!

EEE 1850 PSL:
Overview and Status
Yaron Wolfsthal Erich Marschner Harry Foster
Forum on Specification & Design Languages
30 September 2005
IEEE 1850 PSL: Overview and Status 2
FDL '05
Outline
- Overview of PSL
- History of PSL
- !EEE 1850 PSL
- Examples
- Future of PSL
- Summary
IEEE 1850 PSL: Overview and Status 3
FDL '05
- What is PSL?
- A language for the formal specification of concurrent systems
- Describes behavior(s) that are required in a given system
- Particularly applicable for the description of hardware designs
- Key characteristics of PSL:
- Nathematically precise well-defined formal semantics
- Known efficient underlying verification algorithms
- very expressive, covering most real-world design behaviors
- !ntuitive and easy to learn, read, and write
!ntroduction
IEEE 1850 PSL: Overview and Status 4
FDL '05
PSL Flavors
- Defined to work with all the !EEE standard HDLs:
- VHDL (!EEE 10/6)
- Verilog (!EEE 136+)
- SystemC (!EEE 1666) ** new in !EEE 1850 PSL
- SystemVerilog (!EEE 1800)
- Also defined to work with General Description Language (GDL)
- http://standards.ieee.org/downloads/1850/1850-2005/gdl.pdf
IEEE 1850 PSL: Overview and Status 5
FDL '05
8ooIeon
TemporoI
Verificofion
ModeIinq
PSL Layers
IEEE 1850 PSL: Overview and Status 6
FDL '05
PSL Layers
• Boolean Expressions
– HDL expressions
– built-in functions rose(), fell(), prev(), ...
• Temporal Operators
– always, never, next, until, before, eventually, abort, ...
– @ ; : { } [* ] [= ] [-> ] && & | -> <->
• Verification Directives
– assert, assume, restrict, cover, ...
• Modeling Constructs
– HDL statements used to model the environment
IEEE 1850 PSL: Overview and Status 7
FDL '05
- Boolean expressions describe a relationship among signals in a design.
- The following verilog-flavor Boolean expression describes the relationship
¨Signal A and signal B are mutually exclusive":
(l(A && B}}
- A Boolean expression merely describes a relationship. !t does not say
whether or when it should hold (or not).
Boolean Layer

IEEE 1850 PSL: Overview and Status 8
FDL '05
- Sequences describe behavior over time.
- For example, in PSL we could write:
{ {A A; ; B B[+|; [+|; C C[*2|: [*2|:D D) )
or
{{ {{A A) ) within [*3:5|) within [*3:5|)
- Sequences can be combined with 88, 8, and ] operators also.
Temporal Layer: Sequences

IEEE 1850 PSL: Overview and Status 9
FDL '05
- Properties also describe behavior over time.
- For example, in PSL we could write:
always always { {A A) 1=> ) 1=> { {B B; ; C C) )
or
never never (A && B} (A && B}
- Temporal layer operators applied to Boolean layer expressions define a
property.
Temporal Layer: Properties

IEEE 1850 PSL: Overview and Status 10
FDL '05
- Declarations name a (possibly parameterized) sequence or property.
sequence BusGnt (boolean sequence BusGnt (boolean R R, ,G G} = } = { {R R[*|: [*|: G G); );
sequence BusRls (boolean sequence BusRls (boolean R R, ,G G} = } = { {lR lR; ; lG lG); );
property BusGntRls = property BusGntRls =
BusGnt( BusGnt(Rq Rq, ,Ak Ak} 1=> BusRls( } 1=> BusRls(Rq Rq, ,Ak Ak} within [*5|; } within [*5|;
- A default clock declaration specifies a clock expression to be used for sampling.
default clock = default clock = rose(clk} rose(clk}; ;
Temporal Layer: Declarations

IEEE 1850 PSL: Overview and Status 11
FDL '05
- Directives tell a verification tool how to use a property.
- An assert directive tells the verification tool to verify that a property
holds:
L1: L1: assert assert always always (A 11 B}; (A 11 B};
- An assume directive tells the tool to consider only those possible
behaviors in which a property holds:
L2: L2: assume assume never never (A && B}; (A && B};
verification Layer: Directives

