Docstoc

Assertion Based Analog Mixed Signal Verification

Document Sample
Assertion Based Analog Mixed Signal Verification Powered By Docstoc
					       Assertion Based
Analog Mixed Signal Verification


         Himyanshu Anand
              EDA Strategy

    John Havlicek, Hillel Miller
    Advanced Verification Technologies

            Design Technology
       Freescale Semiconductor Inc.


              August 11, 2008



                                TM
Overview............................................................................................................................. 3
  Abstraction Level............................................................................................................ 3
     Model simulation speeds............................................................................................. 4
Assertion Based AMS Verification .................................................................................... 5
  Motivation....................................................................................................................... 5
  Proposal........................................................................................................................... 5
  Academic Research and Industry Status......................................................................... 6
Possible Property Checking Flows ..................................................................................... 7
  Layered AMS Assertions................................................................................................ 7
  Timed Operators ............................................................................................................. 8
  Inequalities...................................................................................................................... 9
  Interpolation.................................................................................................................... 9
  Sampled Values ............................................................................................................ 10
Extension Syntax Details .................................................................................................. 11
  Variable Types in A-SVA Properties ........................................................................... 11
  A-SVA Property Syntax ............................................................................................... 12




Figure 1 Layers of System Verilog Assertion..................................................................... 7
Figure 2 Extended analog layer in System Verilog Assertions .......................................... 8
Overview
Assertions are widely used in digital verification and are well understood. However,
analog verification has not had much exposure to assertion based verification. To verify
analog/mixed signal designs, analog designers and verification engineers use primarily
spice simulations at the lower level and behavioral simulation at the chip level for
performance reasons.

The solution which is quite often used today involves the analog designer writing
Verilog-A or Verilog-AMS models and then handing the models over to the verification
engineer to plug in SoC level simulations in mixed-mode simulators. This approach
allows the analog designer to play with the circuit model stand-alone and tweak it for
performance and accuracy. The verification engineer then picks the model and uses test-
benches to verify that the Analog-to-Digital (A2D) and Digital-to-Analog (D2A)
interfaces work as expected.


Abstraction Level
A wide range of abstraction levels exist for modeling analog mixed signal designs. The
models range from high-level behavioral models for higher speed simulation speed and
low-level spice models for better accuracy. Hence different models are used at different
stages of the design.

The digital verification engineer comes up with high level behavioral models in Verilog
or C to aid the simulation in purely digital simulators. Sometimes, low-level transistor
models are used to replace critical functionality in a high-level model of the design. This
approach has the following pros and cons:

                    Cons                                            Pros
Verilog and C models are inaccurate             Greater Simulation Speeds
Corner cases and bugs missed                    Higher level of abstraction
Incompatible tests for validating high level    Ability to run more system level tests
models against low level models
A mixture of Verilog behavioral, gate level,    Clean separation of analog and digital
transistor level and C models in the same       verification efforts
test-bench
                                            Easy integration with existing digital
Difficult to model all analog characteristics
                                            verification setup and use of assertions
 Table: Advantages and disadvantages of a high level description of an analog circuit for
                              Mixed Signal Verification

The high level behavioral models in C or Verilog are well suited for initial phase of
verification when the transistor level or Verilog-A or Verilog-AMS models are not
available. During the later stages of the design, as the Verilog-AMS or transistor level
models are available they are used in place of behavioral models for more accuracy in the
mixed signal simulations.


Model simulation speeds
With the increase in accuracy the speed of simulation goes down. Hence, typically C
models are the fastest and transistor level models are the slowest. However, in some
circumstances due to the interaction of Analog-Digital interfaces, Verilog-AMS models
are the slowest, since every signal change crossing the digital-analog interface needs to
be converted to the correct domain values. Keeping the places where these conversions
are required as few as possible will ensure faster simulation.
Assertion Based AMS Verification
Assertions have not been traditionally used in AMS Verification for a variety of reasons.
The prime reason being that most of the AMS simulations are extremely long and there
has not been much research into formalizing properties for real valued signals over dense
time. Another reason is frequency domain analysis does not lead to properties that can be
easily specified as time domain properties. However, the current AMS verification
methodology can be made more robust by using assertions to verify not only system level
properties on simulation traces but also providing automated checks against undesirable
conditions in analog circuits which are temporal in nature.

The current work aims to target time domain properties in analog mixed signal designs.


