Asynchronous Circuit Verification and Synthesis with Petri Nets J. Cortadella Universitat Politècnica de Catalunya, Barcelona Thanks to: Michael Kishinevsky (Intel Corporation) Alex Kondratyev (The University of Aizu) Luciano Lavagno (Politecnico di Torino) Enric Pastor (Universitat Politècnica de Catalunya) Alex Taubin (The University of Aizu) Alex Yakovlev (University of Newcastle upon Tyne)

Motivation u Interfaces are often asynchronous u Subsystems with different clocks often want to talk to each other u Self timing provides functional and temporal modularity u … and no clock skew, low power, low EMI, average performance,...

Why Petri nets ? u Formal model to specify causality, concurrency and choice between events u Simple enough to easily derive state-level information (logic synthesis) u Powerful enough to implicitly represent a large state space

Outline u Design flow u Synthesis –Specification –State encoding –Logic decomposition u Synthesis of Petri nets u Formal verification

Specification (STG) State Graph SG with CSC Next-state functions Decomposed functions Gate netlist Reachability analysis State encoding Boolean minimization Logic decomposition Technology mapping Designflow

x y z x+ x- y+ y- z+ z- Signal Transition Graph (STG) x y z

x y z x+ x- y+ y- z+ z-

x+ x- y+ y- z+ z- xyz 000 x+ 100 y+ z+ y x y+ z- 010 y-

xyz 000 x+ 100 y+ z+ y x y+ z- 010 y- Current state Next state Current state Next state Synchronous Asynchronous

xyz 000 x+ 100 y+ z+ y x y+ z- 010 y- Next-state functions

x z y

Specification (STG) State Graph SG with CSC Next-state functions Decomposed functions Gate netlist Reachability analysis State encoding Boolean minimization Logic decomposition Technology mapping Designflow

VME bus Device LDS LDTACK D DSr DSw DTACK VME Bus Controller Data Transceiver Bus DSr LDS LDTACK D DTACK Read Cycle

STG for the READ cycle LDS+LDTACK+D+DTACK+DSr-D- DTACK- LDS-LDTACK- DSr+ LDS LDTACK D DSr DTACK VME Bus Controller

Choice: Read and Write cycles DSr+ LDS+ LDTACK+ D+ DTACK+ DSr- D- LDS- LDTACK-DTACK- DSw+ D+ LDS+ LDTACK+ D- DTACK+ DSw- LDS- LDTACK-DTACK-

Choice: Read and Write cycles DTACK- DSr+ LDS+ LDTACK+ D+ DTACK+ DSr- D- LDS- LDTACK- DSw+ D+ LDS+ LDTACK+ D- DTACK+ DSw- LDS- LDTACK-DTACK-

Circuit synthesis u Goal: –Derive a hazard-free circuit under a given delay model and mode of operation

Modes of operation Current state Next state u Fundamental mode –Single-input changes –Multiple-input changes u Input / Output mode –Concurrency circuit / environment

STG for the READ cycle LDS+LDTACK+D+DTACK+DSr-D- DTACK- LDS-LDTACK- DSr+ LDS LDTACK D DSr DTACK VME Bus Controller

Speed independence u Delay model –Unbounded gate / environment delays –Certain wire delays shorter than certain paths in the circuit u Conditions for implementability: –Consistency –Complete State Coding –Output persistency

Other synthesis approaches u Burst-mode machines –Mealy-like FSMs –Fundamental mode (slow environment) u VLSI programming –Syntax-directed translation from CSP (“Communicating Sequential Processes”) –No logic synthesis –Circuit size ~ Size of the specification

Specification (STG) State Graph SG with CSC Next-state functions Decomposed functions Gate netlist Reachability analysis State encoding Boolean minimization Logic decomposition Technology mapping Designflow

State Graph (Read cycle) DSr+ DTACK- LDS- LDTACK- D- DSr-DTACK+ D+ LDTACK+ LDS+

Binary encoding of signals DSr+ DTACK- LDS- LDTACK- D- DSr-DTACK+ D+ LDTACK+ LDS+

Binary encoding of signals DSr+ DTACK- LDS- LDTACK- D- DSr-DTACK+ D+ LDTACK+ LDS (DSr, DTACK, LDTACK, LDS, D)

QR (LDS+) QR (LDS-) Excitation / Quiescent Regions ER (LDS+) ER (LDS-) LDS- LDS+ LDS-

Next-state function 0  1 LDS- LDS+ LDS- 1  0 0  0 1 

Karnaugh map for LDS DTACK DSr D LDTACK DTACK DSr D LDTACK LDS = 0 LDS = /1?

