end to end formal using abstractions to maximize coverage
play

End-to-End Formal using Abstractions to Maximize Coverage PRASHANT - PowerPoint PPT Presentation

Oct 07, 2023 •293 likes •928 views

End-to-End Formal using Abstractions to Maximize Coverage PRASHANT AGGARWAL OSKI TECHNOLOGY DARROW CHU CADENCE DESIGN SYSTEMS VIJAY KADAMBY CISCO VIGYAN SINGHAL OSKI TECHNOLOGY Agenda Cover three topics using a real design in a simulation

  1. End-to-End Formal using Abstractions to Maximize Coverage PRASHANT AGGARWAL OSKI TECHNOLOGY DARROW CHU CADENCE DESIGN SYSTEMS VIJAY KADAMBY CISCO VIGYAN SINGHAL OSKI TECHNOLOGY

  2. Agenda Cover three topics using a real design in a simulation setting • End-to-end formal • Abstractions to achieve convergence • Coverage to measure completeness 2 10/30/2011

  3. The design

  4. The design: Packet rewrite module (PRM) Start Payload End Stage #1 : Fragmentation; Packet to cells cell #N cell #N-1 cell #1 cell #2 Payload #N-1 Payload #N End Start Payload #1 Payload #2 Stage #2 : Insert/Strip/Replace operations; Modify cell(s) cell #2 cell #N-1 cell #N cell #1 Start Payload #1’ Payload #2 ' Payload #(N-1) ' Payload #N ' End Modified cell New payload New payload Payload #2 Stage #3 : CellReformatter: Reformats into cell(s) cell #2 cell #M-1 cell #M cell #1 Start Payload #1 Payload #2 '' Payload #(M–1) '' Payload #M '' End Stage #4 : Repacking; Cells to packet Start Payload ''' End 4 10/30/2011

  5. CellReformatter inputs/outputs portId 56 concurrent ports clk reset portIdOut portIdIn Interface Interface cellOut {SOP, EOP, Size} to stage to stage cellIn #2 #4 CellReformatter cellOutAttri cellInAttri validIn validOut flowCtrlOut throttles cells for a port 5 10/30/2011

  6. CellReformatter in action Payload #3’ SOP = 0, Size = 130, EOP = 0 Payload #2’ SOP = 0, Size = 140, EOP = 0 Start Payload #1’ SOP = 1, Size = 120, EOP = 0 CellReformatter Payload #3’’ SOP = 0, Size = 128, EOP = 0 { Payload #2’.bytes[136:139], Payload #2’’ Payload #3’.bytes[0:123] } SOP = 0, Size = 128, EOP = 0 { Payload #2’.bytes[8:135] } Start Payload #1’’ SOP = 1, Size = 128, EOP = 0 { Payload #1’, Payload #2’.bytes[0:7] } 6 10/30/2011

  7. Design summary Attribute Value • Large data path • 256 Bytes in one cycle Inputs 4,425 • 56 concurrent ports Outputs 3,488 • Interleave data for a given packet Memory bits 948,636 • Multiple partial packets can be outstanding for different ports Total flops 1,048,481 • RTL stores up to 16 cells • QOS requirements depending on register programming • Design has to deal with input errors 7 10/30/2011

  8. Memory architecture • 3 FIFOs in the design • dataFifo: stores the reformatted cells • statusFifo: stores the attributes of cells • stateFifo: stores the read and write address pointers of the port • Bank architecture • oddBank: determines the memory bank and toggles every cycle to avoid bank contention • streamId: determines the memory address in a bank • Each bank is divided into 2 single port RAMs: MSB & LSB 8 10/30/2011

  9. Formal in a simulation world

  10. Types of post-silicon flaws Verification is the still the largest problem 60% 50% 2004 2007 40% 2010 Responses 30% 20% 10% 0% Wilson Research Group and Mentor Graphics 10/30/2011 2010 Functional Verification Study. Used with permission. 10

