a problem of their control for safety-related systems and their components
[8, 9].
The fault control function is related to the development of the concept of check-
ability. At an early stage, this concept is known as testability or structural checkability
of the digital circuit, characterizing it from the point of view of simplicity in the de-
velopment of tests for fault detection [10, 11].
The structural nature of testability is due to the fact that it is completely determined
by the structure of the digital circuit. The next stage in the development of checkabil-
ity is related to on-line testing of digital circuits [12, 13], where checkability also
shows dependence on input data, which characterizes it as structurally functional. The
definition of self-testing circuits formulated in the theory of designing the totally self-
checking circuits is known [14, 15]. Self-testing circuits are evaluated in checkability
taking into account input data [16, 17].
Safety-related systems make a significant contribution to the development of the
concept of checkability of the digital components by diversifying the operating mode
into normal and emergency. Inputs are also included in the diversification process and
become different in these modes. Then the structurally functional checkability of the
digital circuit is converted into a double-mode, which differs in normal and emer-
gency operation due to different input data. Such development of checkability con-
verts harmless hidden faults of conventional computers working only in one operating
mode, into dangerous ones. Indeed, a fault hidden throughout the operating mode will
have no effect on the functionality of a regular computer. A hidden fault becomes a
problem for safety-related systems because such faults can be accumulated in normal
mode without causing errors under conditions of insufficient structurally functional
checkability of the circuit, i.e. lack of necessary input data. In the emergency mode,
the checkability is enriched with new input data and creates conditions for the mani-
festation of accumulated faults in the form of errors [18, 19].
� The problem of hidden faults has a long history known from unsuccessful attempts
to detect these faults using imitation modes aimed at recreating emergency conditions.
The activation of such modes often provides for the shutdown of emergency protec-
tions, which has become one of the causes of the Chernobyl disaster.
In addition, history knows many examples of emergency consequences as a re-
sult of unauthorized activation of imitation modes because of human factor or due
to the resulting fault [20, 21].
The presence of imitation modes creating a real danger to functional safety can
be explained by two reasons:
the high significance attached to hidden faults, which are feared more than
emergency conditions created by imitation mode;
lack of confidence in the fault tolerance of the solutions used, on which
functional safety of critical systems and control objects is built [22-24].
The resource-based approach, which explores the integration of the artificial
world created by human into the natural one, refers to the problem of hidden faults
as a growth challenge. This approach identifies three levels in the development of
models, methods and means: replication, diversification and self-sufficiency as a
development goal. It shows the transition of safety-related systems to diversifica-
tion and the backlog of their components, which continue to be stamped at a lower
level of replication using matrix structures. Such classification of the problem of
hidden faults determines the ways of its solution by raising the components to the
system level [25, 26].
One of the most important directions in the development of digital components
for critical systems is associated with FPGA designing. FPGA technologies are also
a prime example of replication level dominance. FPGA chips contain Configurable
Logic Blocks or Logical Elements, prepared iterative array multipliers, and chains
for rapid carry propagation to add parallel codes, the libraries of IP-cores with ma-
trix structures [27, 28].
However, FPGA refers to programmable hardware that raises stamped element
matrices to the level of diversification by using the natural version redundancy in
program code of FPGA projects with LUT-oriented architecture [29-31].
In this architecture, the computing process is organized using LUT units that are
logic function generators. Their arguments arrive at the inputs of the LUT unit. The
description of the logical function is stored in the memory of the LUT unit and writ-
ten to this memory in the process of programming the FPGA project as program
code. In the case of four inputs A, B, C and D, the memory of the LUT unit con-
tains 24 = 16 bits [32, 33].
Versions of the program code are created for each pair of the LUT units where
output of the first LUT unit is connected to the input of the second one. The signal
between the LUT units may be transmitted by a direct or inverse value using one of
two versions of the program code. The inverse value at the output of the first LUT
unit of the pair is provided by inverting the bits of its memory and changing its
program code accordingly. The obtained inversion at the input of the second LUT
unit of the pair is compensated by changing the program code with replacement bits
of the memory [34].
This form of redundancy has been used to increase the trustworthiness of the cal-
culated results by generating program code versions and selecting the best one from
�the position of masking the faults between neighboring LUT unit inputs of the
FPGA project [35, 36].
