Peripheral may represent a network communication device e. As suggested in the preceding paragraph, verification application may be implemented as a set or sequence of computer executable instructions, stored on a computer readable medium, for verifying that a design meets its specification.
The instructions may be stored on a persistent storage medium such as hard disk , a CD ROM not depicted , floppy diskette not depicted , magnetic tape not depicted , and the like. The instructions may also be stored on a volatile storage medium such as system memory or a cache memory not depicted of data processing system An embodiment of a design verification method that facilitates the use of incremental design verification techniques in the context of constraint-based verification is disclosed.
As indicated previously, incremental verification is used to verify a second design, commonly referred to as the new design, when the new design is a revised version of a first design, commonly referred to as the old design. A method of implementing incremental verification disclosed in the Incremental Verification Application is to route a net from the old design and the corresponding net from the new design to the inputs of an EXOR gate.
The output of the EXOR gate is asserted only when the old design net and the new design net differ. Extending this concept, a composite netlist would include the old design netlist, the new design netlist, and a set of EXOR gates. Each of the EXOR gates would receive a first input from a target in the old design and its second input from the corresponding target in the new design.
By establishing that none of the composite targets i. If one is attempting to reuse verification results performed on an old design in which a particular target was asserted, for example, it is sufficient for purposes of reusing the verification results on the new design to demonstrate a modified equivalence between the old and new designs. Specifically, it is sufficient to demonstrate that there is no state in which the target is asserted in the old design and not asserted in the new design. In other words, demonstrate that the logical expression Old.
Target is never TRUE. Conversely, if one is attempting to reuse verification results performed on an old design in which a particular target was not asserted, it is sufficient for purposes of reusing the verification results on the new design to demonstrate that there is no state in which the target is not asserted in the old design and is asserted in the new design.
In other words, demonstrate that the logical expression NOT Old. Target AND New. The Incremental Verification Application uses these concepts to simplify the equivalence logic implemented in a composite netlist. In this example, equivalence checking is achieved by creating a composite design that includes the a representation of the netlist of the old design and the netlist of the new design The creation of composite netlist includes a determination of corresponding or parallel nets.
In the depicted embodiment, a net in new design is determined to correspond functionally to net in old design and a net in new design is determined to correspond functionally to net in old design Assume further that prior verification efforts, i. Correspondence checking according to the present invention includes creating a first composite net and a second composite net First composite net employs a first type of equivalence logic to confirm functional correspondence between net of old design and net of new design Second composite net uses a second type of equivalence logic to confirm the functional correspondence between net of old design and net of new design Demonstrating that first composite net , which is the output of equivalence logic , cannot be asserted, indicates that there is no state in which net from old design is asserted TRUE and its proposed equivalent net from new design is not asserted FALSE.
Because the prior functional verification work performed on old design proved the existence of a state in which net was asserted, the positive equivalence result implies the existence of a state in new design in which net can also be asserted TRUE. Similarly, demonstrating that second composite net , which is the output of the second type of equivalence logic , cannot be asserted, indicates that there is no state of composite design in which net is TRUE and net is FALSE.
Because the prior verification effort performed upon old design discovered no states in which net was asserted, the positive correspondence result in this case implies that, if one were to perform equivalent verification upon new design , one would not have discovered a state in which net was asserted. In this manner, proving that a composite net e. When verification constraints are introduced into the old design, the new design, or both, existing incremental verification approaches must be modified to ensure that the constraints on either the old design or the new design do not prevent discovery of incremental equivalence violations.
As an example, an old netlist may include constraints that resulted in all old targets being unreachable. A new netlist may be substantially identical to the old netlist, but the new netlist may not have any constraints. As another example, imagine a simple design having two inputs, I 1 and I 2.
The constraint in the new design is I 1 i. Assume further that, for both designs, a target of interest is NOT I 2. The target is clearly unreachable in the old design, because I 2 is constrained to be TRUE, but the target clearly reachable in the new design. Proper incremental verification should, therefore, account for the differences in constraints and discover the lack of equivalence between the old and new targets.
If, however, the old constraint is simply incorporated into the composite netlist, the old constraint will restrict I 2 in a manner that is inconsistent with the new netlist and therefore mask a valid assertion of the target in the new netlist and thereby falsely conclude an equivalence between the old and new targets.
Addressing the problem described above, a method of using incremental verification in the context of verification constraints is disclosed and described with respect to the flow diagram indicated in FIG. Generally, the described verification method includes determining whether any constraints on the old design old constraints and any constraints on the new design new constrains are effectively equivalent.
(CoVer) Constraint-based Verification of Reactive systems
If equivalence is found, all constraints from the old and new netlists can be imported into the composite netlist. Like the procedure described in the Incremental Verification Application, constraint equivalence checking is preferably bifurcated into cases where verification results indicate a target as reachable and cases where verification results indicate a target as unreachable.
If equivalence checking of constraints indicates a lack of equivalence, the constraints are systematically removed from the netlist. More specifically, the constraint nets are modified by the addition of circuitry that makes it possible to remove semantic conditions associated with constraint nets and thereby treat the modified constraint nets as all other nets in the netlist.