IEEE 1850 PSL: Overview and Status 12
FDL '05
- verification units associate PSL with a design module or instance.
verification Layer: vunits

entity E1 is
port (A, B .);
.
end;
vunit V1 (E1} {
default clock is rose(clk};
L1: assert never (A and B};
)
IEEE 1850 PSL: Overview and Status 13
FDL '05
- HDL code in a verification unit can be used to model the
environment.
Nodeling Layer

entity E1 is
port (A, B .);
.
end;
vunit V2 (E1} {
signal Count : Integer := 0;
Count <= Count+1 when A else
Count-1 when B else
Count;
default clock is rose(clk};
L1: assert never Count > 10;
)
IEEE 1850 PSL: Overview and Status 14
FDL '05
Some Uses of PSL Assertions
FIFO
FSM
Bridge
Arbiter
AHB AHB
Bus Bus
PCI PCI
Bus Bus
RTL Implementation RTL Implementation
Assertions Assertions
Interface Interface
Assertions Assertions
Protocol Protocol
Assertions Assertions
High High- -Level Requirements Level Requirements
(Data (Data- -Integrity Check) Integrity Check)
IEEE 1850 PSL: Overview and Status 15
FDL '05
Outline
- Overview of PSL
- History of PSL
- !EEE 1850 PSL
- Examples
- Future of PSL
- Summary
IEEE 1850 PSL: Overview and Status 16
FDL '05
Early History of PSL
Sugar
created at IBM
Haifa Research Labs
1994 1998
FVTC
formed in
Accellera (OVI)
2001
FVTC considers:
Temporal e
ForSpec
CBV
Sugar
Linear-time
semantics
Added to Sugar
Branching-time
semantics
plus regular
expressions
Syntactic
sugaring of
CTL
PSL 1.0
defined
based on
Sugar 2.0
2002
IEEE 1850 PSL: Overview and Status 17
FDL '05
Evolution of the PSL Standard
PSL 1.0
defined
based on
Sugar 2.0
2002
PSL 1.01
Approved
2003
PSL/SVA
alignment
2004
PSL 1.1
Approved
2005
IEEE 1850
PSL
PSL clarifications
and enhancements
Approved
22 Sep 05
IEEE 1850 PSL: Overview and Status 18
FDL '05
Outline
- Overview of PSL
- History of PSL
- !EEE 1850 PSL
- Examples
- Future of PSL
- Summary
IEEE 1850 PSL: Overview and Status 19
FDL '05
!EEE 1850 PSL Working Group
- !EEE 1850 working group charter:
- Refine and enhance Accellera PSL v1.1 to create !EEE 1850 PSL
- !EEE working group goal:
- Nake !EEE 1850 PSL compatible with all !EEE standard HDLs
- !EEE 10/6 vHDL, !EEE 136+ verilog
- !EEE 1666 SystemC, !EEE 1800 Systemverilog
Issues
Subcommittee
Extensions
Subcommittee
LRM
Subcommittee
IEEE 1850
PSL Working Group
IEEE 1850 PSL: Overview and Status 20
FDL '05
!EEE 1850 PSL WG Nembers
- Voting members
- Accellera
- Cadence
- !BN
- !nfineon
- !ntel
- Jasper
- Nentor Graphics
- Nokia
- Sun
- Synopsys
- Non-voting contributors
- Altraverifica
- Northrop Grumman
- Novas
- Nvidia
- ST
IEEE 1850 PSL: Overview and Status 21
FDL '05
Coordination with Other Standards
- vHDL 200x
- !EEE 10/6 vHDL working group decided to include PSL in vHDL 200x
- This will now occur in the Accellera vHDL Technical Committee
- Systemverilog/verilog
- !EEE 1850 PSL WG tracks the work of !EEE 1800 Systemverilog WG
- Goals: to maintain PSL/SvA alignment, and Systemverilog flavor of PSL
- SystemC
- !EEE 1850 PSL WG defined a SystemC flavor of PSL
IEEE 1850 PSL: Overview and Status 22
FDL '05
Clarifications
• Clock Context
– Clarification of clock context inheritance
– (New) Optional clock context parameter for built-in functions
• Prev/Stable/Rose/Fell
– Clarification of initial values
• Verification units
– Clarification of how vunits in any flavor can be used with any HDL
