1. ELEC 7770 Advanced VLSI Design Spring 2016 Verification
Vishwani D. Agrawal
James J. Danaher Professor
ECE Department, Auburn University
Auburn, AL 36849
Spring 2016, Jan
ELEC 7770: Advanced VLSI Design (Agrawal)

2. VLSI Realization Process
Customer’s need
Design
Determine requirements
Write specifications
Design synthesis and Verification
Test development
Fabrication
Manufacturing test
Manufacture
Chips to customer
Spring 2016, Jan
ELEC 7770: Advanced VLSI Design (Agrawal)

3. ELEC 7770: Advanced VLSI Design (Agrawal)
Origin of “Debugging”
Thomas Edison wrote in a letter in 1878: “It has been just so in all of my inventions. The first step is an intuition, and comes with a burst, then difficulties arise—this thing gives out and [it is] then that “Bugs” — as such little faults and difficulties are called — show themselves and months of intense watching, study and labor are requisite before commercial success or failure is certainly reached.” An interesting example of “debugging” was in 1945 when a computer failure was traced down to a moth that was caught in a relay between contacts (Figure 3-1).
D. Gizopoulos (Editor), Advances in Electronic Testing: Challenges and Methodologies, Springer, 2006, Chapter 3, “Silicon Debug,” by D. Josephson and B. Gottlieb.
Spring 2016, Jan
ELEC 7770: Advanced VLSI Design (Agrawal)

4. Verification and Testing
Hardware
design
Manufacturing
Specification
Silicon
Verification
Testing
50-70% cost
30-50% cost
Spring 2016, Jan
ELEC 7770: Advanced VLSI Design (Agrawal)

5. ELEC 7770: Advanced VLSI Design (Agrawal)
Definitions
Verification: Predictive analysis to ensure that the synthesized design, when manufactured, will perform the given I/O function.
Alternative Definition: Verification is a process used to demonstrate the functional correctness of a design.
Spring 2016, Jan
ELEC 7770: Advanced VLSI Design (Agrawal)

6. ELEC 7770: Advanced VLSI Design (Agrawal)
What is Being Verified?
Given a set of specification,
Does the design do what was specified?
RTL coding
Specification
Interpretation
Verification
J. Bergeron, Writing Testbenches: Functional Verification
Of HDL Models, Springer, 2000.
Spring 2016, Jan
ELEC 7770: Advanced VLSI Design (Agrawal)

7. Avoiding Interpretation Error
Use redundancy
RTL coding
Interpretation
Specification
Interpretation
Verification
Spring 2016, Jan
ELEC 7770: Advanced VLSI Design (Agrawal)

8. Methods of Verification
Simulation: Verify input-output behavior for selected cases.
Formal verification: Exhaustively verify input-output behavior:
Equivalence checking
Model checking
Symbolic simulation
Spring 2016, Jan
ELEC 7770: Advanced VLSI Design (Agrawal)

9. ELEC 7770: Advanced VLSI Design (Agrawal)
Equivalence Checking
Logic equivalence: Two circuits implement identical Boolean function.
Logic and temporal equivalence: Two finite state machines have identical input-output behavior (machine equivalence).
Topological equivalence: Two netlists are identical (graph isomorphism).
Reference: S.-Y. Hwang and K.-T. Cheng, Formal Equivalence Checking and Design Debugging, Springer, 1998.
Spring 2016, Jan
ELEC 7770: Advanced VLSI Design (Agrawal)

10. ELEC 7770: Advanced VLSI Design (Agrawal)
Compare Two Circuits a c b a c b f f
Are graphs isomorphic?
Are Boolean functions identical?
Are timing behaviors identical?
Spring 2016, Jan
ELEC 7770: Advanced VLSI Design (Agrawal)

11. Are Graphs Isomorphic? NO.
AND c OR f
NOT b
AND a OR
NOT c
AND f b OR
Spring 2016, Jan
ELEC 7770: Advanced VLSI Design (Agrawal)

12. Are Boolean Functions Identical? YES. c b
Spring 2016, Jan
ELEC 7770: Advanced VLSI Design (Agrawal)

13. ELEC 7770: Advanced VLSI Design (Agrawal)
Model Checking
Construct an abstract model of the system, usually in the form of a finite-state machine (FSM).
Analytically prove that the model does not violate the properties (assertions) of original specification.
Reference: E. M. Clarke, Jr., O. Grumberg, and D. A. Peled, Model Checking, MIT Press, 1999.
RTL coding
Specification
RTL
Assertions
Interpretation
Model checking
Spring 2016, Jan
ELEC 7770: Advanced VLSI Design (Agrawal)

