Presentation is loading. Please wait.

Presentation is loading. Please wait.

Relative-timing based verification of timed circuits and systems

Published byUwe Bretz Modified over 5 years ago

Similar presentations

Presentation on theme: "Relative-timing based verification of timed circuits and systems"— Presentation transcript:

1 Relative-timing based verification of timed circuits and systems
* 07/16/96 Relative-timing based verification of timed circuits and systems Hoshik Kim and Peter A. Beerel Department of EE-Systems University of Southern California IWLS ’99 June 27-30, 1999 *

2 Motivation: Timed Circuits and Systems
* 07/16/96 Motivation: Timed Circuits and Systems Definition Any circuit/specification in which timing constraints/assumptions are necessary to ensure “correct” operation Examples Delayed-reset Domino [Nowka et al., ICCD98] Self-Resetting Domino [Chappell et al., IBM96] Timed (asynchronous) circuits [Intel’s RAPPID, ASYNC99] Advantages Extremely fast and dense Disadvantages Hard to design and verify Requires complicated timing verification November 18 *

3 Self-Resetting Domino (SRCMOS)
* 07/16/96 Self-Resetting Domino (SRCMOS) Characteristics The input signal to a SRCMOS stage is a pulse rather than a level Input pulse requirements must last until after N1 falls must be less than the reset delay (green path) Key implication Thus, a two-sided constraint on the pulse width exists N2 N1 Q A B A self-resetting 2-input OR gate November 18 *

4 Possible Verification Approaches
* 07/16/96 Possible Verification Approaches Well-known and fast Does not easily handle two-sided constraints Very powerful More computationally expensive Timed Circuits Static Timing Analysis Asynchronous Reachability Analysis Each circuit node is a state variable Our approach: Reduce the cost of asynchronous analysis November 18 *

5 Current State-of-the-Art: Explicit-timing
* 07/16/96 Current State-of-the-Art: Explicit-timing Specification Circuit A B C u1 u2 u3 000000 010000 110000 100000 111100 111101 111110 110100 101101 State = [A B C u 1 u 2 3 ] F A+ A- B- B+ + C+ - A-,B- Timed State Space = [1, 5] [2, 4] [0.2, 4] [0.3, 3] Features [Belluomini et al., ASYNC99] Bounds of delays used Time is dense -> timed state space is infinite! Timed state space representation States labeled with binary value of all signals Regions used to characterize the time in each state November 18 *

6 Issues with Explicit-timing approach
* 07/16/96 Issues with Explicit-timing approach Explicit-timing verification must overcome double exponential complexity (state space + timing) Timing margins may need to be overly conservative Delay bounds must be valid across process variations Minor design changes that affect bounds require complete re-verification November 18 *

7 Relative-Timing (RT) Verification
* 07/16/96 Relative-Timing (RT) Verification Verification methodology Find relative-timing constraints on path delays that guarantee correctness If red path delay is smaller than green path, y is stable high -> OK If red path delay is larger than yellow path, y has neg. pulse -> OK Otherwise, a runt pulse (or hazard) can occur -> FAILURE Analyze post-layout circuits to validate constraints SPICE-level simulation OR Simpler timing analysis using bounded delays B x A y November 18 *

8 Advantages of Relative-Timing (RT)
* Advantages of Relative-Timing (RT) 07/16/96 Reduces verification complexity RT techniques do not need to model timers Reduces complexity exponentially Facilitates use of mature symbolic methods Facilitates tighter timing margins RT constraints can be verified very aggressively Promotes easy incremental verification Many minor design changes easily verifiable (e.g., simulation) E.g., transistor sizing, layout, technology/process migration November 18 *

9 The problem statement Definitions Our Goal Event chain
* 07/16/96 The problem statement Definitions Event chain Sequence of transitions along a circuit path Delay of an event chain associated path delay E.g., DB+A-y- = DB+A- + DA-y- Relative-timing constraint Ordered triple of event chain delays view as two sided constraint on a target event chain delay E.g., DB+A- < DB+x+ < DB+A-y- Our Goal Find relative-timing constraints necessary and sufficient for correctness B x A y November 18 *

10 * 07/16/96 Our approach Step 1 Perform asynchronous reachability analysis (w/o regions) States labeled with binary values of all signals Over approximation because time is not considered Step 2 Identify all possible failure transitions Formalized with notion of an “event triples” Step 3 Determine causality of events in event triple Formalized with notion of an “event PN” Step 4 Find relative timing constraint for each event PN Formalized with notion of “time separation of events (TSE)” [Xie et al., ASYNC99] November 18 *