  11. Verification market size (2009)* * excluding analog 450 Simulation Formal Millions Formal 400 ($38.3M) 350 300 250 200 150 100 $0.4M 50 Simulation 0 ($401.8M) Source: Gate-level RTL Gary Smith EDA, • Gate-level formal (equivalence checking) October 2010 • Then (1993): Chrysalis; Now: Cadence (Verplex), Synopsys • RTL formal (model checking) • Then (1994): Averant, IBM; Now: Jasper, Mentor (0-In) 11 10/30/2011

  12. Formal tool usage in industry • Around for 20 years Formal • Expectations has been set high ($38.3M) • Low effort for constraints • Tools run fast enough • Expectations have been set low • Only verify local assertions • No End-to-End proofs • Perception: low !/$ • Training and staffing • Few places to learn formal application • Single user should not do both formal and simulation Source: xkcd.com 12 10/30/2011

  13. Tradeoffs in design flow Resources Source: Stuart Oberman, NVIDIA 13 10/30/2011

  14. Achieving verification closure Plan Partition Verification between Formal and Simulation Verify Apply Abstractions for Verification Convergence Measure Integrate Formal and Simulation Coverage 14 10/30/2011

  15. Where to apply model checking “Control”, “Data Transport” designs • Bus bridge • Arbiters of many kinds • Memory Controller • Interrupt controller • DMA controller • Power management unit • Host bus interface • Credit manager block • Standard interfaces (PCI Express, USB) • Tag generator • Clock disable unit • Schedulers Multiple, concurrent streams Hard to completely verify using simulation “10 bugs per 1000 gates” -Ted Scardamalia, IBM 15 10/30/2011

  16. Where not to apply model checking “Data transform” designs • Floating point unit • Graphics shading unit • Inverse quantization • Convolution unit in a DSP chip • MPEG decoder • Classification search algorithm • Instruction decode Single, sequential functional streams “2 bugs per 1000 gates” g(y) f(x) h(z) -Ted Scardamalia, IBM 16 10/30/2011

  17. Formal (MC, SEC*) and simulation strengths * SEC = Sequential Equivalence Checking (RTL vs C model) DEC SCH EXEC LSU INT ARM Formal (MC) USB MAC C DMAC MC AXI-AHB Formal (SEC) BB BRIDGE USB PHY Simulation RF I2C GPIO TIMR 17 10/30/2011

  18. How perfect does formal have to be? Graphic: MacGregor • Not all bugs need to found/fixed Marketing • Formal does not need to find the last bug • Usually bounded proofs are good enough (if bound is good enough!) • Formal has to be more cost-effective than the alternative 18 10/30/2011

  19. Verification manager’s dashboard Coverage tracking Bug tracking Runtime status 19 10/30/2011

  20. A formal testbench Constraints Checkers Coverage (Scoreboard) (code and functional) Design Under Test (DUT) Abstraction Models 20 10/30/2011

  21. Three Cs of Formal • Checkers • Constraints • Complexity • (using Abstraction Models) • … and Coverage (to measure completeness of formal) 21 10/30/2011

  22. End-to-End formal

  23. Different kinds of Checkers • Internal assertions • Interface assertions • End-to-end checkers Internal assertions RTL AXI4 DDR2 Interface AVIP assertions AVIP End-to-End Checker 10/30/2011 23

  24. Internal assertions • Relate a few design signals • Can be written completely in SVA • Usually embedded in RTL, and written by designers • e.g. state machine “sm[7:0]” is one-hot encoded • Useful for bug hunting • Not for finding all/most bugs, or as replacement for simulation effort • Complexity • Can be small, if proof core is small 10/30/2011 24

  25. Interface assertions • Relate input and output signals on a given interface • May require a small amount of modeling code • E.g. valid-ack protocol (validOut && (!ackIn)) |-> ##1 (dataOut == $past(dataOut)); • Protocol interfaces kits, e.g. AMBA AHB/AXI3, DDR/DDR2 • Useful for bug hunting • Not for finding all/most bugs, or as replacement for simulation effort • Complexity • Often harder to prove than internal assertions 10/30/2011 25

