Analyzing Formal Verification and Testing Efforts of Different Fault Tolerance Mechanisms

Pre-fabrication design verification and post-fabrication chip testing are two important stages in the product realization process. These two stages consume a large part of resources in the form of time, money, and engineering effort during the process. Therefore, it is important to take into account the design verification (such as through formal verification) effort and chip testing effort when we design a system. This paper analyzes the impact on formal verification effort and testing effort due to adding different fault tolerance mechanisms to baseline systems. By comparing the experimental results of different designs, we conclude that re-execution (time redundancy) is the most efficient mechanism when considering formal verification and testing efforts together, followed by parity code, dual modular redundancy (DMR), and triple modular redundancy (TMR). We also present the ratio of verification effort to testing effort to assist designers in their trade-off analysis when deciding how to allocate their budget between formal verification and testing. Particularly, we find even for a designated fault tolerance mechanism, some small change in structure can lead to dramatic changes in the efforts. These findings have implications for practical industrial production.