Presentation is loading. Please wait.

Presentation is loading. Please wait.

Streamline Verification Process with Formal Property Verification to Meet Highly Compressed Design Cycle Prosenjit Chatterjee, nVIDIA Corporation.

Published byHoward Stevens Modified over 8 years ago

Similar presentations

Presentation on theme: "Streamline Verification Process with Formal Property Verification to Meet Highly Compressed Design Cycle Prosenjit Chatterjee, nVIDIA Corporation."— Presentation transcript:

1

2 Streamline Verification Process with Formal Property Verification to Meet Highly Compressed Design Cycle Prosenjit Chatterjee, nVIDIA Corporation

3 GoalsGoals Reach conventional verification goals faster Reach conventional verification goals faster Reach more verification goals Reach more verification goals Fewer verification resources Fewer verification resources Prove specific properties of most complex blocks Prove specific properties of most complex blocks Reach conventional verification goals faster Reach conventional verification goals faster Reach more verification goals Reach more verification goals Fewer verification resources Fewer verification resources Prove specific properties of most complex blocks Prove specific properties of most complex blocks

4 SFVSFV Minimal verification environment expertise Minimal verification environment expertise Ability to use conventional verification techniques Ability to use conventional verification techniques Non FV-able properties still usable Non FV-able properties still usable Use conventional verification techniques at Full Chip and Super Unit level Use conventional verification techniques at Full Chip and Super Unit level However, now fewer bugs to uncover as sub-units are already SFV-ed However, now fewer bugs to uncover as sub-units are already SFV-ed Full time Dedicated Verification Engineer not required Full time Dedicated Verification Engineer not required Designer’s kit Designer’s kit Minimal verification environment expertise Minimal verification environment expertise Ability to use conventional verification techniques Ability to use conventional verification techniques Non FV-able properties still usable Non FV-able properties still usable Use conventional verification techniques at Full Chip and Super Unit level Use conventional verification techniques at Full Chip and Super Unit level However, now fewer bugs to uncover as sub-units are already SFV-ed However, now fewer bugs to uncover as sub-units are already SFV-ed Full time Dedicated Verification Engineer not required Full time Dedicated Verification Engineer not required Designer’s kit Designer’s kit

5 Conventional Verification Process Sets of vector sequences that Sets of vector sequences that User generates to accomplish coverage goals User generates to accomplish coverage goals Directed or Random Vector sequences Directed or Random Vector sequences Outputs are “smart-diffed” Outputs are “smart-diffed” Sets of vector sequences that Sets of vector sequences that User generates to accomplish coverage goals User generates to accomplish coverage goals Directed or Random Vector sequences Directed or Random Vector sequences Outputs are “smart-diffed” Outputs are “smart-diffed” DUT RTL DUT Data Transform Model TestBench X Pass Fail Internal Properties Internal Properties Unknown Fail User writes TestBench Internal Coverage Goal Reachable Unknown Reachable Unknown DUT TestPlan Coverage Goals Input Biasing

6 SFV Environment DUT RTL Input Assumptions DUT Data Transform Model SFV TestBench X Pass Fail Internal Properties Input Biasing DUT TestPlan Coverage Goals Internal Coverage Goal Proof Unknown Fail generates Reachable Unknown Unreachable Reachable Unknown Unreachable

7 SFV Environment- Test Bench Input Assumptions provide legal stimulus Input Assumptions provide legal stimulus Input Biasing provide higher proportion of important events Input Biasing provide higher proportion of important events Different Random Seeds are applied automatically Different Random Seeds are applied automatically Random Simulation obeys Input Assumptions and Biasing Random Simulation obeys Input Assumptions and Biasing FV obeys Input Assumptions. Biasing is irrelevant FV obeys Input Assumptions. Biasing is irrelevant Auto self adjusts user’s biasing to reach coverage goals Auto self adjusts user’s biasing to reach coverage goals Coverage goals missed by SFV are reached by directed testing Coverage goals missed by SFV are reached by directed testing Input Assumptions provide legal stimulus Input Assumptions provide legal stimulus Input Biasing provide higher proportion of important events Input Biasing provide higher proportion of important events Different Random Seeds are applied automatically Different Random Seeds are applied automatically Random Simulation obeys Input Assumptions and Biasing Random Simulation obeys Input Assumptions and Biasing FV obeys Input Assumptions. Biasing is irrelevant FV obeys Input Assumptions. Biasing is irrelevant Auto self adjusts user’s biasing to reach coverage goals Auto self adjusts user’s biasing to reach coverage goals Coverage goals missed by SFV are reached by directed testing Coverage goals missed by SFV are reached by directed testing

