18 2 PDF

Introduction to VLSI Design, VLSI I, Fall 2011 18.
Design Verication
mm
40
60
80
100
120
40
18. Design Verication

J. A. Abraham
60 Department
of Electrical and Computer Engineering The University of Texas at Austin EE 382M.7 VLSI I Fall 2011
October 31, 2011
80
ECE Department, University of Texas at Austin
Lecture 18. Design Verication
J. A. Abraham, October 31, 2011
1 / 37
Reliability in the Life of an Integrated Circuit I

mm 40 60 120 Design 100 bugs Verication (Simulation, Formal) 80
40
Design
60
Process variations, defects Process Monitors
Wafer
80
Fabrication
ECE Department, University of Texas at Austin Lecture 18. Design Verication J. A. Abraham, October 31, 2011 1 / 37
Department of Electrical and Computer Engineering, The University of Texas at Austin J. A. Abraham, October 31, 2010
Introduction to VLSI Design, VLSI I, Fall 2011 18. Design Verication
Reliability in the Life of an Integrated Circuit II

mm 40 60 80 100 120
40 Wafer Probe
Package Tester
Test cost, coverage Design for Test, Built-In Self Test
60
Application
80 System
Test escapes, wearout, environment System Self-Test, Error Detection, Fault Tolerance
2 / 37
Analyzing Complex Designs

Need to (implicitly) search a very large state space mm Find bugs in a design verication process Generate tests for faults in a manufactured chip Basic algorithms for analyzing even combinational blocks (SAT, 40 are NP-complete ATPG) Approaches to deal with real designs Exploit hierarchy in the design Develop abstractions for parts of a design 60 Cost of a new mask set can be on the order of $1+ Million for a large chip Cannot aord mistakes
80 Want working rst silicon 40 60 80 100 120
3 / 37
Many Aspects of Verication

mm 40 60 80 100 120
Verifying the functional correctness of the design Performance verication Timing verication
Circuit level (how fast can we clock?) 40 Architecture level (number of clocks to perform a function)
Verifying power consumption Verifying signal integrity and variation tolerance 60 Checking correct implementation of specications at each level
80
4 / 37
The Verication Problem

mm 40 60 80 100 120
40
60
Need to deal with this complexity A subtle bug could produce an incorrect result in a specic 80 for a specic data input state
Seen as a sequence dependency when simulating a design (specic sequence of inputs to reach the erroneous state)
The (In)Famous Pentium FDIV Problem

Graph of x, y, x/y in a small region by Larry Hoyle
mm 40 60 80 100 120
40
60
80
6 / 37
State-Space Explosion
May need to check a very large number of states to uncover a bug Problem: the number of protons in the universe is around 1080 , mm 40 60 80 100 which is less than the number of states for a system with 300 storage elements!
120
40
60
80
7 / 37
What is a Bug?
mm 40 60 80 100 120
Design does not match the specication One problem: complete (and consistent) specications may not exist for many products For example, the diculty in designing an X86 compatible chip is not in implementing the X-86 instruction set architecture, but in matching the behavior with Intel chips Something which the customer will complain about Marketing: Its not a bug, its a feature
80 60 40
8 / 37
Design Flaws
mm 40 60 80 100 120
40
60
About half of the aws are functional aws Need80 verication methods to nd and x logical and functional aws
Design Bug Distribution in Pentium 4

mm 40 60 80 100 120
Type of Bug Goof Miscommunication 40 Microarchitecture Logic/Microcode Changes Corner Cases Power Down 60 Documentation Complexity Initialization Incorrect RTL Assertions 80 Design Mistake
% 12.7 11.4 9.3 9.3 8.0 5.7 4.4 3.9 3.4 2.8 2.6
Source: EE Times, July 4, 2001 42 Million Transistors High-level description: 1+ million lines of RTL 100 high-level bugs found through formal verication
10 / 37
Design Eort
mm 40 60 80 100 120
40
60
Verication is becoming an increasing part of the design eort

80
11 / 37
Verication Eort
mm 40 60 80 100 120
40
60
Source: 1999 ITRS Over 50% 80% of design eort is in verication

80
Design and Verication Gap

mm 40 60 80 100 120
40
Blame it on Moores Law The number of transistors on a chip is increasing every year (approx. 58%) Design productivity, facilitated by EDA tool improvements, 80 grows only about 21% per year These numbers have held constant for two decades
60
Bug Introduction and Detection

mm 40 60 80 100 120
40
60
80
14 / 37
Re-Spins because of Functional Flaws

mm 40 60 80 100 120
40
60
80
Tom Fitzpatrick EE Times, December 5, 2005
15 / 37
Design and Implementation Verication

mm 40 60 80 100 120
40
60
80
16 / 37
Verication Approaches
mm 40 60 80 100 120
Simulation (the most popular verication method)

