2016/2/4 2008. “Formal verification of a public-domain DDR2 controller design”, VLSI Design 2008. Author: Abhishek Datta, Vigyan Singhal Speaker: Chia-Wei.

Slides:



Advertisements
Similar presentations
Auto-Generation of Test Cases for Infinite States Reactive Systems Based on Symbolic Execution and Formula Rewriting Donghuo Chen School of Computer Science.
Advertisements

Verifying Performance of a HDL design block
Ch:8 Design Concepts S.W Design should have following quality attribute: Functionality Usability Reliability Performance Supportability (extensibility,
Introducing Formal Methods, Module 1, Version 1.1, Oct., Formal Specification and Analytical Verification L 5.
Give qualifications of instructors: DAP
6/14/991 Symbolic verification of systems with state machines David L. Dill Jeffrey Su Jens Skakkebaek Computer System Laboratory Stanford University.
Background information Formal verification methods based on theorem proving techniques and model­checking –to prove the absence of errors (in the formal.
CS 151 Digital Systems Design Lecture 37 Register Transfer Level
Software Testing and Quality Assurance
ECE Synthesis & Verification1 ECE 667 Spring 2011 Synthesis and Verification of Digital Systems Verification Introduction.
1 Building with Assurance CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute May 10, 2004.
Illinois Institute of Technology
Overview of the Multos construction process Chad R. Meiners.
1 COMP 206: Computer Architecture and Implementation Montek Singh Mon., Nov. 18, 2002 Topic: Main Memory (DRAM) Organization – contd.
Transaction Based Modeling and Verification of Hardware Protocols Xiaofang Chen, Steven M. German and Ganesh Gopalakrishnan Supported in part by SRC Contract.
Principle of Functional Verification Chapter 1~3 Presenter : Fu-Ching Yang.
Course Instructor: Aisha Azeem
Introduction to Software Testing
Presenter : Cheng-Ta Wu Vijay D’silva, S. Ramesh Indian Institute of Technology Bombay Arcot Sowmya University of New South Wales, Sydney.
CSET 4650 Field Programmable Logic Devices
An Introduction Chapter Chapter 1 Introduction2 Computer Systems  Programmable machines  Hardware + Software (program) HardwareProgram.
SOFTWARE TESTING STRATEGIES CIS518001VA : ADVANCED SOFTWARE ENGINEERING TERM PAPER.
Using Mathematica for modeling, simulation and property checking of hardware systems Ghiath AL SAMMANE VDS group : Verification & Modeling of Digital systems.
Reporter: PCLee. Assertions in silicon help post-silicon debug by providing observability of internal properties within a system which are.
Protocol Architectures. Simple Protocol Architecture Not an actual architecture, but a model for how they work Similar to “pseudocode,” used for teaching.
An Introduction to Software Architecture
CAD Techniques for IP-Based and System-On-Chip Designs Allen C.-H. Wu Department of Computer Science Tsing Hua University Hsinchu, Taiwan, R.O.C {
Classics Of FPV Erik Seligman CS 510, Lecture 10, January 2009.
Odyssey A Reuse Environment based on Domain Models Prepared By: Mahmud Gabareen Eliad Cohen.
Logic Synthesis assign z=a&b a b z What is Synthesis synthesis /sinth siss/ noun ( pl. syntheses /sinth seez/) 1 the combination of components to form.
Large Scale Software Systems Derived from Dr. Fawcett’s Notes Phil Pratt-Szeliga Fall 2010.
Major objective of this course is: Design and analysis of modern algorithms Different variants Accuracy Efficiency Comparing efficiencies Motivation thinking.
Performance evaluation of component-based software systems Seminar of Component Engineering course Rofideh hadighi 7 Jan 2010.
Lach1MAPLD 2005/241 Accessible Formal Verification for Safety-Critical FPGA Design John Lach, Scott Bingham, Carl Elks, Travis Lenhart Charles L. Brown.
Logic Synthesis assign z=a&b a b z What is Synthesis synthesis /sinth siss/ noun ( pl. syntheses /sinth seez/) 1 the combination of components to form.
FDT Foil no 1 On Methodology from Domain to System Descriptions by Rolv Bræk NTNU Workshop on Philosophy and Applicablitiy of Formal Languages Geneve 15.
ECE450 - Software Engineering II1 ECE450 – Software Engineering II Today: Introduction to Software Architecture.
Software Design Process
1 Extending FPGA Verification Through The PLI Charles Howard Senior Research Engineer Southwest Research Institute San Antonio, Texas (210)
MODEL-BASED SOFTWARE ARCHITECTURES.  Models of software are used in an increasing number of projects to handle the complexity of application domains.
Concern Architecture View and Aspect-Oriented Design Mika Katara and Shmuel Katz Tampere U. T. Technion, Haifa.
1 Copyright  2001 Pao-Ann Hsiung SW HW Module Outline l Introduction l Unified HW/SW Representations l HW/SW Partitioning Techniques l Integrated HW/SW.
Architecture View Models A model is a complete, simplified description of a system from a particular perspective or viewpoint. There is no single view.
Register Transfer Languages (RTL)
Test Plan: Introduction o Primary focus: developer testing –Implementation phase –Release testing –Maintenance and enhancement o Secondary focus: formal.
Logic Synthesis assign z=a&b a b z What is Synthesis synthesis /sinth siss/ noun ( pl. syntheses /sinth seez/) 1 the combination of components to form.
Formal Verification. Background Information Formal verification methods based on theorem proving techniques and model­checking –To prove the absence of.
Banaras Hindu University. A Course on Software Reuse by Design Patterns and Frameworks.
03/30/031 ECE Digital System Design & Synthesis Lecture Design Partitioning for Synthesis Strategies  Partition for design reuse  Keep related.
From Use Cases to Implementation 1. Structural and Behavioral Aspects of Collaborations  Two aspects of Collaborations Structural – specifies the static.
WELCOME TO OUR PRESENTATION UNIFIED MODELING LANGUAGE (UML)
From Use Cases to Implementation 1. Mapping Requirements Directly to Design and Code  For many, if not most, of our requirements it is relatively easy.
Software Engineering Process - II 7.1 Unit 7: Quality Management Software Engineering Process - II.
On the Relation Between Simulation-based and SAT-based Diagnosis CMPE 58Q Giray Kömürcü Boğaziçi University.
Why is Design so Difficult? Analysis: Focuses on the application domain Design: Focuses on the solution domain –The solution domain is changing very rapidly.
Levels of Verification Figure 2.2 p 37 Verification is applied at all different abstraction levels Mostly bottom up, some top down.
Chapter ? Quality Assessment
Introduction Introduction to VHDL Entities Signals Data & Scalar Types
Cache Memory Presentation I
Introduction to cosynthesis Rabi Mahapatra CSCE617
Introduction to Software Testing
Logical architecture refinement
Objective of This Course
University of Houston-Clear Lake
Control Unit Introduction Types Comparison Control Memory
Formal Verification of Partial Good Self-Test Fencing Structures
An Introduction to Software Architecture
Applying Use Cases (Chapters 25,26)
Applying Use Cases (Chapters 25,26)
Presentation transcript:

