Assertions

1. Assertions • An assertion is a statement about the design’s intended behavior • Assertions can be written in a hardware description language (HDL) • Assertions can be written in a verification language (e, openvera, psl, etc) • Assertions are not native to verilog but can be converted to verilog • Open Verification Library, http://www.eda.org/ovl VHDL assertion Verilog assertion always (a or b) begin if (a XOR b) begin $display(“A,B must be inverted”); $finish; end end ASSERT ((a = ‘1’) XOR (b = ‘1’)) REPORT “A, B must be inverted”;

2. Benefits of Assertions • Improved Observability • Internal variables and be observed with less effort • Reduce Debug Time • Errors can be detected close to when/where they occur • Easier to track down the source of a bug • Facilitates Design Integration • Assertions at module interface defined before implementation • Interface assertions act as verifiable contracts • Facilitates Designer’s Understanding • The designer must fully understand his/her module to write assertions • Many inconsistencies are found in the process of writing assertions

3. Assertion Rules of Thumb • Create assertions for identified errors not detected by existing assertions • Attempt to make the assertion set “complete” • Give assertions good names (or good comments) • Need to understand the meaning of assertions to make a complete set • Provide a consistent way to disable assertions • Assertion evaluation is slow • Do not synthesize assertions • Assertions are usually for simulation, not silicon debug

4. Classes of Assertions/Properties Safety Property • States that a property should be true at all times • May involve a finite time window • Ex. 1 At a traffic intersection, no more than one light should be GREEN or YELLOW at a time. • Ex. 2 If a light is YELLOW at time T then it should be RED no later than time T+3. Liveness Property • States that a property must eventually become true, under a condition • No limit on time • In practice, there is usually a time limit • Ex. A traffic light must eventually become green if a car is waiting

5. Assertions in Verilog • We will use Open Verilog Library (OVL) since assertions are not native to Verilog • An assertion for a FIFO • pop input signal • cnt is the number of elements in the FIFO assert_never no_underflow (clk, reset, (pop && cnt==0)) • Assertion name is no_underflow • clk and reset are the clock and reset signals (needed to indicate when to evaluate the assertion) • (pop && cnt==0) is the boolean which cannot evaluate to true

6. Temporal OVL Assertion “The ack signal must be asserted exactly three clock cycles after the req signal is asserted” assert_next #(0,3)my_req_ack (clk, reset, req, ack) num_cks start_event test_expr severity • Severity indicates what to do when assertion is violated (0=stop sim) • Start_event is the event that triggers the monitoring of the test_expr • Test_expr is the expression which must be TRUE num_clks after the trigger

7. state space feasible state space assertion 1 assertion 2 Assertions as Constraints on the State Space • The set of all net/variable values defines a system state • The cross product of all net/variable values defines the state space • Some of the state space is not feasible because some variable combinations cannot happen (two traffic lights green together) • An assertion is a constraint which partially defines the feasible state space

8. A2 A1 A1: assert ~((NS == ‘G’) && (EW == ‘G’)) R Y A2: assert ((NS == ‘R’) || (EW == ‘R’)) G A3: assert ~((NS == ‘R’) && (EW == ‘R’)) A3 G Y R Assertions for the Traffic Light Controller • Traffic Light Controller • Two main variables, NS and EW • Each variable has 3 possible values, R, G, B • State space has 9 elements (3x3) • Select assertions to minimize intersection • A1 is not needed