The selection of the version with the best structurally function checkability of the
LUT units of the FPGA project in the normal mode of the safety-related system or
trustworthiness of the results calculated in the emergency mode is proposed in [37].
A disadvantage of both solutions using version redundancy of program code is
simulation of calculations on all normal and emergency mode inputs for each combi-
nation of versions generated by the LUT units of the FPGA project. The number of
program code versions is defined as 2Z, where Z is the number of first LUT units of
all pairs.
For example, in the case of Z = 30 and Z = 60, simulation of calculations per-
formed in the FPGA project is repeated for each input word of each mode more than
109 and 1018 times, respectively. The number of inputs is defined as 2U, where U is the
number of inputs of the simulated scheme of the FPGA project. For U = 20, the simu-
lation must be repeated 1015 and 1024 times. Such a large number of iterations signifi-
cantly limits the capabilities of the method in the processing of complex circuits. In
addition, the choice of versions that increase the checkability of the FPGA project in
normal mode or the trustworthiness of the results with the onset of emergency mode
helps to reduce a set of the hidden faults, but in general is not the best solution.
We offer a method to counter hidden faults of the FPGA project taking into ac-
count the peculiarities of this kind of faults. The method allows maximum use of ver-
sion redundancy of program code to reduce many possible hidden faults. Section 2
contains the main provisions of the proposed method. Section 3 describes the case
study of the method using the FPGA project on example of the iterative array multi-
plier.
2 Main Provisions of the Suggested Method
The proposed method uses the synergy of several types of natural version redun-
dancy. First of all, the method takes into account the natural version redundancy of
safety-related systems, which is evident in their designing for operation in two essen-
tially different modes: normal and emergency.
In addition, the method uses version redundancy of hidden fault elimination solu-
tions. They pose a danger to fault tolerant decisions while meeting two conditions:
accumulation of faults during normal mode and their manifestation in the form of
errors in emergency mode. Therefore, the hidden fault is eliminated if at least one of
the above conditions is excluded. Thus, the resistance to hidden faults can be achieved
with the use of two versions of the solution, which consists in improving the check-
ability of LUT units and the trustworthiness of the results calculated on them, respec-
tively.
The fault of the short circuit between the two neighboring inputs of the LUT unit
also demonstrates natural version redundancy. It consists of two fault states: its mask-
ing or error manifestation in the case of the same signal values at the neighboring
inputs of the LUT unit and otherwise, respectively. Fault masking increases the trust-
�worthiness of the calculated results, and its manifestation in the form of error im-
proves the checkability of the LUT unit.
Versions of the program code allow to control the input of the second LUT unit.
They are assigned to this input directed or inverse value. Change version manages the
state of the fault, showing it or masking for improving checkability of the LUT unit or
the trustworthiness of the results. These improvements can be achieved concurrently,
assigning them to different modes: normal and emergency, respectively.
The method generates and considers all versions of the program code that can be
created for the second LUT unit of each pair. For example, if only two of the four
LUT unit inputs connected to the outputs of the previous LUT units, then these LUT
units will form two pairs and 4 versions.
The method distinguishes between three sets MN, ME and MN&E of bits in the
memory of each LUT unit: bits addressable in the normal, emergency, and in both
modes, respectively. Faults which cause errors in bits of both MN and MN&E sets are
not hidden, as can be detected in the normal mode. Therefore, the fault of the short
circuit may be hidden, but if they cause errors only in bits of the ME set and do not
contain errors in bits, addressed in the normal mode.
The fault circuit between neighboring inputs of the LUT unit maintains proper ac-
cess to its memory bits for identical values of these inputs and indicates the remaining
bits in the values corresponding to zero values of the signals.
Examples of the effect of the short circuit faults on accessing the memory of the
LUT unit are shown in Fig. 1.