2016/2/ “Formal verification of a public-domain DDR2 controller design”, VLSI Design Author: Abhishek Datta, Vigyan Singhal Speaker: Chia-Wei Chang

Chia-Wei Chang 2016/2/4 2 Introduction Formal verification usage has been increasing in recent times. However, formal verification can still not lay claim to mainstream acceptance as a necessary part of verification sign-off. This can be attributed to a dearth of published material on three key aspects of effective formal verification  Structured verification planning.  re-usable verification IP.  Good verification strategy.

Chia-Wei Chang 2016/2/4 3 Introduction Using the open-source OpenSPARC T1 DDR2 controller design as a context to demonstrate formal verification planning and implementation Most memory controllers have common design strategies, even though they have been designed independently By extension, the techniques used to tackle the complexity are applicable to the whole class of memory controller designs and can be leveraged for other design types

Chia-Wei Chang 2016/2/4 4 OpenSPARC-T1 A highly integrated processor that implements the 64-bit SPARC V9 architecture Multi-threading, multi-CPU This paper focus at the DDR2 DRAM controllers  144-bit interface per channel  25 GB/sec peak total bandwidth Open source.  Verilog RTL source  Documentation  Simulation-based regression environment

Chia-Wei Chang 2016/2/4 5 The DDR2 Controller

Chia-Wei Chang 2016/2/4 6 The DDR2 Controller Existing high concurrency in the control path due to the multiple independent sources of command words to the DDR2 DIMMs In order of priority, these sources are:  Periodic Refresh requests.  Pending CAS Requests.  Scrub Row-Address-Strobe (RAS) requests.  Incoming Read RAS requests.  Incoming Write RAS requests. The data-path contains elements like ECC-based error correction which due to the arithmetic operations involving large data-paths is not ideal for formal analysis.