14. ELEC 7770: Advanced VLSI Design (Agrawal)
Symbolic Simulation
Simulation with algebraic symbols rather than numerical values.
Self-consistency: A complex (more advanced) design produces the same result as a much simpler (and previously verified) design.
Reference: R. B. Jones, Symbolic Simulation Methods for Industrial Formal Verification, Springer, 2002.
Spring 2016, Jan
ELEC 7770: Advanced VLSI Design (Agrawal)

15. Simulation: Testbench
Testbench (HDL)
Design
under
verification
(HDL)
See Professor Nelson’s Lectures:
Modeling and Simulating ASIC Designs with VHDL
VHDL Overview.pptx
VHDL Simulation, Testbench Design
6 Testbench.pptx
Spring 2016, Jan
ELEC 7770: Advanced VLSI Design (Agrawal)

16. ELEC 7770: Advanced VLSI Design (Agrawal)
Testbench
HDL code:
Generates stimuli
Checks output responses
Approaches:
Blackbox
Whitebox
Greybox
Metrics (unreliable):
Statement coverage
Path coverage
Expression or branch coverage
Reference – J. Bergeron, Writing Testbenches: Functional Verification of HDL Models, Springer, 2000.
Spring 2016, Jan
ELEC 7770: Advanced VLSI Design (Agrawal)

17. ELEC 7770: Advanced VLSI Design (Agrawal)
Equivalence Checking
Definition: Establishing that two circuits are functionally equivalent.
Applications:
Verify that a design is identical to specification.
Verify that synthesis did not change the function.
Verify that corrections made to a design did not create new errors.
Spring 2016, Jan
ELEC 7770: Advanced VLSI Design (Agrawal)

18. ELEC 7770: Advanced VLSI Design (Agrawal)
Compare Two Circuits a c b a c b f f
Are graphs isomorphic? Yes/No
Else, are Boolean functions identical? Yes/No
Then, are timing behaviors identical? Yes/No
Spring 2016, Jan
ELEC 7770: Advanced VLSI Design (Agrawal)

19. ELEC 7770: Advanced VLSI Design (Agrawal)
ATPG Approach (Miter)
Circuit 1
(Verified design)
stuck-at-0
Circuit 2
(Sythesized or
modified design)
stuck-at-0
Redundancy of a stuck-at-0 fault, checked by ATPG, establishes equivalence of the corresponding output pair.
If the fault is detectable, its tests are used to diagnose the differences.
Spring 2016, Jan
ELEC 7770: Advanced VLSI Design (Agrawal)

20. Difficulties with Miter
ATPG is NP-complete.
When circuits are equivalent, proving redundancy of faults is computationally expensive.
When circuits are different, test vectors are quickly found, but diagnosis is difficult.
Spring 2016, Jan
ELEC 7770: Advanced VLSI Design (Agrawal)

21. ELEC 7770: Advanced VLSI Design (Agrawal)
A Heuristic Approach
Derive V1, test vectors for all faults in C1.
Derive V2, test vectors for all faults in C2.
If the combined set, V1+V2, produces the same outputs from the two circuits, then they are probably equivalent.
Reference: V. D. Agrawal, “Choice of Tests for Logic Verification and Equivalence Checking and the Use of Fault Simulation,” Proc. 13th International Conf. VLSI Design, January 2000, pp
Spring 2016, Jan
ELEC 7770: Advanced VLSI Design (Agrawal)

22. ELEC 7770: Advanced VLSI Design (Agrawal)
Example Circuit C1 x1 x2 x3 x4 C1
Tests x3 1 1 1 x2
C1 = x1 x3 x4 + x2 x3 + x2 x4 1 1 1 1 x1 1 x4
Spring 2016, Jan
ELEC 7770: Advanced VLSI Design (Agrawal)

23. ELEC 7770: Advanced VLSI Design (Agrawal)
Example Circuit C2 x1 x2 x3 x4 C2
Tests x3 1 1 1 x2
C2 = x1 x3 x4 + x2 x3 + x2 x4 1 1 1 1 x1 1 x4
Spring 2016, Jan
ELEC 7770: Advanced VLSI Design (Agrawal)

