Presentation is loading. Please wait.

Presentation is loading. Please wait.

10 Design Verification and Test

Published byOldřich Miloslav Pravec Modified over 5 years ago

Similar presentations

Presentation on theme: "10 Design Verification and Test"— Presentation transcript:

1 10 Design Verification and Test
Fall 2004 Rajesh Gupta

2 Outline Design Verification Manufacturing Test: covered later Sources:
Definitions and Terminology Simulation versus Verification Electrical and Timing Verification Formal Verification Equivalence Checking Model Checking Manufacturing Test: covered later Sources: Chapters G, H, Rabaey ; Chapter 10, Wolf Sandeep Shukla,Virginia Tech / Mani Srivastava, UCLA

3 Design Validation versus Manufacturing Test
Design validation can be done in a number of ways Simulation (Formal) Verification Emulation and Prototyping Often combinations of these methods are used at different levels of a design A manufacturing test is designed to certify a manufactured part for use in systems Both validation and test influence the design.

4 Definitions Design synthesis: Simulation/Verification: Test:
Given an I/O function, develop a procedure to manufacture a device using known materials and processes. Simulation/Verification: Predictive analysis to ensure that the synthesized design, when manufactured, will perform the given I/O function. Two Parts: Functional Verification Performance Verification Test: A manufacturing step that ensures that the physical device, manufactured from the synthesized design, has no manufacturing defect. [Adapted from VLSI Testing Course by Bushnell/Agrawal at Rutgers]

5 Terminology Simulation Verification Electrical Verification
whether functional or performance, requires a good understanding of the intrinsics of the circuit block and its operation depends upon the excitation input Verification whether functional or performance, relies on abstraction for instance, extract a critical path of the circuit results independent of the excitation input but relies on a large number of assumptions (due to necessary abstraction) which may or may not hold restrictive application Electrical Verification approaches that can not quite adopt simulation use rules, abstractions to ensure “good” design / “Circuit debuggers”

6 Terminology Timing Verification Functional, Formal Verification
simplified models over circuit simulation models, e.g., PathMill Functional, Formal Verification build a model of the implemented circuits behavior compare this behavior against specification or another implementation check this behavior for absence/presence of some properties generally “safety” properties prove that the circuit works as specified (=intended)

7 Formal Verification Equivalence checking Model checking
9/20/2019 Formal Verification Equivalence checking Combinational circuits Sequential circuits Model checking Problem statement Explicit algorithms (on graphs) Symbolic algorithms (using BDDs) Theorem proving Deductive reasoning

8 Design Verification  ? behavior structure function layout HDL / RTL
Gate level Logic level Mask level Design 1  ? model RTL Design 2 Done at multiple levels and against multiple implementations

9 Why Formal Verification?
Need for reliable hardware validation Simulation, test cannot handle all possible cases Formal verification conducts exhaustive exploration of all possible behaviors compare to simulation, which explores some of possible behaviors if correct, all behaviors are verified if incorrect, a counter-example (proof) is presented Examples of successful use of formal verification SMV system [McMillan 1993] verification of cache coherence protocol in IEEE Futurebus+ standard

10 Binary Decision Diagrams
Binary Decision Diagram (BDD) compact data structure for Boolean logic can represent sets of objects (states) encoded as Boolean functions reduced ordered BDDs (ROBDD) are canonical canonicity - essential for verification Construction of ROBDD remove duplicate terminals remove duplicate nodes (isomorphic subgraphs) remove internal nodes with identical children

11 BDD - Construction Construction of a Reduced Ordered BDD f f = ac + bc
1 a b c f 1 edge 0 edge a b c f f = ac + bc Truth table Decision tree

12 BDD Construction – cont’d
1 a b c f f 1 a b c f = (a+b)c 1 a b c 2. Remove duplicate nodes 3. Remove redundant nodes 1. Remove duplicate terminals

13 Use of ROBDDs in Formal Verification
Equivalence of combinational circuits Canonicity property of BDDs: if F and G are equivalent, their BDDs are identical (for the same ordering of variables) 1 a b c 1 a b c G = ac +bc F = a’bc + abc +ab’c

