Data path verification on cross-domain with formal scoreboard

Similar documents
With design complexity increasing significantly

Debugging Inconclusive Assertions and a Case Study

Pragmatic Simulation-Based Verification of Clock Domain Crossing Signals and Jitter using SystemVerilog Assertions

Design and Verification of Network Router

Formal Technology in the Post Silicon lab

Definitions. Key Objectives

Test and Verification Solutions. ARM Based SOC Design and Verification

Leveraging Formal Verification Throughout the Entire Design Cycle

Verification of Clock Domain Crossing Jitter and Metastability Tolerance using Emulation

CREATIVE ASSERTION AND CONSTRAINT METHODS FOR FORMAL DESIGN VERIFICATION

JasperGold. Agenda. High-Level Formal Verification

Comprehensive CDC Verification with Advanced Hierarchical Data Models

Bulletproofing FSM Verification Automated Approach to Detect Corner Case Issues in an FSM Design

Reset and Initialization, the Good, the Bad and the Ugly

Challenges in Verification of Clock Domain Crossings

Integrate Ethernet QVIP in a Few Hours: an A-to-Z Guide by Prashant Dixit, Questa VIP Product Team, Mentor Graphics

DESIGN A APPLICATION OF NETWORK-ON-CHIP USING 8-PORT ROUTER

OpenVera Assertions. March Synopsys, Inc.

ADVANCED DIGITAL IC DESIGN. Digital Verification Basic Concepts

Formal Verification of Synchronizers in Multi-Clock Domain SoCs. Tsachy Kapschitz and Ran Ginosar Technion, Israel

Multi-Domain Verification: When Clock, Power and Reset Domains Collide

Focussing Assertion Based Verification Effort for Best Results

08 - Address Generator Unit (AGU)

Hardware Design Verification: Simulation and Formal Method-Based Approaches William K Lam Prentice Hall Modern Semiconductor Design Series

Novel Architecture for Designing Asynchronous First in First out (FIFO)

Contents 1 Introduction 2 Functional Verification: Challenges and Solutions 3 SystemVerilog Paradigm 4 UVM (Universal Verification Methodology)

Using Abstractions for Effective Formal: Lessons from the Trenches

Logic Verification 13-1

Multiple-clock Domain FPGA Designs: Challenges & Solutions

EECS150 - Digital Design Lecture 17 Memory 2

Practical Approaches to Formal Verification. Mike Bartley, TVS

ACCELERATING DO-254 VERIFICATION

Accelerating RTL Simulation Techniques by Lior Grinzaig, Verification Engineer, Marvell Semiconductor Ltd.

ISSN Vol.03, Issue.02, March-2015, Pages:

Building your First Image Processing ASIC

VHDL/Verilog Simulation. Testbench Design

TKT-1212 Digitaalijärjestelmien toteutus. Lecture 7: VHDL Testbenches Ari Kulmala, Erno Salminen 2008

Universal Serial Bus Host Interface on an FPGA

Sequential Circuit Design: Principle

Assertion Based Verification of AMBA-AHB Using System Verilog

Test Scenarios and Coverage

Formal Verification: Not Just for Control Paths

Certitude Functional Qualification with Formal Verification. Jean-Marc Forey November 2012

Laboratory Finite State Machines and Serial Communication

SystemVerilog Assertions in the Design Process 213

UPF GENERIC REFERENCES: UNLEASHING THE FULL POTENTIAL

ASIC world. Start Specification Design Verification Layout Validation Finish

Synthesis of Combinational and Sequential Circuits with Verilog

Overview. Implementing Gigabit Routers with NetFPGA. Basic Architectural Components of an IP Router. Per-packet processing in an IP Router

Qualification of Verification Environments Using Formal Techniques

Techniques for Digital Systems Lab. Verilog HDL. Tajana Simunic Rosing. Source: Eric Crabill, Xilinx

Universal Asynchronous Receiver/Transmitter Core

Advanced FPGA Design. Jan Pospíšil, CERN BE-BI-BP ISOTDAQ 2018, Vienna

Lecture 9. VHDL, part IV. Hierarchical and parameterized design. Section 1 HIERARCHICAL DESIGN

FishTail: The Formal Generation, Verification and Management of Golden Timing Constraints

Design and Analysis of On-Chip Router for Network On Chip

2. BLOCK DIAGRAM Figure 1 shows the block diagram of an Asynchronous FIFO and the signals associated with it.

Assertive Verification: A Ten-Minute Primer

Design and Verification of Slave Block in Ethernet Management Interface using UVM

Choosing an Intellectual Property Core

Sequential Circuit Design: Principle

Control in Digital Systems

Design Guidelines for Formal Verification

218 SystemVerilog Assertions Handbook, 4th Edition

Plugging the Holes: SystemC and VHDL Functional Coverage Methodology

The Application of Formal Technology on Fixed-Point Arithmetic SystemC Designs

Post processing techniques to accelerate assertion development Ajay Sharma

A Pragmatic Approach to Metastability-Aware Simulation

Next-generation Power Aware CDC Verification What have we learned?