8 Coverage Goals Automated: Line Coverage Line Coverage Condition Coverage Condition Coverage User Specified: Implementation Specific Implementation Specific Executable Test Plan Executable Test PlanAutomated: Line Coverage Line Coverage Condition Coverage Condition Coverage User Specified: Implementation Specific Implementation Specific Executable Test Plan Executable Test Plan

9 Coverage Goals Rand_B1 Rand_Default Rand_Bm Coverage Report Save SFV generated vectors Partition uncovered goals SFV_G1 SFV_Gn C-RTL output compare Rand_Default Coverage met ? yes Done no Directed Testing or SFV run with - biased random ON - formal engines OFF SFV run with - biased random ON - formal engines ON

10 Unit Verification Goals Reached Coverage goals reached or proved expectedly unreachable Coverage goals reached or proved expectedly unreachable Line, Line, Condition, Condition, User Specified Implementation Specific, User Specified Implementation Specific, User Specified Test Plan User Specified Test Plan SFV traces that reached above goals = Data Transform Model Output SFV traces that reached above goals = Data Transform Model Output White Box Properties proved or bounded proved White Box Properties proved or bounded proved End to End Data Transport Property proved End to End Data Transport Property proved Coverage goals reached or proved expectedly unreachable Coverage goals reached or proved expectedly unreachable Line, Line, Condition, Condition, User Specified Implementation Specific, User Specified Implementation Specific, User Specified Test Plan User Specified Test Plan SFV traces that reached above goals = Data Transform Model Output SFV traces that reached above goals = Data Transform Model Output White Box Properties proved or bounded proved White Box Properties proved or bounded proved End to End Data Transport Property proved End to End Data Transport Property proved

11 SFV Engines Property Proving or Coverage Goal Unreachability SFV Process 2 Process 1 Property Falsification or Coverage Goal Reachability

12 Using BMC from interesting start states Default start state is reset state Default start state is reset state SFV tool uses heuristics to find interesting start states SFV tool uses heuristics to find interesting start states User identifies subset of coverage goals as interesting start states User identifies subset of coverage goals as interesting start states Requires efficient management of the start states population Requires efficient management of the start states population Default start state is reset state Default start state is reset state SFV tool uses heuristics to find interesting start states SFV tool uses heuristics to find interesting start states User identifies subset of coverage goals as interesting start states User identifies subset of coverage goals as interesting start states Requires efficient management of the start states population Requires efficient management of the start states population

13 Helping SFV tool reach interesting states faster Limiting conditions in DUT may be very “deep” Limiting conditions in DUT may be very “deep” Tolerable Random Logic Addition to fan-in of internal signals in DUT Tolerable Random Logic Addition to fan-in of internal signals in DUT Limiting conditions in DUT may be very “deep” Limiting conditions in DUT may be very “deep” Tolerable Random Logic Addition to fan-in of internal signals in DUT Tolerable Random Logic Addition to fan-in of internal signals in DUT fifo_full = original_RTL_design_logic || random_hi_or_low; random_hi_or_low; Tout_cntr <= random_decision ? timeout_value : timeout_value : original_RTL_design_logic; original_RTL_design_logic; fifo_full = original_RTL_design_logic || random_hi_or_low; random_hi_or_low; Tout_cntr <= random_decision ? timeout_value : timeout_value : original_RTL_design_logic; original_RTL_design_logic; Primarily for finding bugs using SAT Primarily for finding bugs using SAT Coverage Goals reached via such techniques are ignored Coverage Goals reached via such techniques are ignored Primarily for finding bugs using SAT Primarily for finding bugs using SAT Coverage Goals reached via such techniques are ignored Coverage Goals reached via such techniques are ignored