BA 00 01 10 11 BA 00 01 10 11
DC DC
00 0 1 2 3 00 0 1 0 1
01 4 5 6 7 01 1 1 0 1
10 8 9 10 11 10 1 1 0 1
11 12 13 14 15 11 0 1 0 1
a b
BA 00 01 10 11 BA 00 01 10 11 BA 00 01 10 11
DC DC DC
00 0 0 0 1 00 0 1 0 1 00 0 1 0 1
01 1 1 1 1 01 0 1 0 1 01 0 1 0 1
10 1 1 1 1 10 1 1 1 1 10 0 1 0 1
11 0 0 0 1 11 1 1 0 1 11 0 1 0 1
c d e
Fig. 1. Examples of LUT unit memory: numbers (a) and values (b) of bits and
� memory in cases of shorts between A and B (c), B and C (d), C and D (e) inputs
The numbering of the LUT unit bits and the correct values of bits of memory,
which is programmed with the ABBA16 code, shown in Fig. 1, a and b. The memory
of the LUT unit for cases of shorting inputs A and B, B and C, C and D is shown in
Fig. 1, c, d, e, respectively.
Shorting the A and B inputs copies the values of bits BA 00 column into the mem-
ory array columns BA 01 and BA 10. BA 11 column bits retain their value. Shorting
the B and C inputs copies the value of bits located at the intersection of column BA
00 and BA 01 with lines DC 00 and DC 10 into bits at the intersection of column BA
00 and BA 10 with a DC 01 and DC 11 lines as well as into bits at the intersection of
column BA 10 and BA 11 with lines DC 00 and DC 10. The bits located at the inter-
section of columns BA 10 and BA 11 with lines DC 01 and DC 11 retain their values.
Shorting the C and D inputs copies the values of bits of the DC 00 line into lines DC
01 and DC 10. Bits of the DC 11 lines retain their values. Erroneous bit values are
highlighted in yellow.
The method performs the following steps:
Step 1: Determination of all second LUT units of the circuit and for each of them
the set of all versions of program code.
Step 2. Simulation of calculations executed in FPGA project for all of the input
data, i.e., U times, with determination of the MNE = MN MN&E and ME bit sets in
memory for each second LUT unit of the pair.
Step 3. Determination of the MNE and ME sets of bits in the memory for each ver-
sion of each second LUT unit of the pair.
Step 4. Determination of all possible faults of the short circuit between neighboring
inputs of each second LUT unit of the pair for cases where at least one of these inputs
is connected to the output of the previous LUT unit.
Step 5. Determination of the program codes in the view, distorted under the influ-
ence of any faults. These program codes are generated for each version of each sec-
ond LUT unit of pairs and compared with the correct program code versions. The
erroneous bits detected in the sets MNE and ME, form the sets MNE ER and ME ER, re-
spectively.
Step 6. The FPGA project program code is generated using versions containing the
minimum number of bits in ME ER sets with MNE ER = .
Step 7: The resulting program code is compared with the initial and least success-
ful in the number of bits in the ME ER sets with MNE ER = to evaluate the capabilities
of the method.
The method improves the checkability of the FPGA project in the normal mode,
and thus eliminates the hidden faults by choosing versions with sets of MNE ER ≠ . In
case MNE ER = , the method selects the versions with the lowest number of bits in the
ME ER set to reduce the set of hidden faults that manifest themselves in an emergency
mode.
Reducing many hidden faults, performed in both modes, aimed at improving the
trustworthiness of the results calculated in the emergency mode. From this position,
the trustworthiness of the FPGA project results with respect to hidden faults of the
short circuit between neighboring inputs of LUT units can be estimated taking into
�account erroneous memory bits addressed only in emergency mode in the case of
MNE ER = .
The trustworthiness of the result read from the output of the LUT unit can be esti-
mated as TLUT = (1 – (AE ER / (3AE ER)) КNE ER)×100%, where AE ER and AE are the
number of bits in the ME ER sets for all three types of short circuit and in the ME set,
respectively, КNE ER = 1 if MNE ER = , and КNE ER = 0 otherwise.
The trustworthiness of the FPGA project results can be estimated by the arithmetic
average of the TLUT values calculated for all LUT units.
The contribution that is made to the trustworthiness by the checkability of the LUT
units in the normal mode can be estimated similarly taking into account the error
memory bits of the ME ER set in the case of MNE ER ≠ .
Comparison of the best solution with the initial project and the least successful ver-
sion of the program code shows the effectiveness of the method in the specific exam-
ple of FPGA design and the potential of the method, respectively.