Motivation
The motivating factors for assertion based AMS verification are as follows –

   1. AMS verification is still manual/semi-automatic
         a. Analog designers spice analog portions of the circuit
         b. Digital designers simulate digital portions of the circuit
         c. Verification engineers have ad-hoc models of analog circuits integrated
            with digital circuits
   2. Numerous levels of abstraction from behavioral to transistor level
         a. Minimal sharing of test-bench checkers/monitors across different
            abstraction levels
         b. Mostly tests focus on corner cases rather than on system level properties
   3. Analog/Digital Interface Issues
         a. There is no clean way to verify the analog-digital boundary issues because
            of the non-overlapping knowledge sets of analog, digital and verification
            engineers.
         b. Using assertions will alleviate the above problem by enabling verification
            engineer to write analog-mixed signal properties to verify the correct
            integration of analog-digital blocks.
   4. Why Assertions?
         a. No instrumentation of the design required in order to verify it against the
            specification as opposed to ad-hoc monitors being used today
         b. Reuse of assertions across multiple abstraction levels and projects
         c. Just needs a simulation trace produced by any simulator
         d. Increased confidence in higher level models
         e. Properties are easier to understand for digital/SoC verification engineers
         f. Properties can be added progressively as design matures
         g. Provide coverage metrics for the design

Proposal
Our proposal for assertion based AMS verification is outlined below –
Develop a language to succinctly describe time domain mixed signal properties
           a. Gather requirements for properties from companies.
           a. Base the language as an extension to SVA
           b. Introduce Analog-Boolean Threshold abstraction to convert real valued
              signals to boolean valued signals
           c. Use the abstracted boolean valued signals in SVA to write safety
              properties
           d. Extend SVA by adding linear temporal logic operators with time domain
              ranges

The methodology presented above will invariably involve close interaction of both
analog and verification engineers.


Academic Research and Industry Status
Recently, there has been renewed interest in assertion based verification.
   • Verimag (Oded Maler, Dejan Nickovic, Amir Pnueli) has extended PSL and used
       property verification on mixed signal designs at ST and Rambus
   • IIT Kharagpur (Pallab Dasgupta and team) has extended SVA and generated
       monitors, checkers and SVA properties and used them to verify circuits at
       National Semiconductors
   • University of Utah (Chris Myers, Scott Little) researchers are working on a tool to
       extract formal models of AMS designs by analyzing spice simulations
   • University of Concordia (Sofiene Tahar, Mohammed Zaki), Canada researchers
       are working to apply model checking techniques on Matlab models of AMS
       designs
   • Freescale has used SVA to verify behavioral models of analog designs.
Possible Property Checking Flows
Assertion based AMS verification can be either –
   a. Online (while the simulation is running, assertions are checked at run-time) or
   b. Offline (assertions are checked on the simulation results).

Given that online assertion checks will involve close interaction among various
simulators and the presence of a standard assertion language understood by mixed signal
simulators, it seems that the best approach for time being would be to do offline assertion
checks on simulation traces.

The advantages of offline assertions also include the ability to use any simulator in
addition to any modeling language for analog and digital blocks at abstract high level as
well as at spice level. The flow will have to convert different simulator outputs to a
common standard output.

However, for the maximum return on investment, online checks are required. Online
check will –
   1. Enable the user to abort the simulation early if a violation is detected.
   2. Make it possible to have a feedback loop from the checker back to the model if so
       desired.
   3. One stop solution for assertions needs as the assertions are checked by the
       simulator itself.


Layered AMS Assertions
System Verilog Assertions are layered and can be viewed as having being composed of
the following layers sitting on top of each other.
    1. Boolean Layer: Atomic Boolean expressions which evaluate to true/false. These
        are at the leaf level of System Verilog Assertions (SVA). For example – a && b.
    2. Temporal Layer: Boolean expressions are combined to form complex sequences
        to define behavior over time. Sequences are regular expressions composed of
        Boolean expressions. For example – (a && b) ##1 (c && d).
    3. Property Layer: Properties are composed of sequences and/or Boolean
        expressions and are at the top of the SVA layer.


                              Property Layer
                             Temporal Layer
                             Boolean Layer
                          Figure 1 Layers of System Verilog Assertion
We propose to introduce another layer before the Boolean layer in SVA which will
abstract real values of analog signals and convert them into Boolean values. We call the
new layer Analog Layer.



