design verification – an introductionansuman/vlsitv/intro.pdf · philosophy: extraction of formal...
TRANSCRIPT
Design Verification – An IntroductionDesign Verification – An Introduction
© Pallab Dasgupta, Dept. of Computer Sc & Engg, IIT Kharagpur 2
Main References
Hardware Design Verification: Simulation andFormal Method-Based ApproachesWilliam K LamPrentice Hall Modern Semiconductor Design Series
A Roadmap for Formal Property VerificationPallab DasguptaSpringer
Course Web: http://www.facweb.iitkgp.ernet.in/~pallab and follow link to courses
© Pallab Dasgupta, Dept. of Computer Sc & Engg, IIT Kharagpur 3
Design, Validation and Testing
Specification
Implementation
Prototyping
Manufacturing
Pre-siliconPost-silicon
Design synthesisand validation
Manufacturingand testing
© Pallab Dasgupta, Dept. of Computer Sc & Engg, IIT Kharagpur 4
Design and Verification
Specification Implementation
Design
Equivalent?
Verification
© Pallab Dasgupta, Dept. of Computer Sc & Engg, IIT Kharagpur 5
Gate LevelBoolean LogicFinite State Machines
Digital Design: Abstraction Levels
Transistor Level
Formalisms introducedat the Entry-Level
Schematic
always @( posedge clk )beginif (!rst) begin a1 <= a2;
a2 <= ~a1; end;end
Register Transfer Level
Restricted semantics ofProgramming Languages,Communicating Concurrent State Machines (CSM)
Exponential growthin circuit size(Moore’s Law)
© Pallab Dasgupta, Dept. of Computer Sc & Engg, IIT Kharagpur 6
Design Example: 2-bit Gray Counter
Gray Counter: Successive values should differ only in one bit. Reset signalresets the counter to zero.
rst
s0s1
clk
00
10 11
01
!rst
!rst
!rst
!rst
rst
rst
rst
State m/c Representation
rst
© Pallab Dasgupta, Dept. of Computer Sc & Engg, IIT Kharagpur 7
Design Example: 2-bit Gray Counter
rst
s0s1
clk
(s0s1) rst (n0n1)
00 0 01
00 1 00
01 0 11
01 1 00
10 0 00
10 1 00
11 0 10
11 1 00
00
10 11
01
!rst
!rst
!rst
!rst
rst
rst
rst
State m/c Representation
rst
State Transition Table
© Pallab Dasgupta, Dept. of Computer Sc & Engg, IIT Kharagpur 8
Design Example: 2-bit Gray Counter
(s0s1) rst (n0n1)
00 0 01
00 1 00
01 0 11
01 1 00
10 0 00
10 1 00
11 0 10
11 1 00
State Transition Table State Transition Functions:
n0 = s0s1r + s0s1rn1 = s0s1r + s0s1r
After Logic Minimization:
n0 = s1rn1 = s0r
© Pallab Dasgupta, Dept. of Computer Sc & Engg, IIT Kharagpur 9
module GrayCounter(s0, s1, rst)input rst;reg s0, s1;
always @ (posedge clk)begin
s0 <= s1 & ~rst;s1 <= ~s0 & ~rst;
endendmodule
Verilog Code (RTL):
Design Example: 2-bit Gray Counter
rst s0
s1
clk
State Transition Functions:
n0 = s1rn1 = s0r
Synthesis
© Pallab Dasgupta, Dept. of Computer Sc & Engg, IIT Kharagpur 10
Abstractions in Design Flow
Functional Specification
Algorithmic Description
RTL
Gate Netlist
Transistor Netlist
Physical Layout
higher
lower
abstraction
less
more
details
© Pallab Dasgupta, Dept. of Computer Sc & Engg, IIT Kharagpur 11
Design and Verification
specifications
micro-architecture
RTL
gate netlist
layout
design
does it meet the specs?
does it implement the -arch?
are they equivalent?
are they equivalent?
propertychecking
equivalencechecking
verification
© Pallab Dasgupta, Dept. of Computer Sc & Engg, IIT Kharagpur 12
Design Flows: Digital versus Analog
Design Concept
Design Entry
Behavioral Simulation
Synthesis
Place & Route
Post-Layout Simulation
Full Chip Assembly
Full Chip DRC
Full Chip Simulation
Tape Out
Schematic Entry
Spice Simulation
Custom Layout
DRC
Post-Layout Simulation
Extract netlist
Verilog / VHDL SDL
DRC: Design Rule CheckingSDL: Schematic Driven Layout
© Pallab Dasgupta, Dept. of Computer Sc & Engg, IIT Kharagpur 13
Design Cycle: Implementation
Specs Document
RTL implementation
Gate Level Netlist
Verilog, VHDL
English documents
Transistor Level(Schematic)
Design integration
Synthesis
Technology mapping
Mask
Layout
Equivalence checking
Implementationvalidation
(Specvs RTL)
© Pallab Dasgupta, Dept. of Computer Sc & Engg, IIT Kharagpur 14
Verification Dominates Design
Simulation46%
Design27%
Structural12%
Emulation15%
• Synthesis• Timing analysis• Equivalence checking• DFT
• Behavioral modeling• Architecture level simulation• System level simulation
• High-level design• RTL coding• Block-level simulation
Source: 0-In Design Automation
© Pallab Dasgupta, Dept. of Computer Sc & Engg, IIT Kharagpur 15
Pieces of the verification puzzle
Picture source:skulladay.com
Architecturevalidation
Microcodevalidation
Timingvalidation
Powervalidation
Protocolvalidation
Full-chipvalidation
Unitvalidation
Clustervalidation
Debuggingvalidation
© Pallab Dasgupta, Dept. of Computer Sc & Engg, IIT Kharagpur 16
Design and Verification
specifications
micro-architecture
RTL
gate netlist
layout
design
does it meet the specs?
does it implement the -arch?
are they equivalent?
are they equivalent?
propertychecking
equivalencechecking
verification
© Pallab Dasgupta, Dept. of Computer Sc & Engg, IIT Kharagpur 17
Functional Verification Challenge
Is the implementation correct?
■ How do we define correct?
● Classical: Simulation result matches with golden output
● Formal: Equivalence with respect to a golden model
● Property verification: Correctness properties (assertions) expressed in a formal language Formal: Model checking Semi-formal: Assertion-based verification
■ Trade-off between computational complexity and exhaustiveness
© Pallab Dasgupta, Dept. of Computer Sc & Engg, IIT Kharagpur 18
Simulation
Design
Test Plan Test Bench
Stimulus Generation Simulation
Coverage Metrics Debug Bug Tracking
Advances:• Test bench languages are richer (such as SystemVerilog)• Coverage monitors and assertions• Layered test benches and Transaction Level Modelling
© Pallab Dasgupta, Dept. of Computer Sc & Engg, IIT Kharagpur 19
Advent of Formal Methods in EDA
always @( posedge clk )beginif (!rst) begin a1 <= a2;
a2 <= ~a1; end;end
Register Transfer Level
Gate Level
Transistor Level
Formal Properties
LogicalEquivalenceChecking
Design Intent
ModelChecking
Goal: Exhaustive verification of the design intent within feasible time limits
Philosophy: Extraction of formal models of the design intent and the implementationand comparing them using mathematical / logical methods
• Temporal Logics(Turing Award: Amir Pnueli)
• Adopted by Accelera / IEEE• Integrated into SystemVerilog• Tools:
Academia: NuSMV, VISIndustry: Magellan (Synopsys)
IFV (Cadence)• 2008: Clarke & Emerson get
Turing Award
© Pallab Dasgupta, Dept. of Computer Sc & Engg, IIT Kharagpur 20
Toy example: Priority Arbiter
r1
r2
g1
g2
• Either g1 or g2 is alwaysfalse (mutual exclusion)
G[g1 g2]
• Whenever r1 is asserted, g1 is given in the next cycleG[ r1 Xg1 ]
• When r2 is the sole request, g2 comes in the next cycleG[ (r1 r2) Xg2 ]
• When none are requesting, the arbiter parks the grant on g2 G[ (r1 r2) Xg2 ]
Violation!!
© Pallab Dasgupta, Dept. of Computer Sc & Engg, IIT Kharagpur 21
Dynamic Property Verification (DPV)
[Source: A Roadmap for Formal Property Verification, Springer, 2006]
© Pallab Dasgupta, Dept. of Computer Sc & Engg, IIT Kharagpur 22
Formal Property Verification (FPV)
always !g1 || !g2
always r2 && !r1 next g2
Formal Properties
Temporal Logics (Timed / Untimed, Linear Time / Branching Time): LTL, CTL
Early Languages: Forspec (Intel), Sugar (IBM), Open Vera Assertions (Synopsys)
Current IEEE Standards: SystemVerilog Assertions (SVA), Property Specification Language (PSL)
© Pallab Dasgupta, Dept. of Computer Sc & Engg, IIT Kharagpur 23
Assertion Based Verification Flow
Model Checker
Model +Properties
NO
YESIndeterminate Indeterminate
Results
Decompose, Abstract,
Over Constrain
YES
PASSNO
Spurious cex
YES
NO
Refine the model or assertions
Modify assumptions Stuck ? None of the
Abstractions working
Bug Hunting (Directed
Simulation assisted MC)
Closure ?
[Source: Raj Mitra, TI]