Professional Documents
Culture Documents
26
TABLE II. INTERFACE SIGNALS’ FEATURES TO BE VERIFIED E. Define coverage spots
In this step, we define properties as functional coverage
Signals and their features spots. By using this method, we can analyze the assertion
Interface coverage as an indicator of the functional coverage.
Features Typically, there are two functions of assertion: one is serving
Relevant signals Expected features
as checker for a specific function; the other is being used for
Byte_ready=1 no less than one statistic analysis for coverage. To demonstrate this, take the
1 UART for example. We define all the properties mentioned
Byte_ready, reset cycle after reset is released
T_byte=1 no less than one cycle above as coverage spots. An example of how to describe an
2
T_byte, Byte_ready
later when Byte_ready is assertion and how to define it as a coverage spot is illustrated
asserted as Fig. 3.
When Load_xmt_datareg is We can check whether the transitions between pairs of
3 Load_XMT_datareg asserted, data_bus must hold
Data_bus valid data states are correct, and can also get the information
concerning how many of these state transitions are
4 … … conducted. In fact, this is also a kind of FSM coverage
analysis. By analyzing the coverage report, we can judge
D. Formalize the properties with SVA whether the verification is sufficient. Fig. 4 is the example of
run log file, according to the run time option of the
In this step, we convert each of the natural language
simulation process, the message shows the location, design
requirements into a set of formal properties using either an
scope, start and finish time and some of the coverage
assertion library or an assertion language. We can instantiate
message of the assertion. We can easily find the detailed
assertions from assertion library or express them with
message of the assertion, therefore it is quite easy to find the
assertion language (SVA).
location of an error and debug it. After defining assertion
In the latter case, we describe the functions to be verified
coverage spots, we can get the statistic analysis of every
with the combination of several logic events which can be
assertion, such as the number of over all attempts, matches,
described using SVA key word “sequence”. The simplest
vacuous matches, and fails.
logic event is a change on the value of a signal; a logic event
Fig. 5 shows part of the coverage report of the simulation
can also be a change on the value of a Boolean expression.
of UART. The simulation is terminated when every assertion
Then, we use the key word “property” to represent complex
has been matched for once. In fact, we can change the finish
behaviors of a specific function. Property is the unit being
time as, for example, when every assertion has been matched
verified during simulation, and the key word “assert” is used
for two times or more to make the verification more reliable
to check the property. Fig. 3 illustrate a complete SVA
and more completed.
checker, verifying if by given valid control signals sequences,
current state switches form “waiting” to “sending”, then
keeps as “sending” for nine clock cycles and finally stays at
the state “idle”.
sequence s_finish_sending;
##1 ((state==sending) [*9]) ##1 (state==idle);
endsequence
//Define a sequence
property p_finish_sending;
@(posedg Clock)
Figure 4. Part of run log file
(reset_)&&(state==sending)&&($past(state)
==waiting) |-> s_finish_sending;
endproperty
//Define a property
a_finish_sending: assert
property(p_finish_sending);
c_finish_sending: cover
property(p_finish_sending);
//Define a coverage spot
27
Further, different severity levels can be attached to REFERENCES
assertions. If some assertions fail, according to their severity [1] Avi Ziv, “Cross-product functional coverage measurement with
levels, different measures are adopted, such as terminating temporal properities-based assertion”, Proceedings of the Design,
the simulation or just displaying the fail messages and Automation and Test in Europe Conference and Exhibition, IEEE
keeping on the simulation. Fig. 6 shows the waveforms of Comput. Soc, Los Alamitos, CA, USA, 2003, pp.834 - 839
design output, the upward arrows represent assertion success. [2] System Verilog, IEEE Standard for System Verilog, IEEE Std. 1800-
2005.
IV. CONCLUSION [3] Ping Yeung and Sundaram Subramanian, “Applying Assertion-Based
Formal Verification to Verification Hot Spots”, Mentor Graphics
In this paper, a five-step method is proposed in using Technical Library, October 25, 2007
SVA for digital IC verification. The method is then invested [4] Harry Foster, “Integrating Formal Verification into a Traditional
in the functional verification for a UART RTL Verilog Flow”, Mentor Graphics White Paper, 2006.
model. During simulation, the corner cases can be easily [5] Michael Kantrowitz and Lisa M. Noack, “I’m Done Simulation; Now
checked and the design errors can be obviously exposed What? Verification Coverage Analysis and Correctness Checking of
through the simulation output (waveform or log file). the DEC chip 21164 Alpha microprocessor”, Proceedings of 33rd
Design Automation Conference, IEEE, Piscataway, NJ, USA, 1996,
Furthermore, by this approach, the assertion coverage report pp. 325-330.
can be directly used for functional coverage analysis. The
[6] Srikanth Vijayaraghavan and Meyyappan Ramanathan, A Practical
result shows that the proposed method increases the Guide for SystemVerilog Assertions. Tsinghua University Press,
observability of design and is feasible for being applied in Beijing, China, 2006
both the design process and verification process of RTL
model.
28