Presentation is loading. Please wait.

Presentation is loading. Please wait.

University of Michigan Electrical Engineering and Computer Science University of Michigan Electrical Engineering and Computer Science 1 Shoestring: Probabilistic.

Published byBeryl Stafford Modified over 9 years ago

Similar presentations

Presentation on theme: "University of Michigan Electrical Engineering and Computer Science University of Michigan Electrical Engineering and Computer Science 1 Shoestring: Probabilistic."— Presentation transcript:

1 University of Michigan Electrical Engineering and Computer Science University of Michigan Electrical Engineering and Computer Science 1 Shoestring: Probabilistic Reliability on the Cheap Authors: Shuguang Feng Shantanu Gupta Amin Ansari Scott Mahlke University of Michigan

2 Electrical Engineering and Computer Science University of Michigan Electrical Engineering and Computer Science 2 The Problem...  Soft Errors / Transient Faults / Single Event Upsets (SEU)  Caused by a variety of phenomena  Cosmic radiation (high energy neutrons)  Alpha particles (packaging impurities)  Voltage fluctuations (dI/dt)  Timing speculation  Can alter the value stored in state elements as well as the output of combinational logic  Attenuated by masking at several levels (circuit, logic, μarch, etc.)  Soft error rates (SER) are on the rise

3 University of Michigan Electrical Engineering and Computer Science University of Michigan Electrical Engineering and Computer Science 3 Soft error rate (SER) Past Present Future Aggressive voltage scaling (near-threshold computing) One failure per MONTH per 100 chips One failure per DAY per 100 chips One failure per DAY per chip [Shivakumar’02]  At high error rates, reliability cannot be reserved only for mission-critical systems  There is a need for low-cost mainstream solutions  At high error rates, reliability cannot be reserved only for mission-critical systems  There is a need for low-cost mainstream solutions

4 University of Michigan Electrical Engineering and Computer Science University of Michigan Electrical Engineering and Computer Science  Traditional dual/triple – modular redundancy  Run on separate hardware and compare results  Mission-critical reliability w/ high hardware costs [IBM Z-series, HP NonStop]  Traditional dual/triple – modular redundancy  Run on separate hardware and compare results  Mission-critical reliability w/ high hardware costs [IBM Z-series, HP NonStop]  Utilize multiple threads (temporal) instead of separate hardware (spatial)  Retain high coverage but sacrifice performance costs to save area [AR-SMT, Reunion]  Utilize multiple threads (temporal) instead of separate hardware (spatial)  Retain high coverage but sacrifice performance costs to save area [AR-SMT, Reunion]  Perform selective checking  software invariants  critical μarch structures [ARGUS, DIVA, Reddy:DSN`08]  Perform selective checking  software invariants  critical μarch structures [ARGUS, DIVA, Reddy:DSN`08]  Redundant execution in a single- threaded context  compiler interleaves original and redundant instructions  “tunable” coverage [SWIFT, EDDI]  Redundant execution in a single- threaded context  compiler interleaves original and redundant instructions  “tunable” coverage [SWIFT, EDDI]  Relies on anomalous behavior to identify faults  extremely cheap  moderate coverage [RESTORE, SWAT]  Relies on anomalous behavior to identify faults  extremely cheap  moderate coverage [RESTORE, SWAT]  Bridge the gap between symptom- based schemes and instruction duplication  “reliability for the masses”  sacrifice a little on coverage to maintain very low costs  Bridge the gap between symptom- based schemes and instruction duplication  “reliability for the masses”  sacrifice a little on coverage to maintain very low costs 4 Traditional Architecture Solutions Increasing Fault Coverage Increasing Overheads (area, power, performance, etc.) n-Modular Redundancy Redundant Multi-threading Invariant Checking Symptom-based Shoestring Instruction Duplication

5 University of Michigan Electrical Engineering and Computer Science University of Michigan Electrical Engineering and Computer Science Shoestring One failure per WEEK One failure per MONTH Fault coverage from different sources of masking (92%) 5 Shoestring Increasing Overheads (performance) One failure per DAY Instruction duplication-based detection Symptom-based detection Hardware exceptions Branch mispredicts Cache misses Shoestring Increasing Fault Coverage

