You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Clarify in the MCI Integration Requirements that
Caliptra Subsystem output signals (SOC_DFT_EN,
SOC_HW_DEBUG_EN) are not guaranteed stable during
scan mode. Add integrator guidance for DFT signal
management and reset mux glitch awareness.
Resolves#1059
Copy file name to clipboardExpand all lines: docs/CaliptraSSIntegrationSpecification.md
+9-3Lines changed: 9 additions & 3 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -1711,8 +1711,8 @@ If there is an issue within MCI whether it be the Boot Sequencer or another comp
1711
1711
| Internal | Input | Struct |`from_otp_to_lcc_program_i`| These ports comes from fuse partitions and show LCC's non-volatile state |
1712
1712
| Internal | Input | 1 |`ss_dbg_manuf_enable_i`| Caliptra Core enables manuf debug with this |
1713
1713
| Internal | Input | 64 |`ss_soc_dbg_unlock_level_i`| Caliptra Core enables prod debug with this. Since there are multiple debug levels, the debug level is one-hot encoded to this port |
| External | Output | 1 |`SOC_DFT_EN`| Masked LCC decoding signal, see LCC section. **Not guaranteed to be stable during scan mode.** Use to gate entry into scan mode only; see [DFT Reset Control](#mci-integration-requirements) for details.|
1715
+
| External | Output | 1 |`SOC_HW_DEBUG_EN`| Masked LCC decoding signal, see LCC section. **Not guaranteed to be stable during scan mode.** See [DFT Reset Control](#mci-integration-requirements) for details.|
@@ -1798,7 +1798,13 @@ The two regions have different access protection. The size of the regions is dyn
1798
1798
1799
1799
MCI input resets do not have any built-in DFT reset control for scan. It is the integrator’s responsibility to add any DFT controls outside of MCI before the reset is connected to MCI.
1800
1800
1801
-
Simlar to Caliptra core - When `scan_mode` is set the MCI generated resets will be directly controlled by `mci_rst_b`. This gives DFT complete control of these resets within Caliptra SS.
1801
+
Similar to Caliptra core - When `scan_mode` is set the MCI generated resets will be directly controlled by `mci_rst_b`. This gives DFT complete control of these resets within Caliptra SS.
1802
+
1803
+
**Important: Scan mode is a destructive operation.** Once `scan_mode` is asserted and Caliptra assets are flushed, no guarantees can be made about the state of any signals coming out of the Caliptra Subsystem, including `SOC_DFT_EN` and `SOC_HW_DEBUG_EN`. These output signals are **not** guaranteed to remain stable during scan mode because scan data shifted into scannable flops can cause internal state (such as the LCC state translator outputs) to change unpredictably.
1804
+
1805
+
The integrator should use `SOC_DFT_EN` to gate entry into scan mode (e.g., to enable scan chain access), but must **not** rely on `SOC_DFT_EN` or any other Caliptra Subsystem output remaining stable once scan mode is active. The SoC's DFT architecture is responsible for ensuring that its DFT control signals are driven in a stable manner during scan. For example, if `SOC_DFT_EN` is used to gate IJTAG or other DFT access, the SoC should latch or otherwise stabilize the signal before entering scan mode.
1806
+
1807
+
Additionally, the MCI reset mux logic that selects between normal and scan-mode reset paths uses standard RTL assign statements. Depending on the synthesis tool and target technology, these may not synthesize into glitch-free mux cells, potentially causing glitches on reset lines during `scan_mode` transitions. Integrators should verify their gate-level netlist and, if necessary, ensure glitch-free mux behavior on these reset paths through synthesis constraints or cell replacements.
0 commit comments