  26. End-to-End Checkers • Require a reference model to implement Checker • Can replace simulation effort for that design, mostly or completely • Usually needs a plan to avoid complexity barrier • Often abstractions are necessary to overcome complexity • For each search step • Reduce the diameter of search • Example of end-to-end checkers • Number of bytes coming out equals number of bytes going in • Output cell sizes and SOP/EOP corresponds to input data • Output data values match predicted values 10/30/2011 26

  27. End-to-End Checkers • For End-to-End formal verification, less than 5% of Checker code is SVA; rest is SV or Verilog • (Synthesizable) Reference model is typically as big an effort as the RTL MC Checker A X I 4 i/f MC Reference Model Counters Memory FIFO Controller (MC) RTL FSM SVA Assertions D D R 2 i/f 27 10/30/2011

  28. PRM Checkers • Model reformatting function • Model sizes and data of cells in flight • Predict output cell sizes and data value PRM Checker PRM Reference Model Counters PRM FIFO FSM SVA Assertions 28 10/30/2011

  29. PRM Checkers • Interface checkers • For a port, between 2 cells of SOP as 1 there should be cell with EOP as 1 • For a port, between 2 cells of EOP as 1 there should be cell with SOP as 1 • For a port, the next valid cell after an EOP as 1 must have SOP as 1 • Output cell should have Size > 0 • Output cell with EOP as 0 should have Size =128 • End-to-end checkers • For a port, the valid output (validOut) can be 1 only if there are outstanding cells in flight that have not been sent out • For a port, payload of a cell at the output should correspond to payload of expected cell in the reference model 29 10/30/2011

  30. Abstractions to overcome complexity

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

and Exclusions Under CGL Policies Navigating Divergent Court Views to Maximize Coverage or Limit

and Exclusions Under CGL Policies Navigating Divergent Court Views to Maximize Coverage or Limit

Presenting a live 90-minute webinar with interactive Q&A Construction Defect Claims: Occurrences, Coverage Triggers and Exclusions Under CGL Policies Navigating Divergent Court Views to Maximize Coverage or Limit Liability TUESDAY, APRIL

944 views • 76 slides
Testing/Simulation Formal Analysis Real System Formal Model Partial coverage Complete coverage

Testing/Simulation Formal Analysis Real System Formal Model Partial coverage Complete coverage

Formal Methods Assurance for TTP John Rushby Computer Science Laboratory SRI International Menlo Park CA USA John Rushby, SR I Formal Methods Assurance for TTP: 1 Formal Methods for Analysis and Assurance: The Idea Testing/Simulation Formal

200 views • 6 slides
Construction Defects Claims: Occurrences, Coverage Triggers and Exclusions Under CGL Policies

Construction Defects Claims: Occurrences, Coverage Triggers and Exclusions Under CGL Policies

Presenting a live 90-minute webinar with interactive Q&A Construction Defects Claims: Occurrences, Coverage Triggers and Exclusions Under CGL Policies Navigating Divergent Court Views to Maximize Coverage or Limit Liability TUESDAY, MARCH

945 views • 73 slides
Automatically Deriving Abstraction Heuristics PDB Abstractions Explicit-State Abstractions

Automatically Deriving Abstraction Heuristics PDB Abstractions Explicit-State Abstractions

Transition Systems and Abstractions Automatically Deriving Abstraction Heuristics PDB Abstractions Explicit-State Abstractions Conclusion Malte Helmert Albert-Ludwigs-Universit at Freiburg, Germany STAIR 2008 About This Talk

870 views • 43 slides
Planning and Optimization D2. Abstractions: Additive Abstractions Gabriele R oger and Thomas

Planning and Optimization D2. Abstractions: Additive Abstractions Gabriele R oger and Thomas

Planning and Optimization D2. Abstractions: Additive Abstractions Gabriele R oger and Thomas Keller Universit at Basel October 29, 2018 Multiple Abstractions Additivity Outlook Summary Content of this Course Tasks Progression/

684 views • 31 slides
Unified L2 Abstractions for L3-Driven Fast Handover draft-irtf-mobopts-l2-abstractions-01 F.

