CADENCE CONFIDENTIAL 1CADENCE DESIGN SYSTEMS, INC. Cadence Formal Verification 2003 Beijing...

CADENCE CONFIDENTIAL1 CADENCE DESIGN SYSTEMS, INC.

Cadence Formal Verification

2003 Beijing InternationalMicroelectronics Symposium

C. Michael Chang

Vice President, Formal Verification

2 CADENCE CONFIDENTIAL

Cadence Formal Overview

• Formal verification market leader

• Complete formal verification solution

• Proven technology - 1000s of design tapeouts

• Comprehensive ASIC vendor & foundry support

• >300 customers worldwide

Firmware

IR Drops

Power

Mixed Signal Intf

Yield

Race Condition

Slow Path

Clocking

NoiseFunctional

0% 10% 20% 30% 40% 50% 60% 70% 80% 100%

74%

33%

31%

31%

24%

23%

21%

14%

11%

10%

October 2000Collett International

• Half of all chips today require 1 or more re-spins

• 74% of all re-spins are due to functional errors

0%

10%

20%

30%

40%

50%

60%

1998 1999 2000 2001 2002*

Verplex Avant!Synopsys Others

Source: Dataquest, * EDAC

Ava

nt!

+ S

yno

psy

s

Ava

nt!

+ S

yno

psy

s


• Ensures consistency of two designs

• Exhaustive verification using mathematical algorithms

• Orders of magnitude faster than simulation

• No test vectors required

• Pinpoints errors quickly

• Simplifies analysis and debug of implementation errors

Equivalence Checking (EC) Introduction

Gate:Post Synth,

P&R Etc.

RTLor

Gate

Implementation Verification

Conformal EC


Conformal SolutionComprehensive Equivalence Checking Solution

Memory

Mem

ory

Datapath

Datapath

Datapath

Datapath

Memory

Memory

Memory

Mem

ory

Mem

ory

Mem

ory

Random Logic

RandomLogic

Custom logic, I/O cells

Custom logic, I/O cells

Cu

sto

m lo

gic

, I/O

cel

ls

Cu

stom

log

ic, I/O cells

EC for Random LogicVerifies synthesized logic

EC for Embedded MemoryVerifies custom memories

EC for Complex DatapathVerifies compiled datapath

EC for Digital CustomVerifies custom logic, IO cells, libraries

Semantic & Structural ChecksVerifies buses and synthesis pragmas

EC for LayoutVerifies physical integration

Clock Domain Crossing ChecksVerifies clock synchronization


• Used throughout the implementation process

• Independently developed technology

• Production proven on 1000s of designs

• Best performance

“Conformal by far blows away Formality in speed and capacity.”

- Bob Lawrence, Agere Systems

ConformalEquivalence

Checker

RTL RTL

Logic OptimizationLogic Optimization

Floor PlanningFloor Planning

PlacementPlacement

Logic SynthesisLogic Synthesis

Test InsertionTest Insertion

RoutingRouting

P&R OptimizationP&R Optimization

ECOsECOs

Clock SynthesisClock Synthesis

Conformal ensures implementation equivalence

Conformal SolutionImplementation Verification


Conformal SolutionExtends EC to Complex Datapath

• Trends indicate increased usage of advanced datapath optimization

• Used to create high performance and area optimized circuits

• Conformal provides formal verification solution for complex datapath

• Exhaustive verification • Magnitudes faster than simulation• Easier to pin-point errors and debug

Conformal EC

Datapath Synthesis GateRTL

Equivalence Checked

"Verifying datapath circuits has been very difficult and time consuming in the past, but we have found Conformal DP to be very efficient in comparing

different types of datapath circuits." Hiroshi Furukawa, System-on-a-Chip Design Division of NEC Micro Systems


Operator Merging

A B C

Y

X

+

A B C

Y

MergedOperator

Advanced Pipeline Support

Conformal SolutionComplex Datapath Support

• Handles advanced datapath

optimization techniques including

operator merging and advanced

pipelining

• Flexible – Flattened or hierarchical

• Supports wide variety of datapath

architectures from many datapath

synthesis vendors

First EC tool to successfully verify complex datapath circuits


RTL Model

Gate Model

EC

Final Circuit

Final GDS

LVS

Physical Design• Layout integration• Circuit optimization• Netlist Conversion• GDS edits

