Poster 5.1 An Automated Pre-silicon IP Trustworthiness Assessment for Hardware Assurance
Sergio Marchese, John Hallman, Sven Beyer, David Landoll - OneSpin Solutions
Garrett Chan, Salam Zantout, Vikram Rao - The Aerospace Corporation
Integrated circuit designs include in-house and third-party intellectual properties that could contain hardware Trojans. An independent, trusted, and complete IP model, suitable for automated formal comparison with the IP register-transfer level (RTL) code using commercially available tools, may be used to prove absence of functional Trojans. Such models are generally not available, except for certain critical IPs, as, for example, RISC-V processor cores. The development of these models may be costly and time-consuming. This paper proposes an IP trustworthiness assessment process that does not require a trusted model. The approach uses automated tools that scan the IP RTL code to detect suspicious or unusual code patterns and known Trojan signatures. This low-effort, objective assessment may detect Trojans and provide warnings that, depending on the specific project circumstances, may require additional investigation. The approach is demonstrated on numerous open-source and proprietary test designs containing hardware Trojans.
Poster 5.2 Deploying HLS in a DO-254/ED-80 Workflow
Jacob Wiltgen, Byron Brinson, David Aerne - Mentor, A Siemens Business
Tammy Reeve, - Patmos Engineering Services & Airworthiness Certification Services
The adoption of tools into safety-critical workflows is often challenging as these new technologies must demonstrate sufficient safeness to use before being deployed in production environments. The demand for High-Level Synthesis capabilities within DO-254 projects is growing and this paper describes the requirements and considerations to successfully use High-Level Synthesis within a DO-254 workflow.
Poster 5.3 Experience of using Formal Verification for a Complex Memory Subsystem Design
Sujeet Kumar, Vandana Goel, Hrushikesh Vaidya, Ronak Sarikhada - Intel
Formal verification (FV) has been widely accepted as a verification approach for catching corner case design issues, it also speeds up the verification process of any subsystem . Usage of formal verification for a complex memory subsystem design is not an easy task because of huge state space of the design, maintaining the different IP releases, and running developed test cases over time. In this paper, we discuss the best approaches followed for verifying a memory subsystem which includes a split based approach for unsolved properties, optimizing the engine parameters, connectivity check automation, testbench maintenance automation and cronjobs automation. Using these approaches, we found 8 critical RTL/architecture issues within a short span with limited resources. It also helped us to identify the problem ahead of the traditional functional verification.
Poster 5.4 Analog Modelling to Suit Emulation for Hardware-Software Co-Verification
Saranya Das - Analog Devices Inc
Firmware-Hardware co-verification is an important pre-silicon task to ensure faster silicon delivery to customers. Emulation platform is used to validate the firmware before silicon arrives for saving time to market. In simulations, analog signals are modeled using RNM (real number modelling), but RNM can’t be used on an emulator as the datatype is 'real'(non-synthesizable). This paper describes how fixed-point arithmetic was used to model an analog block like ADC. Python code was used to visualize and decide the optimum bit-width for modelling. The paper also discusses techniques for creating synthesizable testbench and modelling of commonly used analog blocks to suit the emulation platform.
Poster 5.5 A step towards Zero Silicon Bugs using Assertion based Assumption Validation
Rohit Sinha, Christie Babu - Intel
As the complexity of SoCs is exponentially increasing and IPs are being sourced from multiple external and internal channels, the validation of asynchronous designs and ensuring that there are no potential misses in the SoC integration have become a daunting task. During the SoC integration, we often get cases wherein pre-silicon or sometimes post-silicon bug cost an entire respin due to meta-stability issues or due to glitches in the clock-reset paths. That’s the reason there is an absolute necessity mainly in the SoC design to ensure that the assumption used for signing off CDC or RDC design challenges are validated using an autonomous flow. The flow should ensure that the assumptions that have been taken to close CDC analysis are validated with respect to the design intent such that constraints added because of the wrong interpretation can be detected upfront to avoid costly iterations.
Poster 5.6 IP-Coding Style Variants in a Multi-layer Generator Framework
Zhao Han, Keerthikumara Devarajegowda, Andreas Neumeier, Wolfgang Ecker - Infineon Technologies AG
With the increasing demand for domain-specific architectures, System on Chips (SoCs) need to be customized to perform the required tasks with minimal area and power consumption. However, customization brings a longer development time and more cost. Hardware generators are therefore introduced to accelerate the design process and aid Intellectual Property (IP) reuse. But the IP coding style, generated HDL files, remains unconfigurable to incorporate target design process and to achieve the desired optimization in a synthesizer.
To address these challenges, we propose to transform platform-independent design models and platform dependent view models in our novel multi-layer generation flow. Design models capture the design intent, where deceptive components are provided to indicate hierarchies and coding styles. By fine-tuning the descriptive components, IP coding styles are configured. Furthermore, file caching and hierarchy flattening transformations are provided to further assist flexibility in the back-end. Additionally, transformations to adapt naming convention is provided as well.