3 Case Study of the Proposed Method
Experimental verification of the method was carried out using CAD Quartus Prime
18.1 Lite Edition on the example of a study of a 4-bit iterative array multiplier
implemented in Intel Max 10 FPGA 10M50DAF672I7G [38, 39]. The digital circuit
of the obtained FPGA project contains 8 inputs which are supplied with 4-bit
operands, 30 LUT units with four inputs for performing the multiplication operation,
and 8 product outputs. The digital circuit simulation was carried out using the
program implementation of the method. The program was developed in the free
Delphi 10 Seattle demo version [40].
As initial data, the program uses a description of a digital circuit with an indication
of the connections of its inputs or outputs of previous LUT units to the inputs of each
next LUT unit and the outputs of the circuit. In addition, the number of digital circuit
inputs, the number of LUT units and their program codes are indicated.
The program presents the results of examining the digital circuit on the main panel,
which is shown in Fig. 2.
The main panel is invoked by pressing the «Start» key and allows to complete the
program on «Exit» command. The main panel allows to view the values of the
memory bits for all LUT units operating at different threshold values S, dividing the
input data of the normal and emergency modes.
The values of the factors smaller than the S threshold refer to the normal mode, and
the rest to emergency one. The "S: 2 - 9" key determines 8 threshold values from 2 to
9. Each press of this key shifts the range of S values by one to the maximum: "S: 8 -
15" and then the value "S: 2 - 9". The "LUT # 22" key specifies the number 22 of the
considered LUT unit. Clicking on this key allows to proceed to the LUT unit with the
following number. The largest number is replaced by the first. Bits addressable in the
normal and in emergency mode only, colored in green and yellow, respectively. Blue
color indicates addressing in both modes.
The lower part of the panel shows the results of the proposed method for each
value of the S threshold. Line "V" shows the decimal number of the best version of
�the program code. The binary code dcba2 of the version number determines the
inverted inputs of the second LUT unit by the unit values of the corresponding bits.
Fig. 2. The main panel of the program implementation
of the suggested method
For example, version 13 = 11012 means inverting inputs D, C and A. Number
0 = 00002 indicates the preservation of the source program code [41].
The next three lines «V.I», «V.B» and «V.W» evaluate the trustworthiness of the
calculated results to the initial, the best and the least successful version of the program
code for FPGA project, respectively. The numerator includes the trustworthiness of
the results calculated in the FPGA project, and the denominator contains the
contribution that is made to the trustworthiness of the checkability of the LUT units in
normal mode. The last line in the numerator and denominator shows the gain in the
�trustworthiness of the best solution compared to the initial project and the least
successful version of the program code, respectively.
Diagrams of the dependence in trustworthiness of the results on the S threshold for
the best, initial and least successful solution are shown in Fig. 3.
% 100
90
80
70
60
V.I
50
V.B
40
V.W
30
20
10
0 S
2 3 4 5 6 7 8 9
Fig. 3. Diagrams of the dependence in trustworthiness of the results
on the S threshold for the best, initial and least successful solution
Diagrams show a tendency to increase trustworthiness of the results with an
increase in the S threshold.
Therefore, it is important that the greatest gain in the best solution obtained by the
proposed method is achieved for small threshold values that are typical for circuits
operating in normal mode at a noise level. For S = 2 and S = 3, the trustworthiness of
the results increases relative to the initial program code from 59% to 84% and from
64% to 87%, i.e. by 25% and 23%, respectively.
4 Conclusions
FPGA designing, which is a promising direction in the development of digital
components for safety-related systems, opens up new possibilities for solving the
hidden fault problem inherent in such systems. The programmability of FPGA
projects allows to solve this problem as a growth challenge by raising the components
to the level of diversification, where critical systems are located in operating modes,
input data and digital circuit checkability.
� The proposed method uses the version redundancy in the program code of FPGA
projects with a LUT-oriented architecture to reduce the set of hidden faults in the
short circuit of neighboring inputs of the LUT units.
Such faults distort the addressing of the memory bits of the LUT units. Memory
bits read at the wrong address may have erroneous values that reduce the
trustworthiness of the calculated results.
