High-end hardware design flows mandate a variety of sequential transformations to address needs such as performance, power, post-silicon debug and test. Industrial demand for robust sequential equivalence checking (SEC) solutions is thus becoming increasingly prevalent. In this paper, we discuss the role of SEC within IBM. We motivate the need for a highly-automated scalable solution, which is robust against a variety of design transformations – including those that alter initialization sequences. This motivation has caused us to embrace the paradigm of SEC with respect to designated initial states. We furthermore describe the diverse set of algorithms comprised within our SEC framework, which we have found necessary for the automated solution of the most complex SEC problems. Finally, we provide several experiments illustrating the necessity of our diverse algorithm flow to efficiently solve difficult SEC problems involving a variety of design transformations. I.

Abstract. In the VAMP (verified architecture microprocessor) project we have designed, functionally verified, and synthesized a processor with full DLX instruction set, delayed branch, Tomasulo scheduler, maskable nested precise interrupts, pipelined fully IEEE compatible dual precision floating point unit with variable latency, and separate instruction and data caches. The verification has been carried out in the theorem proving system PVS. The processor has been implemented on a Xilinx FPGA. 1

We consider the problem of optimal netlist simplification in the presence of constraints. Because constraints restrict the reachable states of a netlist, they may enhance logic minimization techniques such as redundant gate elimination which generally benefit from unreachability invariants. However, optimizing the logic appearing in a constraint definition may weaken its state-restriction capability, hence prior solutions have resorted to suboptimally neglecting certain valid optimization opportunities. We develop the theoretical foundation, and corresponding efficient implementation, to enable the optimal simplification of netlists with constraints. Experiments confirm that our techniques enable a significantly greater degree of redundant gate elimination than prior approaches (often greater than 2×), which has been key to the automated solution of various difficult verification problems.

For my wife Eres mi vida, mi alma, y mi corazón. Acknowledgements This work on the design and implementation of the new floating-point fused multiply-add architectures would not be possible without the knowledge, expertise, and support of the following people: First and foremost Leslie K. Quinnell, my wife – for her unwavering patience, understanding, and support throughout the lifetime of this project. Supervisors Dr. Earl E. Swartzlander, Jr., The University of Texas at Austin – for his wisdom and unparalleled knowledge in the field of computer arithmetic, as well as for single-handedly convincing a student to pursue a wild new idea. Carl Lemonds, Advanced Micro Devices – for his vast experience and expertise in the

Abstract — This paper addresses the presence of logic which has relevance only during initial time frames in a hardware design. We examine transient logic in the form of signals which settle to deterministic constants after some prefix number of time frames, as well as primary inputs used to enumerate complex initial states which thereafter become irrelevant. Experience shows that a large percentage of hardware designs (industrial and benchmarks) have such logic, and this creates overhead in the overall verification process. In this paper, we present automated techniques to detect and eliminate such irrelevant logic, enabling verification efficiencies in terms of greater logic reductions, deeper Bounded Model Checking (BMC), and enhanced proof capability using induction and interpolation. I.

Abstract. Most computer-aided design frameworks rely upon building BDD representations from netlist descriptions. In this paper, we present efficient algorithms for building BDDs from netlists. First, we introduce a dynamic scheduling algorithm for building BDDs for gates of the netlist, using an efficient hybrid of depth- and breadth-first traversal, and constant propagation. Second, we introduce a dynamic algorithm for optimally leveraging constraints and invariants as don’tcares during the building of BDDs for intermediate gates. Third, we present an automated and complete case splitting approach which is triggered by resource bounds. Unlike prior work in case splitting which focused upon variable cofactoring, our approach leverages the full power of our don’t-caring solution and intelligently selects arbitrary functions to apply as constraints to maximally reduce peak BDD size while minimizing the number of cases to be explored. While these techniques may be applied to enhance the building of BDDs for arbitrary applications, we focus on their application within cycle-based symbolic simulation. Experiments confirm the effectiveness of these synergistic approaches in enabling optimal BDD building with minimal resources. 1