24. ELEC 7770: Advanced VLSI Design (Agrawal)
C1 ≡ C2
Tests x3
Tests x3 1 1 1 1 1 1 x2 x2 1 1 1 1 1 1 1 1 x1 x1 1 1 x4 x4 C1 C2
Spring 2016, Jan
ELEC 7770: Advanced VLSI Design (Agrawal)

25. C2’: Erroneous Implementation of C2x1 x2 x3 x4
C2’
Tests x3
C2’ = x1 x2 x3 x4 + x2 x3 + x2 x4
C2 = x1 x3 x4 + x2 x3 + x2 x4 1 1 1 x2 1 1 1 x1 1
minterm
deleted x4
Spring 2016, Jan
ELEC 7770: Advanced VLSI Design (Agrawal)

26. Incorrect Result: C1 ≡ C2’
C1 = x1 x3 x4 + x2 x3 + x2 x4
C2’ = x1 x2 x3 x4 + x2 x3 + x2 x4
Tests x3
Tests x3 1 1 1 1 1 1 x2 x2 1 1 1 1 1 1 1 x1 x1 1 1
minterm
deleted x4 x4
Spring 2016, Jan
ELEC 7770: Advanced VLSI Design (Agrawal)

27. ELEC 7770: Advanced VLSI Design (Agrawal)
Additional Safeguard
s-a-0 C1
(Verified design)
s-a-1 C2
(Sythesized or
modified design)
Simulate V1+V2 for equivalence:
Output always 0
No single fault on PI’s detected
Better but still not perfect
Spring 2016, Jan
ELEC 7770: Advanced VLSI Design (Agrawal)

28. Probabilistic Equivalence
Consider two Boolean functions F and G of the same set of input variables {X1, , Xn}.
Let f = Prob(F=1), g = Prob(G=1), xi = Prob(Xi=1)
For any arbitrarily given values of xi, if f = g, then F and G are equivalent with probability 1.
References:
J. Jain, J. Bittner, D. S. Fussell and J. A. Abraham, “Probabilistic Verification of Boolean Functions,” Formal Methods in System Design, vol. 1, pp , 1992.
V. D. Agrawal and D. Lee, “Characteristic Polynomial Method for Verification and Test of Combinational Circuits,” Proc. 9th International Conf. VLSI Design, January 1996, pp
Spring 2016, Jan
ELEC 7770: Advanced VLSI Design (Agrawal)

29. ELEC 7770: Advanced VLSI Design (Agrawal)
Simplest Example
F = X1.X2, f = x1 x2
G = X1+X2, g = (1 – x1)(1 – x2)
= 1 – x1 – x2 + x1 x2
Input probabilities, x1 and x2, are randomly taken from {0.0, 1.0}
We make a wrong decision if f = g, i.e.,
x1x2 = 1 – x1 – x2 + x1 x2
or x1 + x2 = 1
Spring 2016, Jan
ELEC 7770: Advanced VLSI Design (Agrawal)

30. Probability of Wrong Decisionx2
Randomly
selected
point (x1,x2)
1.0
x1 + x2 = 1 x1
1.0
Probability of wrong decision
= Random point falls on line {x1 + x2 = 1}
= (area of line)/(area of unit square)
= 0
Spring 2016, Jan
ELEC 7770: Advanced VLSI Design (Agrawal)

31. Calculation of Signal Probability
Exact calculation
Exponential complexity.
Affected by roundoff errors.
Alternative: Monte Carlo method
Randomly select input probabilities
Generate random input vectors
Simulate circuits F and G
If outputs have a mismatch, circuits are not equivalent.
Else, stop after “sufficiently” large number of vectors (open problem).
Spring 2016, Jan
ELEC 7770: Advanced VLSI Design (Agrawal)

32. References on Signal Probability
S. C. Seth and V. D. Agrawal, “A New Model for Computation of Probabilistic Testability in Combinational Circuits,” INTEGRATION, The VLSI Journal, vol. 7, pp , 1989.
V. D. Agrawal and D. Lee and H. Woźniakowski, “Numerical Computation of Characteristic Polynomials of Boolean Functions and its Applications,” Numerical Algorithms, vol. 17, pp , 1998.
Spring 2016, Jan
ELEC 7770: Advanced VLSI Design (Agrawal)

33. More on Equivalence Checking
Don’t cares
Sequential circuits
Time-frame expansion
Initial state
Design debugging (diagnosis)
Reference: S.-Y. Hwang and K.-T. Cheng, Formal Equivalence Checking and Design Debugging, Springer, 1998.
Spring 2016, Jan
ELEC 7770: Advanced VLSI Design (Agrawal)