                               Property Layer
                              Temporal Layer
                              Boolean Layer
                               Analog Layer
                  Figure 2 Extended analog layer in System Verilog Assertions

The abstraction of analog signals/expressions to Boolean values can be achieved in a
couple of ways –
    1. Threshold Abstraction: Real valued analog signals are compared against fixed
        thresholds as linear inequalities and the result of the inequalities are stored as the
        abstracted Boolean values. For example – f <= 2.5, where f is a real valued
        signal. Other inequality operators will be <, >, >=.
    2. Generalized Function Abstraction: We could allow the user to write a complex
        mathematical function with real parameters which produces a Boolean output.
        For example – sin (a) >= 0.56, (a * 0.245 + 1.4 * b) > 0.76.
    3. Abstraction with Error Margin: This will allow the user to specify the error
        margin in the values to be extracted. This can be constructed out of the Threshold
        Abstraction as a derived abstraction. For Example – (a >= 2.5 && a <= 2.5025).
        This ranged abstraction can be viewed as an abstraction of (a >= 2.5) with 0.1%
        upper relaxation. We could similarly have a lower relaxation as well as total
        relaxation.

The abstracted values of the analog signal/functions will then be used in the Boolean
layer of the SVA property to form Analog Threshold SVA properties.


Timed Operators
Linear temporal logic operator like “Next Time” loses its meaning in dense time logic
because there is no central clock [Refer to STL/PSL work by Oded Maler, et. al). Thus,
we need to extend SVA temporal operators which will allow more natural specification
of timed properties in the absence of “Next Time” operator. There needs to be more
discussion before the exact nature of these extensions can be finalized.
Inequalities
Basic linear inequalities should be supported in the analog layer and consist of the
following analog expressions, where Inequality is an element from the set of following
operators {<, <=, >, >=} –
    • Analog Value
    • Analog Value Inequality Analog Value

Where Analog Value is one of –
  1. Analog Variable
  2. Number Constant
  3. Analog Value Operator Analog Value

And Operator is from the set of {+,-,*,/}

The above restriction on the type of expressions is to ensure fast determination of the
interpolated values of the analog signals at the crossing point where the analog
expression changes its Boolean value.

Other generalized real functions will be added as required. If no interpolation is used
then, the tool should support polynomial inequalities too.


Interpolation
Analog signals are continuous and not discrete like Boolean signals. However, since the
analog signals in the simulation output are sampled values of the signals in simulation,
analog signal values are not continuous in simulation output. This sampled nature of the
analog signals leads to inaccurate evaluations of the analog threshold inequalities as
illustrated by the example below.

   •   Example:
          o Let analog signal A = 1.5 at time t=0, and A = 3.5 at time t = 10.
          o Let analog threshold inequality ‘IA’ be A <= 2.5
          o At t = 0, IA = 1 since A <= 2.5
          o At t = 10, IA = 0 since A > 2.5
          o Let clk be a high frequency clock with following (time, value) pairs clk =
             (0,0) (2,1) (4,0) (6,1) …
          o Let B have the following sampled (time, value) pairs B = (0, 1) (7, 0) i.e.
             B changes value at t = 7 from 1 to 0
          o Let property p = always @(clk) B implies (A <= 2.5)
          o If no interpolation is used then property p is satisfied on the above trace,
             since A’s sampled value changes to 3.5 only at time t = 10 at which point
             B=0
          o If linear interpolation is used then A = 2.5 at t = 5 with a slope of 0.2/time
             unit and the property fails at t = 6 when evaluated at the clock edge since
             B = 1 and (IA <= 2.5) is false
In the above example the property gives incorrect result when no interpolation is used
because we did not know when IA switched from 1 to 0, as the signal A was not sampled
at the crossing point of the inequality. This inaccuracy in the evaluation of the expression
led to incorrect property evaluation.

Thus, analog signals have to interpolated when –
   • The inequality involving the analog signal changes value between two sampled
       values of the signal [Note: This still leaves the possibility that even though the
       inequality did not change the value at the two sampled values, the real continuous
       signal did change the value in between the two and it was just that those values
       were not sampled]
   • The property uses a local variable or timed operator such that the property
       duration ends before the next sampled value of the analog signal

Using interpolated values for the analog signals under the above conditions should ensure
that the property evaluation is clock accurate. However, there might still be the
possibility of incorrect evaluation if the signals switch simultaneously.