To demonstrate applicability, two RISC-V SoCs are taken as examples. With generated various coding styles, the relations of IP coding styles to check-in time under version control system and synthesis time in a synthesizer is analyzed. Furthermore, efforts to develop transformations are shown.
Poster 5.7 Probing UPF Dynamic Objects: Methodologies to Build Your Custom Low-Power Verification Platform
Progyna Khondkar - Mentor, A Siemens Business
Oftentimes low-power design and verification engineers crave for ways to continuously probe ON, OFF status of a power domains, or different states of a supply sets, supply nets, supply ports, logic ports, power switch acknowledge ports, or conditions of different strategies (e.g. isolation, retention), or discrete changes in supply voltages or even wants to populate cover-bins with coverage data from unconventional power state transitions. Apparently there were no ways to continuously monitor the dynamic properties of UPF objects –like, just noted above – let’s say ‘the current state of a strategy’ and utilize the information to develop custom low-power verification environment. This paper proposes a completely new low-power verification methodology on the key concepts of low-power (UPF) information model (UPFIM)  that directly imply Tcl and SV HDL API to user low-power designs. The novel methodology allows to query any dynamic properties of UPF objects – like continuously probe ON, OFF status of a power domains (during elaboration steps) through Tcl API and passed the objects information on to appropriately instantiated SV API based design codes. For example, Tcl API can be used on the simulation execution fly to populate any attributes for low-power SystemVerilog checker modules that are already quarried and bound during elaboration steps into RTL design through UPF bind_checker.
Poster 5.8 Automatic Diagram Creation for Design and Testbenches
Paul O'Keeffe, Jamie Beattie, Gian Lorenzo - CreVinn Teoranta
This paper is to present some findings in an investigation into processes that can be used to automatically create diagrams for Verilog RTL and testbench code.
Poster 5.9 Formal Verification Experiences: Silicon Bug Hunt with “Deep Sea Fishing”
Ping Yeung, Mark Handover, Abdel Ayari - Mentor, A Siemens Business
Formal verification has been used successfully to verify today’s SOC designs. A few companies also used formal verification to perform post-silicon bug hunting. It is one of the most advanced usages of formal verification. It is a complex process that in-cludes incorporating multiple sources of information and managing numerous success factors concurrently. These post-silicon bugs are complex. Most of them happen deep in functional operation under unusual combinations of events and scenarios. So-phisticated approaches have been tried-and-true, and experiences have been gathered in this area. In this paper, we will share these experiences by first introduce the “deep sea fishing” bug hunt radar. It captures the success factors and helps guide the de-ployment of various methodologies. The objective is to identify obstacle(s) and to gradually improve or refine each of the factors so that we can “zero-in” on these critical silicon bugs.
Poster 5.10 Achieving Faster Reset Verification Closure with Intelligent Reset Domain Crossings Detection
Milan Kaur Anand, Sulabh Kumar Khare - Mentor, A Siemens Business
The increased functionality, multiple interfaces, performance optimizations, and multi-mode operations in modern system-on-chip (SoC) designs have led to highly complex architectures of multiple primary reset sources, splitting the chip into several reset domains, each receiving different combinations of primary reset sources. In order to ensure that signals crossing complex reset domains function reliably, advanced reset domain crossing (RDC) verification, as part of comprehensive static analysis of the RTL, is imperative. An RDC verification solution must not only identify asynchronous, reset-assertion induced, critical metastability issues at reset domain crossings and glitches due to combinational resets, but also ensure reliable and accurate RDC reporting for quick verification turn around.
In this paper, we present an advanced methodology as part of a static verification tool that significantly reduces designer effort in completing RDC verification by eliminating noise from RDC results. This is achieved through proactive functional analysis of reset assertion sequences of complex combinational reset logic that drives RDC crossings. We also present a case study using real-life designs to demonstrate improvements that validate the new methodology.
Poster 5.11 Verification of a Multi-languages Components - A Case Study: Specman E Environment with SystemVerilog UVM UVC
Eran Lahav - Veriest Solutions
Verification of a complex SOC today demands the use of Verification IPs from diverse sources. The ability to utilize available verification components and embed them into an existing Verification Environment, which often consists of different languages, is of great importance . The Accelera UVM-ML Open Architecture  provides the ability to assemble and co-simulate components which are written in different languages. Nevertheless, some synchronization aspects - such as sequences alignment and data transport between those components - are left for one's determination. In this paper, we demonstrate a common case for Multi-language necessity: a SOC that is generally verified with a Specman E environment that utilizes an SV UVM Verification Component from an external vendor. In the implementation of this system, we deployed a mechanism for data and bilingual sequence synchronization. In this project, we also deal with a dilemma: In what circumstances is it better to translate (or rewrite) code to another language, rather than combine it in a different language environment.