1 / 22

Streamline Verification Process with Formal Property Verification to Meet Highly Compressed Design Cycle

Streamline Verification Process with Formal Property Verification to Meet Highly Compressed Design Cycle. Prosenjit Chatterjee, nVIDIA Corporation. Goals . Reach conventional verification goals faster Reach more verification goals Fewer verification resources

artemas
Download Presentation

Streamline Verification Process with Formal Property Verification to Meet Highly Compressed Design Cycle

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Streamline Verification Process with Formal Property Verification to Meet Highly Compressed Design Cycle Prosenjit Chatterjee,nVIDIA Corporation

  2. Goals • Reach conventional verification goals faster • Reach more verification goals • Fewer verification resources • Prove specific properties of most complex blocks

  3. SFV • Minimal verification environment expertise • Ability to use conventional verification techniques • Non FV-able properties still usable • Use conventional verification techniques at Full Chip and Super Unit level • However, now fewer bugs to uncover as sub-units are already SFV-ed • Full time Dedicated Verification Engineernot required • Designer’s kit

  4. Conventional Verification Process User writes TestBench Input Biasing Internal Coverage Goal • Sets of vector sequences that • User generates to accomplish coverage goals • Directed or Random Vector sequences • Outputs are “smart-diffed” DUT TestPlan Coverage Goals Reachable Unknown DUT RTL TestBench Pass X Fail DUT Data Transform Model Internal Properties Unknown Fail

  5. SFV Environment Reachable Unknown Unreachable Input Biasing Input Assumptions DUT TestPlan Coverage Goals generates DUT RTL SFV TestBench Pass X Fail DUT Data Transform Model Internal Properties Proof Unknown Fail Internal Coverage Goal Reachable Unknown Unreachable

  6. SFV Environment- Test Bench • Input Assumptions provide legal stimulus • Input Biasing provide higher proportion of important events • Different Random Seeds are applied automatically • Random Simulation obeys Input Assumptionsand Biasing • FV obeys Input Assumptions. Biasing is irrelevant • Auto self adjusts user’s biasing to reach coverage goals • Coverage goals missed by SFV are reached by directed testing

  7. Coverage Goals Automated: • Line Coverage • Condition Coverage User Specified: • Implementation Specific • Executable Test Plan

  8. Coverage Goals Rand_B1 Rand_Default Rand_Bm SFV run with - biased random ON - formal engines OFF Coverage Report Coverage met ? Done yes no or Directed Testing Partition uncovered goals Rand_Default SFV run with - biased random ON - formal engines ON SFV_G1 SFV_Gn Save SFV generated vectors C-RTL output compare

  9. Unit Verification Goals Reached • Coverage goals reached or proved expectedly unreachable • Line, • Condition, • User Specified Implementation Specific, • User Specified Test Plan • SFV traces that reached above goals = Data Transform Model Output • White Box Properties proved or bounded proved • End to End Data Transport Property proved

  10. SFV Engines SFV Process 1 Process 2 Property Falsification or Coverage Goal Reachability Property Proving or Coverage Goal Unreachability

  11. Using BMC from interesting start states • Default start state is reset state • SFV tool uses heuristics to find interesting start states • User identifies subset of coverage goals as interesting start states • Requires efficient management of the startstates population

  12. Helping SFV tool reach interesting states faster • Limiting conditions in DUT may be very “deep” • Tolerable Random Logic Addition to fan-in of internal signals in DUT fifo_full = original_RTL_design_logic || random_hi_or_low; Tout_cntr <= random_decision ? timeout_value : original_RTL_design_logic; • Primarily for finding bugs using SAT • Coverage Goals reached via such techniquesare ignored

  13. Enhanced Unit Verification Goals Reached • Coverage goals reached or proved expectedly unreachable • Line, • Condition, • User Specified Implementation Specific, • User Specified Test Plan • SFV traces that reached above goals = Data Transform Model Output • White Box Properties proved or bounded proved • End to End Data Transport Property proved

  14. Proving Data Transport Functionality - Intuition FEDEX gift to UPS gift to John Dan Bob • If I want to check FEDEX and UPS always delivers safely THEN • I do not care if Dan changes the gift before sending • Of course Dan cannot expect to deliver nuclear weapons via UPS  f(x)=x^2 4 2 Original garbage 2 Too much ! +ve 2 Perfect ! 2 2 Imperfect !

  15. Data Transport Properties A packet entering the system may not be visible exiting the system if DUT is viewed as a black box Q1 Q2 . . . Qm P1 P2 . . . Pn DUT n >= 1, m >= 0 This happens due to - One or more data transform functions inside DUT or - Legal dropping of a Packet - Single Packet may split to multiple destinations - Multiple Packets may merge to single destination

  16. Proving Data Transport Properties Breakup for FV complexity Deep FIFO P’’ exits via O2 null 6 P enters via I1 1 F(x) 4 2 G(x) 3 M(x) Split 5 H(x) 7 N(x) P’ exits via O2 Math data transform Data filter Non-Math data transform

  17. Proving Data Transport Properties Breakup for FV complexity Deep FIFO null 6 1 F(x) 4 2 G(x) 3 M(x) Split 5 H(x) 7 N(x) Math data transform Data filter Non-Math data transform

  18. Tool Assisted User Interactive Proof Process • ABC = Cone of Influence of Property • A’BC’ = Minimal cut-point to prove the Property • A’’BC’’ = Cut-point that the tool can handle to Prove Property • are internal assumptions added to Prove Propertywithin A’’BC’’ • Internal Assumptions are subject to similar Proof Process A A’ A’’ B C’’ C’ C

  19. Enhanced SFV Environment Reachable Unknown Unreachable Input Biasing Input Assumptions DUT TestPlan Coverage Goals generates DUT RTL SFV TestBench Pass X Fail DUT Data Transform Model Internal Properties Proof Unknown Fail DUT Data Transport Property Reachable Unknown Unreachable Internal Coverage Goal

  20. Enhanced Unit Verification Goals Reached • Coverage goals reached or proved expectedly unreachable • Line, • Condition, • User Specified Implementation Specific, • User Specified Test Plan • SFV traces that reached above goals = Data Transform Model Output • White Box Properties proved or bounded proved • End to End Data Transport Property proved • Important Properties of Complex Control Logic Blocks proved

  21. Future Improvements • Formal engines parallelized to reach goals faster • Efficient Management of interesting startstates population • Automating “logic addition” to DUT to reach bugs faster • Automate Assume Guarantee Verification for proofs

More Related