Smart Use of SystemVerilog Assertions

Copyright - Real Intent

Smart Use of SystemVerilog Assertions

Find Bugs Early In The Design Cycle Eliminate Block-Level Simulation Improve Verification Confidence

Dramatically Improves Verification ROI

Slide 2

Copyright - Real Intent

Assertions Cover Failure Modes In Design

Unreachable Unreachablestate stateverification verification Combinational Combinationalfeedback feedbackloop loopdetection detection Pairwise Pairwisestate statedeadlock deadlockin inFSMs FSMs Clock Clockdomain domaincrossing crossingsignal signalstability stability Bus Busgraycode graycodeencoding encoding Arbiter Arbiterprotocol protocolverification verification Standard Standardbus busprotocol protocolchecking checking Cache Cachecoherency coherencyprotocol protocolchecking checking

... Many Can Be Inferred Automatically!!!

Slide 3
Copyright - Real Intent

Real Life Assertion Successes: Automatic Assertions

Block Enable
Disabled built-in test logic identified/ debugged in taped out design in 20 minutes

Constant Net
Miswired interfacing logic in 500K gate design identified/fixed in 2 hours.

Static Cycle
Identification of combinational feedback loop through IP block interfacing at RTL level of 1 million gate design in 30 minutes

Pairwise State Deadlock

Deadlock between two state machines identified in 2 35-state FSMs

Slide 4

Copyright - Real Intent

Real Life Assertion Successes: Asynchronous Clock Domain Verification

Logical analysis is required to completely verify asynchronous clock domain protection
Data stability Graycode encoding ...

Slide 5

Copyright - Real Intent

Design Confidence through Formal Analysis of Logical Design Protection

data[n:0] enable Data Stability Verification data[n:0] p enable

clkA
Slide 6

clkB

Gray-Code Encoding Verification

Copyright - Real Intent

SystemVerilog Asynchronous Clock Domain Assertions

propertystable_width(st_cond, stable_width(st_cond,width, width,signal, signal,clk); clk); property @(posedgeclk) clk) @(posedge st_cond|-> |->#[1:width] #[1:width]$stable $stable(signal); (signal); st_cond endproperty endproperty

propertygraycode(expr); graycode(expr); property @(posedgeclk) clk) @(posedge $countones(expr^ ^$past(expr)) $past(expr))== ==1; 1; $countones(expr endproperty endproperty

Slide 7

Copyright - Real Intent

Real Life Assertion Successes: Library Annotation

Library component interface verification through standard library assertions
FIFO control logic

assertproperty property(not (not(Write (Write&& &&Full)); Full)); assert assertproperty property(not (not(Read (Read&& &&Empty)); Empty)); assert
Onehot mux control lines

assertproperty property($onehot(select)); ($onehot(select)); assert

Slide 8

Copyright - Real Intent

Real Life Assertion Successes: Bus Protocol Checking

Exhaustive verification of 17 internal bus protocols instances in 12 hours through use of a single userdefined checker
module cpu cpu (clk, (clk, rst, rst, ...); ...); module ... ... bus_ip_block bus_interface0 bus_interface0 (.clk(clk), (.clk(clk), .rst(rst),...); .rst(rst),...); bus_ip_block bus_prot_check bus_check0 bus_check0 (.clk(clk), (.clk(clk), .rst(rst),...); .rst(rst),...); bus_prot_check endmodule endmodule module bus_prot_check bus_prot_check (clk, (clk, rst, rst, ...); ...); module always @(posedge @(posedge clk) clk) always if (req) (req) begin begin if ... ... grant_issue: assert assert property property ##[3:7] ##[3:7] grant; grant; grant_issue: .. .. end end endmodule endmodule Copyright - Real Intent

Slide 9

Real Life Assertion Successes: IP Verification Reuse

Interfacing issue with reused IP block where designer had previously coded onehot assertions identified in 10 minutes
module cpu cpu (clk, (clk, rst, rst, ...); ...); module ... ... bus_ip_block bus_interface0 bus_interface0 (.clk(clk), (.clk(clk), .rst(rst),...); .rst(rst),...); bus_ip_block bus_ip_block bus_interface1 bus_interface1 (.clk(clk), (.clk(clk), .rst(rst),...); .rst(rst),...); bus_ip_block .. .. endmodule endmodule module bus_ip_block bus_ip_block (clk, (clk, rst, rst, ...); ...); module assert property property ( ( assert @(posedge clk) clk) @(posedge $onehot(datain); $onehot(datain); . . endmodule endmodule
Slide 10
Copyright - Real Intent

Assertion Driven Formal Verification Flow

Tape Out RTL Coding
Implied Intent Implied Intent RTL Sign-Off RTL Sign-Off Additional Assertions Expressed Intent Expressed Intent
Analyze Debug

Chip Level
Formal Clock Intent Assertions

Implied Intent Implied Intent

Analyze Debug

Formal Verification of Formal Verification of Inter-Block Properties Inter-Block Properties Simulation Simulatable Assertions Simulatable Assertions Additional Assertions Clock Intent Verification Clock Intent Verification
Analyze Debug

RTL Check-In RTL Check-In

Clock Intent Sign-Off Clock Intent Sign-Off Implied Intent Implied Intent RTL Release to RTL Release to Verification Team Verification Team

Expressed Intent Expressed Intent

Analyze Debug

Block Level

Formal Verification of Formal Verification of Critical Properties Critical Properties

Slide 11

Copyright - Real Intent