1 / 40

TOWARDS EQUIVALENCE CHECKING BETWEEN TLM and RTL MODELS

TOWARDS EQUIVALENCE CHECKING BETWEEN TLM and RTL MODELS. PRINCIPLES OF SEQUENTIAL EQUIVALENCE VERIFICATION. CMPE 58Q. Giray Kömürcü. Boğaziçi University. MOTIVATION. Verification is a crucial step in microelectronic design cycle Has to be done in a limited time with 100% success.

macon
Download Presentation

TOWARDS EQUIVALENCE CHECKING BETWEEN TLM and RTL MODELS

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. TOWARDS EQUIVALENCE CHECKING BETWEEN TLM and RTL MODELS PRINCIPLES OF SEQUENTIAL EQUIVALENCE VERIFICATION CMPE 58Q Giray Kömürcü Boğaziçi University

  2. MOTIVATION • Verification is a crucial step in microelectronic design cycle • Has to be done in a limited time with 100% success

  3. OUTLINE PART 1 • Sequential Circuit Representations • Introduction to Sequential Equivalence • State & Sequential Equivalence • Product Machine • Approaches to Sequential Equivalence Verification • BDD-Based Symbolic • CNF-Based Induction • Structure Driven

  4. SEQUENTIAL CIRCUIT REPRESENTATION • m # of inputs • l # of outputs • n # of memory elements • k # of internal signals • Clock(clk) signal

  5. SEQUENTIAL VERIFICATION • Checking the equivalence of two models is crucial in transformation based design flow • Combinational Equivalence Verification is appropriate when the transformations effect the combinational parts only • Sequential Equivalence Verification is needed if the transformations effect the correspondence between the memory elements • Retiming • State Minimization • Sequential Redundancy removal • Classical Algorithms have exponential complexity • Recently Symbolic Traversal, Induction, Structural approaches developed

  6. SEQUENTIAL CIRCUIT REPRESENTATION • FSM is represented by state transition graph • Edges: input/output

  7. STATE EQUIVALENCE • Two states s1, s2 of a FSM M are equivalent (s1~s2) if: • For every possible input sequence applied from these states results the same output sequence • If (s1!~ s2) they are distinguishable • Sequence that results in different outputs is distinguishing sequence

  8. SYNCHRONIZING and INITIALIZING SEQUENCES • Synchronizing sequence of machine M is an input sequence that drives M to a specific state ssync when applied form any state of M • If ssync exists; M is synchronizable • Input sequence 0-0 results in state 00 from any state • Initializing sequence is a synchronizing sequence identifiable through three-valued logic simulation

  9. SEQUENTIAL EQUIVALENCE • Two circuits are sequentially equivalent if each state of one FSM is equivalent to a state in the other • Generally reset signal is applied and number of possible Initial States are limited • Initial States’ equivalence is enough • If reset is not applicable, various equivalence notions have been devised

  10. PRODUCT MACHINE • Miter Circuit is used to check equivalence • FSM of Miter is called Product Machine • Each state of product machine is a state pair s1s2 • If output of a state is 0 its unsafe • State sj is reachable from si if an input sequence takes the machine from si to sj • Two states s1 of M1 and s2 of M2 are equivalent if all states reachable from state s1s2 are safe

  11. PRODUCT MACHINE

  12. CIRCUITS with ONE INITIAL STATE • When each circuit has one initial state, initial states’ equivalence is enough • Locally checking wheather two states are equivalent: • Breadth-first search to find the set of states reachable from the product machine’s initial state called forward FSM traversal • If all reachable states are safe circuits are equivalent

  13. CIRCUITS with ONE INITIAL STATE • Alternatively, we compute the set of non equivalent state pairs. • If these pairs belong to initial state or the states reachable from the initial state designs are non-equivalent • Backward FSM Traversal

  14. STATE EXPLOSION • Verifying Sequential Equivalence via graph traversal problem has exponential complexity • State transition graphes’ size grow exponentially with the number of memory elements • n memory elements 2n vertices • No algorithms working in polynomial time • Several heuristics developed to solve the problem

  15. SYMBOLIC GRAPH TRAVERSAL • Proven effective in practice • Perform search by manipulating the characteristic functions of sets and relations • States are not evaluated one-by-one • BDD’s are used • Efficient data structure for representing and manipulating Boolean functions • Memory requirements are prohibitive • Memory explosion!

  16. CNF BASED INDUCTION • If we show that the initial state is safe • And every safe state transitions to safe states only • We can conclude that all reachable states are safe • Sufficient but not necessary • Ssafe might have transitions to unsafe states but if Ssafe is not reachable from initial state this is not a problem • Can be solved via increasing the induction depth

  17. CNF BASED INDUCTION • For Figure a at induction depth 4 problem resolves • For Figure b at any induction depth fails • s5-s7-s8 • s6-s5-s7-s8 • s9-s9....-s9-s10

  18. STRUCTURE DRIVEN • Use functional relations that exist among the two circuits’ signals • Circuits compared are related since one is derived from the other through transformations • Functional relations make verification more tractable • Equivalent state variables • Delayed equivalent signals • Functional relations between state variables

  19. STRUCTURE DRIVEN • Example: State variables y2, y5 are equivalent • Speed up verification

  20. CIRCUITS WITH UNKNOWN INITIAL STATE • Resetting the flip-flops is costly in hardware • With nonreset flip-flops single initial state no longer holds • Classical FSM Equivalence: • For each state of M1 there is a corresponding state in M2