34. Methods of Equivalence Checking
Satisfiability algorithms
ATPG methods
Binary decision diagrams (BDD)
Spring 2016, Jan
ELEC 7770: Advanced VLSI Design (Agrawal)

35. Shannon’s Expansion Theorem
C. E. Shannon, “A Symbolic Analysis of Relay and Switching Circuits,” Trans. AIEE, vol. 57, pp , 1938.
Consider:
Boolean variables, X1, X2, , Xn
Boolean function, F(X1, X2, , Xn)
Then F = Xi F(Xi=1) + Xi’ F(Xi=0)
Where
Xi’ is complement of Xi
Cofactors, F(Xi=j) = F(X1, X2, . . , Xi=j, . . , Xn), j = 0 or 1
Spring 2016, Jan
ELEC 7770: Advanced VLSI Design (Agrawal)

36. ELEC 7770: Advanced VLSI Design (Agrawal)
Claude E. Shannon ( )
Spring 2016, Jan
ELEC 7770: Advanced VLSI Design (Agrawal)

37. ELEC 7770: Advanced VLSI Design (Agrawal)
Shannon’s Legacy
A Symbolic Analysis of Relay and Switching Circuits, Master’s Thesis, MIT, Perhaps the most influential master’s thesis of the 20th century.
An Algebra for Theoretical Genetics, PhD Thesis, MIT, 1940.
Founded the field of Information Theory.
C. E. Shannon and W. Weaver, The Mathematical Theory of Communication, University of Illinois Press, A “must read.”
Spring 2016, Jan
ELEC 7770: Advanced VLSI Design (Agrawal)

38. ELEC 7770: Advanced VLSI Design (Agrawal)
Theorem
(1) F = Xi F(Xi = 1) + Xi’ F(Xi = 0) ∀ i = 1,2,3, n
(2) F = (Xi + F(Xi = 0)) (Xi’ + F(Xi = 1)) ∀ i = 1,2,3, n
F(Xi = 0) F(Xi = 1) Xi F
Spring 2016, Jan
ELEC 7770: Advanced VLSI Design (Agrawal)

39. Expansion About Two Inputs
F = XiXj F(Xi = 1, Xj = 1) + XiXj’ F(Xi = 1, Xj = 0)
+ Xi’Xj F(Xi = 0, Xj = 1)
+ Xi’Xj’ F(Xi = 0, Xj = 0)
In general, a Boolean function can be expanded about any number of input variables.
Expansion about k variables will have 2k terms.
Spring 2016, Jan
ELEC 7770: Advanced VLSI Design (Agrawal)

40. ELEC 7770: Advanced VLSI Design (Agrawal)
Binary Decision Tree a c b a 1 f b b 1 1 c c c c 1 1 1 1
Graph representation
of a Boolean function. 1 1 1 1
Leaf nodes
Spring 2016, Jan
ELEC 7770: Advanced VLSI Design (Agrawal)

41. Binary Decision Diagrams
Binary decision diagram (BDD) is a graph representation of a Boolean function, directly derivable from Shannon’s expansion.
References:
C. Y. Lee, “Representation of Switching Circuits by Binary Decision Diagrams,” Bell Syst. Tech J., vol. 38, pp , July 1959.
S. Akers, “Binary Decision Diagrams,” IEEE Trans. Computers, vol. C-27, no. 6, pp , June 1978.
Ordered BDD (OBDD) and Reduced Order BDD (ROBDD).
Reference:
R. E. Bryant, “Graph-Based Algorithms for Boolean Function Manipulation,” IEEE Trans. Computers, vol. C-35, no. 8, pp , August 1986.
Spring 2016, Jan
ELEC 7770: Advanced VLSI Design (Agrawal)

42. Binary Decision Diagram
BDD of an n-variable Boolean function is a tree:
Root node is any input variable.
All nodes in a level are labeled by the same input variable.
Each node has two outgoing edges, labeled as 0 and 1 indicating the state of the node variable.
Leaf nodes carry fixed 0 and 1 labels.
Levels from root to leaf nodes represent an ordering of input variables.
If we trace a path from the root to any leaf, the label of the leaf gives the value of the Boolean function when inputs are assigned the values from the path.
Spring 2016, Jan
ELEC 7770: Advanced VLSI Design (Agrawal)

