Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cookie-cutter properties to assist non Formal experts Bin Xue.

Published byHugh Burns Modified over 8 years ago

Similar presentations

Presentation on theme: "Cookie-cutter properties to assist non Formal experts Bin Xue."— Presentation transcript:

1 Cookie-cutter properties to assist non Formal experts Bin Xue

2 Overview Spec Implement checkers Implement RTL RUN FV checkers failed ? RTL bug? Add constraints Fix RTL Update constraints or checkers RTL designer FV engineer

3 Challenge of FV deployment Spec Implement FV checkers Implement RTL RUN FV checkers failed ? RTL bug? Add constraints Fix RTL Update constraints or checkers RTL designer FV engineer

4 Solution Spec Implement checkers Implement RTL RUN FV checkers failed ? RTL bug? Add constraints Fix RTL Update constraints or checkers RTL designer FV engineer FV lib

5 Agenda What is a cookie cutter set Formal deployment across multiple groups with the help of cookie cutter set Assisting designers to write internal interface assertions with examples Advantages

6 The Cookie Cutter Set Generic set of properties applicable to various structures in a design. Arbiters Transport FIFOs RAMs State-Machines Cache Forward Progress ….

7 The Cookie cutter set Reusable set of properties or libraries Can be deployed across multilple users No Formal expertise required Formal verification experts develop the golden set

8 Cookie Cutter FPV (Formal Property Verification) successfully deployed across designers 1. Guided designers to - write cookie-cutter assertions and - apply cookie cutter proof and bug hunting tricks 2. A sub-set of FV engineers helped with only writing input constraints 3. Parameterized down the design size 4. Designers pressed the button  proof, bug, or unknown 5. Ignored the unknowns and moved on

9 Assertion – Assumption categories COMBO : A signal or a combination of signals should always obey a certain relationship every cycle (assert_always/never/one_hot/zero_one_hot/implication/bi_implication) between current and previous cycle UNTIL_BEFORE : If a start_event happens then a signal or a combination of signals should assert or hold its value until end_event (assert_hold_throughout_event_interval) change its value after that start_event and before an end_event

10 Assertion – Assumption categories TRANSPORT : No data or control information gets illegally (assert_fv_{in/out_of/priority}_order_bus_1_to_1) dropped duplicated out of ordered stuck inside DUT forever more responded than requested or responded with garbage LATENCY : An event should happen within finite amount of time SEQUENCE: If a pre-sequence of events happen then a post-sequence of events will follow A sequence of events must never happen (assert_fv_never_sequence)

11 Assisting designers to write internal interface assertions Develop cookie cutter set Auto generated assertions by Jasper property synthesis tool (SPS/BPS) One hot assertions Counter over/under-flow wires, flops, and expressions stuck at 0 or 1 forever FSM stuck at a state forever Array out of bound

12 Cookie cutter examples Arbiter grant is zero one hot if client req then don’t de-assert req until gnt if at least 1 client req then gnt>0 gnt must be to a requesting client don’t gnt when downstream busy Fairness: if (req1 && req2 && gnt1) then !gnt1 until gnt2 max latency to get a gnt for a req

13 Examples Transport (in-order, priority-order, & out-of-order) max_latency checks max latency between successive responses Not all requests are required to come out in order with respect to each other. Need to properly qualify req_granted to only select those sub-set of requests that need to come out in-order. Checks that rsp to req don’t get dropped duplicated Out of order stuck for > max_latency cycles responded consecutively per ID not interleaved between IDs > max_outstanding

14 Examples Equivalent of "end of simulation" properties Type of structureEnd of test check needed Queues using head/tail pointersQueue is empty Queues using creditsAll credits returned Entry ID/Resource based queueAll IDs released, queue is empty FIFO/LIFO/StackFull/empty signal, pointers, etc checked CAMEmpty/released Resource limited queues (round robin pointers, first available, etc)All pointers returned to known state, all resources released, etc. Caches All ways released when cache is empty (this can also be done with a constant assert to ensure that eviction == way is available for use, then the assertion can be proved through formal). State machinesReturn to IDLE or other known state CountersReturn to 0 or max, as appropriate Valid signalsReturn to 0 (eg, pipelines are empty)

15 Examples Example of FV friendly assertion for end-of sim assertions: queue can hold max N transactions model a counter (transaction_cnt) to track the number of outstanding transactions in the unit if transaction_cnt==0 and it stays 0 for say 7 cycles then queue.empty==0 must happen by then If the "empty" signal does not exist in RTL design then use the queue's head/tail to compute it.

16 Advantages Formal expertise can be packaged for easy proliferation in a large design team Formal results and ROI can be greatly increased by broader application of formal, enabled by these reusable properties Effective in catching bugs at the block level, very early in the development cycle The cookie cutter set is that it is gradually enriched and refined over time due to: More design structure formally verified by FV engineer ( more structures to be added to the set or some set could be further classified); More knowledge about the existing structure from the bug history. The cookie cutter set is helpful for fv engineer to prioritize verification tasks in the test plan and focus on the units or functions which are more likely to have bugs; Which are not well covered by simulation;

17 THANK YOU!

Download ppt "Cookie-cutter properties to assist non Formal experts Bin Xue."