Cycle based, functional simulation for billions of cycles Good coverage metrics usually not available Computationally very expensive, slightest optimization has huge impact Capital intensive Map design to be veried on FPGAs Run OS and application at MHz rates Exhaustive verication of small modules 80
40
Emulation
60
Formal verication
17 / 37
10
Evaluating the Complete Design

Is there a verication technique which80 can be applied mm 40 60 100 to the 120 entire chip? Only one approach which scales with the design: Simulation Most common technique now used in industry 40 Cycle-based simulation can exercise the design for millions of cycles
Unfortunately, the question of when to stop simulation is open No good measures of coverage
Emulation 60
Used to verify the rst Pentium (windows booted on FPGA system) Developing another accurate model is an issue Currently used for post-silicon validation of Intel Atom platform
80
18 / 37
Simulation Hierarchy
mm 40 60 80 100 120
Levels of modeling the design

System C, System Verilog, Spec C
Register Level Gate Level

Structural model with timing Zero, Unit, Detailed delays 40 Work distributed among clock cycles, all registers modeled
Switch Level
60 Models transistor as a switch, simple timing model Complete timing, used for small sections of a design
Circuit Level Mixed-level: combination of techniques to improve speed

80
19 / 37
11
Simulation Speeds
mm 40 60 80 100 120
Comparing speeds of simulating a microprocessor on a computer Performance timers: 10K 50K cycles/sec. Behavior level: 1000 10K cycles/sec. R-T level: 20 1000 cycles/sec. Gate level: 4 25 cycles/sec.
60 Switch level: 1/4 1 cycles/sec. 40
80
20 / 37
When are we Done Simulating?

mm 40 60 80 100 120
When do you tape out? Motorola criteria (EE Times, July 4, 2001)
40 billion random cycles without nding a bug 40
Directed tests in verication plan are completed Source code and/or functional coverage goals are met Diminishing bug rate is observed 60 A certain date on the calendar is reached
80
21 / 37
12
Emulation Technologies
mm 40 60 80 100 120
40
60
80
22 / 37
Architecture Verication
mm 40 60 80 100 120
Verify that the design matches the architectural specication Extensive testing the common approach Approaches used in industry
Manually writing tests Generating pseudo-random instruction sequences Using biased pseudo-random instructions Generating instruction sequences from typical workloads Example: to verify an X86 clone, capture instruction trace on another X86 machine is running application 40 Conformance testing
60
80
23 / 37
13
Example of Verifying Processors

mm 40 60 80 100 120
Verifying PowerPC Processors Model based test generator

40 Expert system which contains a formal model of processor architecture, and a heuristic data base of testing knowledge
Example, testing knowledge accumulated during the verication of the rst PowerPC design included about 1,000 generation and validation functions (120,000 lines of C code) PowerPC behavioral simulator has about 40,000 lines of C++ code
80 60
24 / 37
MAP1000 Media Processor Verication

System Architecture mm Many instructions issued 60 in parallel 80 very long instruction 40 100 word (VLIW) Move scheduling and resource management out of hardware to optimizing compilers
40 Specialized function units for serial processing 120
Wide fast memory buses Large data and instruction caches Intelligent memory I/O
60 Including Strips/Strides and background transfers Sophisticated data transfer engines
Verication Challenges Complex data/instruction caches, memory I/O mechanisms, large number of functional units
80
14
Pre-Silicon Design Verication

mm 40 60 80 100 120
40
60
80
26 / 37
Post-Silicon Design Verication

mm 40 60 80 100 120
40
60
80
27 / 37
15
Eectiveness of Tests
mm 40 60 80 100 120
40
60
80
28 / 37
How do we Measure the Quality of Simulation Vectors?

mm 40 60 80 100 120
Use coverage metrics 40 Current industry metrics borrowed from software testing
White box testing Grey box testing Black box testing 60
80
29 / 37
16
Black Box Test Cases

mm 40 60 80 100 120
Example, testing IP cores, without knowledge of structural design Base on functional fault or behavior models
40
Functional test cases Partition behavior to reduce complexity Boundary value analysis
60 Domain testing
Corner cases (Bugs lurk in corners and congregate at boundaries, Beizer)

80
30 / 37
White Box Test Cases

mm 40 60 80 100 120
Derive test cases based on design structure Simple metric: statement coverage
Path tests are better, but number of execution paths is huge

40
Path Testing Criteria Execute all control ow paths generally impossible to achieve
60 Statement testing attempt 100% code coverage of all statements in HDL
Branch testing assure that all branch alternatives are exercised at least once
80
31 / 37
17
Simulating Black Boxes

mm 40 60 80 100 120
Focus on functional requirements

40 Generating Test Cases for Black-Box Designs Check for incorrect or missing functions
Check for interface errors Check for access to boundary signals Check corner cases
60
80
32 / 37
What is the Fundamental Problem with Simulation?