43. Ordered Binary Decision Diagram (OBDD)1 f b b 1 a c c 1 1 1 1 b b 1 1 1 1 1 c c c c 1 1 1 1 1 1 1 1
OBDD
Tree
Spring 2016, Jan
ELEC 7770: Advanced VLSI Design (Agrawal)

44. Ordered Binary Decision Diagram (OBDD)
f(a,b,c) a c b a 1 f
f(1,b,c) b b
f(0,b,c)
f(1,0,c)
f(0,1,c) 1 c c 1 1 1 1 1 1
OBDD
Spring 2016, Jan
ELEC 7770: Advanced VLSI Design (Agrawal)

45. Multiplexer Equivalent of OBDD
f(a,b,c) a
0 1
f(0,b,c)
f(1,b,c) b b
f(0,1,c)
f(1,0,c) 1 c c
Spring 2016, Jan
ELEC 7770: Advanced VLSI Design (Agrawal)

46. OBDD With Different Input Orderinga c b f a c 1 1 b b b b 1 1 a a c c 1 1 1 1
1 0 1 1 1 1 1 1 1
Spring 2016, Jan
ELEC 7770: Advanced VLSI Design (Agrawal)

47. Evaluating Function from OBDD
Start at leaf nodes and work toward the root – leaf node functions are 0 and 1.
Function at a node with variable x is
f = x’.f(low) + x.f(high) x 1
low
high
Spring 2016, Jan
ELEC 7770: Advanced VLSI Design (Agrawal)

48. Evaluating OBDD Node Functions
c’.b + c.a c 1
b’.a + b.a
= a
b’.0 + b.1
= b b b 1 a a a 1
a’.0 + a.1
= a
1 0 1 1 1 1
Spring 2016, Jan
ELEC 7770: Advanced VLSI Design (Agrawal)

49. Cannot Compare Two Circuitsb a c b f f c c 1 b b b 1 1 a a a 1 1 1
1 0 1 1 1 1 1 1
Spring 2016, Jan
ELEC 7770: Advanced VLSI Design (Agrawal)

50. OBDD Graph Isomorphism
Two OBDDs are isomorphic if there is one-to-one mapping between the vertex sets with respect to adjacency, labels and leaf values.
Two isomorphic OBDDs represent the same function.
Two identical circuits may not have identical OBDDs even when same variable ordering is used.
Comparison is possible if:
Same variable ordering is used.
Any redundancies in graphs are removed.
Spring 2016, Jan
ELEC 7770: Advanced VLSI Design (Agrawal)

51. Reduced Ordered BDD (ROBDD)
Directed acyclic graph (DAG) (*).
Contains just two leaf nodes labeled 0 and 1.
Variables are indexed, 1, 2, n, such that the index of a node is greater than that of its child (*).
A node has exactly two child nodes, low and high such that low ≠ high.
Graph contains no pair of nodes such that subgraphs rooted in them are isomorphic.
* Properties common to OBDD.
Spring 2016, Jan
ELEC 7770: Advanced VLSI Design (Agrawal)

52. ELEC 7770: Advanced VLSI Design (Agrawal)
ROBDDs a c b a c b f f c c 1 1 b
Isomorphic
graphs b 1 a 1 a 1 1 1 1
Spring 2016, Jan
ELEC 7770: Advanced VLSI Design (Agrawal)

53. Reduction: OBDD to ROBDDa c b f a a 1 1 b b b b 1 1 c c 1 c c 1 1 1 1 1 1 1 1 1
Spring 2016, Jan
ELEC 7770: Advanced VLSI Design (Agrawal)

54. ELEC 7770: Advanced VLSI Design (Agrawal)
Properties of ROBDD
Unique for given variable ordering – graph isomorphism verifies logic equivalence.
Size (number of nodes) changes with variable ordering – worst-case size is exponential (e.g., integer multiplier).
Other applications: logic synthesis, testing.
For algorithms to derive ROBDD, see
R. E. Bryant, “Graph-Based Algorithms for Boolean Function Manipulation,” IEEE Trans. Computers, vol. C-35, no. 8, pp , August 1986.
G. De Micheli, Synthesis and Optimization of Digital Circuits, New York: McGraw-Hill, 1994.
S. Devadas, A. Ghosh, and K. Keutzer, Logic Synthesis, New York: McGraw-Hill, 1994.
Spring 2016, Jan
ELEC 7770: Advanced VLSI Design (Agrawal)