14 Can also be used in Manufacturing Test Generation
Functional test generation Boolean satisfiability analysis (SAT) to test for H = 1 (0), find a path in the BDD to terminal 1 (0) the path, expressed in function variables, gives a satisfying solution (test vector) More on it later. H 1 a b c ab ab’c

15 Logic Manipulation using BDDs
Useful operators 1 F F’ Complement ¬ F = F’ (switch the terminal nodes) 1 F(x,y) x=b F(y) Restrict Restrict: F|x=b = F(x=b) where b = const

16 Useful BDD Operators - cont’d
Apply: F G where stands for any Boolean operator (AND, OR, XOR, ) = F G 1 Any logic operation can be expressed using only Restrict and Apply Efficient algorithms that work directly on BDDs

17 Finite State Machines (FSM)
O X R (s,x) (s,x) s s’ FSM M(X,S, , ,O) Inputs: X Outputs: O States: S Next state function, (s,x) : S  X  S Output function, (s,x) : S  X  O

18 FSM Traversal State Transition Graphs
directed graphs with labeled nodes and arcs (transitions) symbolic state traversal methods important for symbolic verification, state reachability analysis, FSM traversal, etc. There are two important computations in FSMs Image Computation: Next states from a given state Pre-Image Computation: Previous states from a given set of states Both of these can be done efficiently using ROBDDs 0/1 1/0 s0 s1 s2 0/0

19 Equivalence Checking Two circuits are functionally equivalent if they exhibit the same behavior Combinational circuits for all possible input values Sequential circuits for all possible input sequences. In Out CL Po PI CL Ps Ns R

20 Combinational Equivalence Checking
9/20/2019 Combinational Equivalence Checking Functional Approach transform output functions of combinational circuits into a unique (canonical) representation two circuits are equivalent if their representations are identical efficient canonical representation: BDD Structural Approach identify structurally similar internal points prove internal points (cut-points) equivalent find implications

21 Functional Equivalence
If BDD can be constructed for each circuit represent each circuit as shared (multi-output) BDD use the same variable ordering ! BDDs of both circuits must be identical Problem Often BDDs are too large, not enough memory Remedy Partition BDDs, check equivalences at internal points Dynamically order variables that lead to small size More sophisticated (data-oriented) decision diagrams

22 Sequential Equivalence Checking
Represent each sequential circuit as an FSM verify if two FSMs are equivalent Approach 1: reduction to combinational circuit unroll FSM over n time frames (flatten the design) M(t1) x(1) s(1) M(t2) x(2) s(2) M(tn) x(n) s(n) Combinational logic: F(x(1,2, …n), s(1,2, … n)) check equivalence of the resulting combinational circuits problem: the resulting circuit can be too large too handle

23 Sequential Verification
Approach 2: based on isomorphism of state transition graphs two machines M1, M2 are equivalent if their state transition graphs (STGs) are isomorphic perform state minimization of each machine check if STG(M1) and STG(M2) are isomorphic 1/0 1.2 0/0 1/1 0/1 M1min 0/0 0/1 1/0 1 2 M1 1/1 State min. 1/0 1 0/0 1/1 0/1 M2

24 Sequential Verification
Approach 3: symbolic FSM traversal of the product machine Given two FSMs: M1(X,S1, 1, 1,O1), M2(X,S2, 2, 2,O2) Create a product FSM: M = M1 M2 traverse the states of M and check its output for each transition the output O(M) =1, if outputs O1= O2 if all outputs of M are 1, M1 and M2 are equivalent otherwise, an error state is reached error trace is produced to show: M1  M2 M1 M2 S1 S2 O2 O1 X O(M)

25 Product Machine - Construction
Define the product machine M(X,S, , ,O) states, S = S1  S2 next state function, (s,x) : (S1  S2)  X  (S1  S2) output function, (s,x) : (S1  S2)  X  {0,1} Error trace (distinguishing sequence) that leads to an error state sequence of inputs which produces 1 at the output of M produces a state in M for which M1 and M2 give different outputs M1 M2 1 2 2 1 X (s,x) = 1(s1,x) 2(s2,x) O = 1 if O1=O2 0 otherwise

