Bristol 2009 q1_boulton_richard

194 views

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
194
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
2
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Bristol 2009 q1_boulton_richard

  1. 1. Cost Evaluation for Adopting Formal Property Checking Richard Boulton Icera Inc. Related paper to appear in the proceedings of DVCon 2009, 24–26 February 2009 Copyright 2009 Icera Inc Bristol DVClub, 21 Jan 2009 1
  2. 2. Motivation • Formal verification offers improvements in quality – But at what cost? • Design teams / companies may not have extra resource to apply formal verification – Can FV replace some simulation without extra effort? – Can FV be mixed effectively with simulation? • Icera conducted an evaluation of formal property checking (the type of FV most used in industry) – Not a tool evaluation! Copyright 2009 Icera Inc Cost Evaluation for Adopting FPC, Bristol DVClub, 21 Jan 2009 2
  3. 3. A Few Details • Small SoC peripheral block (data pump) – Significant complexity in the design including a high degree of configurability – Previously verified at the block level using coverage- driven constrained-random simulation – Good functional coverage achieved • Around 100 English properties extracted from the functional specification document – Some of these were formalized in PSL or SVA – Attempted to prove formalized properties using FPC Copyright 2009 Icera Inc Cost Evaluation for Adopting FPC, Bristol DVClub, 21 Jan 2009 3
  4. 4. Time Spent on Formal Property Checking Activity Hours Weeks Process the RTL 2.0 0.1 Write natural-language properties for the functional spec. 80.5 2.7 Select props for FPC and sim. and write coverage specs 61.0 2.0 Deploy property IP 18.5 0.6 Implement properties in formal language and try to prove 109.0 3.6 Total 271.0 9.0 • Time sheets kept in half-hour increments • Conversion to weeks on basis of six hours project work a day Copyright 2009 Icera Inc Cost Evaluation for Adopting FPC, Bristol DVClub, 21 Jan 2009 4
  5. 5. Number of Properties Specified and Formalized Type of Property Specified (English) Formalized Proportion Done Definition 19 2 10.5% Assumption 8 3 37.5% Assertion 87 26 28.7% Total 114 31 27.2% • Intermediate notions were defined for conciseness • At least 80% of block behaviour specified • 31 English properties gave rise to 60 PSL/SVA properties • Some additional PSL/SVA assumptions required Copyright 2009 Icera Inc Cost Evaluation for Adopting FPC, Bristol DVClub, 21 Jan 2009 5
  6. 6. Estimated Time to Fully Formally Verify the Block Activity Hours Weeks Process the RTL 2.0 0.1 Write natural-language properties for the functional spec. 100.6 3.4 Select props for FPC and sim. and write coverage specs 76.2 2.5 Deploy property IP 18.5 0.6 Implement properties in formal language and try to prove 500.9 16.7 Total 698.2 23.3 • About 23 weeks for FPC versus about 20 weeks for block- level simulation (estimated) • Assumes testbench infrastructure not required elsewhere Copyright 2009 Icera Inc Cost Evaluation for Adopting FPC, Bristol DVClub, 21 Jan 2009 6
  7. 7. Results • Two minor bugs found that had eluded simulation • Two further omissions from the specification found • Plus over 20 significant corrections to the spec. • Most assertions proved; a few failures remained • Only one assertion hit tool capacity limits – But very few “end-to-end” properties were used • A run with all properties took about an hour Copyright 2009 Icera Inc Cost Evaluation for Adopting FPC, Bristol DVClub, 21 Jan 2009 7
  8. 8. Conclusions • Similar effort for FPC as for simulation – If simulation can be avoided completely • Found some issues not found by simulation • Challenges: – Complexity of clocking – Analysis of counter-examples – Configurability of design • Value in writing natural-language properties • FPC makes assumptions in use of block explicit Copyright 2009 Icera Inc Cost Evaluation for Adopting FPC, Bristol DVClub, 21 Jan 2009 8

×