ASSERTIONS

Page 1 of 2

Copyright 2010., Kacper Technologies Pvt Ltd. All Rights Reserved

WHAT IS ASSERTION?
 An Assertion in the context of a programming language is a statement that validates assumptions or checks conditions in a program.  A piece of verification code to validate behaviour, coverage goals and

constraints of a design.
EXAMPLES:
• Write will follow read after 6 clock cycles. • FIFO must never overflow. • Read and Write should not happen at same clock cycle. • Checking Reset condition in SONET when data is valid. • A signal must never become unknown.

Benefits of Assertions?
 In traditional verification approach we will inject random stimulus into the DUT and checks result at output.  For complex designs coverage and debugging is harder.

 Assertions

comes

here

to

improve

the

verification process.

Benefits of Assertions Cont…
 Supports Multi-Clock domain crossing logic.
• • Assertions can be written to check clock domain crossing logic. Great check while data crossing clock domains

 Increases bug detection possibility at RTL level. Reduces time to develop.  Great help in debug for large nightmare design random tests.  Open verification libraries – Instantiate libraries in your design, connect the signals and verify your design.

Why not Verilog? Why SystemVerilog?
 Consider the following bus protocol specification: • When FRAME is asserted LDF i.e last data face must go low with

in 2 clock cycles.
FRAME LDF CLK

SV Assertion

Why not Verilog? Why SystemVerilog? Cont… Verilog Assertion .

Why not Verilog? Why SystemVerilog? Cont…  Verilog   SystemVerilog Procedural : Don‟t have good control over time.Gives excellent control over time.No built-in mechanism for coverage. Verbose . .If Assertions increases it becomes difficult to handle No Functional coverage . More built-in functions. Provides constructs to collect functional coverage.    Declarative language . Difficult to test for parallel events in the same time period.

Who writes Assertions? And Where?  Both design engineer and verification engineers writes Assertions in their respective domains. Added as facts about the design as they are recognized. Rule of thumb and every assumption is an assertion. THE VERIFICARTION ENGINEER!!   At macro architectural level. Verification engineers may need to tutor the designer early in the project. THE DESIGNER!!    At micro architectural level design to check correctness of the designers intent. .

Performance level based Assertions .    Interface level Assertions.Who writes Assertions? And Where? Cont…  RTL level Assertions. FIFO overflow. Chip interface level Assertions. Example: • • • One hot encoding in FSM. Capture designers concept of critical corner cases for verification.

$past. arithmetic expression>. assume property. ended. or. not. $fell) . throughout. assert property.LANGUAGE HIERARCHY DIRECTIVES (assert. intersect. and.cycle delay. within. repetition. $rose. $countones. first_match) BOOLEAN EXPRESSIONS (<logical. disable iff) SEQUENCES (Sequence. cover property) PROPERTIES (property. implication).

Assertions) . Test bench.Assertion based Verification Flow Capture Assertions FEATURE LIST Verify Assertions / Design FAIL Debug DUT Specification PASS ASSERTION Coverage Fix RTL Bug Fix Stimulus: (Constraint.

• Immediate Assertions • Concurrent Assertions  Immediate Assertions: • These are event driven and procedural in nature • Mainly used in simulation block • Based on clock cycles • Evaluated in Observed region .Types of Assertions  Two types of assertions defined in the SVA.

Expression is non temporal. verification tools automatically register that as an error. then the assertion fails and the simulator writes an error message. similar to if statement. Z or 0.  If assert evaluates to X. .Immediate Assertions  An assertion is basically a statement that something must be true.  If an expression is not true and it does not have an associated else part.

if once you decide certain rules what kind of error messages if should give. • • • $fatal .1a.Run time fatal (quit Simulation) $error .  Uniformity through out the project. Default according to LRM 3.)  Assertion severity level system tasks. When we set property and if we wont specify failure case of the property.Run time error.. Vendor specific line commands can change this behavior $warning – Run time warning •  $info – Means this assertion carries no specific severity. Easier to debug!!! . then by default language dictates simulator should give error as $error severity level.Immediate Assertions (Cont.

Immediate Assertions (Cont.)  Immediate assertion Example: ..

 Concurrent assertions are checked throughout simulation. where a concurrent assertion detects a behaviour over time to be specified.Concurrent Assertions  Immediate assertion describes a logic behaviour at an instant of time.  Concurrent assertions may also be used as statements in initial or always blocks. A concurrent assertion in an initial block is only tested on the first clock tick.  The variables used in a concurrent assertion are sampled in the Preponed region of a time slot and the assertions are evaluated during the Observe region. They usually appear inside procedural block or with in a module. Both these regions occur immediately before a clock edge. .

