1 / 9

Formal Verification of Partial Good Self-Test Fencing Structures

Formal Verification of Partial Good Self-Test Fencing Structures. Rick Seigler, Gary Van Huben, Hari Mony. Outline. Overview of Partial LBIST Fencing Traditional Approach to Partial LBIST Fencing Verification Verification Model Overview Methodology Flow Verification Results

Download Presentation

Formal Verification of Partial Good Self-Test Fencing Structures

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Formal Verification of Partial Good Self-Test Fencing Structures Rick Seigler, Gary Van Huben, Hari Mony

  2. Outline • Overview of Partial LBIST Fencing • Traditional Approach to Partial LBIST Fencing Verification • Verification Model Overview • Methodology Flow • Verification Results • Tuning Considerations • Summary and Conclusions Rick Seigler et al.

  3. Core 1 Core 2 Sequential Sequential Sequential Logic Logic Logic Core 3 Core N Overview of Partial LBIST Fencing Multiple core chip with common logic Common Logic DesignUnder Test (DUT) PartialGood Interface Core 1 PartialGood Fence Core 1 PartialGood Interface Core N MISR PartialGood Fence Core N Red Latch Represents Non Partial Good Interface or Common Logic Rick Seigler et al.

  4. Traditional Approach to Partial LBIST Fencing Verification • Logic Simulation • Exercise LBIST procedure to obtain and verify LBIST signature • Major limitation is that simulation of LBIST procedure is inherently complex • Requires proper initialization • Requires complex driver sequencing • Even more complex with multiple clock domains • Time consuming to get running • Best case verification run times are typically measured in days and increases proportional to chain length • Not possible to prove correctness because can't cover all possible state transitions via simulation Rick Seigler et al.

  5. Sequential Sequential Sequential Sequential Sequential Sequential Logic Logic Logic Logic Logic Logic Verification Model Overview Formal Verification Model using SixthSense Sequential Equivalence Checking DUT Inactive state Partial Good Interface Signal 1 Non-deterministic Partial Good Fence Signal 1 Active state Model 1 Driver PartialGood Interface Signal N MISR Partial Good Fence Signal N Equiv Check DUT Partial Good Interface Signal 1 Partial Good Fence Signal 1 Model 2 Driver X-State Detect PartialGood Interface Signal N MISR Partial Good Fence Signal N Rick Seigler et al.

  6. Methodology Flow STEP 1 IDENTIFY PG INTERFACES STEP 6 OVERRIDE SCAN INPUTS TO INVERTED LATCHES STEP 4 CREATE X-STATE ASSERT STEP 2 CREATE WRAPPER STEP 5 CHECK PROPERTIES STEP 7 REBUILD MODELS AND RE-CHECK PROPERTIES STEP 3 CREATE DRIVERS Y N INVERSIONS ? Y N N Y PROPERTY VIOLATIONS ? INVERSIONS ? DESIGN BUG(S) DONE Rick Seigler et al.

  7. Verification Results Rick Seigler et al.

  8. Tuning Considerations • Two primary challenges • Quickly find bugs • Used SAT-based Bounded Model Checking (BMC) on speculatively reduced model • Efficiently complete proofs • Imperative since model size and diameter limits the # of BMC cycles • Strategy: Sequential redundancy removal [MBPK 05] using assume-then-prove paradigm • Guess candidates using name comparison, semi-formal analysis, etc • Assume candidates to be redundant and create speculatively reduced model • Validate the correctness of candidates (proof step) • Bug Finding • BMC on original model ran out of resources due to model size and diameter • BMC on the spec-reduced model [MBPK 05] was successful and avoided resource crunch • Proof Completion • Inductive analysis insufficient; localization transformations very effective • Identified causal redundancy candidates that made proofs difficult; very useful Rick Seigler et al.

  9. Summary and Conclusions • Case study on IBM z-Series multi-core chip demonstrated our partial lbist verification methodology is: • Scalable • More than a million latches and gates in DUT • Fast • Verification run times less than 30 minutes • Easy to implement • Knowledge of LBIST design details and sequences not required • Drivers easily auto-generated once partial good interfaces and fence signals identified • No complex assertions • Applicable to any partial good self-test structure • Six design bugs found and resolved prior to initial release • Very unlikely would have been discovered with simulation Rick Seigler et al.

More Related