Three pillars of a methodology that focuses on bug prevention.
We are in the midst of a verification crisis manifested by a growing gap between verification efficiency and effectiveness. This crisis cannot be solved through improvements in verification methodologies and techniques alone. Indeed, it requires a philosophical change in the way we approach design, with an emphasis on bug prevention. We refer to this fundamental change as design using intent-focused insight, or design+intent.
A development lifecycle that incorporates design+intent does not make verification any less important than it has been. In fact, the goal of a design+intent process is to improve verification efficiency by decreasing bug density, which impacts downstream processes, and consequently reduces cost. While a design+intent bug prevention strategy encompasses all aspects of IC design, there are design solutions that exist today with a principal focus on improving RTL quality, such as static analysis.
Static analysis is a non-simulation-based testing activity in which the RTL code is analyzed for defects ranging from non-compliance with the specification to those known to be associated with design bugs. Static analysis can also be used to find incorrect transformations as the design progresses through various implementation phases. Fully automated static analysis solutions range from lightweight tools, such as lint, to advanced bug-hunting static-analysis tools that use formal technology.
The value in adopting static analysis solutions is a significant improvement in verification debugging efficiency due to the reduction of bugs during RTL handoff. Static analysis is an easy-to-adopt first step of a project’s overall design+intent bug prevention strategy.
The design+intent solution is built on three functional pillars, as shown in figure 1. The first pillar consists of a process that produces the correct design intent during construction to minimize bugs. The second pillar proves that the designer’s intent and requirements are met early in the development lifecycle. And the third pillar protects (or preserves) the design intent as the design progresses through the various stages of the development lifecycle.
Fig. 1: Three pillars of a design+intent methodology.
The design+intent methodology begins with the exploration of various solutions for the Produce pillar. The first solution could be to raise the level of design abstraction while leveraging high-level synthesis whenever possible. By leveraging a higher-level language (HLL), such as C/C++, we reduce the number of lines of code that are required to describe the design. Yet not all design blocks lend themselves to high-level synthesis. Hence, another key part of the Produce pillar is an HDL design environment that integrates deep analysis capabilities into the creation process. These can quickly assess new and reused code quality to prevent bugs during development.
The Prove pillar is the core of a design+intent solution. It provides the insight that ensures the designer’s intent is met. The analysis performed in the Prove pillar falls into two major categories. The first category involves RTL code syntactic, semantic, stylistic, and structural analyses, which identify coding or methodology errors that are costlier to find and fix after the code is checked into the regression. The second category employs sequential analysis, which leverages advanced bug-hunting static-analysis and formal technology, enabling engineers to identify complex corner-case bugs associated with concurrency. A few examples of bugs found using sequential analysis include combinatorial loops, FSM deadlocks, arithmetic overflow, and indexing issues. The key point is that by leveraging sequential analysis design solutions these bugs can be found and fixed during the coding stage without the need to create a simulation testbench.
The Protect pillar consists of analysis tools that ensure the intent of the design is retained throughout the entire development life cycle; for example, identifying new metastability issues potentially introduced during the synthesis and implementation process.
One recommendation when adopting a design+intent methodology is to automatically build these analyses into a continuous integration flow, which ensures that the design is protected from faulty changes when moving from creation to completion. This is easily accomplished since the automatic static analysis tools contained in the various pillars generally involve simple or no constraints and do not require manual interactions to operate. Indeed, it is possible to implement a set of light high-value checks as a gatekeeper to any regression check-in. This can be followed by deeper analyses for daily and weekend regression runs, while the deepest checks can be performed prior to committing the design to the more intensive and expensive prototyping and emulation stages that are often used for hardware/software co-design and system validation.
Finding a path out of the verification crisis requires a philosophical change throughout the development lifecycle with a foundation built on bug prevention. To begin this journey, we propose that projects focus on design+intent solutions, such as static analysis, that promote more consistent development cycles and faster verification convergence by improving RTL quality.
To learn more about the roots of the verification crisis and the context of our solution, please visit siemens.com to read the full paper, Out of the Verification Crisis—Improving RTL Quality.
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
Leave a Reply