Full-Speed USB 1.1 Function Controller

Configurable UART ver 2.10

Exp#8: Designing a Programmable Sequence Detector

Verification of Digital Systems, Spring UVM Basics

1 1-Introduction: 2 FIFO Overview (Part 1 = 40 pts.) generic Fig. 1: FIFO Architecture

Design Progression With VHDL Helps Accelerate The Digital System Designs

Testbench and Simulation

Module 4. Design of Embedded Processors. Version 2 EE IIT, Kharagpur 1

Pragmatic Simulation-Based Verification of Clock Domain Crossing Signals and Jitter using SystemVerilog Assertions

SystemC Synthesis Standard: Which Topics for Next Round? Frederic Doucet Qualcomm Atheros, Inc

ECEU530. Schedule. ECE U530 Digital Hardware Synthesis. Datapath for the Calculator (HW 5) HW 5 Datapath Entity

University of California at Berkeley College of Engineering Department of Electrical Engineering and Computer Sciences. Spring 2010 May 10, 2010

Reuse MATLAB Functions and Simulink Models in UVM Environments with Automatic SystemVerilog DPI Component Generation

Verilog for High Performance

Laboratory Exercise 8

Modeling Synchronous Logic Circuits. Debdeep Mukhopadhyay IIT Madras

EECS 4340: Computer Hardware Design Unit 4: Validation

R3-7. SASIMI 2015 Proceedings. A Verilog Compiler Proposal for VerCPU Simulator. January 29,

DEVELOPMENT AND VERIFICATION OF AHB2APB BRIDGE PROTOCOL USING UVM TECHNIQUE

Graphics: Alexandra Nolte, Gesine Marwedel, Universität Dortmund. RTL Synthesis

DDR SDRAM Bus Monitoring using Mentor Verification IP by Nikhil Jain, Mentor Graphics

FlexRay The Hardware View

GENERATION OF GRAPH FOR ETHERNET VERIFICATION USING TREK M.Vinodhini* 1, P.D. Rathika 2, J.U.Nambi 2, V.Kanmani 1

Introduction to the syshsi Block ispxpga and ispgdx2

High-Level Information Interface

CDA 4253 FPGA System Design Op7miza7on Techniques. Hao Zheng Comp S ci & Eng Univ of South Florida

Microprocessor Architecture

Lab #1: Introduction to Design Methodology with FPGAs part 1 (80 pts)

ECE 545 Lecture 12. Datapath vs. Controller. Structure of a Typical Digital System Data Inputs. Required reading. Design of Controllers

Lecture 8. RTL Design Methodology. Transition from Pseudocode & Interface to a Corresponding Block Diagram

ON THE EFFECTIVENESS OF ASSERTION-BASED VERIFICATION

Transcription:

Data path verification on cross-domain with formal scoreboard Liu Jun, Intel Mobile Communications, Munich, Germany (jun.b.liut@intel.com) Abstract In today s complex System on Chip (SOC) designs, multiple asynchronous clock domains are increasingly getting deployed. More and more data are transacted from one unit to another, crossed different clock domains. Hence, formal verification (FV) methodologies are required for exhaustive verification. The traditional formal property verification (FPV) is not ideally suited for data-path intensive designs. Additionally, FPV is highly dependent on the quality of the coded properties. Thus, instead of going by the usual flow of assertion based FPV, we explored the use of pre-tested, automated and data-path optimized FV Proof Accelerators (PAs) provided by the EDA FV tool. Use of these PAs expedite the verification of Clock Domain Crossing (CDC) based designs by empowering the user to do quick setup of the formal environment, by providing increased proof convergence and by eliminating the risk of human errors by automating property generation. The formal approach described here is generic enough to be easily applied to a wide range of CDC-based designs. Keywords functional verification, formal verificaion, data path verification; clock domain cross; I. INTRODUCTION The solution is used to verify end-to-end data integrity across the data path. In case of applying traditional FPV for such kind of checking, usually the properties themselves require a large memory to verify the design intent. The Scoreboard is designed to overcome these types of problems and make formal verification possible in situations that would otherwise be hard to approach with formal techniques. Figure 1. Formal score board solution for verification data path The figure 1 shows the formal scoreboard solution for verification of data path. The DUT (Design Under Test) is bind with scoreboard via a Verilog wrapper. The scoreboard will verify that data will be transmitted properly. In the wrapper there is a clock frequency jitter, which could generate two different clock signals driving the two clock domains of DUT. In the DUT the original sync-register is replaced with an async-cdc modelling block. The async-cdc modelling block can emulate the situation of signal crossing the two clock domains. In 1