EquivalenceChecker

CircuitAbstraction

Conformal EC

Conformal SolutionClosing the RTL to GDS Verification Gap

Conformal ensures RTL to GDS equivalency


• Targets customer designed embedded memories• Exhaustive verification without vectors• Verifies complex control, scan, BIST, etc… • Magnitudes faster than simulation• Supports RAM (single & multi-port), CAM (binary & ternary), and register files

EquivalenceChecker

Conformal EC Solution

CircuitAbstraction

Equivalence Checked

RTL Spice Netlist

RTL WithMEM

Primitive

MemoryPrimitives

CadenceMemoryPrimitive

Conformal SolutionExtends EC to Memories


Conformal SolutionProviding a Safer EC Environment

• Complements EC flow

• Automatic extraction and verification:

– Clock Domain Crossing (CDC):

Clock synchronization & data transfer validation

– Semantics:

Verification of synthesis pragmas & assumptions

– Structural:

Implementation checks including bus & tri-state

Can validate checks that don’t exist in RTL

• Finds difficult implementation bugs


CLK A

CLK B

Divergent synchronizers

Graycode violations

Data stability violations

Potential CDC glitches

Metastability problems

Conformal detects

Clock topology problems

• Pinpoint problems quickly

• Automatic detection of clock domains and crossings

• Structural verification of multiple clock domain synchronization

• Functional verification for data stability violations

• Automates error-prone manual post static timing analysis process

• Reduces risk of clock related re-spins

• Prevents late clock related iterations in the design cycle

Conformal Solution Clock Domain Checking


RTLalways @ (a or b or s) begin case (s[1:0]) //synthesis full_case 2’b01: q = a; 2’b10: q = b; endcaseend

always @ (a or b or s) begin case (s[1:0]) //synthesis full_case 2’b01: q = a; 2’b10: q = b; endcaseend

Gate-level

aa

s[1]s[1]

qqbb

Simulation

s[0]

RTL: qq

s[1]

Gate: q a

a

11

00

Synthesis

00

11

b

b

11

00

a

a

11

b

a

11

Conformal Solution Semantic Checks

• Conditions that may create mismatches between RTL and gate-level simulations

• Full case

• Parallel case

• X-assignment

• Range Overflow

• Conformal checks if unexpected conditions can exist in design:

s[1:0] == {0,0}, s[1,0] == {1,1}

• Finds functional mismatches that are otherwise missed or detected only by gate level simulation late in design cycle

• Equivalency can not find this type of error

• EC follows synthesis interpretation

Conformal finds semantic corner-case bugs earlier


Conformal Solution Structural Checks

• Class of bugs typically found late in design cycle, if at all

• May not be present in “RTL” , scan insertion errors

• Introduced during design integration

• Introduced during implementation and ECOs

• Bus Checks

• Bus contention

Bus or net driven by conflicting data

• Bus floating

Bus is not driven by any signal

• Tri-state

Stuck-at problem with tri-state driver enable

• Set / Reset CheckSet and Reset on at the same time

• Multi-port Latch CheckMulti-port latches loaded with conflicting values

Bus errors are a common source of silicon failure

Sequential analysis for bus contention

0

qq

1

1

1

Conformal finds all structural consistency problems both during design and implementation cycles

......

......

......

......


Conclusion

• The verification problem continues to grow at an exponential rate

• Simulation-based techniques cannot meet the challenge alone

• Formal analysis is a critical requirement for thorough verification

• Equivalence checking is used throughout the implementation process

• Conformal offers the only comprehensive EC solution for complex SoCs

• Conformal technology was developed independently to maintain verification integrity

CADENCE CONFIDENTIAL 1CADENCE DESIGN SYSTEMS, INC. Cadence Formal Verification 2003 Beijing...

Documents

Transcript of CADENCE CONFIDENTIAL 1CADENCE DESIGN SYSTEMS, INC. Cadence Formal Verification 2003 Beijing...