John Havlicek

Some complexity results for systemverilog assertions

SystemVerilog Assertions (SVA) is a linear temporal logic within the recently approved IEEE 1800 SystemVerilog standard. The complexities of the satisfiability and model-checking problems are studied for a basic subset of (SVA) and for extensions of the basic subset obtained by adding each of the following features: local variables, regular expression intersection, quantified variables, and property declarations with arguments. It is shown that the complexities for the basic subset are PSPACE-complete, while the complexities increase to EXPSPACE-complete in each of the extensions. Alternating Buchi automata constructions provide the upper bounds, while reductions from PSPACE and EXPSPACE tiling problems provide the lower bounds.

A topological characterization of weakness

We are interested in the relation between weak and strong temporal operators. We would like to find a characterization that shows what it means for an operator to be the weak or strong version of another operator, or more generally for a formula to be a weak or strong version of another formula. We show that the weak version of a formula is not the same as Alpern and Schneiders safety component. By working over an extended alphabet, we show that their topological characterization of safety can be adapted to obtain a topological characterization of weakness. We study the resulting topology and the relations between weak and strong formulas. Finally, we apply the method to show the internal consistency of a logic containing both weak and strong versions of regular expressions.

Synchronizing AMS Assertions with AMS Simulation: From Theory to Practice

The verification community anticipates the adoption of assertions in the Analog and Mixed-Signal (AMS) domain in the near future. Several questions need to be answered before AMS assertions are brought into practice, such as: (a) How will the languages for AMS assertions be different from the ones in the digital domain? (b) Does the analog simulator have to be assertion aware? (c) If so, then how and where on the time line will the AMS assertion checker synchronize with the analog simulator? and (d) What will be the performance penalty for monitoring AMS assertions accurately over analog simulation? This article attempts to answer these questions through theoretical analysis and empirical results obtained from industrial test cases. We study logics which extend Linear Temporal Logic (LTL) with predicates over real variables, and show that further extensions allowing the binding of real-valued variables across time makes the logic undecidable. We present a toolkit which can integrate with existing AMS simulators for checking AMS assertions on practical designs. We study the problem of synchronizing the AMS simulator with the AMS assertion checker and demonstrate the performance penalty of different synchronization options.

Safety and Liveness, Weakness and Strength, and the Underlying Topological Relations

We present a characterization that shows what it means for a formula to be a weak or strong version of another formula. We show that the weak version of a formula is not the same as Alpern and Schneiders safety component, but can be achieved by taking the closure in the Cantor topology over an augmented alphabet in which every formula is satisfiable. The resulting characterization allows us to show that the set of semantically weak formulas is exactly the set of nonpathological safety formulas. Furthermore, we use the characterization to show that the original versions of the ieee standard temporal logics psl and sva are broken, and we show that the source of the problem lies in the semantics of the sere intersection and fusion operators. Finally, we use the topological characterization to show the internal consistency of the alternative semantics adopted by the latest version of the psl standard.

Introduction to Assertion Based Formal Verification

In this and the following chapter, we probe deeper into the principles of formal assertion-based verification: its methods of application, formal semantics of assertions, and underlying models and algorithms. In this chapter our objective is to familiarize the reader with the terminology as well as the methodologies that have proven to be indispensable for many design groups.

SystemVerilog Language Overview

This chapter introduces some important SystemVerilog features that are often needed for writing assertions, or used in conjunction with assertions to support other tasks.

An Apology for Local Variables

This chapter gives an intuitive introduction to SystemVerilog Assertion local variables based on examples. Local variables are a powerful feature of SVA that enable an assertion to capture the value of an expression at a specified point in its evaluation and store that value for later reference or modification. While local variables do not increase the theoretical expressive power of SVA, they do make the encoding of many assertions much easier, and they help to avoid the need to create auxiliary state machines to support assertions.

Let, Sequence and Property Declarations; Inference

In SystemVerilog, modules, programs, interfaces, checkers, functions, and tasks provide means for reuse, and for abstracting and hiding details. SystemVerilog assertions provide such means too. This is achieved using parameterized let, sequence, and property declarations. Their argument lists as well as instantiation semantics are quite different from the other reuse features. In addition, certain kinds of actual arguments can be inferred from the instantiation context. Similar to sequences and properties, let declarations allow to abstract expressions, making code more readable and reusable. let can be used anywhere, not only in assertions. One of their intended uses is for defining reusable parameterizable expressions for immediate and deferred assertions.

SystemVerilog Language and Simulation Semantics Overview

SystemVerilog language evolved from Verilog with three main goals: 1. To add features for describing test benches such that the stimulus generation portion of verification can go hand in hand with the design portion, replacing troublesome ad-hoc means for generating stimuli. Testbenches are often written using Verification Programming Interface(VPI) [7] to connect to external means such as verification languages, C/C + + programs [53], and scripts. 2. To add features for checking the expected behavior in simulation and formal methods. These features are related to assertions. 3. To simplify expressing hardware designs by providing language constructs such as struct typedef, and new variants of always procedure.

Debugging Assertions and Efficiency Considerations

Properties and sequences allow us to describe complex behaviors in a very compact declarative form. That form is quite different from the procedural style used for writing RTL and other design models as well as test benches. Thus, assertions may also need a different style for debugging them. Issues related to the run time and memory overheads for complex temporal assertions also need to be addressed. The same behavior may be expressed using different assertions. Each may have different efficiency in formal verification and simulation. We discuss both debugging and efficiency in this chapter.