A hidden fault is dangerous with errors that are not detected in normal mode and
distort the results in emergency one.
The method reduces the number of hidden faults in two ways. The first way is to
search for each LUT unit the program code versions, showing a failure in the normal
mode. The second way applies to LUT units for which there are no such version, and
chooses the version with the least amount of erroneous values in bits, addressed only
in emergency mode.
The advantage of the proposed method is its low complexity, limited not by the set
of all versions of the FPGA project program code, but by the set of LUT units with
mutually independent examination of their program codes.
Further research is planned in the direction of expanding the circle of problems
which can be identified and solved as a growth challenge in relation to safety-related
systems and their components based on the development and practical application of
the concepts of checkability and natural version redundancy, in particular in FPGA
designing.
References
1. International Atomic Energy Agency, Evaluation of the Status of National Nuclear Infra-
structure Development, IAEA Nuclear Energy Series No. NG-T-3.2, IAEA, Vienna (2008)
2. Hiromoto, R. E., Sachenko, A., Kochan, V. et. al.: Mobile Ad Hoc Wireless Network for
Pre- and Post-Emergency Situations in Nuclear Power Plant. In: WS 2014 - 2nd IEEE In-
ternational Symposium on Wireless Systems within the Conferences on Intelligent Data
Acquisition and Advanced Computing Systems, Offenburg, Germany, pp. 92-96 (2014)
doi: 10.1109/IDAACS-SWS.2014.6954630
3. Ivanchenko, O., Kharchenko, V., Moroz, B. et. al.: Risk Assessment of Critical Energy
Infrastructure Considering Physical and Cyber Assets: Methodology and Models. In:
IDAACS 2018 - 10th IEEE International Conference on Intelligent Data Acquisition and
Advanced Computing Systems: Technology and Applications, Lviv, Ukraine, pp. 225-228
(2018) doi: 10.1109/IDAACS-SWS.2018.8525594
4. Smith, D. J.: Reliability, Maintainability and Risk. Practical Methods for Engineers, 9th
Edition, Butterworth-Heinemann (2017)
5. International Atomic Energy Agency, On-line Monitoring for Improving Performance of
Nuclear Power Plants, Part 2: Process and Component Condition Monitoring and Diagnos-
tics, IAEA Nuclear Energy Series No. NP-T-1.2, IAEA, Vienna (2008)
6. Smith D., Simpson K.: The Safety Critical Systems Handbook, 4th Edition, Butterworth-
Heinemann (2016)
7. International Electrotechnical Commission, Nuclear Power Plants: Instrumentation and
Control for Systems Important to Safety – General Requirements for Systems, Rep. IEC
61513, IEC, Geneva (2001)
�8. Efanov, D., Lykov, A., Osadchy, G.: Testing of relay-contact circuits of railway signalling
and interlocking. In: EWDTS 2017 - IEEE East-West Design and Test Symposium, Novi
Sad, Serbia, pp. 242-248 ( 2017) doi: 10.1109/EWDTS.2017.8110095
9. Drozd, O., Antoniuk, V., Nikul, V., Drozd, M.: Hidden faults in FPGA-built digital compo-
nents of safety-related systems. In: TCSET 2018 - 14th International Conference “Modern
problems of radio engineering, telecommunications and computer science, Lviv-Slavsko,
Ukraine, pp. 805-809 (2018) doi: 10.1109/TCSET.2018.8336320
10. Hahanov, V., Litvinova, E., Obrizan, V., Gharibi, W.: Embedded method of SoC diagnosis.
Elektronika in Elektrotechn, no. 8, 3-8 (2008)
11. Matrosova, A., Nikolaeva, E., Kudin, D., Singh, V.: PDF testability of the circuits derived
by special covering ROBDDs with gates. In: EWDTS 2013 - IEEE East-West Design and
Test Symposium, Rostov-on-Don, Russia, pp. 1-5 (2013) doi: 10.1109/EWDTS.2013.6673183
12. Coppad, D., Sokolov, D., Bystrov, A., Yakovlev, A.: Online Testing by Protocol Decompo-
sition. In: IOLTS - 12th IEEE International On-Line Testing Symposium, Como, Italy, pp.