– Clarification of verification unit binding semantics
• Other Clarifications
– Simple Subset refinements
– HDL types of endpoints and built-in function results
– Clarification of forall 'replication' semantics
IEEE 1850 PSL: Overview and Status 23
FDL '05
Extensions
• Parameterized and/or operators
– generalization of the 'forall' operator (AND of parameterized properties)
– supports both conjunction and disjunction, for both properties and sequences
• Endpoints
– new built-in function 'ended()'
– equivalent to endpoint ended(sequence r) = {r};
• Nondeterminism support
– new built-in nondet() and nondet_vector() functions
– provide more general non-determinism capabilities
• Synchronous Abort
– New operators for explicit synch or asynch abort
• Typed Parameters
– provide ability to use HDL data types for property/sequence parameters
• SystemC flavor of PSL
– extends the language to integrate well with SystemC syntax
IEEE 1850 PSL: Overview and Status 24
FDL '05
Outline
- Overview of PSL
- History of PSL
- !EEE 1850 PSL
- Examples
- Future of PSL
- Summary
IEEE 1850 PSL: Overview and Status 25
FDL '05
Replicated Properties in PSL v1.1
- 'Forall' replication in PSL v1.1 allowed concise expression of a group of properties
that are implicitly conjoined. For example:
is functionally equivalent to
which are implicitly 'and'ed because all assertions are expected to hold.
assert forall i in {1:3}:
always (a|i| -> next b|i|);
assert forall i in {1:3}:
always (a|i| -> next b|i|);
assert always (a|1| -> next b|1|);
assert always (a|2| -> next b|2|);
assert always (a|3| -> next b|3|);
assert always (a|1| -> next b|1|);
assert always (a|2| -> next b|2|);
assert always (a|3| -> next b|3|);
IEEE 1850 PSL: Overview and Status 26
FDL '05
New Parameterized Operators (88)
- Parameterized and/or operators generalize the forall construct. For example:
is equivalent to
which is effectively the same as the forall version. However, explicitly specifying
the 88 operator makes this approach more flexible, and nestable.
assert always for i in {1:3}:
88 (a|i| -> next b|i|);
assert always for i in {1:3}:
88 (a|i| -> next b|i|);
assert always ((a|1| -> next b|1|)
88 (a|2| -> next b|2|)
88 (a|3| -> next b|3|));
assert always ((a|1| -> next b|1|)
88 (a|2| -> next b|2|)
88 (a|3| -> next b|3|));
IEEE 1850 PSL: Overview and Status 27
FDL '05
New Parameterized Operators (]])
- This is an example that cannot be expressed using forall:
- !t is equivalent to
assert always for i in {1:3}:
]] (a|i| -> next b|i|);
assert always for i in {1:3}:
]] (a|i| -> next b|i|);
assert always ((a|1| -> next b|1|)
]] (a|2| -> next b|2|)
]] (a|3| -> next b|3|));
assert always ((a|1| -> next b|1|)
]] (a|2| -> next b|2|)
]] (a|3| -> next b|3|));
IEEE 1850 PSL: Overview and Status 28
FDL '05
Parameterized Operators on Sequences
- Parameterized operators also work on sequences. For example:
is equivalent to
assert always
(for i in {0:3}: 88 {a|i|==b|3-i|}) ]=> sync;
assert always
(for i in {0:3}: 88 {a|i|==b|3-i|}) ]=> sync;
assert always (
{{a|0|==b|3|}
88 {a|1|==b|2|}
88 {a|2|==b|1|}
88 {a|3|==b|0|}} ]=> sync);
assert always (
{{a|0|==b|3|}
88 {a|1|==b|2|}
88 {a|2|==b|1|}
88 {a|3|==b|0|}} ]=> sync);
IEEE 1850 PSL: Overview and Status 29
FDL '05