26 Construction of the Product FSM
1/1 2 1 0/0 0/1 1/0 1/0 1 0/0 1/1 0/1 M1 For each pair of states, s1 M1, s2 M2 create a combined state s = (s1. s2) of M create transitions out of this state to other states of M label the transitions (input/output) accordingly 0/1 11 Output = { 1 OK 0 error M1 1/0 0/1 1 1/1 0.2 00 1.1 M2 2 0/1 1/0 1

27 FSM Traversal in Action
2 1 0/0 0/1 1/1 1/0 1/0 1 0/0 1/1 0/1 M1 Initiall states: s1=0, s2=0, s=(0.0) Error state 1/0 0/0 Out(M) State reached x=0 x=1 0.1 1/0 0/0 1.0 0/1 0.2 1/1 New 0 = (0.0) 0/0 1.2 1/0 New 1 = (1.1) 1.1 0/1 1/1 New 2 = (0.2) 0.0 0/1 1/1 M New 3 = (1.0) STOP - backtrack to initial state to get error trace: x={1,1,1,0}

28 Model Checking Algorithmic method of verifying correctness Basic idea
against temporal logic specifications Formulae that contain time operators A practical approach to formal verification Basic idea System is described in a formal model derived from high level design (HDL, C), circuit structure, etc. The desired behavior is expressed as a set of properties expressed as temporal logic specification The specification is checked against the model

29 Temporal Logic Formalism describing sequences of transitions
Time is not mentioned explicitly The temporal operators used to express temporal properties eventually never always Temporal logic formulas are evaluated w.r.t. a state in the model Temporal operators can be combined with Boolean expressions formulae can be written over state or over a path

30 Example of Temporal Formulae
E F ( start  ¬ ready ) eventually a state is reached where start holds and ready does not hold A G ( req  A F ack ) any time request occurs, it will be eventually acknowledged A G ( E F restart ) from any state it is possible to get to the restart state

31 Model Checking Example
Traffic light controller (simplified) G2 Y2 R2 G1 Y1 R1 C Timer T sensor Road 2 Road 1 C = car sensor T = timer R1 G2 Y1 R2 G1 R2 R1 Y2 C ’+ T ’ C T C T ’ C ’+ T G1 R2 Y1 R2 R1 G2 R1 Y2

32 Traffic light controller - Model Checking
Model Checking task: check safety condition fairness conditions Safety condition: no green lights on both roads at the same time Fairness condition: eventually one road has green light R1 G2 Y1 R2 G1 R2 R1 Y2 C ’+T ’ C T C T ’ C ’+T

33 Summary: Important Concepts
What are basic components of verification? Simulation, emulation, formal verification Functionality versus performance verification When are these applied in a VLSI design project? Components of formal verification Equivalence checking, model checking, theorem proving Modeling for equivalence checking BDDs and ROBDDs: how do you construct these? Using ROBDDs for Apply, Restriction Verification of sequential circuits: three approaches Symbolic FSM traversal Model Checking: what is it? Types of properties that are checked, examples.

Download ppt "10 Design Verification and Test"

Similar presentations

Model Checking Lecture 4. Outline 1 Specifications: logic vs. automata, linear vs. branching, safety vs. liveness 2 Graph algorithms for model checking.

Model Checking Lecture 4. Outline 1 Specifications: logic vs. automata, linear vs. branching, safety vs. liveness 2 Graph algorithms for model checking.
Copyright 2000 Cadence Design Systems. Permission is granted to reproduce without modification. Introduction An overview of formal methods for hardware.

Copyright 2000 Cadence Design Systems. Permission is granted to reproduce without modification. Introduction An overview of formal methods for hardware.
Representing Boolean Functions for Symbolic Model Checking Supratik Chakraborty IIT Bombay.

Representing Boolean Functions for Symbolic Model Checking Supratik Chakraborty IIT Bombay.
Algorithmic Software Verification VII. Computation tree logic and bisimulations.

Algorithmic Software Verification VII. Computation tree logic and bisimulations.
2015-4-13 Based on text by S. Mourad Priciples of Electronic Systems Digital Testing: Design Representation and Fault Detection

Based on text by S. Mourad "Priciples of Electronic Systems" Digital Testing: Design Representation and Fault Detection
Introducing Formal Methods, Module 1, Version 1.1, Oct., 1998 1 Formal Specification and Analytical Verification L 5.