6 University of Michigan Electrical Engineering and Computer Science University of Michigan Electrical Engineering and Computer Science Shoestring One failure per WEEK One failure per MONTH Fault coverage from different sources of masking (92%) Increasing Overheads (performance) One failure per DAY Instruction duplication-based detection Symptom-based detection Hardware exceptions Branch mispredicts Cache misses Shoestring Increasing Fault Coverage  Not all applications/domains require enterprise-level fault tolerance  The cost of “five-nines” reliability is very high  Spent in pursuit of the last few “nines”  Not all applications/domains require enterprise-level fault tolerance  The cost of “five-nines” reliability is very high  Spent in pursuit of the last few “nines” Provide affordable reliability for commodity systems on a “shoestring” budget  Exploit cheap symptom-based fault detection  Judiciously apply sw-level instruction duplication to improve coverage Provide affordable reliability for commodity systems on a “shoestring” budget  Exploit cheap symptom-based fault detection  Judiciously apply sw-level instruction duplication to improve coverage 6 Shoestring

7 University of Michigan Electrical Engineering and Computer Science University of Michigan Electrical Engineering and Computer Science 7 Shoestring: System Components  Analyzes program structure  Generate enhanced binary w/ selective duplication for vulnerable code  Analyzes program structure  Generate enhanced binary w/ selective duplication for vulnerable code  Trap runtime exceptions  Selected symptoms  Faults in duplicated code  Recovers w/ pipeline flush / lightweight rollback  Trap runtime exceptions  Selected symptoms  Faults in duplicated code  Recovers w/ pipeline flush / lightweight rollback Selective Duplication Compilation OS / Virtual Machine Physical Hardware Runtime Environment

8 University of Michigan Electrical Engineering and Computer Science University of Michigan Electrical Engineering and Computer Science Code Generation Passes Instruction Selection Register Allocation Code Emission 8 Shoestring: Compilation Application Source Code Application Binary Shoestring Passes Preliminary Classification Preliminary Classification Vulnerability Analysis Vulnerability Analysis Code Duplication Instruction Selection Machine-independent Passes Traditional Optimizations Front-end Shoestring Passes Preliminary Classification Preliminary Classification Vulnerability Analysis Vulnerability Analysis Code Duplication

9 University of Michigan Electrical Engineering and Computer Science University of Michigan Electrical Engineering and Computer Science 9 Preliminary Classification Shoestring Passes Preliminary Classification Preliminary Classification Vulnerability Analysis Vulnerability Analysis Code Duplication Preliminary Classification Preliminary Classification Identify instructions that are …  Symptom-generating  Instructions that can aid in detecting the presence of a soft-error  Used during vulnerability analysis  High-value  Instructions that affect “correct” program execution (user-visible output)  Used during selective code duplication Identify instructions that are …  Symptom-generating  Instructions that can aid in detecting the presence of a soft-error  Used during vulnerability analysis  High-value  Instructions that affect “correct” program execution (user-visible output)  Used during selective code duplication

10 University of Michigan Electrical Engineering and Computer Science University of Michigan Electrical Engineering and Computer Science 10 Preliminary Classification: Symptom-generating r0 = mem[old_base] r1 = mem[new_base] r2 = 128 r4 = 1 r5 = r2 / r4 r6 = mem[r0+r5] r4 = r4 + 1 mem[r1+r5] = r6 r7 = mem[new_base] printf(r7,…) stack[n_copied] = r4 If an input operand is corrupted the instruction is likely to cause anomalous behavior  segment fault  divide by zero  cache miss  branch mispredict ...  Limit consideration to symptoms that rarely, if ever, occur during normal operation

11 University of Michigan Electrical Engineering and Computer Science University of Michigan Electrical Engineering and Computer Science 11 Preliminary Classification: High-value r0 = mem[old_base] r1 = mem[new_base] r2 = 128 r4 = 1 r5 = r2 / r4 r6 = mem[r0+r5] r4 = r4 + 1 mem[r1+r5] = r6 r7 = mem[new_base] printf(r7,…) stack[n_copied] = r4 Instructions that can corrupt program output after consuming an erroneous operand  stores to global memory  arguments to function/library calls Ignore local bookeeping variable