mm 40 60 80 100 120
40
60
Traversing States in the Design Simulation traverses paths in the state graph A bug may be associated with a specic transition from a 80 specic state Cannot guarantee that we will exercise that transition
18
Coverage-Driven Verication
mm to Verify40 Attempt that the Design Goals 60 Meets Verication 80 100 Dene all the verication goals up front in terms of functional coverage points 40 Each bit of functionality required to be tested in the design is described in terms of events, values and combinations 120
Functional coverage points are coded into the HVL (Hardware Verication Language) environment (e.g., Specman e)
60 Simulation runs can be measured for the coverage they accomplish
Focus on tests that will accomplishing the coverage (coverage driven testing)
80 Then x bugs, release constraints, improve the test environment Measurable metric for verication eort
34 / 37
Open Questions
mm 40 60 80 100 120
Are There Better Measures of Coverage? Coverage of statements in RTL would be a necessary but not sucient Coverage of all states is impractical even for a design with a few hundred state variables Is there a way to identify a subset of state variables that would be tractable, and would lead to better bug detection? 60 How would these variables be related to the behavior of the design?
80 40
35 / 37
19
Assertions
mm 40 60 80 100 120
Assertions capture knowledge about how a design should behave Used in coverage-based verication techniques Assertions help to increase observability into a design, as well 40 as the controllability of a design Each assertion species
60 legal behavior of some part of the design, or illegal behavior of part of the design The fo should not overow Some set of signals should be one-hot If a signal occurs, then . . .
Examples of assertions (will be specied in a formal language)
80
36 / 37
Simulation Monitors and Assertions

mm 40 60 80 100 120
40
60
80
37 / 37

18 2 PDF

Încărcat de

Informații document

Titlu original

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

18 2 PDF

Încărcat de

Drepturi de autor:

Formate disponibile

Introduction to VLSI Design, VLSI I, Fall 2011 18.

18. Design Verication

ECE Department, University of Texas at Austin

Lecture 18. Design Verication

J. A. Abraham, October 31, 2011

Reliability in the Life of an Integrated Circuit I

Process variations, defects Process Monitors

Introduction to VLSI Design, VLSI I, Fall 2011 18. Design Verication

Reliability in the Life of an Integrated Circuit II

Test cost, coverage Design for Test, Built-In Self Test

ECE Department, University of Texas at Austin

Lecture 18. Design Verication

J. A. Abraham, October 31, 2011

Analyzing Complex Designs

ECE Department, University of Texas at Austin

Lecture 18. Design Verication

J. A. Abraham, October 31, 2011

Introduction to VLSI Design, VLSI I, Fall 2011 18. Design Verication

Many Aspects of Verication

ECE Department, University of Texas at Austin

Lecture 18. Design Verication

J. A. Abraham, October 31, 2011

The Verication Problem

Introduction to VLSI Design, VLSI I, Fall 2011 18. Design Verication

The (In)Famous Pentium FDIV Problem

ECE Department, University of Texas at Austin

Lecture 18. Design Verication

J. A. Abraham, October 31, 2011

ECE Department, University of Texas at Austin

Lecture 18. Design Verication

J. A. Abraham, October 31, 2011

Introduction to VLSI Design, VLSI I, Fall 2011 18. Design Verication

ECE Department, University of Texas at Austin

Lecture 18. Design Verication

J. A. Abraham, October 31, 2011

Introduction to VLSI Design, VLSI I, Fall 2011 18. Design Verication

Design Bug Distribution in Pentium 4

ECE Department, University of Texas at Austin

Lecture 18. Design Verication

J. A. Abraham, October 31, 2011

Verication is becoming an increasing part of the design eort

ECE Department, University of Texas at Austin

Lecture 18. Design Verication

J. A. Abraham, October 31, 2011

Introduction to VLSI Design, VLSI I, Fall 2011 18. Design Verication

Source: 1999 ITRS Over 50% 80% of design eort is in verication

Design and Verication Gap

Introduction to VLSI Design, VLSI I, Fall 2011 18. Design Verication

Bug Introduction and Detection

ECE Department, University of Texas at Austin

Lecture 18. Design Verication

J. A. Abraham, October 31, 2011

Re-Spins because of Functional Flaws

Tom Fitzpatrick EE Times, December 5, 2005

ECE Department, University of Texas at Austin

Lecture 18. Design Verication

J. A. Abraham, October 31, 2011

Introduction to VLSI Design, VLSI I, Fall 2011 18. Design Verication

Design and Implementation Verication

ECE Department, University of Texas at Austin

Lecture 18. Design Verication

J. A. Abraham, October 31, 2011

Simulation (the most popular verication method)