Introducing Formal Methods, Module 1, Version 1.1, Oct., Formal Specification and Analytical Verification L 5.
Planning based on Model Checking Dept. of Information Systems and Applied CS Bamberg University Seminar Paper Svetlana Balinova.

Planning based on Model Checking Dept. of Information Systems and Applied CS Bamberg University Seminar Paper Svetlana Balinova.
Automatic Verification Book: Chapter 6. What is verification? Traditionally, verification means proof of correctness automatic: model checking deductive:

Automatic Verification Book: Chapter 6. What is verification? Traditionally, verification means proof of correctness automatic: model checking deductive:
ECE 667 - Synthesis & Verification - L271 ECE 697B (667) Spring 2006 Synthesis and Verification of Digital Systems Model Checking basics.

ECE Synthesis & Verification - L271 ECE 697B (667) Spring 2006 Synthesis and Verification of Digital Systems Model Checking basics.
Chapter 2 Logic Circuits.

Chapter 2 Logic Circuits.
ECE 667 - Synthesis & Verification 1 ECE 667 Synthesis and Verification of Digital Systems Formal Verification Combinational Equivalence Checking.

ECE Synthesis & Verification 1 ECE 667 Synthesis and Verification of Digital Systems Formal Verification Combinational Equivalence Checking.
SYMBOLIC MODEL CHECKING: 10 20 STATES AND BEYOND J.R. Burch E.M. Clarke K.L. McMillan D. L. Dill L. J. Hwang Presented by Rehana Begam.

SYMBOLIC MODEL CHECKING: STATES AND BEYOND J.R. Burch E.M. Clarke K.L. McMillan D. L. Dill L. J. Hwang Presented by Rehana Begam.
Spring 07, Feb 6 ELEC 7770: Advanced VLSI Design (Agrawal) 1 ELEC 7770 Advanced VLSI Design Spring 2007 Verification Vishwani D. Agrawal James J. Danaher.

Spring 07, Feb 6 ELEC 7770: Advanced VLSI Design (Agrawal) 1 ELEC 7770 Advanced VLSI Design Spring 2007 Verification Vishwani D. Agrawal James J. Danaher.
Spring 07, Feb 13 ELEC 7770: Advanced VLSI Design (Agrawal) 1 ELEC 7770 Advanced VLSI Design Spring 2007 Binary Decision Diagrams Vishwani D. Agrawal James.

Spring 07, Feb 13 ELEC 7770: Advanced VLSI Design (Agrawal) 1 ELEC 7770 Advanced VLSI Design Spring 2007 Binary Decision Diagrams Vishwani D. Agrawal James.
Asynchronous Sequential Logic

Asynchronous Sequential Logic
ECE 667 - Synthesis & Verification1 ECE 667 Spring 2011 Synthesis and Verification of Digital Systems Verification Introduction.

ECE Synthesis & Verification1 ECE 667 Spring 2011 Synthesis and Verification of Digital Systems Verification Introduction.
ECE 667 - Synthesis & Verification - Lecture 18 1 ECE 697B (667) Spring 2006 ECE 697B (667) Spring 2006 Synthesis and Verification of Digital Systems Word-level.

ECE Synthesis & Verification - Lecture 18 1 ECE 697B (667) Spring 2006 ECE 697B (667) Spring 2006 Synthesis and Verification of Digital Systems Word-level.
Rolf Drechlser’s slides used

Rolf Drechlser’s slides used
Computation Engines: BDDs and SAT (part 2) 290N: The Unknown Component Problem Lecture 8.

Computation Engines: BDDs and SAT (part 2) 290N: The Unknown Component Problem Lecture 8.
ECE 667 - Synthesis & Verification - L211 ECE 697B (667) Spring 2006 Synthesis and Verification of Digital Systems Verification Equivalence checking.

ECE Synthesis & Verification - L211 ECE 697B (667) Spring 2006 Synthesis and Verification of Digital Systems Verification Equivalence checking.

Similar presentations

Ads by Google