order to speed up the proof, the accelerator modules are applied in the DUT to replace the buffer and counter units. In this solution contents many Verilog components beside DUT. There are three types of the modules for modelling, verifying, and accelerating. The modelling modules emulate the behaviors of function of design and environment, similar as assumption. The verification modules are in charge of checking of the correctness of data transmission. The accelerating modules will replace the original part of DUT, abstract the function of the original one in order to decrease proof time. In each type there are several modules available to adapt different design/verification requirements. Modelling modules: async-cdc, async-cdc-wire, async-cdc-reg, clock-frequency-jitter,etc. Verifying modules: scoreboard, scoreboard-priority, etc. Accelerator modules: fifo, fifo-priority, memory, multiplier, etc. II. DATA PATH VERIFICATION WITH FORMAL SCOREBOARD A. Verifying Modules : Formal Scoreboard The formal scoreboard is embedded with all the required assertions for verification of end-to-end data integrity across a data path. In this type of verification problem, the properties themselves require a large memory in order to verify the design intent. For instance, to verify that packets are never corrupted across a data path, the requirement needs a FIFO to keep track of the incoming data to compare that data with the observed emitted data at the other end. The solution is designed to overcome these types of problems and make formal verification possible in situations that would otherwise be hard to approach with formal techniques. The following error conditions are identified with this Verification Component: 1) Dropped Data Packets When two tagged data packets enter the DUV but only one of the data packets exits, then data was dropped. 2) Duplicated Data Packets When only one tagged data packet enters the DUV but two such data packets exit, then data was duplicated. 3) Out-of-Order Data Packets When tagged data packets enter the DUV in a given order but exit in a different order, then data sequencing was not respected. 4) Corrupted Data Packets When a tagged data packet enters the DUV but this data packet exits with a different value, then data integrity was violated. The correctness of the transactions across the DUT means the packet faithful transmission, maintaining the order, data duplication and corruption. Validating the design would require plugging in the scoreboard to the DUV and connecting it to the corresponding interface signals. All the required checks are embedded in the binary and wouldn t need any specific assertions to be coded by the validator. There are sanity checks enabled as cover points to assist the validation closure. 2

Figure 1. Bind example of Scoreboard The Figure 2 shows the example of binding the simple formal score board with a 8-bit serial to parallel receiver. The instantiation for VHDL DUT could be like: dp : Formal_scoreboard generic map ( PKT_LATENCY => 65, LOG_PKT_LATENCY => 7 ) port map ( clk1 => clk, clk2 => clk, rst1n => ( rstn and not tx_error ), rst2n => ( rstn and not tx_error ), incoming_sop => ( 0 => valid_in, others => '0' ), incoming_eop => ( 0 => valid_in, others => '0' ), incoming_vld => ( 0 => valid_in, others => '0' ), incoming_data0 => ( data_in ), outgoing_sop => ( others => valid_out ), outgoing_eop => ( others => valid_out ), outgoing_vld => ( others => valid_out ), outgoing_data0 => ( data_out(0) ), outgoing_data1 => ( data_out(1) ), outgoing_data2 => ( data_out(2) ), outgoing_data3 => ( data_out(3) ), outgoing_data4 => ( data_out(4) ), outgoing_data5 => ( data_out(5) ), After loading of the score board and DUT in tool, the following assertions/covers will be generated: Table I. Formal score board assertions Assertions Packet_sanity Packet_no_extra Packet_integrity Description Verify the data path cannot dead lock Data packets is transferred without duplication Data packets is transferred without corruption (dropped, duplicated, out of order) Table II. Formal score board sanity checks Sanity Check Packet_sanity Reset active Reset toggle Description At least one packets are pushed and popped Reset signal is active Reset signal toggles at least once 3