  21. SEQUENTIAL HARDWARE EQUIVALENCE • For no known initial state • Find a “aligning” sequence that brings the circuits to an equivalent state regardless of their current states • Aligning responses may be arbitrary • If the two designs are equivalent under SHE, they are equivalent in their steady state behaviour

  22. SAFE REPLACEMENT EQUIVALENCE • No Assumptions about a circuits operation • Machine M2 is a safe replacement for M1(M2 ≤ safeM1) iff:Any state s2 of M2 & for any input sequence • There exists a state s1 of M1 produce the same output to same input • M1 and M2 are self replacement equivalent if: • M2 ≤ safeM1 & M1 ≤ safeM2 • I/O behavior of every state of M2 (M1) can be reproduced by some state of M1 (M2) • States do not have to be equivalent

  23. SAFE REPLACEMENT EQUIVALENCE • M3 ≤ safeM1 do not hold (11 input to v4 outputs 11 in M3 & not in M1) • M4 ≤ safeM1 holds

  24. OUTLINE PART 2 • Introduction to RTL-TLM Equivalence • Event-Based Equivalence • RTL-TLM Event-Based Equivalence

  25. INTRODUCTION • Transaction Level Modelling (TLM) • High level to check functionality • Fast for simulation • Register Transfer Level Modelling (RTL) • Ready for Place & Route • TLM to RTL & RTL to TLM is required • In either case equivalence checking is mandatory

  26. TLM & RTL EQUIVALENCE CHECKING • Open Problem • No temporal or structural similarities • Traditional techniques inapplicaple • Event based equivalence is based on sequence of events • Models compared are considered as black boxes, only I/O behaviours are matched • No similarity required • No timing correlation is needed

  27. EVENT BASED EQUIVALENCE • Event: Something happening at a certain time during the evaluation of the system model • Sequence of events will be compared • Ordering Sequences of Events by “Happens Before” • a “happens before( )” b, if a is executed before b • If a b & b c then a c • If neither a b nor b a, a & b are concurrent; a||b • At different abstraction levels internal structures are very different for the same functionality so equivalence should be proved in terms of sequence of events • Informally outputs to same inputs should be the same • Definition of equivalence can be applied to formally prove that two models abstracted or refined from each other is correct by construction

  28. EVENT BASED EQUIVALENCE

  29. RTL-TLM EVENT BASED EQUIVALENCE • TLM has different abstraction levels based on timing and communication mechanism • TLM Programmers View(PV): transaction based, untimed • Functional specification is created • HW/SW partition is not certain • Communication and computation untimed • Data transfers are abstract and by function calls • TLM Programmers View with Time(PVT): aprx. timed • Simulates in non-zero simulation time: performance estimation can be done • HW/SW Partition is done • Abstract Architecture mapped to interconnected blocks • Data transactions are characterized in terms of bus-width and message size: bus burst estimation

  30. RTL-TLM EVENT BASED EQUIVALENCE • TLM Cycle Accurate(CA): cycle based and timed • HW components are similar to RTL Descriptions • Bus model is introduced & cycle accurate protocols are mapped to HW interfaces • Transactions are mapped to bus cycles • CA TLM is very close to RTL models • More Accurate than Transaction Based models • CA models: CA TLM & RTL descriptions • TB models: PV & PVT TLM descriptions

  31. TB EVENTS vs CA EVENTS • Both TB & CA event sequences can be ordered according to “Happen Before” relation • Def: In a TB Model an event occurs when a transaction starts or finishes. In a CA Model an event occurs when a read on PI or write on PO is performed

  32. TB-CA EVENT BASED EQUIVALENCE CHECKING • IO Operations performed by the models can be put in correspondence • Event Based Equivalence holds iff both implementations produce the same result independently of timing • But the strategy and data structure required for reading input stimuli or writing results is generally different • Also number of events during the input or output phase is generally different

  33. TB-CA EVENT BASED EQUIVALENCE CONDITIONS • Designers should provide the set of relevant IO objects and correspondence of PIs/POs between the CA & TB models • PIs & POs may differ in type and in number • The sequences of events observed during the evolution of the models to be compared must correspond • Such correspondence is automatically achieved by two abstraction functions; one for CA and one for TB

  34. TB-CA EVENT BASED EQUIVALENCE • Example: Read data1, Read data2, Write sum • Events are not matchable

  35. TB-CA EVENT BASED EQUIVALENCE • Relevant I/O objects must be defined by the designers • Concurrent events must be collapsed by abstraction functs. • Events specifically generated for compliance with the communication protocol must be removed by abs. functs. • is preserved only

  36. TB-CA EVENT BASED EQUIVALENCE • is preserved only

  37. TB-CA EVENT BASED EQUIVALENCE

  38. CONCLUSION • Sequential synthesis and optimization of digital circuits requires robust equivalence checking • Heuristic approaches increase the capacity of basic approaches • Still inadequate for large designs • More research is needed for sequential equivalence checking for a reliable system that can be used in the industry widely • RTL-TLM event based equivalence is a newly developed promising approach

  39. REFERENCES • PRINCIPLES OF SEQUENTIAL EQUIVALENCE VERIFICATION • Maher N. Mneimneh, Karem A. Sakallah • TOWARDS EQUIVALENCE CHECKING BETWEEN TLM and RTL MODELS • Nicola Bombieri, Franco Fummi, Graziano Pravadelli

  40. THANK YOU&QUESTIONS?

More Related