Similar presentations

Copyright 2000 Cadence Design Systems. Permission is granted to reproduce without modification. Introduction An overview of formal methods for hardware.

Copyright 2000 Cadence Design Systems. Permission is granted to reproduce without modification. Introduction An overview of formal methods for hardware.
Implementation and Verification of a Cache Coherence protocol using Spin Steven Farago.

Implementation and Verification of a Cache Coherence protocol using Spin Steven Farago.
Using Formal Verification to Replace Mainstream Simulation Erik Seligman Intel Brandon Smith Intel

Using Formal Verification to Replace Mainstream Simulation Erik Seligman Intel Brandon Smith Intel
Putting It All Together: Using Formal Verification In Real Life Erik Seligman CS 510, Lecture 19, March 2009.

Putting It All Together: Using Formal Verification In Real Life Erik Seligman CS 510, Lecture 19, March 2009.
Introduction to Formal Property Verification (FPV)

Introduction to Formal Property Verification (FPV)
FPV For Design Exploration Erik Seligman CS 510, Lecture 11, February 2009.

FPV For Design Exploration Erik Seligman CS 510, Lecture 11, February 2009.
1 MODULE name (parameters) “Ontology” “Program” “Properties” The NuSMV language A module can contain modules Top level: parameters less module Lower level.

1 MODULE name (parameters) “Ontology” “Program” “Properties” The NuSMV language A module can contain modules Top level: parameters less module Lower level.
Testing and Quality Assurance

Testing and Quality Assurance
Temporal Logic and the NuSMV Model Checker CS 680 Formal Methods Jeremy Johnson.

Temporal Logic and the NuSMV Model Checker CS 680 Formal Methods Jeremy Johnson.
Xiushan Feng* ASIC Verification Nvidia Corporation Automatic Verification of Dependency 1 TM Jayanta Bhadra

Xiushan Feng* ASIC Verification Nvidia Corporation Automatic Verification of Dependency 1 TM Jayanta Bhadra
The Secrets of Practical Verification… © 2008 Think Verification.

The Secrets of Practical Verification… © 2008 Think Verification.
Annoucements  Next labs 9 and 10 are paired for everyone. So don’t miss the lab.  There is a review session for the quiz on Monday, November 4, at 8:00.

Annoucements  Next labs 9 and 10 are paired for everyone. So don’t miss the lab.  There is a review session for the quiz on Monday, November 4, at 8:00.
The Future of Formal: Academic, IC, EDA, and Software Perspectives Ziyad Hanna VP of Research and Chief Architect Jasper Design Automation Ziyad Hanna.

The Future of Formal: Academic, IC, EDA, and Software Perspectives Ziyad Hanna VP of Research and Chief Architect Jasper Design Automation Ziyad Hanna.
1 Assertion Based Verification 2 The Design and Verification Gap  The number of transistors on a chip increases approximately 58% per year, according.

1 Assertion Based Verification 2 The Design and Verification Gap  The number of transistors on a chip increases approximately 58% per year, according.
ECE 667 - Synthesis & Verification1 ECE 667 Spring 2011 Synthesis and Verification of Digital Systems Verification Introduction.

ECE Synthesis & Verification1 ECE 667 Spring 2011 Synthesis and Verification of Digital Systems Verification Introduction.
EE694v-Verification-Lect5-1- Lecture 5 - Verification Tools Automation improves the efficiency and reliability of the verification process Some tools,

EE694v-Verification-Lect5-1- Lecture 5 - Verification Tools Automation improves the efficiency and reliability of the verification process Some tools,
---Confidential 1 Order Management Training. ---Confidential 2 Introduction Three cycles in Oracle Applications Plan to make. Order to cash Procure to.

---Confidential 1 Order Management Training. ---Confidential 2 Introduction Three cycles in Oracle Applications Plan to make. Order to cash Procure to.
Streamline Verification Process with Formal Property Verification to Meet Highly Compressed Design Cycle Prosenjit Chatterjee, nVIDIA Corporation.

Streamline Verification Process with Formal Property Verification to Meet Highly Compressed Design Cycle Prosenjit Chatterjee, nVIDIA Corporation.
Using Mathematica for modeling, simulation and property checking of hardware systems Ghiath AL SAMMANE VDS group : Verification & Modeling of Digital systems.

Using Mathematica for modeling, simulation and property checking of hardware systems Ghiath AL SAMMANE VDS group : Verification & Modeling of Digital systems.
Some Course Info Jean-Michel Chabloz. Main idea This is a course on writing efficient testbenches Very lab-centric course: –You are supposed to learn.

Some Course Info Jean-Michel Chabloz. Main idea This is a course on writing efficient testbenches Very lab-centric course: –You are supposed to learn.

Similar presentations

Ads by Google