 The first assertion example shown below does not contain a clock. • • • Sequence Property Assert . the values of Req and Ack are sampled on the rising edge of Clock. Therefore it is checked at every point in the simulation.property . The second assertion is only checked when a rising clock edge has occurred..  In concurrent assertion there are three main components.Concurrent Assertions cont..

. . Sequence :  In any design.  SVA provides a key word to represent these events called "sequence. functionality is represented by the combination of multiple logical events.Concurrent Assertions cont."  The basic syntax of a sequence is as follows.  These events could be simple Boolean expressions that get evaluated on the same clock edge or could be events that evaluate over a period of time involving multiple clock cycles..

If data signal is not high on any positive clock edge.. 5th clock cycle positive edge data goes low here.Concurrent Assertions cont. Sequences (cont. For example . .  Concurrent assertions use the values sampled in the "preponed" region of the scheduler. 6th clock cycle positive edge captures this as shown below.):  Sequence s1 checks that the data signal is high on every positive edge of the clock. the assertion will fail...

. Sequence with edge :   Sequence s2 checks that the data signal transitions to a value of 1 on every positive edge of the clock. If the transition does not occur. the sampled value of data signal within the sequence is 1.. A transition of value from 0 to 1 is a rising edge and hence. At clock cycle 2. Another succeed is shown at 7th clock cycle. the sequence s2 succeeds in clock cycle 2.Concurrent Assertions cont.. the assertion will fail.

) Sequence with logical relationship Sequence with logical relationship  Sequence seq checks that on every positive edge of the clock. . Concurrent Assertions (Cont.. • For example. either signal “sig1" or signal “sig2" is high..cont. the assertion will fail. Sequence Expressions  Define formal arguments in a sequence definition and re-use the same sequence for other signals in design that have similar behavior.. If both are low.

. .. after two clock cycles „b‟ should be high.)  Sequences of Boolean expressions can be described with a specified time step in- between.  Consider the following example at pose edge of clock „a‟ should be high. Sequence Expressions (Cont. after four clock cycles „c‟ should be high and „z‟ should be high with in one to five clock cycles.Concurrent Assertions cont..

.. Concurrent Assertions (Cont. Syntax: signal or sequence [* n] • "n" is the number of times the expression should match repeatedly..) Sequence Replication operators: Sequence with logical relationship  Consecutive Repetition Operator [* ] • • • To specify that a signal or a sequence will match continuously for the number of specified clocks. a ##2 b [*5] ##6 c s1 [*4] (s1 ##1 s2) [*3] a [*3] s1[*2:$] a ##2 b ##1 b ##1 b ##1 b ##1 b ##6 c s1##1 s1##1 s1 ## 1 s1 (s1 ##1 s2) ##1 (s1 ##1 s2) ##1 (s1 ##1 s2) a ##1 a ##1 a means s1 occurs at least 2 times . A hidden delay of one clock cycle is assumed between each match of the signal.Concurrent Assertions cont.

Syntax: signal [->] The Boolean expression y has been true 4 times. Sequence Replication operators Cont. 1st occurrence of y happens after 3 clocks cycles of x. 6 or 7 times..  Goto Repetition Operator [-> ] • • This operator specify that an expression will match the number of times specified not necessarily on continuous clock cycles. not necessarily on consecutive clocks. 5. The last one occurs 6 clock cycles before z.. but not necessarily on successive clocks x has been true 4.Concurrent Assertions cont. y [->4] x [->4:7] x ##3 y [->3] ##6 z . not necessarily on consecutive clocks The Boolean expression y has been true thrice..

 Non-consecutive Repetition Operator [= ] • This is very similar to "go to" repetition except that it does not require that the last match on the signal repetition happen in the clock cycle before the end the • entire sequence matching... Sequence Replication operators Cont. y [=4] x [=4:7] . Sequences are not allowed. once again not necessarily on consecutive clocks. Only expressions are allowed to repeat in "go to" and "nonconsecutive” repetitions. x has been true 4.. • Syntax: Signal [= n] The Boolean expression y has been true 4 times. but not necessarily on successive clocks and there may be additional clock cycles after the last true y before the sequence completes.5. and with possible additional clocks after words when x is not true.Concurrent Assertions cont.6 or 7 times.

