Document

Circuit Level Verification of a High-Speed Toggle Chao Yan ' Mark Greenstreet University of British Columbia FMCAD 2007 — 14 Nov 2007 — Circuit Level Verication of a High-Speed Toggle – p.1/22 Overview Motivation Coho Projection Based Reachability Analysis Numerical Issues Verication Example Toggle Circuit Toggle Specication Verication Using Coho Formal Verification of Digital Circuits Using SPICE-Level Models is Possible. FMCAD 2007 — 14 Nov 2007 — Circuit Level Verication of a High-Speed Toggle – p.2/22 Motivation Design Flow Typical Design Flow Cell Lib. Coding RTL Synthesis equations Tech Map netlist Place & Route layout Extract annotated netlist N OK? Y done FMCAD 2007 — 14 Nov 2007 — Circuit Level Verication of a High-Speed Toggle – p.3/22 Motivation Design Flow Typical Design Flow Add a new cell Cell Lib. Coding Y RTL done? Synthesis N Tech Map reject N OK? netlist Place & Route layout Extract Manually Check ~one month Y equations Simulate (SPICE) annotated netlist N OK? Layout Y done FMCAD 2007 — 14 Nov 2007 — Circuit Level Verication of a High-Speed Toggle – p.3/22 Motivation Design Flow Typical Design Flow Automatic Verification Add a new cell Cell Lib. Coding Y RTL done? Synthesis N Tech Map reject N OK? netlist Place & Route layout Extract Manually Check Simulate (SPICE) OK? reject N Y time? N annotated netlist N ~one month Y equations Layout Y Coho Y done FMCAD 2007 — 14 Nov 2007 — Circuit Level Verication of a High-Speed Toggle – p.3/22 Motivation Typical Design Flow Cell Lib. Coding Similar Problems crosstalk analysis Y RTL Synthesis mixed-signal design N Y equations power noise problems leaky transistors done? Tech Map reject N OK? netlist Place & Route layout Extract Manually Check Simulate (SPICE) OK? reject N Y time? N annotated netlist N ~one month Design Flow Automatic Verification Add a new cell Layout Y Coho Y done FMCAD 2007 — 14 Nov 2007 — Circuit Level Verication of a High-Speed Toggle – p.3/22 Coho Reachability method for verifying real circuits Approximate the non-linear ordinary differential equations (ODEs) in small neighborhoods by linear differential inclusions: Ax + b − u ≤ ẋ ≤ Ax + b + u Projection based representation of reachable space FMCAD 2007 — 14 Nov 2007 — Circuit Level Verication of a High-Speed Toggle – p.4/22 Representing the Reachable Space Coho: Projectagons Project high dimensional polyhedron onto two-dimensional subspaces. A point is in the projectagon iff its projections are contained in the corresponding polygons. Projectagons are efciently manipulated using two-dimensional geometry computation algorithms. z y x y x z x y Maximal Reachable Space z Each edge of the polygon cor- Projections z x y responds to a face of the highdimensional polyhedron. FMCAD 2007 — 14 Nov 2007 — Circuit Level Verication of a High-Speed Toggle – p.5/22 Representing the Reachable Space Coho: Projectagons Project high dimensional polyhedron onto two-dimensional subspaces. A point is in the projectagon iff its projections are contained in the corresponding polygons. Projectagons are efciently manipulated using two-dimensional geometry computation algorithms. Each edge of the polygon corresponds to a face of the high-dimensional polyhedron. Other approaches: symbolic hyper-rectangles (HyTech) convex polyhedra (CheckMate) orthogonal polyhedra (d/dt) FMCAD 2007 — 14 Nov 2007 — Circuit Level Verication of a High-Speed Toggle – p.5/22 Reachability for Projectagons Extremal trajectories original from projectagon faces. Projectagon faces correspond to projection polygon edges. Coho computes time-advanced projectagons by working on one edge at a time. FMCAD 2007 — 14 Nov 2007 — Circuit Level Verication of a High-Speed Toggle – p.6/22 Basic Step of Coho project assemble projections advance union and simplify compute model and time step create new projectagon FMCAD 2007 — 14 Nov 2007 — Circuit Level Verication of a High-Speed Toggle – p.7/22 Basic Step of Coho LP project LP assemble projections advance union and simplify compute model and time step create new projectagon LP FMCAD 2007 — 14 Nov 2007 — Circuit Level Verication of a High-Speed Toggle – p.7/22 Coho Linear Program Solver Coho Linear Program min cT x Ax ≤b s.t. "1 !1 ATblock "2 !2 = !2 ! ! "2 Each inequality constraint corresponds to a face of the projectagon. One or two non-zero elements on each row of A. Dual is a standard form LP: A T u = c. Efcient linear system solver in O(n) time. FMCAD 2007 — 14 Nov 2007 — Circuit Level Verication of a High-Speed Toggle – p.8/22 Coho Linear Program Solver Coho Linear Program "1 !1 ATblock "2 !2 = !2 ! ! "2 Each inequality constraint corresponds to a face of the projectagon. One or two non-zero elements on each row of A. Dual is a standard form LP: A T u = c. Efcient linear system solver in O(n) time. Simplex-based linear program solver: Reduce accumulated error by computing tableau matrix directly from input data. Use Interval Arithmetic for well-conditioned problems. Use Arbitrary Precision Rational Computation for ill-conditioned problems. FMCAD 2007 — 14 Nov 2007 — Circuit Level Verication of a High-Speed Toggle – p.8/22 Summary of Coho Summary of Basic Algorithm: The ODE model of circuit is approximated by linear differential inclusions. Use projectagons to represent reachable set. Coho is sound: all approximations overestimate the reachable space. Extensive use of linear programming. Numerical Problems: Ill-conditioned linear programs Exploit LP structure of Coho’s LPs. Use hybrid approach of interval and arbitrary-precsion arithmetic. Polygon intersection/union difcult with nearly-parallel edges. Use hybrid approach of interval and arbitrary-precsion arithmetic already implemented for LPs. FMCAD 2007 — 14 Nov 2007 — Circuit Level Verication of a High-Speed Toggle – p.9/22 Circuit Verification Circuit description Use MSPICE – a Matlab package that provides simple spice-like functionality. Allows us to use same model for simulation and verication. Simulate rst: Do not attempt to verify a incorrect system. Have a rough idea of the reachable space to guide the verication. Helps explain verication failures. Compute reachable set by Coho Verify design specication using reachable set FMCAD 2007 — 14 Nov 2007 — Circuit Level Verication of a High-Speed Toggle – p.10/22 Toggle Circuit z HLLH HHLH LLLH 6 $ xx $ y yy x $ 20 10 $ q 10 10 zz Stable state of toggle element #xyz Transient state of toggle element LLHH z 10 6 6 10 10 #xyz 36 x HLHH HHLL 10 HHHL HLHL LHHL LLHL y step 0 1 2 3 4 #x 00 10 01 10 00 y 1 1 1 0 1 z 1 0 0 1 1 Start from the state where Φ is low, x is low, y, z are high Φ rises to high, z falls to low Φ falls to low, x rises to high Φ rises to high, y falls to low, z rises to high, x falls to low Φ falls to low, y rises to high FMCAD 2007 — 14 Nov 2007 — Circuit Level Verication of a High-Speed Toggle – p.11/22 Toggle Circuit z HLLH HHLH LLLH 6 $ xx $ y yy x $ 20 10 $ q 10 10 zz Stable state of toggle element #xyz Transient state of toggle element LLHH z 10 6 6 10 10 #xyz 36 x HLHH HHLL 10 HHHL HLHL LHHL LLHL y step 0 1 2 3 4 #x 00 10 01 10 00 y 1 1 1 0 1 z 1 0 0 1 1 Start from the state where Φ is low, x is low, y, z are high Φ rises to high, z falls to low Φ falls to low, x rises to high Φ rises to high, y falls to low, z rises to high, x falls to low Φ falls to low, y rises to high FMCAD 2007 — 14 Nov 2007 — Circuit Level Verication of a High-Speed Toggle – p.11/22 Toggle Circuit z HLLH HHLH LLLH 6 $ xx $ y yy x $ 20 10 $ q 10 10 zz Stable state of toggle element #xyz Transient state of toggle element LLHH z 10 6 6 10 10 #xyz 36 x HLHH HHLL 10 HHHL HLHL LHHL LLHL y step 0 1 2 3 4 #x 00 10 01 10 00 y 1 1 1 0 1 z 1 0 0 1 1 Start from the state where Φ is low, x is low, y, z are high Φ rises to high, z falls to low Φ falls to low, x rises to high Φ rises to high, y falls to low, z rises to high, x falls to low Φ falls to low, y rises to high FMCAD 2007 — 14 Nov 2007 — Circuit Level Verication of a High-Speed Toggle – p.11/22 Toggle Circuit z HLLH HHLH LLLH 6 $ xx $ y yy x $ 20 10 $ q 10 10 zz Stable state of toggle element #xyz Transient state of toggle element LLHH z 10 6 6 10 10 #xyz 36 x HLHH HHLL 10 HHHL HLHL LHHL LLHL y step 0 1 2 3 4 #x 00 10 01 10 00 y 1 1 1 0 1 z 1 0 0 1 1 Start from the state where Φ is low, x is low, y, z are high Φ rises to high, z falls to low Φ falls to low, x rises to high Φ rises to high, y falls to low, z rises to high, x falls to low Φ falls to low, y rises to high FMCAD 2007 — 14 Nov 2007 — Circuit Level Verication of a High-Speed Toggle – p.11/22 Toggle Circuit z HLLH HHLH LLLH 6 $ xx $ y yy x $ 20 10 $ q 10 10 zz Stable state of toggle element #xyz Transient state of toggle element LLHH z 10 6 6 10 10 #xyz 36 x HLHH HHLL 10 HHHL HLHL LHHL LLHL y step 0 1 2 3 4 #x 00 10 01 10 00 y 1 1 1 0 1 z 1 0 0 1 1 Start from the state where Φ is low, x is low, y, z are high Φ rises to high, z falls to low Φ falls to low, x rises to high Φ rises to high, y falls to low, z rises to high, x falls to low Φ falls to low, y rises to high FMCAD 2007 — 14 Nov 2007 — Circuit Level Verication of a High-Speed Toggle – p.11/22 Toggle Circuit z HLLH HHLH LLLH 6 $ xx $ y yy x $ 20 10 $ q 10 10 zz Stable state of toggle element #xyz Transient state of toggle element LLHH z 10 6 6 10 10 #xyz 36 x HLHH HHLL 10 HHHL HLHL LHHL LLHL y step 0 1 2 3 4 #x 00 10 01 10 00 y 1 1 1 0 1 z 1 0 0 1 1 Start from the state where Φ is low, x is low, y, z are high Φ rises to high, z falls to low Φ falls to low, x rises to high Φ rises to high, y falls to low, z rises to high, x falls to low Φ falls to low, y rises to high FMCAD 2007 — 14 Nov 2007 — Circuit Level Verication of a High-Speed Toggle – p.11/22 Specification 1 #% 0.8 0.6 0.4 Y 0.2 0 #& #& !0.2 !0.4 !0.6 !0.8 !1 !1 #% !0.8 !0.6 !0.4 !0.2 0 0.2 0.4 0.6 0.8 1 X With a fwell-behavedf clock input: The reachable space is a collection of trajectories whose period is twice that of the clock; The output is fwell-behavedf like the clock. FMCAD 2007 — 14 Nov 2007 — Circuit Level Verication of a High-Speed Toggle – p.12/22 Brockett’s Annulus V V 2 1 Vh V t 3 Vl 4 Vl Vh 1 Region 1 represents a logical low signal. The signal may wander in a small interval. Region 2 represents a monotonically rising signal. Region 3 represents a logical high signal. Region 4 represents a monotonically falling signal. Brockett’s annulus allows entire families of signals to be specied. FMCAD 2007 — 14 Nov 2007 — Circuit Level Verication of a High-Speed Toggle – p.13/22 Brockett’s Annulus V V 2 1 Vh V t 3 Vl 4 Vl Vh 1 2 Region 1 represents a logical low signal. The signal may wander in a small interval. Region 2 represents a monotonically rising signal. Region 3 represents a logical high signal. Region 4 represents a monotonically falling signal. Brockett’s annulus allows entire families of signals to be specied. FMCAD 2007 — 14 Nov 2007 — Circuit Level Verication of a High-Speed Toggle – p.13/22 Brockett’s Annulus V V 2 1 Vh V t 3 Vl 4 Vl Vh 1 2 3 Region 1 represents a logical low signal. The signal may wander in a small interval. Region 2 represents a monotonically rising signal. Region 3 represents a logical high signal. Region 4 represents a monotonically falling signal. Brockett’s annulus allows entire families of signals to be specied. FMCAD 2007 — 14 Nov 2007 — Circuit Level Verication of a High-Speed Toggle – p.13/22 Brockett’s Annulus V V 2 1 Vh V t 3 Vl 4 Vl Vh 1 2 3 4 Region 1 represents a logical low signal. The signal may wander in a small interval. Region 2 represents a monotonically rising signal. Region 3 represents a logical high signal. Region 4 represents a monotonically falling signal. Brockett’s annulus allows entire families of signals to be specied. FMCAD 2007 — 14 Nov 2007 — Circuit Level Verication of a High-Speed Toggle – p.13/22 Brockett’s Annulus V V 2 1 Vh V t 3 Vl 4 Vl Vh 1 2 3 4 1 Region 1 represents a logical low signal. The signal may wander in a small interval. Region 2 represents a monotonically rising signal. Region 3 represents a logical high signal. Region 4 represents a monotonically falling signal. Brockett’s annulus allows entire families of signals to be specied. FMCAD 2007 — 14 Nov 2007 — Circuit Level Verication of a High-Speed Toggle – p.13/22 Brockett Data Sheets V V 2 . 1 .. Vh V t 3 ... Vl 4 Vl Vh 1 2 3 4 1 The left and right boundaries of region 1 give min and max logical low level. The left and right boundaries of region 3 give min and max logical high level. The upper boundary of region 2 gives the minimum rise time. The lower boundary of region 2 gives the maximum rise time. The upper and lower boundaries of region 4 give the maximum and minimum fall times respectively. FMCAD 2007 — 14 Nov 2007 — Circuit Level Verication of a High-Speed Toggle – p.14/22 Circuit Models Model MOS circuits as a collection of voltage controlled current sources Current function is obtained by simulating TSMC 180nm, 1.8 volt, bulk CMOS process Linearize the current function AV + b − u ≤ ids(V ) ≤ AV + b + u Time derivative of voltage V̇ = i1 i2 C iC # i1 + i2 C −1 · Ic FMCAD 2007 — 14 Nov 2007 — Circuit Level Verication of a High-Speed Toggle – p.15/22 Verification Strategy Separate verication into four phases One phase for each transition of Φ. Assume bounding hyperrectangle for start of phase. Establish bounding hyperrectangle at end of phase. Containment establishes invariant set. Allows parallel execution and parallel debugging. Use invariant set to show that Brockett-ring at input implies Brockett-ring at output. BUT overapproximation errors need to be managed Slicing Multiple models FMCAD 2007 — 14 Nov 2007 — Circuit Level Verication of a High-Speed Toggle – p.16/22 Slicing Partition the reachable space along a critical variable: # # 2 . 1 .. Vh t # 3 4 Vl ... Vl Vh 1 2 3 4 1 Large range of Φ leads to large approximation error in linear model. Partition reachable space by intervals of Φ. FMCAD 2007 — 14 Nov 2007 — Circuit Level Verication of a High-Speed Toggle – p.17/22 Multiple Models !3 6 x 10 current model 1 model 2 5 current 4 3 2 1 0 !1 !2 0 0.2 0.4 0.6 0.8 1 1.2 1.4 1.6 1.8 vg Negative current from source to drain caused by overapproximation of linearization. Use multiple models to reduce error. Intersect the projectagons to eliminate non-physical states. FMCAD 2007 — 14 Nov 2007 — Circuit Level Verication of a High-Speed Toggle – p.18/22 The Invariant Set Red: Hyperrectangles at beginning of each phase. Blue: Hyperrectangles at end of each phase. An invariant set with twice the period of the clock has been established. FMCAD 2007 — 14 Nov 2007 — Circuit Level Verication of a High-Speed Toggle – p.19/22 Brockett Ring at z 10 4 x 10 3 2 1 z 0 6 $ xx $ 10 y 6 q z 10 yy x 20 10 $ 10 10 36 !1 !2 zz !3 6 $ 10 10 !4 0 0.2 0.4 0.6 0.8 1 1.2 1.4 1.6 1.8 Construct the brockett annulus for z, ignoring the inverter Perform a separate reachability analysis for the output inverter Arbitrary ripple counter FMCAD 2007 — 14 Nov 2007 — Circuit Level Verication of a High-Speed Toggle – p.20/22 2 Brockett Ring at q 10 4 x 10 3 2 6 $ xx $ 10 6 q z 10 yy x 20 10 y qdot (volt/second) z $ 10 10 36 1 0 !1 !2 zz !3 6 $ 10 10 !4 0 0.2 0.4 0.6 0.8 1 1.2 1.4 1.6 q (volt) Construct the brockett annulus for z, ignoring the inverter Perform a separate reachability analysis for the output inverter Arbitrary ripple counter FMCAD 2007 — 14 Nov 2007 — Circuit Level Verication of a High-Speed Toggle – p.20/22 1.8 Experience from the Toggle Coho works for moderate dimensional systems. Topological properties provide a mathematically rigorous abstraction from continuous to discrete models. Leakage current included in the circuit model. We found that we needed to add keepers to the circuit. Slicing and multiple models improved accuracy of linearization to enable successful verication. Seven-dimensional record sets a record – looks like we have headroom for more. Verication process currently involves substantial manual effort – more automation needed before useful in practice. FMCAD 2007 — 14 Nov 2007 — Circuit Level Verication of a High-Speed Toggle – p.21/22 Conclusion and Future Work Conclusion Demonstrate a new reachability method to verify a real circuit Model the circuit with SPICE-level, non-linear differential equations. Projection based representation of reachable space Digital behavior corresponds to topological properties of invariant sets in the continuous space Future Work Improve performance Exploit parallelism Develop more accurate circuit model Verify more circuits Apply Coho to hybrid systems Compare with other tools FMCAD 2007 — 14 Nov 2007 — Circuit Level Verication of a High-Speed Toggle – p.22/22

Document

Related documents

Products

Support

Document

Related documents

Add this document to collection(s)

Add this document to saved

Suggest us how to improve StudyLib