Chia-Wei Chang 2016/2/4 7 Formal Verification-planning Identification  involves determination of design components that are in the formal verification.  Blocks that have concurrency with limited sequential depth are good candidates.  Target is DDR2 control path logic. Description  involves a high-level functional specification of the target block.  Use JEDEC DDR2 protocol specification.

Chia-Wei Chang 2016/2/4 8 Formal Verification-planning Interface description  Refers to the documentation of the inputs and outputs of the target block.  The DRAM section of the OpenSPARC micro-architecture document describes the interface in detail. Requirements Checklist  refers to the creation of a set of English language properties derived from the high-level design description.  1. Activate cannot be issued to a non-Idle bank.  2. Read and write commands can only be issued to active banks.  3. Check that the minimum Write to Read turnaround time is (CL-1) + (BL/2) + T_WTR … formal properties  To translate the requirements to a formal description.  using a pre-verified set of DDR2 properties, packaged as verification IP, in this effort.

Chia-Wei Chang 2016/2/4 9 DDR2 Formal VIP The re-use of proven, canned sets of properties is an important element of formal verification planning and re- use. The DDR2 Formal VIP is articulated into module level and per-bank properties with minimum auxiliary code sharing between different properties.  Coding one or more monolithic FSMs and then writing properties that are derived from the states (or state transitions) in the large FSMs.  Minimize the shared logic between the different properties  The former approach is considered better for implementing constraints and the latter for assertions.

Chia-Wei Chang 2016/2/4 10 CSR Value Selection and Initialization Initializing CSRs registers. Module enumeration.

Chia-Wei Chang 2016/2/4 11 Identifying Formal Sweet-spots

Chia-Wei Chang 2016/2/4 12 Exploiting Design Symmetry Design symmetry can be used to reduce analysis complexity. The DDR2 controller is capable of accessing four DDR2 modules concurrently with a 4-bit chip-select. The symmetry of the implementation means that if we verify the correctness for a single module while allowing the other modules to be accessed (but not monitored) then we have reasonable confidence in the completeness of the proof.

Chia-Wei Chang 2016/2/4 13 Abstracting Large Counters Large counters can add substantial amount of sequential depth (diameter) to the formal analysis. As a result, the analysis might not converge. Scrub Interval – The controller issues internal scrub commands at periodic intervals. The period is established by a 12-bit counter. If we place a cut-point on “que_scrb_time” net (treat this net as if it were a primary input) This increases the likelihood of analysis convergence.

Chia-Wei Chang 2016/2/4 14 Handling Address Comparisons

Chia-Wei Chang 2016/2/4 15 Handling Address Comparisons

Chia-Wei Chang 2016/2/4 16 Applying Verification Patterns Patterns can be defined as generalized solutions in a given engineering domain that find recurring application to the problems of that domain. Pattern: Floating Pulse  Specify that a single bit value can be asserted for only one cycle in any cycle of an infinite sequence. DDR2 property –  No more than 4 ACTIVATE commands may be issued to the DDR2 SDRAM within a window of T_FAW clock cycles.

Chia-Wei Chang 2016/2/4 17 Setup a pulse element.

Chia-Wei Chang 2016/2/4 18 Binding the pulse to (any and all) occurrence of an ACTIVATE command. The pulse assertion marks the start of our sampling window.

Chia-Wei Chang 2016/2/4 19 The following assertion ties everything together.

Chia-Wei Chang 2016/2/4 20 Result

Chia-Wei Chang 2016/2/4 21 Conclusion Presenting a way to apply the verification planning process and a set of abstraction techniques on a non- trivial open-source example Showed how simulation-assisted initialization, exploiting design symmetry. Using cut-points, design abstractions and verification patterns can be used to reduce complexity. The techniques and abstractions presented have been found to be equally effective in the verification of other classes of designs.