1 / 29

Formally Verifying OCP-based Design IP

Formally Verifying OCP-based Design IP. Jasper Design Automation, Inc. Agenda. OCP Overview Verification Challenges A Better OCP IP Verification Kit OCP Verification Using Formal Summary. OCP Overview. OCP Overview. OCP is a flexible, point-to-point on-chip bus protocol standard

noam
Download Presentation

Formally Verifying OCP-based Design IP

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Formally Verifying OCP-based Design IP Jasper Design Automation, Inc.

  2. Agenda • OCP Overview • Verification Challenges • A Better OCP IP Verification Kit • OCP Verification Using Formal • Summary

  3. OCP Overview

  4. OCP Overview • OCP is a flexible, point-to-point on-chip bus protocol standard • Defines communication protocol, but not the medium on which the data travels • Completely synchronous operation • Widely used in many SoC designs today • Highly configurable • Can use as much of the protocol as needed for an application • Increases protocol flexibility to meet end-user’s needs

  5. Core Core Core … Master Slave Slave OCP Layer Bus Integrator Bus Integrator Bus Integrator On-Chip Bus OCP Defines Simple Point-to-Point Structure

  6. OCP is Highly Configurable • Simplest possible configuration contains just two signals • MCmd, MData • Complete specification contains more than 50 signals • Example configuration parameters: • Supported commands: Write, Read, etc. • Supported bursts: Incr, Wrap, etc. • Address bus width • Active signals: SCmdAccept, MDataValid • Burst threading • OCP standard defines format for configuration file • Configuration file specifies which portions of the protocol are used in the design

  7. Verification Challenges

  8. Formal Verification of Standard Protocols • Formal is very effective at verifying protocol compliance • Ensures design meets specification under all possible events • Can be used exclusively or alongside simulation depending upon protocol complexity • Formal detects bugs rapidly and ensures absence of bugs for tested properties • Exhaustive verification finds corner case bugs and proves correct design behavior • Predefined property sets exist for many protocols • PCI, USB, AMBA AHB, AMBA AXI, etc. • OCP verification follows similar guidelines

  9. OCP Specification Defines Standard Properties • Interface must fulfill properties in order to be OCP compliant • Example: MAddr must hold for the request phase • Specification also defines activation conditions for each property • Example: request_hold_MAddr – (cmdaccept & addr) • Many specified properties implicitly assume simulation is used • Comparison to “X” and “Z” is simulation-specific • Properties must be modified for most formal verification tools

  10. OCP Creates Challenges for Verification • Flexible configuration makes a single unified OCP verification IP definition challenging • Single definition must cover complete spec and all subsets • Generic properties defined to handle configurability • Fills property file with additional modeling content • Resulting property set creates debugging difficulties • What specific properties are relevant to design-under-test? • Requires knowledge of advanced OCP details not necessarily used in design-under-test • Examples: Threads, XOR wraps, Sideband

  11. OCP Verification - Difficulties for End Users • Existing verification IP setup can be cumbersome • Designs normally only use a small subset of OCP • Engineers need in-depth understanding of complete OCP specification to interpret verification results • Limited availability of formal-friendly property sets

  12. A Better OCP IP Verification Kit

  13. A Better OCP IP Verification Solution Would… • Limit the included property to set to only those required for the design-under-test • Minimize requirements on engineers to learn additional OCP specification to debug errors • Provide output in multiple property languages to fit the design under test • Be able to fully leverage the power of formal analysis across the entire property set to maximize verification confidence

  14. Jasper’s OCP IP Generator Solution JasperGold Formal Verification RTL Files PSL / SVA OCP Tuned Property Set Exhaustively Proven OCP Implementation Jasper OCP IP Generator OCP Config File

  15. Jasper OCP IP Generator Simplifies Verification • Generates a custom OCP verification IP file based on design configuration file • Properties based on OCP specification, but are formal-friendly • Increases usability • Minimizes extra logic in property files • Requires no additional knowledge of OCP beyond what is implemented in the design • Requires only a minimum of JasperGold and PSL / SVA knowledge • Properties can be automatically defined as asserts or assumes based upon interface direction • Optimized for formal analysis • Enables highest confidence available that design conforms to OCP specification

  16. OCP Verification Using Formal

  17. Formal Provides High Confidence forOCP Verification • Formal verification provides the maximum confidence that the protocol is implemented properly • Target exhaustive proofs for critical design behavior • Verification of OCP should check all aspects of the protocol including: • Configuration validity • Signal stability checks relative protocol phases • Signal value checks relative protocol configuration • Burst control handling • Burst address generation correctness • Sideband checks • Formally verifying any protocol should start with a solid verification plan

  18. What functionality will be verified Features Behaviors How each will be verified Verification strategy Technology choice Test Priority Resource allocation When the verification process is complete Coverage goals Completion metrics Formal Protocol Verification Starts With Planning The verification testplan defines: Planning enables predictability in your verification schedule!

  19. A Good Plan Enables the Verification Team to… • Select the highest priority elements to verify first • Most important, risky • Select the best methodology for each element • Simulation, Formal Verification • Better evaluate the status of the effort as it proceeds • “Are we there yet?” • Ensure that no issues go unaddressed • “What did we miss?”

  20. Elements of a Good Verification Plan • Design feature hierarchical breakdown • Functional dependency analysis • Feature prioritization • Well-defined verification methodologies • Reliable tracking metrics • Issue tracking and resolution

  21. Hierarchical Verification Plan Structure Plan Plan focuses on both what to test and how to test it Feature Feature Property Property Assumption Coverage Req Testcase

  22. Property Matrix – Better Success Metrics for Formal • A systematic approach to defining and covering the specification • Properties are prioritized and assigned to either formal or simulation • Enables tracking verification progress throughout development cycle

  23. Strategy • Define the verification plan and proof strategy • Example: Apply constraints to prove requirements • Add constraints to restrict the explored behavior to only read-mode transaction, or only write-mode transactions. • Focuses verification on specific modes of operation • Simplifies the verification process. • Once independent modes function correctly, remove restrictions and the verify IP under all modes of operation.

  24. Coverage • Define a set of required verification coverage goals • Ensure constraints on specific states in your requirements model have not over-constrained the states • Coverage metric varies depending on verification technology • Formal verification: • Measure reachability of specific states in requirement model • Simulation: • Apply functional coverage to states or state sequences in requirements model

  25. Coverage (Continued)

  26. Metrics Track Verification Progress and Enable Schedule Predictability • Have all critical features been tested sufficiently? • Captured as Importance / Value field in property matrix • Formal proof increases confidence for complex logic • Have all dependencies for each feature been verified according to the plan? • Dependencies identified through plan analysis • Uncovered dependency means feature insufficiently tested • How much verification work remains? • Untested properties apparent from tracking results • Completed tasks, feature importance provide estimates of remaining work

  27. Summary

  28. Summary • OCP is a very powerful, flexible socket protocol in wide use today • Formal verification provides the highest confidence that a protocol implementation meets the specification • Custom IP generators such as Jasper’s tune the properties to the specific design, avoiding the debugging problems of generic verification kits • A methodical verification approach to OCP verification utilizing formal alongside simulation provides the highest verification coverage and insurance of protocol compliance

More Related