11 Event Triples Target event t Dangerous set of states
* 07/16/96 Event Triples Target event t labels a failure transition (causes a race) Dangerous set of states Q(t) = {s | }; Event triple (l, t, u) t is a target event l is a lower bound event which enters Q(t) u is an upper bound event which escapes Q(t) Interpretation Target failure occurs if t happens after l enters Q(t) but before u occurs Fail t u1 u2 l2 l1 Reachability Graph (from Step 1) Q(t) November 18 *

12 An Event PN The Goal Event PN Our Approach
* 07/16/96 An Event PN The Goal Characterize the causality of events in an event triple Event PN An acyclic Petri net describing causality of events Our Approach Create an Event PN to capture the causality Find a constraint using TSE’s. {TSE (l, t) > 0} ^ {TSE (t, u) > 0} TSE expressions relate to delays of gates along circuit paths t s1 s2 u l Synchronization events Event triple (l, t, u) Event PN November 18 *

13 One possible approach Circuit Description Specification
* 07/16/96 One possible approach Circuit Description Specification Untimed analysis to find out event triples Leverage off of advanced verification techniques [Pastor99, Vakilotojar98, Yoneda96, Yenigun99] Mapping PN from ETS is computationally complex The assignments of delays to places is unclear when label splitting occurs Transition System (TS)  Elementary TS (ETS) [Cortadella et al.95]  Event PN for each event triple RT constraints November 18 *

14 An alternative approach
* 07/16/96 An alternative approach Circuit Description Specification Petri net model of the circuit Creating the Petri net model of a circuit is straight forward Leverage off of advanced verification techniques [Pastor99, Vakilotojar98, Yoneda96, Yenigun99] The correspondence of delays on places and gate delays is pre-determined in the Petri net gate library Looks more promising Untimed analysis to find out event triples Gates Library (Petri net models) Event PN for each event triple RT constraints November 18 *

15 Example 1: Static C-element
* 07/16/96 Example 1: Static C-element 000000 111111 010000 110000 100000 111100 111101 111110 110100 011111 011110 011101 101101 001111 001101 101110 101100 001110 001100 State = [A B C u 1 u 2 3 ] 011011 011010 011001 011000 101011 101001 001011 001001 101010 101000 001010 001000 F 011100 A+ A- B- B+ + C+ C- - A-,B- Sum-of-Products C-element Reachability Graph 000 010 110 State = [A B C] 100 111 101 011 A B C u1 u2 u3 001 Specification November 18 *

16 Example 1 (cont.) Generate RT Constraints :
* 07/16/96 Example 1 (cont.) Reachability Graph B- 000000 111111 110000 100000 111100 111110 110100 011111 011110 011101 101101 001111 001101 101110 101100 001100 State = [A B C u 1 u 2 3 ] 011011 011010 011001 011000 101011 101001 001011 001001 101010 101000 001010 001000 F 011100 A+ A- C+ C- + - A-, B- 010000 111101 001110 B+ A-/1 Generate RT Constraints : 1. T = {B-, A-} 2. For t = B-, L = {C+}, U = {u3+} 3. Find an event PN and thus RT constraint for event triple (C+, B-, u3+) 4. For t = A-, L = {C+}, U = {u2+} 5. Repeat Step 3 for event triple (C+, A-, u2+) The circuit will work “correctly” unless it satisfies any of the RT constraints. November 18 *

17 Example 1 (cont.) “?” indicates “input” Circuit
* 07/16/96 Example 1 (cont.) Specification AND2 A partial marking corresponds to a dangerous states set Q “?” indicates “input” “!” indicates “output” AND2 OR3 Circuit A B C u1 u2 u3 AND2 November 18 *

18 Example 1 (cont.) Double synchronization events here
* 07/16/96 Example 1 (cont.) Event PN for event triple (C+, B-, u3+) Double synchronization events here Thus, only upper and lower bounds on TSE can be found [Xie et al.99] The upper bound of TSE (TSEu) will be used in the constraints to be conservative Event triple (l, t, u) = (C+, B-, u3+)  TSE (C+, B-) = d(p3) > 0 (Delay of a place is always positive)  Leads to a trivial two-sided constraints  TSEu (B-, u3+) = max [max {d(p4) + d(p2) + d(p5), d(p6)} - {d(p4) + d(p2) + d(p3)}, d(p5) - d(p3)] > 0 {DB+u1+C+B- < max (DB+u1+C+u3+, DB+u3+)}  {DC+B- < DC+u3+} November 18 *