B Match at t7 CLK . • The end time of the match i. Sequence Match Operators  The "and" construct • The binary operator "and" can be used to combine two sequences logically.. • Sequences may end at different times. when the match is recognized is the end time of the longer sequence.Concurrent Assertions cont. A B t1 t1 t5 t7 A. if • Both sequences must start at the same time.e. • The result of and operation is a match. The final property succeeds when both the sequences succeed..

B Match at t5 CLK ..Concurrent Assertions cont. D C B A t1 t2 t7 t8 t1 t1 t5 t5 A.)  The INTERSECT operator • The result of intersect operation is a match.. • Additionally. the sequences must have the same ending time. Sequence Match Operators (Cont. if • They satisfy all the criteria of a match with and operator. So. • Both sequences A and C start and end at the same times (t1 and t5).. (A intersect B) is a match at time t5.

Concurrent Assertions cont.. it ends) at time t7. Sequence Match Operators (Cont.t7 t1 t5 .. The sequence A matches at time t5. B A CLK t1 t7 A. The final property succeeds when any one of the sequence succeeds. So the sequence A or B has a match at times t5 and t7.B Matches at t5.. The sequence B matches (or.)  The OR operator • • • The binary operator "or" can be used to combine two sequences logically.

.)  The FIRST_MATCH operator • The construct "first_match" ensures that only the first sequence match is used and the others are discarded. • first_match(A or B) produces a match only at time t4.B Matches at t4 B A CLK t1 t6 t1 t4 .. Sequence Match Operators (Cont. A. • This becomes very help fill when combining multiple sequences together wherein only the first match in the timing window is required to evaluate the remaining part of the property..Concurrent Assertions cont.

the signal sig2 is high only after the sequence A starts. Sequence Match Operators (Cont. (~sig1) throughout A is a match is this case. . So.. there is no match for the sequence sig2 throughout A.. So.)  The THROUGHOUT operator • Throughout operator is used to make sure that certain condition holds true during the evaluation of the entire sequence. However.Concurrent Assertions cont.. • • Syntax: (expression) throughout (sequence definition) Here the signal sig1 goes low for the duration of the sequence A. The simple syntax of a throughout operator is shown below.

• In the above figure B within A is a match during the time when B is a match. Syntax: seql within seq2 This means that seql happens within the start and completion of seq2. The starting matching point of seq2 must happen before the starting matching point of seql..Concurrent Assertions cont.. but A within B is never a match.)  The WITHIN operator • • • • The "within" construct allows the definition of a sequence contained within another sequence.. The ending matching point of seql must happen before the ending matching point of seq2.. Sequence Match Operators (Cont. .

the end of seq is denoted by s1(a. seq.ended method • • The ended is a method on a sequence that returns a true value. if the sequence still matches.. If seq has formal arguments. If seq is a sequence..Concurrent Assertions cont.ended denotes the end of the sequence seq.. say. or false. if the sequence ends on that clock tick. b and c. b.)  The . c). a. .ended. Sequence Match Operators (Cont.

."  The basic syntax of a property is as follows.. Property:  Number of sequences can be combined logically or sequentially to create more complex sequences.. SVA provides a key word to represent these complex sequential behaviors called "property.Concurrent Assertions cont.

It has to be asserted to take effect during a simulation.   Assert statements produce results that are visible externally. The basic syntax of an assert is as follows. .Concurrent Assertions cont... Assert Property:   The property is the one that is verified during a simulation. SVA provides a key word called "assert" to check the property.

.Concurrent Assertions cont. Assertion used as check Assertion used as forbid .. Assert property (cont. A property can also be forbidden from happening.)   An assert either succeeds. the assertion fails.. We expect the property to be false always. If the property is true. fails or remain incomplete.

.Concurrent Assertions cont. Assert property (cont..)  An assertion can have action blocks.. Example: . But action blocks can not have assert statement.

 Everything in between clock ticks is ignored.  The clock for a property can be specified in several ways:  Explicitly specified in a sequence: .Concurrent Assertions cont.. Assertion Clocking  Concurrent assertions (assert property and cover property statements) use a generalized model of a clock and are only evaluated when a clock tick occurs.. This model of execution corresponds to the way a RTL description of a design is interpreted after synthesis.

Concurrent Assertions cont.)  Explicitly specified in the property:  Explicitly specified in the concurrent assertion:  Inferred from a procedural block: . Assertion Clocking (Cont....