14 Enhanced Unit Verification Goals Reached Coverage goals reached or proved expectedly unreachable Coverage goals reached or proved expectedly unreachable Line, Line, Condition, Condition, User Specified Implementation Specific, User Specified Implementation Specific, User Specified Test Plan User Specified Test Plan SFV traces that reached above goals = Data Transform Model Output SFV traces that reached above goals = Data Transform Model Output White Box Properties proved or bounded proved White Box Properties proved or bounded proved End to End Data Transport Property proved End to End Data Transport Property proved Coverage goals reached or proved expectedly unreachable Coverage goals reached or proved expectedly unreachable Line, Line, Condition, Condition, User Specified Implementation Specific, User Specified Implementation Specific, User Specified Test Plan User Specified Test Plan SFV traces that reached above goals = Data Transform Model Output SFV traces that reached above goals = Data Transform Model Output White Box Properties proved or bounded proved White Box Properties proved or bounded proved End to End Data Transport Property proved End to End Data Transport Property proved

15 Proving Data Transport Functionality - Intuition If I want to check FEDEX and UPS always delivers safely THEN If I want to check FEDEX and UPS always delivers safely THEN I do not care if Dan changes the gift before sending I do not care if Dan changes the gift before sending Of course Dan cannot expect to deliver nuclear weapons via UPS Of course Dan cannot expect to deliver nuclear weapons via UPS If I want to check FEDEX and UPS always delivers safely THEN If I want to check FEDEX and UPS always delivers safely THEN I do not care if Dan changes the gift before sending I do not care if Dan changes the gift before sending Of course Dan cannot expect to deliver nuclear weapons via UPS Of course Dan cannot expect to deliver nuclear weapons via UPS FEDEX gift to John Dan UPS gift to Bob f(x)=x^2 2 4 2 garbage 2 +ve Original Too much ! Perfect ! 2 2 Imperfect !

16 Data Transport Properties A packet entering the system may not be visible exiting the system if DUT is viewed as a black box DUT P1P2...Pn Q1Q2...Qm n >= 1, m >= 0 This happens due to - One or more data transform functions inside DUT or - One or more data transform functions inside DUT or - Legal dropping of a Packet - Legal dropping of a Packet - Single Packet may split to multiple destinations - Single Packet may split to multiple destinations - Multiple Packets may merge to single destination - Multiple Packets may merge to single destination

17 H(x) G(x) F(x) M(x) null N(x) P enters via I1 Non-Math data transform Math data transform 3 1 4 6 5 7 2 Deep FIFO Split Data filter Breakup for FV complexity P’ exits via O2 P’’ exits via O2 Proving Data Transport Properties

18 3 1 4 6 5 7 2 Deep FIFO Split Proving Data Transport Properties Non-Math data transform Math data transform Data filter Breakup for FV complexity H(x) G(x) F(x) M(x) null N(x)

19 Tool Assisted User Interactive Proof Process ABC = Cone of Influence of Property ABC = Cone of Influence of Property A’BC’ = Minimal cut-point to prove the Property A’BC’ = Minimal cut-point to prove the Property A’’BC’’ = Cut-point that the tool can handle to Prove Property A’’BC’’ = Cut-point that the tool can handle to Prove Property are internal assumptions added to Prove Property within A’’BC’’ are internal assumptions added to Prove Property within A’’BC’’ Internal Assumptions are subject to similar Proof Process Internal Assumptions are subject to similar Proof Process ABC = Cone of Influence of Property ABC = Cone of Influence of Property A’BC’ = Minimal cut-point to prove the Property A’BC’ = Minimal cut-point to prove the Property A’’BC’’ = Cut-point that the tool can handle to Prove Property A’’BC’’ = Cut-point that the tool can handle to Prove Property are internal assumptions added to Prove Property within A’’BC’’ are internal assumptions added to Prove Property within A’’BC’’ Internal Assumptions are subject to similar Proof Process Internal Assumptions are subject to similar Proof Process A B C A’ A’’ C’ C’’