Turning now to FIG. Initially, verification results are generated by verifying block an old design using old constraints. In the depicted embodiment, method then includes blocks and in which first and second nets are created. The first net, Constraint. Old, represents the logical AND of all constraints in the old netlist i. The second net, Constraint. New, represents the logical ANN of all constraints in the new netlist i. The construction of these two nets aids in the determination of equivalence between the old constraints and the new constraints.
The constraint equivalence of interest is referred to as effective equivalence because strict equivalence e. More specifically, whether or not it is permissible to incorporate all of the old and new constraints into a composite netlist for purposes of performing incremental verification when constraints are present depends upon the type of verification results for which incremental verification is proposed.
If the verification results for the old design the old verification concluded that an old target was not or could not be asserted, the incremental verification attempts to determine whether there are any states in which the corresponding target in the new netlist the new target are asserted and the old target is not.
CP - Thematic Tracks
For target-not-asserted results, the new constraints can be incorporated into the composite netlist if one can demonstrate that a TRUE value of Constraint. Remembering that targets are evaluated only for states in which all constraints are TRUE, the logical expression Constraint. Old indicates whether the old and new constraints can be incorporated into the composite netlist. If there is no state in which Constraint. Old is TRUE, incorporation of all old and new constraints into the composite netlist is appropriate. This check guarantees that when Constraints.
Qualitatively, this check verifies that the new constraints are a superset of the old constraints and, therefore, that the incorporation of the new constraints into the composite netlist will only limit the behavior of the old targets in a way that is not of concern for the reuse of target-not-asserted verification results. For target-asserted results, the old constraints can be incorporated into the composite netlist if one can demonstrate that there is no state of the composite design in which the new constraints mask the new target but the old constraints do not mask the old target.
The logical expression Constraint. New indicates whether the old and new constraints can be incorporated into the composite netlist. New is TRUE, incorporation of all old and new constraints into the composite netlist is appropriate. Qualitatively, this check verifies that the old constraints are a superset of the new constraints and, therefore, that the incorporation of the old constraints into the composite netlist will only limit the behavior of the new targets in a way that is not of concern for the reuse of target-asserted verification results.
Method as depicted thus determines block whether the verification results generated in block are target-asserted results or target-not-asserted results. If CHECK is true, then the composite netlist can be constructed block by importing all new constraints into the netlist.
If so, the composite netlist can be constructed by incorporating all old constraints into the composite netlist. If CHECK is proven to be NOT TRUE in block or block , method proceeds to a constraint elimination phase block of the incremental verification to effectively eliminate the constraints from the composite netlist. Constraint elimination method creates modified netlist s from the first netlist, the second netlist, or both by eliminating verification constraints from the first netlist, the second netlist, or both. The resulting modified netlist s are then used as a basis for creating a composite netlist in block of FIG.
Ordinarily, constraint nets possess unique behavior characteristics that the verification engine must recognize and that complicate incremental verification for cases in which old constraints and new constraints differ. In the depicted embodiment, constraints are eliminated by synthesizing the constraint into a target so that the effect of constraint is reflected in the state of the target. In FIG. Verification engines recognize constraint nets such as net C as specially designated nets that control the verification engine's behavior.
Specifically, verification engines check for assertions of target T, but only during cycles when the constraint C is asserted. As an example, if a verification engine is executing random simulation and encounters a state in which the constraint net C is FALSE, further state space exploration beyond that state in which the constraint was false is terminated.
In the depicted embodiment, modified netlist includes a first AND gate and a register or latch AND gate receives the constraint C as one input and an output of latch as its second input. The target T is routed to one of the inputs to second AND gate Modified netlist thus effectively eliminates the original constraint by introducing a functionally equivalent netlist that does not have the semantic constraints associated with the original netlist.
- Physical Properties and Data of Optical Materials.
- The Attraction Factor - 4 Simple Yet Powerful Principles That Will Melt Any Mans Heart?
- Lobachevski illuminated.
- Constraint-Based Verification | SpringerLink.
- What Lies Between Us: A Novel!
- The Wiley Engineers Desk Reference: A Concise Guide for the Professional Engineer;
- Multiobjective Scheduling by Genetic Algorithms?
In the depicted embodiment, the AND gate receives an input from each constraint C 1 through C k of the original netlist. The output of latch provides an input to AND gate In this manner, the assertion of any constraint during any cycle prevents any target from being reached becoming asserted during any subsequent cycle, which is functionally equivalent to the corresponding unmodified netlist i. Because, however, modified netlist of FIG. Returning to FIG. As described above with respect to FIG.
As depicted in FIG. More specifically, in the case where the old verification results are target-not-asserted results, constraint elimination is executed only if the composite model cannot be built by merely importing all new constraints block and, in the case where the old verification results are target-asserted results, constraint elimination is executed only if the composite model cannot be built by merely importing all old constraints. In some applications, however, it may be desirable to perform constraint elimination even when importing all old or new constraints is a possibility.
One such application involves the reuse of target-asserted results. In the case of target-asserted results, importing all old constraints may be performed as in block when the old constraints are a superset of the new constraints. However, applying the old constraints to the composite netlist may result in a false conclusion that a target is unreachable such as when the target would have been reachable but for the assertion of an old constraint on the new design when the old constraint is not part of the new constraints.
For this reason, some embodiments may elect to proceed directly to constraint elimination block after determining in block that the old verification results are target-asserted results.
Related Constraint-Based Verification
Copyright 2019 - All Right Reserved