B. Modelling modules The architecture for verification includes modelling counters and buffers along with the asynchronous clock domain crossing modelling. The clock frequency jittering mechanism does allow frequencies to be changed during verification which helps in covering a wide range of clock ratios. The async-cdc module can exhibit nondeterministic behavior when the active edge of the input domain clock lines up with the active edge of the output domain clock. 1) Async-CDC: This module is instantiated once for each flop (or bus of flops) that are in the fanin of flops immediately after the CDC. The figure 3 illustrate the non-deterministic behavior of the sync-flop. The ansyc-cdc module will replace the original flop to model this behavior Figure 3. the non-deterministic behavior The instantiation example of Async-CDC module R1_model: formal_model_async_cdc generic map ( SIG_WIDTH => 8 ) port map ( clk => clk1, rstn => not rst, sig_in => S1, sig_en => (others => 1 ), sig_out => new_r1 ); 2) Frequency jitter The frequency jitter is used to model the effects of frequency jitter when proving assertions in a design under verification (DUV) that includes multiple clock domains. Using this module makes it possible for the ratio between fast and slow clocks to vary within a defined range instead of always being locked at the same value. 4

Figure 4. the example of bind clock frequency jitter with DUT Figure 4 shows the connection of frequency jitter with DUT. By modification of the parameters of frequency jitter, the clock frequency and ratio of the clocks will be changed. The frequency relationship has a three-value range. An additional parameter specifies the number of cycles the system takes to recover after frequencies deviate from their nominal relationship. Table III. Formal score board sanity checks Parameter RATIO_LOW RATIO_LOW RATIO_LOW RECOVERY_CYCLE Description Lowest ratio value between fast clock and slow clock Median ratio value between fast clock and slow clock Highest ratio value between fast clock and slow clock Number of cycles the DUV takes to recover from a frequency glitch As Table III shows, we don t need to redefine the clock and elaborate; we can get the clock signals with three different frequencies on the given ratio of the fastest clock. It help us to emulate the async-clocks environment. C. Accelerator modules FIFO By application of formal property verification there are always buffers, memory or mathematic multiplication/divide units in our design. These structures are rarely of interest in the overall verification of the design since they are well understood and seldom contain bugs. However, these structures can become major performance bottlenecks for formal verification tools due to the huge state space they can introduce. In this paper we will only show the example how we use the abstract FIFO to replace the original one accelerate the proof speed. Our EDA vendor enable safe abstraction of FIFOs and memories while preserving sufficient information across these structures to ensure that the Formal Scoreboard provides accurate results, both in terms of valid proofs and meaningful counterexamples. These modules make it possible to fully verify end-to-end data integrity properties that would otherwise be impossible to handle with formal technology. The usage of abstract FIFO is very simple. User need to replace the driver of the output signal of the DUV's FIFO with abstract FIFO output, and connect the signals with the DUT. Below is the example of instantiation of abstract FIFO of VHDL design 5

fifo_model: formal_model_fifo generic map ( PTR_WIDTH => 5, DATA_WIDTH => 1, DATA_REG_WIDTH => 4 ) port map ( clk1 => clk, clk2 => clk, rst1n => not rst, rst2n => not rst, datain => din(32 downto 32), datain_reg => din(64 downto 61), push => wr, pop => rd, empty => empty, full => full, pkt_vld => '1', polarity => polarity, dataout => dout, dataout_reg => dout_reg ); III. PROJECT FEEDBACK The scoreboard is deployed in the IMC project team. Compare traditional simulation method, it saves about 80% time by validation of an async-fifo block (exact data will be given in final submission) compare the dynamic method. Compare the FPV method about 50% time is saved. With tool we get the code coverage of 94%. IV. SUMMARY The formal verification is applied more and more in recent year. We can find the static formal verification in every corner of hardware verification. With the development of the tools and the methods, the hardware validators have more chance to use formal method solve the problem, find the bug in their design. This scoreboard method fills another application area with many advantages: Very adaptable: the element of the whole method could be applied separately. The score board method is not only to verify the FIFO data path. It can also be applied in any type of data path verification. The abstract modeling method can be applied separately; it can be deployed in FPV or other type of formal verification applications, to increase the proof speed. The clock frequency jitter can be used to emulate the multi clock environment. Easy to implement: this method is very easy to use. Not much formal knowhow is required. The beginner of the formal verification can also handle with it. It only needs the basic System Verilog knowhow. Very efficient: compare the traditional simulation method, the score board shows its powerful efficiency in project task. So far the flow is setup, the running time/proof time is relative short. For module level it normally takes only minutes to verify the data path. V. ACKNOWLEDGEMENT The authors express their appreciation to DVcon Techical Committee for review and comment the abstract of this paper. We also thank Su Linglong from the Intel base band team to provide the useful information from the productive project. 6

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback