The Future of Formal: Academic, IC,
EDA, and Software Perspectives
FMCAD, 2008
Ziyad Hanna
VP of Research and Chief Architect
Jasper Design Automation
Key FPV Market Observations
• FPV is being shifted from supplemental to primary
verification method for a growing subset of verification
tasks
• Customers use formal property verification to displace a
portion of their simulation usage
• FPV revenues are growing much faster than revenues of
other emerging EDA domain
• Formal Technology – “The Swiss Army Knife” in Design
and Validation
- 2 - ©2008 Jasper Design Automation
EDAC 2007 Market Statistics
- 3 - ©2008 Jasper Design Automation
FPV Applications
High-level requirements
Data
Integrity
ROI
Packet
Ordering
• End-to-end
• Black box
• Based on design intent
Design Intent
RTL implementation assertions
• Localized
• Implementation-specific
• White box
RTL Implementation
One
Hot
Increment
By 1
FIFO
Overflow
Design Behavior
- 4 - ©2008 Jasper Design Automation
FIFO
Overflow
The cost of FPV
Problem complexity and value
Support
• Low-end FPV solutions useful for
debugging and easy problems however with
limited ROI
• FPV applicability is evolving rapidly, but is
still gated by capacity limitations, and
therefore needs more automation
Value
differentiation
• Support and expertise is required to train
initial users:
 How to convert spec to properties
 How to develop proper constraints
 How to manage complexity
# Users
- 5 - ©2008 Jasper Design Automation
Formal Verification Staged Adoption Model
ROI
Quality,
Bugs,
Coverage,
Productivity
Formal
Verification
Dynamic
Verification
Master Formal Technology
1st wow
Adopt
Pilot
- 6 - ©2008 Jasper Design Automation
Wide Deployment
FV an established methodology in
Design & Validation flows
 Completeness
 High coverage
 Uncover hard bugs
 Verify high level properties
 Post Silicon Debug
Early Drop
 High productivity
FV Staffing,
on risky blocks,
Small team
Corner stone
In DV flow
Cross blocks
Multiple projects
Time
Customized Solutions based on
FV technologies in Design and
Validation Flows
Main Challenges of FPV
• Scalability and be able to run at same level of simulation
and share setup
• Usability: Push button flows are not scalable, on the other
hand human in the loop is effective but is still costly
• Predictability: “Is it going to work on this block?”
• Perception of FPV ability
• Interoperability with other methods (coverage etc.)
- 7 - ©2008 Jasper Design Automation
The New Reality
• Consumers are more selective, more discriminating
about necessity and value
• So too are companies, and the industry at large
• Which will survive… and even thrive?
- Employees
- Projects
- Business units
- EDA suppliers
- Companies
- 8 - ©2008 Jasper Design Automation
Those with differentiated
VALUE
What is the Future of Formal ?
• Well … we are not in the futurology science …
• But so far Formal has been delivering an excellent value
• FPV is relatively a young domain in the market and
definitely has a great potential on targeted ROI
• Still highly dependent on the future of:
– HW/SW Design industry
– EDA industry …
– User Behavior
– Adoption of new technologies and methodologies
– And many other parameters
- 9 - ©2008 Jasper Design Automation
Challenges and Opportunities Ahead …
• Address cost and productivity issues in design and validation
• Can we get 100% proofs on RTL models (at least for selected IP
blocks), if not how to measure the coverage? What is the cost?
• HLM for verification is unavoidable – need a new language with clear
and precise semantics to drive HLS and formal at early stage in the
the design cycle
• Cross SW/HW verification is a huge challenge
• Leverage the great progress in parallel and distributed computing
- 10 - ©2008 Jasper Design Automation
Recommendations
• Invest on targeted research to address real problems
• Invest in RTL verification – it is NOT a solved problem yet (research
still mostly at netlist)
• Invest in dedicated HLM language and semantics for ESL, drive for an
industrial standard
• Better methodologies to leverage the power of formal
• Think out-of-the-box for applying formal at several other bottlenecks in
the design and validation flow
• Deliver challenging and representative problems to Academia
- 11 - ©2008 Jasper Design Automation
THANKS
- 12 - ©2008 Jasper Design Automation