263-268 (2006) doi: 10.1109/IOLTS.2006.45
13. Drozd, A., Drozd, J., Antoshchuk, S., Nikul, V., Al-dhabi, M.: Objects and Methods of On-
Line Testing: Main Requirements and Perspectives of Development. In: EWDTS 2016 -
IEEE East-West Design & Test Symposium, Yerevan, Armenia, pp. 72-76 (2016) doi:
10.1109/EWDTS.2016.7807750
14. Anderson, D. A., Metze, G.: Design of Totally Self-Checking Circuits for n-out-of-m
Codes. IEEE Trans. on Computers, vol. C-22, 263-269 (1973) doi: 10.1109/T-C.1973.223705
15. Metra, C., Schiano, L., Favalli, M., Ricco, B.: Self-checking scheme for the on-line testing
of power supply noise. In: DATE 2002 - Design, Automation and Test in Europe Confer-
ence, Paris, France, pp. 832-836 (2002) doi: 10.1109/DATE.2002.998395
16. Chakrabarty, K., Swaminathan S.: Built-in self-testing of high-performance circuits using
twisted-ring counters. In: ISCAS 2000 - IEEE International Symposium on Circuits and
Systems, Geneva, Switzerland (2000) doi: 10.1109/ISCAS.2000.857029
17. Kondratenko, Y.P., Kozlov, O.V., Topalov, A.M., Gerasin, O.S. Computerized system for
remote level control with discrete self-testing. In: CEUR Workshop Proceedings Open Ac-
cess, vol-1844, pp. 608-619 (2017) http://ceur-ws.org/Vol-1844/10000608.pdf
18. Drozd, A., Kharchenko, V., Antoshchuk, S., Sulima, J., Drozd, M.: Checkability of the
digital components in safety-critical systems: problems and solutions. In: EWDTS 2011 -
IEEE East-West Design & Test Symposium, Sevastopol, Ukraine, 2011, pp. 411-416 doi:
10.1109/EWDTS.2011.6116606
19. Drozd, A., Antoshchuk, S., Drozd, J. et. al.: Checkable FPGA Design: Energy Consumption,
Throughput and Trustworthiness. In: Green IT Engineering: Social, Business and Industrial
Applications, Studies in Systems, Decision and Control, vol. 171, Berlin, Heidelberg:
Springer International Publishing, pp. 73-94 (2019) doi: 10.1007/978-3-030-00253-4_4
20. Gray, R.: The true toll of the Chernobyl disaster, BBC Future (2019)
https://www.bbc.com/future/article/20190725-will-we-ever-know-chernobyls-true-death-toll
21. Gillis, D.: The Apocalypses that Might Have Been. [Online]. Available:
https://www.damninteresting.com/the-apocalypses-that-might-have-been/.
22. Edstrom, J., Tilevich, E.: Reusable and Extensible Fault Tolerance for RESTful Applica-
tions. In: 11th International Conference on Trust, Security and Privacy in Computing and
Communications, Liverpool, UK, pp. 737-744 (2012) doi: 10.1109/TrustCom.2012.244
23. Atamanyuk, I., Kondratenko, Y.: Computer's Analysis Method and Reliability Assessment
of Fault-Tolerance Operation of Information Systems. In: CEUR-WS, vol. 1356, Lviv,
Ukraine, pp. 507-522 (2015)
24. Romankevich, A., Feseniuk, A., Maidaniuk, I., Romankevich, V.: Fault-tolerant multiproc-
essor systems reliability estimation using statistical experiments with GL-models. In: Ad-
vances in Intelligent Systems and Computing, vol. 754, pp. 186-193 (2019)
�25. Drozd, J., Drozd, A., Al-dhabi, M.: A resource approach to on-line testing of computing
circuits. In: EWDTS 2015 - IEEE East-West Design & Test Symposium, Batumi, Georgia,
pp. 276-281 (2015) doi: 10.1109/EWDTS.2015.7493122
26. Drozd, O., Kharchenko, V., Rucinski, A. et. al.: Development of Models in Resilient Com-
puting. In: DESSERT 2019 - 10th IEEE International Conference on Dependable Systems,
Services and Technologies, Leeds, UK, pp. 2-7 (2019) doi:
10.1109/DESSERT.2019.8770035
