Recently the CDNLive! India 2011 best paper award winner, "Complex IP Verification Methodology Using Property Driven Simulation in IEV," was published in TechOnline India. This is great news for the verification community because the techniques the NVidia authors describe have broad applications beyond the challenging memory controller project that was the subject of the article. Specifically, this case study shows how combining formal analysis and simulation can leverage the strengths of each technology, such that together they deliver significantly more value than each one of them could separately. Here are some specific highlights/take-aways from this ground-breaking work.
Charlie Huang, Cadence senior VP, presents CDNLive! India best paper award to Deepanjan Roy (NVidia) as Jaswinder Ahuja (Cadence) looks on.
The first major benefit from mixing formal and simulation comes in development of a constraint model. In general, "over constrained" verification environments are a common problem in formal verification, where (as described by this prior Team Verify post) the risk is that the results will be of low value -- and could even be misleading. While formal-only methodologies are tedious in addressing this issue, this paper clearly shows how using simulation waveforms and deadend debugging are a very effective and practical way to address this major issue.
The real efficiency of this particular process is evident when you realize that the stimulus for these simulations was automatically derived by Incisive Enterprise Verifier (IEV) directly from the users' properties/assertions. Additionally, the creation of "soft-constraints" is supported, such that if there is a conflict with normal constraint the soft constraint(s) are ignored during simulation. You can also control inputs distribution using this feature -- as the authors state, "this allows tuning simulation to find or reproduce real complex bugs."
Once the (machine generated, known good) stimulus starts going through your IP, this becomes a major confidence booster. As such, engineers can quickly see if the given IP behavior is consistent with the specified intent. The paper then goes on to describe how the benefits of this process carry forward from verification of the IP core and into the connecting protocols.
(Ed.Note: Team Verify uses the term "assertion-driven simulation" (ADS) to describe this capability and methodology instead of "property-driven simulation" used in the paper. The two terms refer to the exact same thing.)
Fast-forward to the end of the project, and the verification signoff was done using a simulation based coverage matrix. However, while simulation obviously made a substantial contribution here, formal analysis was used to find verification points of interest. In short, simulation in IEV is not only constrained random, but formal engine assisted also; the two technologies together gave the authors the power to achieve higher coverage goals. The result: the authors report that "four functional bugs were caught during this analysis on this heavily simulated design."
These are but a few highlights from a rich and informative case study that don't do the paper justice. As such, I strongly encourage you to give the article a closer look -- you'll be glad you did.
Regards,
Vinaya Singh
Architect
Cadence R&D
For Team Verify
On Twitter: http://twitter.com/teamverify, @teamverify
And now you can "Like" us on Facebook too:
http://www.facebook.com/pages/Team-Verify/298008410248534
Reference Links
CDNLive India 2011 proceedings
Make Assertions Come Alive with Assertion-Driven Simulation
Video Demo: Introducing Assertion-Driven Simulation
The Role of Coverage in Formal Verification, Part 1 of 3 -- Over Constraining & Under Constraining
Video: Meet Incisive Enterprise Verifier R&D Architect Vinaya Singh