1 / 47

Industrial Strength SAT-based Alignability Algorithm for Hardware Equivalence Verification

Industrial Strength SAT-based Alignability Algorithm for Hardware Equivalence Verification. Daher Kaiss, Marcelo Skaba, Ziyad Hanna, Zurab Khasidashvili Formal Technologies Group Intel, Israel Design Center, Haifa. Purpose.

sonel
Download Presentation

Industrial Strength SAT-based Alignability Algorithm for Hardware Equivalence Verification

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Industrial Strength SAT-based Alignability Algorithm for Hardware Equivalence Verification Daher Kaiss, Marcelo Skaba, Ziyad Hanna, Zurab Khasidashvili Formal Technologies Group Intel, Israel Design Center, Haifa

  2. Purpose • Sequential Equivalence Verification (SEV) as a productivity boost in hardware design • A novel method for automatic initialization of hardware design

  3. Agenda • Problem statement • Introduction • What is Seqver? • Initialization algorithm • Experimental results • Conclusions

  4. Problem Statement • Traditional methods for doing Formal Equivalence Verification (FEV) between RTL and Schematics are not efficient • Require one-to-one correspondence between the sequential elements in the compared models • Negative impact on the abstraction level of the RTL • Negative impact on design convergence as changes in the schematics need to be reflected in the RTL

  5. Agenda • Problem statement • Introduction • What is Seqver? • Initialization algorithm • Experimental results • Conclusions

  6. Introduction • Formal Equivalence Verification (FEV) is the process of verifying that the schematic is functionally equivalent to the RTL • Formal verification tools are limited in capacity and complexity • Mapping is an association between signals in the compared designs • Central role in the FEV design activity • Thus defines boundaries for decompositions

  7. FEV flow RTL Schematics Synthesis Extraction Modify the Schematic FEV (Seqver) Map File Complex Diff Debug J Verification Passed

  8. Traditional way of doing FEV • The designs are decomposed at the sequential elements • There is a one-to-one correspondence between the sequential elements in both designs • This method is called Combinational Equivalence Verification (CEV) RTL – Fub level Schematic – Fub level

  9. Impact on chip design development • Detailed RTL is • Expensive to develop & maintain • Slow to validate • Error prone • Much of the design cycle deals with “tweaking” the circuit to meet timing/area/… constraints • Most of these changes should not change the visible behavior of a unit/fub. • Powerful, automatic, sequential verification can allow this tight coupling SCH-RTL to be relaxed

  10. Sequential Equivalence Verification (SEV) • Compare designs in which there are different number of latches and/or locations of the latches RTL – Fub level Schematic – Fub level

  11. SEV – Example 1 (Abstraction) FlipFlop based memory implementation Latch RTL A[0] A[1] A[2] Dec Out A[n] D[0..m] Latch based memory implementation Schematic Latch A[0] Latch A[1] A[2] Pre Dec Post Dec Out A[n] D[0..m]

  12. D D D En En En D D D D SEV–Example 2 (Power saving) out RTL enable clk Schematic out enable clk

  13. Challenges in SEV compared to CEV • SEV is considered a more complex task than CEV • In CEV, the slices are combinational, and thus methods like Binary Decision Diagrams (BDDs) or Combinational Satisfiability (SAT) checkers can be employed a a BDD SAT 0 1 0 1 b b 0 c b 0 1 0 1 1 0 1 c c c 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1

  14. D D D Challenges in SEV compared to CEV – Cont. • The most challenging question in SEV is initialization • What is the initial state of the two compared designs? • Example (retiming) RTL Schematic out out

  15. D D D Challenges in SEV compared to CEV – Cont. • The most challenging question in SEV is initialization • What is the initial state of the two compared designs? • Example (retiming) RTL Schematic 1 1 out out 1 0 1 Mismatch

  16. D D D Challenges in SEV compared to CEV – Cont. • The most challenging question in SEV is initialization • What is the initial state of the two compared designs? • Example (retiming) RTL Schematic 0 0 out out 0 1 0 Mismatch

  17. Agenda • Problem statement • Introduction • What is Seqver? • Initialization algorithm • Experimental results • Conclusions

  18. What is ‘Seqver’? • Sequential EQuivalence VERifier • It addresses the following design activities: • Formal equivalence verification of two designs with similar or different placement of state elements • State matching (combinational) and non state matching designs verification • RTL2Sch, Sch2Sch and RTL2RTL • For more information, please refer to ICCD 2006 paper

  19. How is the initialization problem addressed in Seqver? • Automatic initialization of the designs • Seqver theory is based on the alignability theory which was first introduced by Carl Pixley (1982) • It is motivated by the fact that a power-up state of a hardware design cannot be predicted or controlled • Thus the design must be brought into a smaller set of states where the design is supposed to work correctly