12 University of Michigan Electrical Engineering and Computer Science University of Michigan Electrical Engineering and Computer Science Shoestring Passes Preliminary Classification Preliminary Classification Vulnerability Analysis Vulnerability Analysis Code Duplication Vulnerability Analysis Vulnerability Analysis 12 Vulnerability Analysis Identify safe instructions  Instructions with outputs inherently “covered” by symptom-generating instructions  Data/Control flow analysis  Duplication can safely ignore these instructions without losing fault coverage Identify safe instructions  Instructions with outputs inherently “covered” by symptom-generating instructions  Data/Control flow analysis  Duplication can safely ignore these instructions without losing fault coverage

13 University of Michigan Electrical Engineering and Computer Science University of Michigan Electrical Engineering and Computer Science 13 Vulnerability Analysis Dataflow Graph (DFG) Symptom-generating Machine-dependent Representation

14 University of Michigan Electrical Engineering and Computer Science University of Michigan Electrical Engineering and Computer Science 14 Vulnerability Analysis Dataflow Graph (DFG) For each instruction …  Count the # of symptom-generating consumers (N tot )  Consider an instruction with “enough” (S t ) symptom-generating consumers as safe  Limit to instructions within a fixed distance (S lat ) in the statically scheduled code  Scale indirect consumers by S iscale 15 40 60 12 3 4 52 S t = 2 S lat = 100 S iscale = 0.8 2 2 3 3 6 6 8 8 7 7 4 4 5 5 9 9 1 1 Symptom-generating M M N tot = 1N tot = 1 + 1(0.8) N tot = 1 + 1(0.8) + 1(0.8) 2 = 2.44, SAFE! Instruction 3 Instruction 6 Instruction 7 Instruction 9

15 University of Michigan Electrical Engineering and Computer Science University of Michigan Electrical Engineering and Computer Science 15 Vulnerability Analysis Dataflow Graph (DFG) 15 40 60 12 3 4 2 52 2 2 3 3 6 6 8 8 7 7 4 4 5 5 9 9 1 1 N tot = 2.44 N tot = 0 N tot = 1 N tot = 1.8 N tot = 2.44 N tot = 0 V V V V V V V V V V S S V V V V S S S S Safe V V Vulnerable Symptom-generating For each instruction …  Count the # of symptom-generating consumers (N tot )  Consider an instruction with “enough” (S t ) symptom-generating consumers as safe  Limit to instructions within a fixed distance (S lat ) in the statically scheduled code  Scale indirect consumers by S iscale S t = 2 S lat = 100 S iscale = 0.8 What about control flow... Symptom-generating consumers may not be on the common execution path  Scale N tot based on execution probabilities (profiled) What about control flow... Symptom-generating consumers may not be on the common execution path  Scale N tot based on execution probabilities (profiled)

16 University of Michigan Electrical Engineering and Computer Science University of Michigan Electrical Engineering and Computer Science Shoestring Passes Preliminary Classification Preliminary Classification Vulnerability Analysis Vulnerability Analysis Code Duplication 16 Selective Code Duplication Protect high-value instructions  Ensure high-value instructions operate on correct data (dataflow)  (Partially) duplicate input operands  Ensure they execute when they are supposed to (control flow) Protect high-value instructions  Ensure high-value instructions operate on correct data (dataflow)  (Partially) duplicate input operands  Ensure they execute when they are supposed to (control flow)

17 University of Michigan Electrical Engineering and Computer Science University of Michigan Electrical Engineering and Computer Science 17 Selective Code Duplication  Duplicate backward slice of input operands, terminating at  Load instructions (“L”)  safe instructions (“S”)  Insert checks prior to use (compare and branch)  Each use has its own check S S S S Dataflow Graph (DFG) 5 5 3’ 2’ 1’ 4’ = = = = = = 8 8 7 7 L L 6 6 1 1 2 2 3 3 4 4 SS Safe Vulnerable High-value Starting at high-value instructions … What about control flow...  Ideally, protect all branches potentially impacting high- value instructions (transitive closure)  Inspired by work on Y-branches [Wang`03] we relax constraints and only protect the subset of branches with control dependence edges What about control flow...  Ideally, protect all branches potentially impacting high- value instructions (transitive closure)  Inspired by work on Y-branches [Wang`03] we relax constraints and only protect the subset of branches with control dependence edges