20 Enhanced SFV Environment DUT RTL Input Assumptions DUT Data Transform Model DUT Data Transport Property SFV TestBench X Pass Fail Internal Properties Input Biasing DUT TestPlan Coverage Goals generates Proof Unknown Fail Reachable Unknown Unreachable Internal Coverage Goal

21 Enhanced Unit Verification Goals Reached Coverage goals reached or proved expectedly unreachable Coverage goals reached or proved expectedly unreachable Line, Line, Condition, Condition, User Specified Implementation Specific, User Specified Implementation Specific, User Specified Test Plan User Specified Test Plan SFV traces that reached above goals = Data Transform Model Output SFV traces that reached above goals = Data Transform Model Output White Box Properties proved or bounded proved White Box Properties proved or bounded proved End to End Data Transport Property proved End to End Data Transport Property proved Important Properties of Complex Control Logic Blocks proved Important Properties of Complex Control Logic Blocks proved Coverage goals reached or proved expectedly unreachable Coverage goals reached or proved expectedly unreachable Line, Line, Condition, Condition, User Specified Implementation Specific, User Specified Implementation Specific, User Specified Test Plan User Specified Test Plan SFV traces that reached above goals = Data Transform Model Output SFV traces that reached above goals = Data Transform Model Output White Box Properties proved or bounded proved White Box Properties proved or bounded proved End to End Data Transport Property proved End to End Data Transport Property proved Important Properties of Complex Control Logic Blocks proved Important Properties of Complex Control Logic Blocks proved

22 Future Improvements Formal engines parallelized to reach goals faster Formal engines parallelized to reach goals faster Efficient Management of interesting start states population Efficient Management of interesting start states population Automating “logic addition” to DUT to reach bugs faster Automating “logic addition” to DUT to reach bugs faster Automate Assume Guarantee Verification for proofs Automate Assume Guarantee Verification for proofs Formal engines parallelized to reach goals faster Formal engines parallelized to reach goals faster Efficient Management of interesting start states population Efficient Management of interesting start states population Automating “logic addition” to DUT to reach bugs faster Automating “logic addition” to DUT to reach bugs faster Automate Assume Guarantee Verification for proofs Automate Assume Guarantee Verification for proofs

Download ppt "Streamline Verification Process with Formal Property Verification to Meet Highly Compressed Design Cycle Prosenjit Chatterjee, nVIDIA Corporation."

Similar presentations

Copyright 2000 Cadence Design Systems. Permission is granted to reproduce without modification. Introduction An overview of formal methods for hardware.

Copyright 2000 Cadence Design Systems. Permission is granted to reproduce without modification. Introduction An overview of formal methods for hardware.
1 Data Link Protocols By Erik Reeber. 2 Goals Use SPIN to model-check successively more complex protocols Using the protocols in Tannenbaums 3 rd Edition.

1 Data Link Protocols By Erik Reeber. 2 Goals Use SPIN to model-check successively more complex protocols Using the protocols in Tannenbaums 3 rd Edition.
Formal Methods and Testing Goal: software reliability Use software engineering methodologies to develop the code. Use formal methods during code development.

Formal Methods and Testing Goal: software reliability Use software engineering methodologies to develop the code. Use formal methods during code development.
© Copyright 2013 Xilinx. How to Kill 4 Birds with 1 Stone: Using Formal Verification to Validate Legal Configurations, Find Design Bugs, and Improve Testbench.

© Copyright 2013 Xilinx. How to Kill 4 Birds with 1 Stone: Using Formal Verification to Validate Legal Configurations, Find Design Bugs, and Improve Testbench.
Introduction to Formal Methods for SW and HW Development 09: SAT Based Abstraction/Refinement in Model-Checking Roberto Sebastiani Based on work and slides.