Abstract not found

Over the last few years, there has been a noticeable uptick in the use of formal verification to augment dynamic verification. Given that both techniques leverage assertions [1, 2], one would assume that there would be a great deal of collaboration between dynamic testbenches and formal property checking, the user teams and the tools. Indeed, a DVCon 2009 panel discussed mixing the two – thus the title of this special technology report (STR). In this STR, we dig down to the use case level to determine how formal is being used, and how it augments dynamic verification. We used 17 use cases ranging from early RTL analysis to functional sign-off to survey 19 engineers and engineering managers at 16 industry-leading IP, chip and systems design companies to understand their formal adoption and use in 2006 and 2009, and projected use in 2012. We also interviewed respondents from 9 of those companies to gain even more detailed insight. Of course, the user responses apply only to their individual groups, not necessarily throughout their multi-divisional companies. We found that there is certainly collaboration between simulation and formal verification, but “mixing ” might be a bit of an overstatement at this stage. The methodologies, standard common coverage metrics, and tool interoperability required by true mixing are in a distinctly embryonic stage of development. The good news is that formal verification has developed to a level of usefulness and maturity at which design and verification teams want to mix it with tried and more-or-less trusted dynamic verification. What has changed in formal verification to make this possible? In part 1 of this STR, we: Discuss the upper-level results of our use case survey. Learn from the respondents why formal is enjoying increased adoption. Review formal’s sweet ‘n ’ sour spots and how the sweet spots are expanding.

This article describes how formal verification techniques significantly improved the verification productivity and quality of a complex HW/SW interface- traditionally verified using simulation-based methods- in a large SDH/SONET communications chip. The interface consisted of 31 distributed register map blocks, presenting a challenging verification task. The formal verification approach reduced our verification effort and time by 70 percent compared to simulation, improved verification quality, and eliminated tedious and error-prone human involvement. The effort saving is even greater when regression tests are taken into account. As a result, we now routinely use both formal verification and conventional simulation-based verification, exploiting the complementary strengths of both approaches. The choice of approach is determined by criteria such as logic complexity, gate count, criticality and the potential for faster results. The Alcatel-Lucent facility in Nürnberg designs large, state-of-the-art ASICs and FPGAs for next-generation telecommunication equipment. Not only are such designs growing more complex, but so is their verification. Alcatel-Lucent continuously invests in improvements for its functional RTL verification flow to meet these continuously growing verification challenges. Consequently, we joined with other companies and research institutes to initiate an industry collaboration – named HERKULES – to achieve zero-defect development of hardware systems. We leveraged our HERKULES experience and technology in this project to verify the complex HW/SW interface. The Approach Telecommunication ASICs often incorporate a large number of registers which are used for communication with the system processor. Typically, the processor uses the aforementioned HW/SW interface to initiate a particular system function or to monitor system behavior. The register count may exceed 20,000 registers per device, with each register possessing tens of

Over the last few years, there has been a noticeable uptick in the use of formal verification to augment dynamic verification. Given that both techniques leverage assertions [1, 2], one would assume that there would be a great deal of collaboration between dynamic testbenches and formal property checking, the user teams and the tools. Indeed, a DVCon 2009 panel discussed mixing the two – thus the title of this special technology report (STR). In this STR, we dig down to the use case level to determine how formal is being used, and how it augments dynamic verification. We used 17 use cases ranging from early RTL analysis to functional sign-off to survey 19 engineers and engineering managers at 16 industry-leading IP, chip and systems design companies to understand their formal adoption and use in 2006 and 2009, and projected use in 2012. We also interviewed respondents from 9 of those companies to gain even more detailed insight. Of course, the user responses apply only to their individual groups, not necessarily throughout their multi-divisional companies. We found that there is certainly collaboration between simulation and formal verification, but “mixing” might be a bit of an overstatement at this stage. The methodologies, standard common coverage metrics, and tool interoperability required by true mixing are in a distinctly embryonic stage of development. The good news is that formal verification has developed to a level of usefulness and maturity at which design and verification teams want to mix it with tried and more-or-less trusted dynamic verification. What has changed in formal verification to make this possible?