Parameterized Operators and Coverage
- Parameterized operators on sequences allow cover directives to be more easily
written for data and transaction coverage applications. For example:
- Each cover directive above acts as a bin, registering a coverage hit if any of the
values in value set are hit.
D0_9: cover {for i in {0:9}: ] {data==i}};
D10_99: cover {for i in {10:99}: ] {data==i}};
D100_999: cover {for i in {100:999}: ] {data==i}};
Dprime: cover {for i in {2,3,5,/,11,13,1/,19}: ] {data==i}};
D0_9: cover {for i in {0:9}: ] {data==i}};
D10_99: cover {for i in {10:99}: ] {data==i}};
D100_999: cover {for i in {100:999}: ] {data==i}};
Dprime: cover {for i in {2,3,5,/,11,13,1/,19}: ] {data==i}};
IEEE 1850 PSL: Overview and Status 30
FDL '05
Parameters in PSL v1.1
- Limited to Constant, Boolean, Sequence, Property
- This limits the utility of parameterized declarations.
- For example,
- The sequence instance would be simpler if parameters could be of HDL
data types.
sequence StateSeq (boolean A, B, C) is {A, B, C};
StateSeq(state=S1, state=S2, state=S3)
sequence StateSeq (boolean A, B, C) is {A, B, C};
StateSeq(state=S1, state=S2, state=S3)
IEEE 1850 PSL: Overview and Status 31
FDL '05
New HDL Data Type Parameters
- Support more flexible parameterization of properties and sequence
- Allow parameters of any PSL type class, any HDL-specific data type
- For example,
sequence StateSeq (hdltype State_Type S, A, B, C) is
{S=A, S=B, S=C};
StateSeq(state, S1, S2, S3)
sequence StateSeq (hdltype State_Type S, A, B, C) is
{S=A, S=B, S=C};
StateSeq(state, S1, S2, S3)
IEEE 1850 PSL: Overview and Status 32
FDL '05
Outline
- Overview of PSL
- History of PSL
- !EEE 1850 PSL
- Examples
- Future of PSL
- Summary
IEEE 1850 PSL: Overview and Status 33
FDL '05
!EEE 1850 PSL Working Group
- Will begin planning for next revision starting in October
- To participate, join the ieee-1850 email reflector, by sending email to
- majordomo@eda.org subscribe ieee-1850 <your email addr>
- Neeting times and access info are sent to the ieee-1850 reflector
- First step: collecting user issues
- !ssues should be sent to ieee-1850@eda.org
IEEE 1850 PSL: Overview and Status 34
FDL '05
verification Unit Enhancements?
- Goal: improve support for creation of reusable verification !P
- The most often requested enhancement
- Some possibilities:
- Allow verification units to have parameters
- Allow verification units to be instantiated
- Give verification hierarchical block-structured name spaces
IEEE 1850 PSL: Overview and Status 35
FDL '05
Outline
- Overview of PSL
- History of PSL
- !EEE 1850 PSL
- Examples
- Future of PSL
- Summary
IEEE 1850 PSL: Overview and Status 36
FDL '05
Summary
- PSL has evolved over the past several years to become
- a very capable language
- a very well-defined language
- the most widely-used property language
- an !EEE standard
- The success of PSL is due to:
- !nteroperability across multiple hardware description languages
- Expressive power
- Ease-of-use
- EDA vendor support
- Nearly all EDA companies support PSL in their tools
- !EEE 1850 PSL will continue to evolve to support new user requirements
IEEE 1850 PSL: Overview and Status 37
FDL '05
For Nore !nfo
- Accellera PSL v1.1 LRN
- www.eda.org/vfv/docs/PSL-v1.1.pdf
- !EEE 1850 web page
- www.eda.org/ieee-1850