19 Example 2: Two-sided constraints
* 07/16/96 Example 2: Two-sided constraints 000 00000 A+ A+ 100 10000 B+ y+ State = [A B C] B+ 11000 10001 110 C- x+ y+ B+ C- C+ A- 11010 11001 y+ x+ 111 010 State = [A B C x y] C+ 11011 A- C+ A- 11111 A- 011 A- F B- 001 A- x+ 00100 A- 01000 Specification x+ y- y- 00101 01010 01001 y+ A B x y C Circuit x- 00111 C+ 01011 B- 01111 Reachability Graph November 18 *

20 Example 2 (cont.) Generate Chain Constraints : 1. T = {A-, x+}
* 07/16/96 Example 2 (cont.) Generate Chain Constraints : 1. T = {A-, x+} 2. For t = A-, L = {B+}, U = {x+, y+} 3. Find an event PN and sub-constraint for each event triple (B+, A-, x+) and (B+, A-, y+). Conjunction of all sub-constraints is an RT constraint 4. For t = x+, L = {A-}, U = {y-} 5. Repeat Step 3 for event triple (A-, x+, y-) 00000 10000 State = [A B C x y] 01010 01000 01011 01001 01111 00111 F A+ C- y- 11001 11000 y+ B+ A- 10001 11011 11010 x+ C+ B- 00101 x- 00100 11111 Reachability Graph November 18 *

21 Example 2 (cont.) “?” indicates “input” Circuit
* 07/16/96 Example 2 (cont.) Specification A partial marking corresponds to a dangerous states set Q “?” indicates “input” “!” indicates “output” OR2 C-element C A B y Circuit x Buffer November 18 *

22 Example 2 (cont.) Event PN for event triple (A-, x+, y-)
* 07/16/96 Example 2 (cont.) Event PN for event triple (A-, x+, y-) 00000 A+ 10000 B+ y+ 11000 10001 C- x+ y+ B+ 11010 11001 y+ x+ State = [A B C x y] 11011 C+ A- 11111 A- A- F Event triple (l, t, u) = (A-, x+, y-)  TSE (A-, x+) = d(p1) - d(p2) > 0  TSE (x+, y-) = {d(p2) + d(p3)} - d(p1) > 0 (DB+A- < DB+x+) ^ (DB+x+ < DB+A-y-) \ DB+A- < DB+x+ < DB+A-y- If we had only one bound DB+x+ < DB+A-y-, we would remove good states -> false negatives A- x+ 00100 A- 01000 x+ y- y- 00101 01010 01001 y+ x- 00111 C+ 01011 B- 01111 November 18 *

23 * 07/16/96 Conclusion We presented novel verification techniques to support emerging high performance circuit design techniques. These techniques identify a set of two-sided path delay constraints that are sufficient to find any failure of the circuits Constraints can be verified using simulation or simpler timing analysis November 18 *

24 Future Work Refine and implement the theory and algorithm
* 07/16/96 Future Work Refine and implement the theory and algorithm Combine with hierarchical and other partial order approaches Test on both aggressively designed synchronous and asynchronous circuits November 18 *

Download ppt "Relative-timing based verification of timed circuits and systems"

Similar presentations

CS370 – Spring 2003 Hazards/Glitches. Time Response in Combinational Networks Gate Delays and Timing Waveforms Hazards/Glitches and How To Avoid Them.

CS370 – Spring 2003 Hazards/Glitches. Time Response in Combinational Networks Gate Delays and Timing Waveforms Hazards/Glitches and How To Avoid Them.
1 Fault Diagnosis for Timed Automata Stavros Tripakis VERIMAG.

1 Fault Diagnosis for Timed Automata Stavros Tripakis VERIMAG.
A university for the world real R © 2009, www.yawlfoundation.org Chapter 3 Advanced Synchronization Moe Wynn Wil van der Aalst Arthur ter Hofstede.