18 University of Michigan Electrical Engineering and Computer Science University of Michigan Electrical Engineering and Computer Science 18 Evaluation Methodology  Program analysis and selective duplication  Implemented as additional backend passes in the LLVM compiler  Statistical fault injection (SFI) campaign  Instrumented the PTLSim (x86) simulator (AMD-K8 model)  Random (single) bit flip in physical register file  Simulated 10M instructions in detail after fault injection  Simulated remainder of the program on the host machine in native mode  Performance overhead measured on real hardware (Intel Core2)

19 University of Michigan Electrical Engineering and Computer Science University of Michigan Electrical Engineering and Computer Science 19 Coverage: w/ Symptoms Only Could be the difference between one fault per day/week vs. month

20 University of Michigan Electrical Engineering and Computer Science University of Michigan Electrical Engineering and Computer Science 20 Coverage: w/ Symptoms and Duplication

21 University of Michigan Electrical Engineering and Computer Science University of Michigan Electrical Engineering and Computer Science 21 Runtime Overhead [SWIFT, CGO`05] Increasing values for S t (fewer safe instructions) Increasing values for S t (fewer safe instructions)

22 University of Michigan Electrical Engineering and Computer Science University of Michigan Electrical Engineering and Computer Science 22 Conclusions  Unlike traditional schemes, Shoestring provides mainstream, commodity systems with reliability on the cheap.  Shoestring can augment symptom-based schemes with selective duplication to cover an additional 33.9% of unmasked faults.  Overall, Shoestring allows just 1.6% of all faults to manifest as user-visible corruptions (~5x reduction).  @ 15.8% performance penalty (vs. ~80%)  Developing more sophisticated heuristics (vulnerability analysis, high value instructions) presents opportunities for improvement.

23 University of Michigan Electrical Engineering and Computer Science University of Michigan Electrical Engineering and Computer Science Questions? 23 http://cccp.eecs.umich.edu

Download ppt "University of Michigan Electrical Engineering and Computer Science University of Michigan Electrical Engineering and Computer Science 1 Shoestring: Probabilistic."

Similar presentations

NC STATE UNIVERSITY 1 Assertion-Based Microarchitecture Design for Improved Fault Tolerance Vimal K. Reddy Ahmed S. Al-Zawawi, Eric Rotenberg Center for.

NC STATE UNIVERSITY 1 Assertion-Based Microarchitecture Design for Improved Fault Tolerance Vimal K. Reddy Ahmed S. Al-Zawawi, Eric Rotenberg Center for.
IMPACT Second Generation EPIC Architecture Wen-mei Hwu IMPACT Second Generation EPIC Architecture Wen-mei Hwu Department of Electrical and Computer Engineering.

IMPACT Second Generation EPIC Architecture Wen-mei Hwu IMPACT Second Generation EPIC Architecture Wen-mei Hwu Department of Electrical and Computer Engineering.
Quantitative Analysis of Control Flow Checking Mechanisms for Soft Errors Aviral Shrivastava, Abhishek Rhisheekesan, Reiley Jeyapaul, and Carole-Jean Wu.

Quantitative Analysis of Control Flow Checking Mechanisms for Soft Errors Aviral Shrivastava, Abhishek Rhisheekesan, Reiley Jeyapaul, and Carole-Jean Wu.
University of Michigan Electrical Engineering and Computer Science University of Michigan Electrical Engineering and Computer Science University of Michigan.

University of Michigan Electrical Engineering and Computer Science University of Michigan Electrical Engineering and Computer Science University of Michigan.
University of Michigan Electrical Engineering and Computer Science University of Michigan Electrical Engineering and Computer Science University of Michigan.

University of Michigan Electrical Engineering and Computer Science University of Michigan Electrical Engineering and Computer Science University of Michigan.
Computer Architecture Instruction Level Parallelism Dr. Esam Al-Qaralleh.

Computer Architecture Instruction Level Parallelism Dr. Esam Al-Qaralleh.
Microprocessor Reliability

Microprocessor Reliability
This project and the research leading to these results has received funding from the European Community's Seventh Framework Programme [FP7/2007-2013] under.