.. Assertion Clocking (Cont.. This assertion means that if Reset becomes true at any time during the evaluation of the sequence. then the attempt for p1 is a success.Concurrent Assertions cont. the disable iff clause allows an asynchronous reset to be specified. Otherwise. .)  Handling Asynchronous Resets: • • In the following example. the sequence b ##1 c must never evaluate to true.

.. „write‟ is high and „read‟ is High 2 clocks later. Example :  At any positive edge of clock..Concurrent Assertions cont. If „enable‟ is High.

. Example :  With formal arguments: ..Concurrent Assertions cont.

. Binding Properties : .Concurrent Assertions cont..

Concurrent Assertions cont. Binding Properties (Cont.) : ....

• a ##2 b.n clock cycles delay • n can be zero (no delay) • Must be a positive integer • a ## 1 b .This means b completes 2 clock ticks after a completes Fixed Time interval • ## [m : n] – With in m to n clock cycles delay • ## [1:3] – With in 1 to 3 clock cycles delay • n must be greater than m Indefinite timing window • ## [1 : $] – Between one clock cycle and end of the simulation • This is called the "eventuality" operator.Delays  Fixed time window • ## n .   .This means b starts one clock after a ends.ended .

.  For example. the delay information between 2 signals can be parameterized within the checker and then the checker can be re-used in a similar situation elsewhere in the design with different timing relationships.SVA Checker using parameters  This gives great flexibility in creating re-usable properties.

 Two types of operators • • • Overlapping ( Non overlapping ( ) )  Overlapping If enable is high at posedge of clock write should be high at same positive edge of clock and read must be high 2 clock cycles later. Level Sensitive .Implication operators  Implication operators only used inside the property.

If enable is high at posedge of clock write should be high at next positive edge of clock and read must be high 2 clock cycles later.)  Non-Overlapping : • • For non-overlapped implication. the first element of the consequent sequence expression is evaluated on the next clock tick. ..Implication operators (Cont.

 The final property checks that.) Implication with a sequence as an antecedent  Property prp1 has a signal in the antecedent position. If signal "a" and signal "b" are detected to be high.. if sequence seqa succeeds. After 1 clock cycles from the current positive edge of the clock. .Implication operators (Cont. signal "c" should be high. then a check for sequence seqb is performed. then two clock cycle later. signal "d” should be low. Sequence seqb checks that.

in a property or even in an assert statement.Clock definitions in SVA  A clock can be specified in a sequence. Clock in Sequence Clock in Property .

Clock definitions in SVA (Cont. Clock in Assert .. Separate property definition is not needed to assert a sequence. Since the expression to be checked can be called from the assert statement directly.)  The assert statement calls a property.

Variables  Variables can be used in sequences and properties. .Assertions . DataOut is expected to equal the assigned value. A common use for this occurs in pipelines:  In this example. Five clocks later. the variable v is assigned the value of DataIn unconditionally on each clock. Each invocation of the property (here there is one invocation on every clock) has its own copy of v.

 The simulator keeps a count of the number of times the property in the cover property statement holds or fails. .  This can be used to determine whether or not certain aspects of the designs functionality have been exercised.Coverage Statements  Cover property statements can be used to monitor sequences and other behavioral aspects of a design for functional coverage.

which can be used in assertions. detect must be 1 on the following clock. .Assertion System Functions  SystemVerilog provides a number of system functions.  $rose. • Asserts that if in changes from 0 to 1 between one rising clock and the next.  For example. $fell and $stable indicate whether or not the value of an expression has changed between two adjacent clock ticks. • States that data shouldn‟t change whilst enable is 0.

$onehot0(expr) returns true if at most one bit of expr is high. .. $onehot(expr) returns true if exactly one bit of expr is high.  The system functions $onehot and $onehot0 are used for checking one-hot encoded signals.Assertion System Functions cont.  The system function $past returns the value of an expression in a previous clock cycle. States that q increments. provided reset is low and enable is high.

. vacuous success during simulation. real success. failed. matched. Sequence Coverage:  For each sequence count the number of times the sequences • Attempted. real match and not attempted. succeeded.SVA Functional Coverage Assertion Coverage:  For each assertion count the number of times the assertion • Attempted.

Summary  Assertions are great way to verify complex designs . Assertions only can be used to completely authenticate a design as robust  By creating testbench with functional coverage we can understand which all functionalities of the design are covered in test  Creation of testbench with functional coverage requires detailed verification plan .

Sign up to vote on this title
UsefulNot useful