Unified L2 Abstractions for L3-Driven Fast Handover draft-irtf-mobopts-l2-abstractions-01 F.

Unified L2 Abstractions for L3-Driven Fast Handover draft-irtf-mobopts-l2-abstractions-01 F. Teraoka, K. Gogo, K. Mitsuya, R. Shibui, K. Mitani Keio University 06.11.7 67th IETF MOBOPTS l2-abstractions 1 ToC Gap Analysis against IEEE

431 views • 25 slides
for Oil and Gas Companies What are Your Top Concerns? Maximize Maximize Use Best Exploration

for Oil and Gas Companies What are Your Top Concerns? Maximize Maximize Use Best Exploration

MCE Talent Development Services for Oil and Gas Companies What are Your Top Concerns? Maximize Maximize Use Best Exploration Efficiency Technology and Production Manage Minimize Costs Manage Risk Complexity Contribute to Develop

357 views • 11 slides
FRONTEND AT SCALE Designing abstractions for big teams @joshduck What front-end abstractions

FRONTEND AT SCALE Designing abstractions for big teams @joshduck What front-end abstractions

FRONTEND AT SCALE Designing abstractions for big teams @joshduck What front-end abstractions have we built? And how did we do it? Server rendered desktop site Less memory, bandwidth, and latency Device constraints More products Multiple

898 views • 61 slides
Number of Occurrences in Liability Claims Framing the Occurrence Issue to Maximize Policyholder's

Number of Occurrences in Liability Claims Framing the Occurrence Issue to Maximize Policyholder's

Presenting a live 110-minute webinar with interactive Q&A Number of Occurrences in Liability Claims Framing the Occurrence Issue to Maximize Policyholder's Coverage or Limit Insurer's Liability Exposure WEDNESDAY, NOVEMBER 7, 2012 1pm

1.28k views • 92 slides
Planning and Optimization D3. Abstractions: Additive Abstractions Malte Helmert and Gabriele R

Planning and Optimization D3. Abstractions: Additive Abstractions Malte Helmert and Gabriele R

Planning and Optimization D3. Abstractions: Additive Abstractions Malte Helmert and Gabriele R oger Universit at Basel November 6, 2017 Additivity Outlook Summary Content of this Course Tasks Progression/ Regression Planning

570 views • 30 slides
ABSTRACTIONS OF THE DATA PLANE DIMACS Working Group on Abstractions for Network Services,

ABSTRACTIONS OF THE DATA PLANE DIMACS Working Group on Abstractions for Network Services,

ABSTRACTIONS OF THE DATA PLANE DIMACS Working Group on Abstractions for Network Services, Architecture, and Implementation Pamela Zave AT&T LaboratoriesResearch Florham Park, New Jersey, USA joint work with Jennifer Rexford, Princeton

347 views • 33 slides
Planning and Optimization D3. Abstractions: Additive Abstractions Malte Helmert and Thomas Keller

Planning and Optimization D3. Abstractions: Additive Abstractions Malte Helmert and Thomas Keller

Planning and Optimization D3. Abstractions: Additive Abstractions Malte Helmert and Thomas Keller Universit at Basel October 30, 2019 Additivity Outlook Summary Content of this Course Foundations Logic Classical Heuristics

432 views • 30 slides
APIs/abstractions Previously iously Abstractions for infrastructure to ease operations (Ops)

APIs/abstractions Previously iously Abstractions for infrastructure to ease operations (Ops)

APIs/abstractions Previously iously Abstractions for infrastructure to ease operations (Ops) Manage complexity in deploying software systems Examples covered VMs, containers Infrastructure as a Service Platform as a

1.08k views • 33 slides
L9: Frontend Abstractions Web Engineering 188.951 2VU SS20 Jrgen Cito L9: Frontend

L9: Frontend Abstractions Web Engineering 188.951 2VU SS20 Jrgen Cito L9: Frontend

L9: Frontend Abstractions Web Engineering 188.951 2VU SS20 Jrgen Cito L9: Frontend Abstractions Overview of abstractions that support building declarative and reactive frontend applications Case study demonstrating these