This project and the research leading to these results has received funding from the European Community's Seventh Framework Programme [FP7/ ] under.
PART 4: (2/2) Central Processing Unit (CPU) Basics CHAPTER 13: REDUCED INSTRUCTION SET COMPUTERS (RISC) 1.

PART 4: (2/2) Central Processing Unit (CPU) Basics CHAPTER 13: REDUCED INSTRUCTION SET COMPUTERS (RISC) 1.
NC STATE UNIVERSITY ASPLOS-XII Understanding Prediction-Based Partial Redundant Threading for Low-Overhead, High-Coverage Fault Tolerance Vimal Reddy Sailashri.

NC STATE UNIVERSITY ASPLOS-XII Understanding Prediction-Based Partial Redundant Threading for Low-Overhead, High-Coverage Fault Tolerance Vimal Reddy Sailashri.
Modern VLSI Design 2e: Chapter 8 Copyright  1998 Prentice Hall PTR Topics n High-level synthesis. n Architectures for low power. n Testability and architecture.

Modern VLSI Design 2e: Chapter 8 Copyright  1998 Prentice Hall PTR Topics n High-level synthesis. n Architectures for low power. n Testability and architecture.
Helper Threads via Virtual Multithreading on an experimental Itanium 2 processor platform. Perry H Wang et. Al.

Helper Threads via Virtual Multithreading on an experimental Itanium 2 processor platform. Perry H Wang et. Al.
CS 7810 Lecture 25 DIVA: A Reliable Substrate for Deep Submicron Microarchitecture Design T. Austin Proceedings of MICRO-32 November 1999.

CS 7810 Lecture 25 DIVA: A Reliable Substrate for Deep Submicron Microarchitecture Design T. Austin Proceedings of MICRO-32 November 1999.
Microarchitectural Approaches to Exceeding the Complexity Barrier © Eric Rotenberg 1 Microarchitectural Approaches to Exceeding the Complexity Barrier.

Microarchitectural Approaches to Exceeding the Complexity Barrier © Eric Rotenberg 1 Microarchitectural Approaches to Exceeding the Complexity Barrier.
NATW 2008 Using Implications for Online Error Detection Nuno Alves, Jennifer Dworak, R. Iris Bahar Division of Engineering Brown University Providence,

NATW 2008 Using Implications for Online Error Detection Nuno Alves, Jennifer Dworak, R. Iris Bahar Division of Engineering Brown University Providence,
Transient Fault Tolerance via Dynamic Process-Level Redundancy Alex Shye, Vijay Janapa Reddi, Tipp Moseley and Daniel A. Connors University of Colorado.

Transient Fault Tolerance via Dynamic Process-Level Redundancy Alex Shye, Vijay Janapa Reddi, Tipp Moseley and Daniel A. Connors University of Colorado.
Wish Branches A Review of “Wish Branches: Enabling Adaptive and Aggressive Predicated Execution” Russell Dodd - October 24, 2006.

Wish Branches A Review of “Wish Branches: Enabling Adaptive and Aggressive Predicated Execution” Russell Dodd - October 24, 2006.
1  2004 Morgan Kaufmann Publishers Chapter Six. 2  2004 Morgan Kaufmann Publishers Pipelining The laundry analogy.

1  2004 Morgan Kaufmann Publishers Chapter Six. 2  2004 Morgan Kaufmann Publishers Pipelining The laundry analogy.
LIFT: A Low-Overhead Practical Information Flow Tracking System for Detecting Security Attacks Feng Qin, Cheng Wang, Zhenmin Li, Ho-seop Kim, Yuanyuan.

LIFT: A Low-Overhead Practical Information Flow Tracking System for Detecting Security Attacks Feng Qin, Cheng Wang, Zhenmin Li, Ho-seop Kim, Yuanyuan.
Techniques for Efficient Processing in Runahead Execution Engines Onur Mutlu Hyesoon Kim Yale N. Patt.

Techniques for Efficient Processing in Runahead Execution Engines Onur Mutlu Hyesoon Kim Yale N. Patt.

Similar presentations

Ads by Google