  20. Verification steps p

  21. Verification steps p

  22. Preliminaries • The unknownstate of a circuit C is the state in which all the storage elements have the undefined value X • A binarystate of a circuit C is a state in which all the state elements have binary values • An initializationsequence of C is a sequence of binary inputs which, when applied to the unknown state of C, brings C to a binary state • A resetsequence of C is a sequence of binary inputs which, when applied to any state of C, brings C to the same binary state • Without loss of generality, we will assume one circuit only that needs to be initialized • As the initialization sequence of the product machine of two given circuits C2 and C2 is an initialization sequence for each of them

  23. Agenda • Problem statement • Introduction • What is Seqver? • Initialization algorithm • Experimental results • Conclusions

  24. D D D Initialization algorithm • The idea is to assign the unknown value (X) on each of the sequential elements • Call formal engine to find an input sequence to the inputs that makes all the sequential element initialized with 0’s or 1’s • The theory guarantees no verification hole although the “real reboot sequence” might be different from the one found by Seqver • Example : possible initialization sequences are (A=0,B=0) (A=1,B=0) (A=0,B=1) (A=1,B=1) X A RTL Schematic A X out out X X X B B

  25. Which formal engine to choose? • Traditional methods for initializing hardware designs are based on BDDs • Advantages: very convenient data structures • Disadvantages : very limited in terms of number of variables • We chose to use Satisfiability (SAT) based methods • Very powerful combinational and sequential engines • iProver : Intel Formal Technology SAT engines based on Eureka – world class SAT solver

  26. Modeling challenges • Challenge: All the known SAT solvers are binary value based, while we need a three valued representation (modeling 0, 1, and X) • Solution: Dual rail modeling • Every signal is modeling using dual value (High, Low) • SAT is being applied in parallel on both the high and low rails • Due to the large similarity between the high and low rails, no overhead was observed due to this duplication Dual Rail Encoding

  27. Modeling challenges – Cont. • Challenge: How do we model sequential behavior using propositional logic? • Solution: Every variable is represented using infinite sequence Sequential Logic Encoding • Unrolling operation of an output function up-to depth k simply means applying the Next operator k times • We denote the value of stream v at time k using v[k]

  28. So what’s novel in our method ? • Recall that our method assumed all the sequential elements are initialized with the unknown value (X) • The main drawback of this methods is that sometimes the circuit is resettable but the described method wouldn’t find the reset sequence • Due to weakness properties of X (X AND !X = X) • The described method could find a sequence that initializes partial set of the sequential elements • A novel method was developed in order to complement this sequence

  29. Verification steps g p

  30. Initialization steps g1 g2 g3 p s0 s2 s5 s8 g1 g2 g3 s1 s4 s7 g3 g1 g2 s3 s6 s9 Final reset sequence is : p g1 g2 g3

  31. Algorithm illustration

  32. Algorithm illustration p Stage 1 : Initialize all the state elements with X. Find initialization sequence p

  33. Algorithm illustration p Stage 1 : If all the sequential elements are initialized, then we are done. Pick as p as the initialization sequence

  34. Algorithm illustration p Stage 2 : If not all the sequential elements are initialized, then

  35. Algorithm illustration p • Stage 2 : If not all the sequential elements are initialized, then • Build a new circuit by duplicating the original one

  36. Algorithm illustration p • Stage 2 : If not all the sequential elements are initialized, then • Build a new circuit by duplicating the original one • Initialize the not-initialized sequential elements with different values

  37. Algorithm illustration g1 p • Stage 2 : Try now to find a new sequence g1 that brings both models into one state • If this sequence doesn’t exist, then we are done. This model is not resettable !

  38. Algorithm illustration g1 p Stage 2 : However is this sequence g1 really exists, then check whether this sequence initializes the models now

  39. Algorithm illustration g1 p

  40. Algorithm illustration g1 p

  41. Algorithm illustration g2 g1 p

  42. Algorithm illustration g2 g1 p

  43. Agenda • Problem statement • Introduction • What is Seqver? • Initialization algorithm • Experimental results • Conclusions

  44. Experimental results

  45. Agenda • Problem statement • Introduction • What is Seqver? • Initialization algorithm • Experimental results • Conclusions

  46. Conclusions • Sequential equivalence verification using ‘Seqver’ opens the door for raising the RTL abstraction • First large scale usage in Intel – hundreds of designers • A new approach which automates the generation of initial state for hardware designs • New sequential modeling techniques empowered with world-class combinational SAT solvers enables solving tough sequential problems like ATPG and automatic sequential property verification

  47. Questions

More Related