399 views • 22 slides
Presenting a live 90-minute webinar with interactive Q&A Occurrences in Construction Defects

Presenting a live 90-minute webinar with interactive Q&A Occurrences in Construction Defects

Presenting a live 90-minute webinar with interactive Q&A Occurrences in Construction Defects Claims: Triggering Coverage and Interpreting Exclusions Under CGL Policies Navigating Divergent Court Views to Maximize Coverage or Limit Liability

1.05k views • 69 slides
Resources, Services, and Interfaces Services: Hardware Abstractions CPU/Memory abstractions

Resources, Services, and Interfaces Services: Hardware Abstractions CPU/Memory abstractions

4/5/2017 Resources, Services, and Interfaces Services: Hardware Abstractions CPU/Memory abstractions 2A. OS Services, Layers and Mechanisms processes, threads, virtual machines 2B. Service Interfcaes virtual address spaces, shared

100 views • 7 slides
Socorro ISD: Emergency Operations Plan

Socorro ISD: Emergency Operations Plan

Socorro ISD: Emergency Operations Plan Watch Schools which do not

325 views • 21 slides
Calstate.edu/apply The new way to apply to CSU Please be Patient We are still in the process of

Calstate.edu/apply The new way to apply to CSU Please be Patient We are still in the process of

Calstate.edu/apply The new way to apply to CSU Please be Patient We are still in the process of designing our application with our partner. What we show you today may change between now and our June Go-live. We will continue to update this

592 views • 33 slides
HISTORY 337 Waldo MISSION EOP provides a welcoming environment that supports the full

HISTORY 337 Waldo MISSION EOP provides a welcoming environment that supports the full

HISTORY 337 Waldo MISSION EOP provides a welcoming environment that supports the full development of the personal and academic potential of students who have traditionally been denied equal access to higher education. Who We Serve EOP

583 views • 15 slides
CLARO Automated image enhancement Claro - automated - professional - software - to optimize

CLARO Automated image enhancement Claro - automated - professional - software - to optimize

CLARO Automated image enhancement Claro - automated - professional - software - to optimize your images; Claro analyzes file formats like - TIFF - GIF - PSD - BMP - PDF - JPG - PNG - Photoshop EPS Claro analyzes image

421 views • 13 slides
National Center for Biomedical Research and Training/Academy of Counter-Terrorist Education

National Center for Biomedical Research and Training/Academy of Counter-Terrorist Education

National Center for Biomedical Research and Training/Academy of Counter-Terrorist Education (NCBRT/ACE) Became a department of LSU in 1998 100% self funded via federal grant funds Develop and deliver first responder training

719 views • 16 slides
Q2 2016 Results Conference Call August 4, 2016 Safe harbour notice Certain statements made in

Q2 2016 Results Conference Call August 4, 2016 Safe harbour notice Certain statements made in

Q2 2016 Results Conference Call August 4, 2016 Safe harbour notice Certain statements made in this presentation are forward-looking statements. These statements include, without limitation, statements relating to our 2016 financial guidance

455 views • 18 slides
First Coast Guard District Report to the NEFMC 09 February 2009 CAPT Joe McGuiness Emergency

First Coast Guard District Report to the NEFMC 09 February 2009 CAPT Joe McGuiness Emergency

First Coast Guard District Report to the NEFMC 09 February 2009 CAPT Joe McGuiness Emergency Position Indicating Radio Beacon (EPIRB) 01 FEB 2009: Satellites no longer monitor 121.5 MHz 406 MHz EPIRB unaffected Register your EPIRB and

149 views • 4 slides
Cooperation Across Continents GNSS.asia under FP7: objectives (2012-2014) Support concrete

Cooperation Across Continents GNSS.asia under FP7: objectives (2012-2014) Support concrete

Facilitating Industrial GNSS Cooperation Across Continents GNSS.asia under FP7: objectives (2012-2014) Support concrete collaboration between EU and Asian companies Raise Galileo awareness Map local GNSS Industry Define strategy

540 views • 23 slides

More recommend