Post on 05-Jan-2016
description
Verification Methodology Based on Algorithmic State Machines andCycle-Accurate Contract Specifications
Sergey Frenkel1 and Alexander Kamkin2
1Institute of Informatics Problems of the Russian Academy of Sciences
E-mail: fsergei@mail.ru2Institute for System Programming of the Russian Academy of Sciences
E-mail: kamkin@ispras.ru
2
Design Steps
Architectural and RTL Design
Input: architectural (behavioral) description in HDL (Verilog, VHDL) or system-level language (SystemC, SystemVerilog)
Output: RTL description of the design: data path (interconnection of adders, multipliers, etc.) control logic (FSM model of a control unit)
Logic Synthesis
Input: RTL description of the design
Output: gate-level description of the design
Physical Design
Out of our consideration
3
General Scheme of Design Verification
Design Specification
Verifier
Implementation
NoYes
Correct Implementation
Incorrect Implementation
4
Challenges of Design Verification
50-80% of ASIC / IP / SoC design effort goes to verification, what has effects on Schedule, Cost, Quality
computational complexity of formal verification is prohibited for many real-life designs
simulation is slow, requires billions of vectors for large designs, and exhaustive simulation is infeasible
the verification tools and methods need to scale well, and be able to support efficient debugging, have to allow for ongoing changes in the specification and the design
the methodology must be flexible enough to permit new design features, such as soft error detection, including fault latency and self-healing analysis
5
Total Design Cost Reducing
A work of a designer is resulted in two or three activities and human/equipment resources which have been spent for one of them should be kept back in another
6
Two Ways of Design Verification (RTL)
Verification
Formal Verification
Verification via Simulation
Formal Verification Verification Via Simulation
7
Possible Combination of the Verification Approaches
a “mechanical” combination of the verification techniques: part of design is verified by simulation, while another by a formal method
by using of formal specification for simulation verification
by using a semi-formal specification
8
Semi-Formal Verification
Informal Specification
Formal Specification
Formal Verification Verification via Simulation
Verdict: Pass or Fail
9
Cycle-Accurate Contract Specifications
Operations Contracts of stages Contracts of
operations
A1
…
AN
…
A1
…
AN
…
Operation Contracts of stages Contract of
operation
A1
…
AN
pre(A, 1)post(A, 1)
pre(A, N)post(A, N)
…
pre(A)
10
Idea of the Method
post(A, 2) post(B, 1)
Operation A
Operation B
A1 A2 … AN
B1 B2 … BN
Time
Test Oracle
1 2 3 …
11
A
B
C
Branching and Other Features
— stage
— branch
— fork
— join
12
Algorithmic State Machine (ASM)
An Algorithmic State Machine (ASM) is the directed connected graph containing an initial vertex (Begin), a final vertex (End) and a finite set of operators and conditional vertices.
The operators and conditional vertices have only one input, the initial vertex has no input. Initial and operator vertices have only one output, a conditional vertex has two outputs marked by “1” and “0”. A final vertex has no outputs. Each operator include some body in a pseudo-code, and its execution takes a clock of the target system time
The following are the major steps in the ASM methodology: Describe the target system algorithm by ASM chart (using a pseudo-code) Design the data path based on the ASM chart Design the control logic based on the detailed ASM chart
13
ASM Example Let us an operator Yb be implemented. The sequence of the actions after Yb can be
represented by ASM as following:
The operator Y3 is executed after Yb when x1x4x3=1,Y1 is executed afterYb when x1x’3=1,
Y5 is excuted after Yb when x1x4x’3=1 or x’1=1, that is:
Yb→ x1x4x3Y3 + x1x4x'3Y5 + x1x'4Y1 + x'1Y5
Begin
x1
x4
x3
y1 y2
x3
Y1
y8 y9
Y4
x2
1
1
11
0
0
0
y5 y6 y7Y3
0
0 1
x5
x1
1
1
0
0y4
x6
1 0
y6 y7
Y2
Y6
EndYe
y1 y3
Y5
Yb
14
System/Logic Design by Abelite(Prof. Samary Baranov, Holon Institute of Technology, Israel)
ASM-description
FSMFSMMicro
operations
RTL (VHDL)
Design Tools(SYNOPSIS,CADENCE)
I2
Joint ASMFlow Chart
I1 In
15
About ASM Formalities
A possibility to use some ASM-based formalized verification is due to some formal rules, used for ASM flowchart construction. Namely, to provide this unique correspondence between the ASM flowchart and a target data path and control unit it is enough that a synthesis algorithm would obey the following rules:
State boxes should contain only register statements, control signals in parentheses
All operations within a state box should be concurrently executable in one clock cycle
If the operations in two consecutive state boxes can be executed in the same clock cycle, then these two state boxes can be combined into one state box
For each register-transfer statement, there must be a path between the source and destination registers
The description contains the ordering of microoperations, namely, each of rectangle take one clock for its execution
16
Suggested Design Verification Methodology
Informal Specification of the Design
HDLModel
FSM Model
Checking
OK?
No
Yes
Contract Specifications
Properties (CTL)
ASM Flowcharts
CTESK Testbench
Simulation
17
Design Verification Methodology (cont.)
Formal Verification
Temporal propertiesof the system to verify
Behavioral Descriptionin a verification language (SMV)
RUN
18
Temporal Logic (CTL)
Temporal logic expresses the ordering of events in time by means of operators that specify properties
“E” existential path quantifier “A” universal path quantifier “X” next time “F” eventually “G” globally “U” until
19
Verification via Model Checking
FINITE-STATE SYSTEM
PROPERTYTO VERIFY
MODEL CHECKINGPROGRAM
PROPERTY IS TRUE OR A COUNTER EXAMPLE
propagates sets of states, not individual trajectories
20
A Fragment of ASM Operation Hierarchical Description
21
ASM-Specified Model Checking (3-bit counter)
a1 a10 1 y7y8y9y10y11y12 Micro Instructions:a2 a3 1 y2y3 Y1 = y1a3 a1 1 y4 Y2 = y2 y3a4 a2 1 y1 Y3 = y4a5 a4 1 y4 Y4 = y5 y3a6 a7 1 y4 Y5 = y6 y3a7 a8 1 y1 Y6 = y7 y8 y9 y10 y11 y12a8 a5 1 y5y3 a9 a6 1 y6y3a10 a9 1 y1 Micro Operations:
y1 : v:=(v+c_in)mod 2y3 : c_out:=v&c_iny4 : c_in:=c_outy5 : b1:=vy6 : b0:=vy7 : b0:=0y8 : b1:=0 y9 : b2:=0y10 : c_in:=1y11 : c_out:=0y12 : v:=0
22
Model Checking (cont.)
Conditions of Natural Ordering of Counting
SPEC AG (((bit0=0)&(bit1=1) &(bit2=0)) ->AX((bit0=1)&(bit1=1)&(bit2=0)))SPEC AG (((bit0=0)&(bit1=1) &(bit2=0)) ->AX((bit0=1)&(bit1=1)&(bit2=1)))
23
Conclusion
An approach that is a combination of ASM-based and contract-based approaches to hardware designs semi-formal verification is introduced
The approach allows to unify benefits of both formal and simulation-based methods for complex digital hardware designs verification at early designing stages
Presently there are some examples of this approach application to verification tests designing for one of unit of MIPS64-compatible microprocessor
The approach allows to describe complex digital hardware with pipelining, interlocks, branching, etc.
24
Thank You!