Assertive verification: a ten-minute primer
Assertive verification: a ten-minute primer
By Saeed Coates, EEdesign
August 16, 2002 (3:12 p.m. EST)
URL: http://www.eetimes.com/story/OEG20020816S0049
Introduction: the verification dilemma Most companies apply brute force methods to increase their verification success in minimal time. They staff projects with roughly three verification engineers for every designer. Using compute farms is a common method to mitigate exorbitant simulation run times. But even with more human resources and compute farms, improvements still need to be made in how verification is done. Simulations are extremely time consuming, especially for gate-level simulations, and they only cover a small subset of the possible states/events. Dire cted tests only verify the expected functionality, and test case randomization may find some unexpected bugs. Corner cases are becoming increasingly elusive in SoCs, however, and verification tests cannot cover all states. Therefore, fatal bugs are often found late in the development cycle, costing more time and money than if they were found earlier. The worst case, though, is when bugs make it into the ASIC and/or the field. However one chooses to increase the effectiveness and timeliness of their verification effort, defining when the effort is complete is also a difficult task. The overall idea is to find as many bugs as early as possible and get to an experience-based confidence level. This intangible confidence level can be derived from combinations of several tangibles: Increased use of third-party IP, such as cores, accompanies this move towards SoCs. Verifying and distributing IP to minimize the integration effort poses an array of challenges. The IP distributor has to create their design to work in an extremely wide variety of environments and maintain compliance to a standard, if applicable. The quality and exhaustiveness of the IP distributor's verification effort directly impacts the customer's experience when integrating the IP. In general, functional verification is a bottleneck in the design development process and it commands a lot more attention and respect than in the past. Assertion checks Properties can be implemented in either Verilog, VHDL, or an FPL (Formal Property Language). Additional code can be wrapped around basic properties and/or combined properties to build more complex properties. Entire monitors/checkers can even be built this way. A collection of basic properties, complex properties, and monitors are usually stored together in a property library. Assertions call out properties and check that the properties hold true at a given time (temporal) or at all times (static). For whitebox verification, which is design implementation specific, design engineers can embed assertion calls inline with their RTL design. The assertion calls are written in the same language as the property library or as comments, similar to a Synopsys directive. Either way, the assertions do not get synthesized. For blackbox verification, verification engineers can instantiate assertion calls in a testbench. Assertions can be inserted at various places in or around a design: Assertions can be simulated with the RTL to act as watchdogs throughout the simulation. IP vendors can significantly leverage this by embedding assertions in their designs. The assertions ensure the quality and proper use of the IP, while staying invisible to the customer except to flag a bug. When used with HDL simulators, assertions can significantly reduce debug time by more directly pointing engineers to where a fault has occurred in the design. Additionally, designers can do more debug on their own d esigns, thus flushing out bugs earlier in the development process. If the assertions are written in an FPL, an appropriate FPL compiler must compile the assertions before simulation. There is not yet a standardized FPL, but Accellera, a major electronic industry standards initiatives organization, is working toward proposing an FPL for IEEE standardization. Accellera selected IBM's internally developed FPL called "Sugar" from the four FPL submissions from members: After Accellera rejected ForSpec, Synopsys quickly joined with Intel and is now commercially packaging the language as part of its OpenVera hardware verification language. 0-In Design Automation has its own FPL variant, which uses pragmas (comment directives in the RTL) to declare assertions. OpenVera assertions call upon properties from the OVA (OpenVera Assertion) library, and 0-In Design Automation uses properties from its 0-In CheckWare libra ry. Both libraries contain predefined properties and are user expandable.
By now it's well established that functional verification is the long pole to tapeout, and if it's not thorough, it could be a costly setback for a project. The move towards systems on chips (SoCs) contributes significantly to the exponential increase in verification effort compared to design effort. Time to market constraints also intensify this verification dilemma.
Every design has fundamental characteristics that must hold true during operation in order for the design to work properly. For instance, a bus may have a Signal B that must always goes low three to five clocks cycles after Signal A goes high; a bug exists if Signal B does not adhere to this property at any time during operation. This fundamental characteristic can be defined as an individual code entity known as a property.
Related Articles
- IC design: A short primer on the formal methods-based verification
- Certifying RISC-V: Industry Moves to Achieve RISC-V Core Quality
- Why verification matters in network-on-chip (NoC) design
- Design-Stage Analysis, Verification, and Optimization for Every Designer
- Hardware-Assisted Verification: Ideal Foundation for RISC-V Adoption
New Articles
Most Popular
E-mail This Article | Printer-Friendly Page |