Specification (STG) State Graph SG with CSC Next-state functions Decomposed functions Gate netlist Reachability analysis State encoding Boolean minimization Logic decomposition Technology mapping Designflow

Concurrency reduction LDS- LDS+ LDS DSr+

Concurrency reduction LDS+LDTACK+D+DTACK+DSr-D- DTACK- LDS-LDTACK- DSr+ (See today’s presentation in this workshop for more details)

State encoding conflicts LDS- LDTACK- LDTACK+ LDS

Signal Insertion LDS- LDTACK- D- DSr- LDTACK+ LDS+ CSC- CSC

Specification (STG) State Graph SG with CSC Next-state functions Decomposed functions Gate netlist Reachability analysis State encoding Boolean minimization Logic decomposition Technology mapping Designflow

Complex-gate implementation

Specification (STG) State Graph SG with CSC Next-state functions Decomposed functions Gate netlist Reachability analysis State encoding Boolean minimization Logic decomposition Technology mapping Designflow

Hazards a b c x 0 abcx b a c

Hazards abcx b a c+ a b z c x

Decomposition u Global acknowledgement u Generating candidates u Hazard-free signal insertion –Event insertion –Signal insertion

Global acknowledgement a b c z a b d y d-b+d+y+a-y-c+d- c-d+z-b-z+c+a+c-

a b c z a b d y How about 2-input gates ? d-b+d+y+a-y-c+d- c-d+z-b-z+c+a+c-

a b c z a b d y How about 2-input gates ? d-b+d+y+a-y-c+d- c-d+z-b-z+c+a+c-

a b c z a b d y How about 2-input gates ? 0 0 d-b+d+y+a-y-c+d- c-d+z-b-z+c+a+c-

a b c z a b d y How about 2-input gates ? d-b+d+y+a-y-c+d- c-d+z-b-z+c+a+c-

c z d y How about 2-input gates ? a b d-b+d+y+a-y-c+d- c-d+z-b-z+c+a+c-

Strategy for correct logic decomposition u Each decomposition defines a new internal signal of the circuit u Method: Insert new internal signals such that –After resynthesis, some large gates are decomposed –The new specification is hazard-free under unbounded gate delays

y- z-w- y+x+ z+ x- w y- y+ x- x+ w+ w- z+ z- w- z- y+ x+ Decomposition example

yz=1 yz= y- y+ x- x+ w+ w- z+ z- w- z- y+ x y- y+ x- x+ w+ w- z+ z- w- z- y+ x+ C C x y x y w z x y z y z w z w z y

s- s+ s- s=1 s= y+ x- w+ z+ z x+ w- z- y+ x y+ z C C x y x y w z x y z w z w z y s y-

s- s+ s- s=1 s= y+ x- w+ z+ z x+ w- z- y+ x y+ z y- z-w- y+x+ z+ x- w+ s- s+ s- s+ s- s+ s- s+ s- s+ s- s+ s- s+ s- s+

C C x y x y w z x y z y z w z w z y yz=1 yz= y- y+ x- x+ w+ w- z+ z- w- z- y+ x+

s- s+ s=1 s= x- w+ z x+ w- z- y+ x y+ z y- z-w- y+x+ z+ x- w+ s- s+ s- s+ s- s+ s- s+ s- s+ s- s+ s- s+ s- s+ z- is delayed by the new transition s- !

yz=1 yz= y- y+ x- x+ w+ w- z+ z- w- z- y+ x+ C C x y x y w z x y z w z w z yyyyyyy y- y+ x- x+ w+ w- z+ z- w- z- y+ x+

Signal insertion for function F State Graph F=0F=1 Insertion by input borders F- F+

Event insertion a b ER(x) c x x x x b SR(x) a

Properties to preserve a a b b a a b b a a b b x a a b b a a b b b a a b b x x a is persistent a is disabled by b = hazards

Interactive design flow Petri Net (STG) Transition System Transition System Reachability analysis Transformations + Synthesis

Theory of regions (Ehrenfeucht 90, Nielsen 92) a a a b bb c c a b c

Synthesis of Petri Nets a a b b b c c c a bc

Excitation closure a a b b b c c c bc a

b b b b Label splitting a cc d d d d a b b c d

Formal verification u Implementability properties –Consistency, persistency, state coding … u Behavioral properties (safeness, liveness) –Mutual exclusion, “ack” after “req”, … u Equivalence checking –Circuit  Specification –Circuit < Specification

Property verification: consistency d+ a+ b+ c-a- b-d- c+ Specification a+ a- Property Failure if a+ enabled in specification and a- enabled in property (or viceversa)

Correctness: environment  circuit d+ a+ b+ c-a- b-d- c+ a b c d Environment Circuit Failure: circuit produces an event unexpected (not enabled) by the environment

Fighting the state explosion u Symbolic methods (BDDs) u Partial order reductions u Petri net unfoldings u Structural theory (invariants)

Fighting with state explosion p1 p2 p3 p1 p2 p3 p1 p2 p

Representing Markings p1p1 p2p2 p3p3 p4p4 p5p5 p0p0 p 2 + p 3 + p 5 = 1 p 0 + p 1 + p 4 + p 5 = 1 { p 0, p 3 }  v 0 v 1 v 2 v 3 p 2  v 0 v 1 p 3  v 0 v 1 p 5  v 0 p 0  v 2 v 3 p 1  v 2 v 3 p 4  v 2 Place encoding

Summary u Asynchronous design is applicable to –asynchronous interfaces –high-performance computing –low-power design –low-emission design u There is an increased interest of few, but large scale companies: Intel, Philips, Sun, Sharp, ARM, HP, Cogency

Summary (continued) u Asynchronous circuits are more difficult to design than synchronous u Formal models and CAD support are essential u Petri nets have been one of the most successful formalisms for modeling asynchronous circuits u Most steps of the design process covered by this tutorial are supported by the tool Petrify