A university for the world real R © 2009, Chapter 3 Advanced Synchronization Moe Wynn Wil van der Aalst Arthur ter Hofstede.
Formal Verification of Safety Properties in Timed Circuits Marco A. Peña (Univ. Politècnica de Catalunya) Jordi Cortadella (Univ. Politècnica de Catalunya)

Formal Verification of Safety Properties in Timed Circuits Marco A. Peña (Univ. Politècnica de Catalunya) Jordi Cortadella (Univ. Politècnica de Catalunya)
1 8. Safe Query Languages Safe program – its semantics can be at least partially computed on any valid database input. Safety is tied to program verification,

1 8. Safe Query Languages Safe program – its semantics can be at least partially computed on any valid database input. Safety is tied to program verification,
TH EDA NTHU-CS VLSI/CAD LAB 1 Re-synthesis for Reliability Design Shih-Chieh Chang Department of Computer Science National Tsing Hua University.

TH EDA NTHU-CS VLSI/CAD LAB 1 Re-synthesis for Reliability Design Shih-Chieh Chang Department of Computer Science National Tsing Hua University.
Computing Delay with Coupling Using Timed Automata Serdar Tasiran, Yuji Kukimoto, Robert K. Brayton Department of Electrical Engineering & Computer Sciences.

Computing Delay with Coupling Using Timed Automata Serdar Tasiran, Yuji Kukimoto, Robert K. Brayton Department of Electrical Engineering & Computer Sciences.
Models of Computation for Embedded System Design Alvise Bonivento.

Models of Computation for Embedded System Design Alvise Bonivento.
Logic Verification 1 Outline –Logic Verification Problem –Verification Approaches –Recursive Learning Approach Goal –Understand verification problem –Understand.

Logic Verification 1 Outline –Logic Verification Problem –Verification Approaches –Recursive Learning Approach Goal –Understand verification problem –Understand.
CSC 8310 Programming Languages Meeting 2 September 2/3, 2014.

CSC 8310 Programming Languages Meeting 2 September 2/3, 2014.
EE 5900 Advanced Algorithms for Robust VLSI CAD, Spring 2009 Static Timing Analysis and Gate Sizing.

EE 5900 Advanced Algorithms for Robust VLSI CAD, Spring 2009 Static Timing Analysis and Gate Sizing.
1 Automatic Refinement and Vacuity Detection for Symbolic Trajectory Evaluation Orna Grumberg Technion Haifa, Israel Joint work with Rachel Tzoref.

1 Automatic Refinement and Vacuity Detection for Symbolic Trajectory Evaluation Orna Grumberg Technion Haifa, Israel Joint work with Rachel Tzoref.
Theory of Computing Lecture 17 MAS 714 Hartmut Klauck.

Theory of Computing Lecture 17 MAS 714 Hartmut Klauck.
ECE 484 - Advanced Digital Systems Design Lecture 12 – Timing Analysis Capt Michael Tanner Room 2F46A 333-6766 HQ U.S. Air Force Academy I n t e g r i.

ECE Advanced Digital Systems Design Lecture 12 – Timing Analysis Capt Michael Tanner Room 2F46A HQ U.S. Air Force Academy I n t e g r i.
Verification & Validation By: Amir Masoud Gharehbaghi

Verification & Validation By: Amir Masoud Gharehbaghi
Courtesy RK Brayton (UCB) and A Kuehlmann (Cadence) 1 Logic Synthesis Multi-Level Logic Synthesis.

Courtesy RK Brayton (UCB) and A Kuehlmann (Cadence) 1 Logic Synthesis Multi-Level Logic Synthesis.
Static Timing Analysis

Static Timing Analysis
On the Relation Between Simulation-based and SAT-based Diagnosis CMPE 58Q Giray Kömürcü Boğaziçi University.

On the Relation Between Simulation-based and SAT-based Diagnosis CMPE 58Q Giray Kömürcü Boğaziçi University.
DFA foundations Simone Campanoni

DFA foundations Simone Campanoni
©2010 Cengage Learning SLIDES FOR CHAPTER 8 COMBINATIONAL CIRCUIT DESIGN AND SIMULATION USING GATES Click the mouse to move to the next page. Use the ESC.

©2010 Cengage Learning SLIDES FOR CHAPTER 8 COMBINATIONAL CIRCUIT DESIGN AND SIMULATION USING GATES Click the mouse to move to the next page. Use the ESC.

Similar presentations

Ads by Google