feature article
Subscribe Now

JTAG Gets an Upgrade

TI and IPextreme Do a cJTAG Risk Start

We all know that time to market is everything. Months matter. Weeks matter. When production takes a long time, it can sometimes make sense to get things started before you are completely sure you’re ready. Wafers might be started before everyone is completely sure that all the i’s have been dotted (although I suspect that happens less these days with masks and wafers costing what they do). Such early wafers are called “risk starts” because they are done with the knowledge that there is a risk that they’ll have to be thrown away. That risk is balanced by the reward of getting out sooner if everything is ok.

Well, we’re seeing a similar thing happen with the release of the first IP core for the new IEEE 1149.7 standard, a successor to the venerable 1149.1 JTAG standard – before the standard has been approved.

JTAG was developed by the IEEE Joint Test Action Group before being approved as IEEE 1149.1. It went from being a frivolous adder that general managers whined about to becoming a standard accoutrement that was more or less part of the deal if you actually wanted someone to use your chip. The idea behind basic JTAG was that you could force a value on an I/O pin on one chip and then sense that value on the chip to which it’s connected, proving that the PC board trace was intact. The entire boundary of each chip could, in theory, be tested by scanning values onto the I/Os and detecting the values on the chips to which they were connected; hence the term “boundary scan.”

What’s sometimes surprising to people is that JTAG was intended to test connections outside the chip. But it was also found increasingly useful for testing the internals of the chip as well, and this could usually be done without straying from the JTAG spec. Much activity and attention went into using JTAG as an auxiliary portal into a chip for testing and instrumentation purposes.

The good news was, JTAG spread widely. The less good news was that it couldn’t do everything everyone wanted  – and not always as fast as everyone wanted. As people got more creative, they started adding proprietary modes and features, where possible, to the standard implementation in a decidedly non-standard way, complicating testing equipment. And they looked for ways to do things that JTAG simply couldn’t do. And so JTAG variants and enhancements were developed over several years.

IEEE 1149.4 was created to address analog pins. IEEE 1149.6 – AJTAG – adds new capabilities to the boundary scan structure, in particular to handle AC-coupled differential pairs in boundary scan tests. P1687 – IJTAG – is a work in progress to unify the way the 1149.1 is used for accessing on-chip instrumentation features (without defining the features themselves). And targeted for approval in early 2009 is so-called Compact JTAG, cJTAG, IEEE 1149.7, which is the next-generation standard for physical test access to the device. TI has created an IP core implementing the current embodiment of the proposed standard and offering it for sale via IPextreme.

Proffering a product that implements a standard before the standard is official can be a ballsy call, since that product will be obsolete if the standard changes at the last minute. And such things have happened. An optimist will see TI’s move as a vote of confidence that consensus has been achieved and that all that remains is counting the votes and cracking the champagne. A pessimist might see it as a shrewd tactic that attempts to establish “facts on the ground” to use as a defense against further proposed changes (but such tactics don’t play well in standards bodies). No one will know for sure until the final approved version is issued.

The new standard builds on the original JTAG and goes to quite some pains to maintain compatibility so that both JTAG and cJTAG can work together in the same chain. cJTAG adds capabilities to JTAG as well as reducing the required pin count from 4 to 2. This reduced pin count was seen as helpful for new SoCs, which have tight pin budgets. A star, or multi-drop, interconnect capability was also added to the usual serial scan chain configuration to make stacked ICs and modules easier to implement as well as enabling parallel testing. But this has all been done in a way that gives designers some flexibility regarding which features they implement.

This flexibility has been provided by defining successive “classes” of operation. Each class is a superset of the lower classes. Think of it as a set of concentric rings, with plain ol’ JTAG as the center ring. Each ring around that is another class. You can pick any class you want to implement; you must then implement all features contained within the ring of the class you picked, but you don’t implement any features from outside your chosen ring.

The innermost cJTAG class, Class 0, more or less maintains JTAG compliance, along with the ability to have more than one test access port (TAP) on a chip. Class 1 starts to add more of the cJTAG facility, with a new command set, controller, and power control of the TAP circuitry. Class 2 provides a chip-level bypass as well as protection during hot insertion. Class 3 allows the use of a four-wire star topology in addition to the traditional chain setup. Class 4 takes you into the realm of two-pin usage by discarding TDI and TDO (or using them as auxiliary pins), using a two-pin star hookup, and turning TMS into a bidirectional pin; some advanced scan modes are also included. Finally, Class 5 adds an instrumentation facility (although access to debug and instrumentation features is defined by P1687).

The new controller gets a bit tricky since it has to remain compatible with the 1149.1 controller. In order to accommodate things like commands that aren’t supported by JTAG, several new “control levels” are supported, each of which supports different new features. You get to those control levels via a clever, if non-obvious, trick: you exploit a legal but meaningless path through the JTAG control state machine, which is called a zero-bit DR scan (ZBS). This appears to be basically a bypass or idcode instruction where you don’t scan in any DR bits (hence the zero-bit name). After resetting, you can run the state machine through this particular path multiple times. A counter in the cJTAG controller keeps track of the number of times you go through it, and this sets the control level.

The important thing here is that this allows the use of cJTAG features in a chain that has mixed JTAG and cJTAG: because the ZBS is legal, it doesn’t cause any problem for the older JTAG parts in the chain; because it’s meaningless to the JTAG parts, it basically leaves them alone. So while you’re using new cJTAG features on parts with cJTAG, the older JTAG parts in the chain are just sitting there more or less doing nothing – including doing nothing bad.

At a higher level, the implication of the star configuration is that multiple PCBs or chips on a PCB can be tested in parallel. Rather than scanning out the results of tests, the expected value can actually be loaded in the test, and then an internal comparator decides whether the test passed. Instead of having to unload all the bits of all the chains in all the PCBs, each PCB can be addressed and its compare result can be unloaded.

The specific commands and controller details that make all of this possible appear to be far more complex than the original 1149.1 setup; this article hasn’t come close to describing the details of what can be done. As to the cost of that complexity, IPextreme claims that a Class 4 implementation can be done using 2500 gates.

TI has clearly taken a gamble here that either their implementation will survive the balloting process or that any late-breaking changes can be sent to customers as an update before they’ve been committed to silicon. It’s no secret that the standard isn’t final yet, so presumably any customers are going in with eyes open, ready for any last-minutes tweaks should they be needed.

Link: TI’s cJTAG core, via IPextreme

Leave a Reply

featured blogs
Oct 9, 2024
Have you ever noticed that dogs tend to circle around a few times before they eventually take a weight off their minds?...

featured chalk talk

STM32 Security for IoT
Today’s modern embedded systems face a range of security risks that can stem from a variety of different sources including insecure communication protocols, hardware vulnerabilities, and physical tampering. In this episode of Chalk Talk, Amelia Dalton and Thierry Crespo from STMicroelectronics explore the biggest security challenges facing embedded designers today, the benefits of the STM32 Trust platform, and why the STM32Trust TEE Secure Manager is an IoT security game changer.
Aug 20, 2024
24,832 views