Introduction to Formal Methods for SW and HW Development 09: SAT Based Abstraction/Refinement in Model-Checking Roberto Sebastiani Based on work and slides.
SAT Based Abstraction/Refinement in Model-Checking Based on work by E. Clarke, A. Gupta, J. Kukula, O. Strichman (CAV’02)

SAT Based Abstraction/Refinement in Model-Checking Based on work by E. Clarke, A. Gupta, J. Kukula, O. Strichman (CAV’02)
Testing and Test Case Development A “primitive” method of testing, with NO test preparation, may include the following steps : – Initiate the system –

Testing and Test Case Development A “primitive” method of testing, with NO test preparation, may include the following steps : – Initiate the system –
Automated Method Eliminates X Bugs in RTL and Gates Kai-hui Chang, Yen-ting Liu and Chris Browy.

Automated Method Eliminates X Bugs in RTL and Gates Kai-hui Chang, Yen-ting Liu and Chris Browy.
Xiushan Feng* ASIC Verification Nvidia Corporation Automatic Verification of Dependency 1 TM Jayanta Bhadra

Xiushan Feng* ASIC Verification Nvidia Corporation Automatic Verification of Dependency 1 TM Jayanta Bhadra
Model Checker In-The-Loop Flavio Lerda, Edmund M. Clarke Computer Science Department Jim Kapinski, Bruce H. Krogh Electrical & Computer Engineering MURI.

Model Checker In-The-Loop Flavio Lerda, Edmund M. Clarke Computer Science Department Jim Kapinski, Bruce H. Krogh Electrical & Computer Engineering MURI.
Annoucements  Next labs 9 and 10 are paired for everyone. So don’t miss the lab.  There is a review session for the quiz on Monday, November 4, at 8:00.

Annoucements  Next labs 9 and 10 are paired for everyone. So don’t miss the lab.  There is a review session for the quiz on Monday, November 4, at 8:00.
ECE 667 - Synthesis & Verification 1 ECE 667 Synthesis and Verification of Digital Systems Formal Verification Combinational Equivalence Checking.

ECE Synthesis & Verification 1 ECE 667 Synthesis and Verification of Digital Systems Formal Verification Combinational Equivalence Checking.
Xiushan Feng* ASIC Verification Nvidia Corporation Assertion-Based Design Partition 1 TM Jayanta Bhadra, Ross Patterson.

Xiushan Feng* ASIC Verification Nvidia Corporation Assertion-Based Design Partition 1 TM Jayanta Bhadra, Ross Patterson.
Presenter: PCLee – 2011.03.02. This paper outlines the MBAC tool for the generation of assertion checkers in hardware. We begin with a high-level presentation.

Presenter: PCLee – This paper outlines the MBAC tool for the generation of assertion checkers in hardware. We begin with a high-level presentation.
Software Reliability CIS 640 Adapted from the lecture notes by Doron Pelel (www.dcs.warwick.ac.uk/~doron/notes.html)

Software Reliability CIS 640 Adapted from the lecture notes by Doron Pelel (
CSE241 Formal Verification.1Cichy, UCSD ©2003 CSE241A VLSI Digital Circuits Winter 2003 Recitation 6: Formal Verification.

CSE241 Formal Verification.1Cichy, UCSD ©2003 CSE241A VLSI Digital Circuits Winter 2003 Recitation 6: Formal Verification.
Leveraging Assertion Based Verification by using Magellan Michal Cayzer.

Leveraging Assertion Based Verification by using Magellan Michal Cayzer.
The Future of Formal: Academic, IC, EDA, and Software Perspectives Ziyad Hanna VP of Research and Chief Architect Jasper Design Automation Ziyad Hanna.

The Future of Formal: Academic, IC, EDA, and Software Perspectives Ziyad Hanna VP of Research and Chief Architect Jasper Design Automation Ziyad Hanna.
ECE 667 - Synthesis & Verification1 ECE 667 Spring 2011 Synthesis and Verification of Digital Systems Verification Introduction.

ECE Synthesis & Verification1 ECE 667 Spring 2011 Synthesis and Verification of Digital Systems Verification Introduction.
Design of Fault Tolerant Data Flow in Ptolemy II Mark McKelvin EE290 N, Fall 2004 Final Project.

Design of Fault Tolerant Data Flow in Ptolemy II Mark McKelvin EE290 N, Fall 2004 Final Project.

Similar presentations

Ads by Google