Sampled Values
The sampled values of the analog signals used in the properties need to be stable. The
values can be sampled at the following two places –

   1. Previous Value: The previous computed stable value.
         a. The value is already committed to and cannot be changed in the current
             evaluation iteration. However, the downside is that the properties will
             always be lagging the evaluated values.
   2. Current Value: The current computed stable value in current iteration.
         a. Depending upon when the value is sampled in the current evaluation
             iteration, the value might be changed before it is committed. However, if
             the value is sampled in the post-commit region, then the value is already
             committed and cannot be changed.

Using the current value might be more intuitive and easier to comprehend than using the
previous value.
Extension Syntax Details
We will keep updating this section as more details are finalized.

Variable Types in A-SVA Properties

Variables used in the Analog-SVA properties can be of the following types as given
below in the table. The information presented below has been taken from the IEEE
P800/D4 (October 2, 2007) System Verilog specification.

           Size in bits     No of states/Other Comments         Default Sign
Short int  16               2                                   Signed
Int        32               2                                   Signed
Integer    32               4                                   Signed
Long int   64               2                                   Signed
Byte       8                2                                   Signed
Bit        User defined     2                                   Unsigned
Logic      User defined     4                                   Unsigned
Reg        User defined     4                                   Unsigned
Time       64               4 (64-bit unsigned integer)         Unsigned
Short real 32               Same as ‘c’ float
Real       64               Same as ‘c’ double
Real Time 64                Same as Real


   •   Follow IEEE Std. 754-1985 for real number specification
   •   Net types default to ‘logic’ if no data type is specified in the net declaration
   •   Time can be integer or real and is scaled to the current time unit and rounded to
       the current time precision
   •   Conversion:
           o Real numbers shall be converted to integers by rounding the real number
               to the nearest integer. If the fractional part is 0.5 it will be rounded away
               from zero
           o Individual bits that are ‘x’ or ‘z’ in the net or the variable shall be treated
               as zero upon conversion
           o Explicit conversion can be done using casting. See IEEE P1800/D4
               specification of System Verilog for more details

The variables used in the A-SVA properties shall be declared in the same way as other
System Verilog variables are declared.

            A-SVA properties will allow only the variable types listed above.
A-SVA Property Syntax

The following rules will be followed in decreasing order of priority for sub-
expressions/expressions in the analog-extension of SVA

   •   The following data-type precedence will be followed when evaluating property
       expressions, where Real has the highest precedence and byte has the lowest.
           a. Real > short-real > long int > integer > int > short int > byte
           b. For user-defined bit, reg and logic vectors convert them into appropriate
              integer as defined in System Verilog standard
           c. NOTE: There might be a loss in precision when converting integers or
              long int to real
   •   The inequality operators (<, <=, >, >=) will always evaluate to a scalar single bit
       result
   •   The type of an expression evaluation will always be the type of its sub-expression
       with the highest type precedence
           a. If an expression contains a real variable/constant the resulting expression
              will be of type real
           b. If an expression contains a short-real variable then the resulting expression
              will be of type short-real
           c. If an expression contains an integer then the resulting expression will be
              an integer

The introduction of real variables in the A-SVA properties does not lead to a change in
the variable declaration grammar and it remains the same as in System Verilog.

The grammar for the extension A-SVA affects the Boolean layer as it introduces another
layer – Analog threshold Boolean abstraction. The other layers of the SVA are not
touched in Phase 1. The extension grammar is given below –

Boolean_Abstraction:
     | Analog_Expr LEQ Analog_Expr
     | Analog_Expr LE Analog_Expr
     | Analog_Expr GEQ Analog_Expr
     | Analog_Expr GE Analog_Expr

Analog_Expr:
     | ID
     | Constant
     | OPEN_PAREN Analog_Expr CLOSE_PAREN
     | Analog_Expr PLUS Analog_Expr
     | Analog_Expr MINUS Analog_Expr
     | Analog_Expr MULT Analog_Expr
     | Analog_Expr DIV Analog_Expr
The type of Boolean_Abstraction will always be ‘single bit’. ID can be of any type
described in the previous section. Constant numbers can be specified as integer constants
or real constants. Constants will default to signed or unsigned as defined in the table
above and will be consistent with System Verilog standard. For full grammar of the
constants, please refer to the System Verilog standard specification document describing
numbers.

				
DOCUMENT INFO
Shared By:
Categories:
Stats:
views:22
posted:7/3/2010
language:English
pages:13