27. Tyurin, S.F., Grekov, A.V., Gromov, O.A.: The principle of recovery logic FPGA for criti-
cal applications by adapting to failures of logic elements. World Applied Sciences Journal,
328-332 (2013) doi: 10.5829/idosi.wasj.2013.26.03.13474
28. Jaecheon Jung, Ibrahim Ahmed: Development of FPGA-based reactor trip functions using
systems engineering approach, Nuclear Engineering and Technology, March 2016, pp. 2-11
(2016) doi: 10.1016/j.net.2016.02.011
29. Palagin, A., Opanasenko, V.: The implementation of extended arithmetic’s on FPGA-based
structures. In: IDAACS 2017 - 9th IEEE International Conference on Intelligent Data Ac-
quisition and Advanced Computing Systems: Technology and Applications, vol. 2, Bucha-
rest, Romania, pp. 1014-1019 (2017) doi: 10.1109/IDAACS.2017.8095239
30. Chernov, S., Titov, S., Chernova, L. et. al.: Algorithm for the simplification of solution to
discrete optimization problems. Eastern-European Journal of Enterprise Technologies 3 (4),
1-12 (2018) doi: https://doi.org/10.15587/1729-4061.2018.133405
31. Zashcholkin, K., Ivanova, O.: The control technology of integrity and legitimacy of LUT-
oriented information object usage by self-recovering digital watermark. In: CEUR Work-
shop Proceedings, vol. 1356, pp. 498-506 (2015)
32. Cyclone II Architecture. Cyclone II Device Handbook Version 3.1.-Altera Corporation
(2007) http://www.altera.com/literature/hb/cyc2/cyc2_cii51002.pdf
33. Toshinori, S.: Basic Knowledge to Understand FPGAs. In: Principles and Structures of
FPGAs, H. Amano (edit), Springer, USA, New-York, pp. 1-22 (2018)
34. Zashcholkin. K., Ivanova, O.: LUT-object integrity monitoring methods based on low im-
pact embedding of digital watermark. In: TCSET 2018 - International Conference “Ad-
vanced Trends in Radioelecrtronics, Telecommunications and Computer Engineering,
Lviv-Slavske, Ukraine, pp. 519-523 (2018) doi: 10.1109/TCSET.2018.8336255
35. Drozd, A., Drozd, M., Kuznietsov, M.: Use of Natural LUT Redundancy to Improve
Trustworthiness of FPGA Design. In: CEUR Workshop Proceedings, vol. 1614, pp. 322-
331 (2016)
36. Pleskacz, W., Jenihhin, M., Raik, J. et. al.: Hierarchical Analysis of Short Defects between
Metal Lines in CMOS IC. In: 11th Euromicro Conference on Digital System Design Architec-
tures, Methods and Tools, Parma, Italy, pp. 729-734 (2008) doi: 10.1109/DSD.2008.98
37. Drozd, A., Drozd, M., Martynyuk, O., Kuznietsov, M.: Improving of a Circuit Checkability
and Trustworthiness of Data Processing Results in LUT-based FPGA Components of
Safety-Related Systems. In: CEUR Workshop Proceedings, vol. 1844, pp. 654-661 (2017)
38. Intel Quartus Prime Standard Edition User Guide: Getting Started,
https://www.intel.com/content/dam/www/programmable/us/en/pdfs/literature/ug/ug-qps-
getting-started.pdf, last accessed 2019/03/20
39. Max 10 FPGA Device Architecture (2017), https://www.intel.com
/content/dam/www/programmable/us/en/pdfs/literature/hb/max-10/m10_architecture.pdf,
last accessed 2019/03/20
40. Delphi 10 Seattle: Embarcadero (2015) https://www.embarcadero.com/ru/products/delphi/
41. Drozd, O., Kuznietsov, M., Martynyuk, O., Drozd, M.: A method of the hidden faults
elimination in FPGA projects for the critical applications. In: DESSERT 2018 - 9th IEEE
International Conference on Dependable Systems, Services and Technologies, Kyiv,
Ukraine, pp. 231-234 (2018) doi: 10.1109/DESSERT.2018.8409131
