

# **Automated Specification Driven Verification** by Generation of SystemVerilog Assertions Ferdinando Pace, Senior ASIC Designer, SENSIRION AG, ferdinando.pace@sensirion.com

### A1. ABSTRACT

The ATG tool is described that automatically generates both testbench and **SystemVerilog assertions** checking signal timing specifications in Excel format.

- The timing specifications can be **dependent on programmable** parameters
- The generated SystemVerilog assertions cover all parameter combinations.
- Multi-clocked timing specifications are supported.
- A compact description for long timing sequences (e.g. periodic signals) is provided.
- ATG is used by SENSIRION to verify signal timings specified to drive an **A/D converter.**
- ATG can be used to verify signal timing specifications of analog/mixed-signal or digital IPs.

### A2. PROBLEM: VERIFY COMPLEX SIGNAL TIMING

Analog/mixed-signal IPs often require complex signal timing.

Below it is described a timing sequence for an A/D converter using 4 phases (idle, reset, settling, Conversion) in which 3 signals (RESET, SETTLING, CHOP) are driven according to programmable parameters expressed in clock cycles.

| RESET                      |      |                                      |                |                                                |
|----------------------------|------|--------------------------------------|----------------|------------------------------------------------|
| SETTLING                   |      |                                      |                |                                                |
| СНОР                       |      |                                      | <br> <br> <br> |                                                |
| Duration<br>In clock cycle | S    | <b>←</b> <sup>1</sup> <sub>2</sub> → | <b>3</b><br>4  | $\begin{array}{c} 32 \\ 64 \\ 128 \end{array}$ |
| phase                      | idle | reset                                | settling       | Conversion                                     |

The verification effort increases significantly depending on the number of parameter combinations allowed.

#### **B. SOLUTION** What is the Assertion&TestBenchGenerator tool? • INPUT: signal timing specification in XLS format (4 sheets per XLS file) • OUTPUT1: **SVA**ssertions describing the signal timing specification h verifying the **SVA**ssertions OUTPUT2: Testb SPEC2.xls ATG SPEC1.xls Testbench.py tbench.sv 1. Parameters 2. Clocks → SVAssertions.sv Assertion.py 3. Assertion 4. Timings Why to use it ? • Written in Python: open source • Push-button Specification2Verification tool: – Assertion.py -i DSP -x SPEC1.xls -o SVAssertions.sv — Testbench.py -i DSP -x SPEC1.xls -x SPEC2.xls -o Testbench.sv • Easy integration into existing simulation environment • Verify complex, parametric and multi-clocked signal timing specifications • Suitable for AMS IPs (e.g. A/D converter, switched cap filters) E. RESULTS • ATG was used to verify the timing of **chopping** signals, dependent on **several** programmable parameters (reset time, settling time, oversampling ratio, chopping frequency) that were specified to drive an A/D converter in a SENSIRION chip. ATG demonstrated to lower the time required to reach 100% verification coverage: SystemVerilog properties from 3 XLS files were automatically generated to allow the verification of 256 parameter combinations FEDERER SERVE DIRECTION 📕 Ace \ominus 1st Serve 📕 2nd Serve



# **A3. VERIFICATION CHALLENGE**

- Typically, **the verification process** involves the following steps:
- The Specification Writer understands and writes the IP timing specification.
- The Design Engineer implements the RTL code generating the IP timing.
- The Verification Engineer verifies that the signal timing generated by the RTL code fulfills the specification for all possible parameter combinations.

**This process is very critical** because it relies on flawless communication and depends on error prone subjective generation and interpretation of the specification.

Several **verification methods** are available:

- Visual comparison of the timing diagram generated by the RTL design with the timing diagram produced by the Specification Writer: this visual method is error prone by nature.
- Semi-automated comparison (with specific EDA tools) of the simulation database generated by the RTL design with the simulation database generated **N** by the IP level testbench: **the result analysis is difficult**.
- Assertions development (e.g. Verilog, SystemVerilog, PSL) to verify the timing diagram: the handcrafted development of assertions is time consuming.

# **A5. AUTOMATED VERIFICATION REQUIREMENTS**

A rigorous flow from the objective specification to the verification is required.

This flow is ideally implemented using an automated tool which satisfies the following requirements:

- Unique, objective, unambiguous description of specification
- **User friendly**, ideally an automated flow once the specification is available
- **Cheap**, open source tools
- **Easy to integrate** into existing project simulation environment
- **Flexible**, it accepts programmable on-chip parameters, multiple clock sources
- **Exhaustive**, all possible combinations for programmable on-chip parameters are covered
- Self-checking, automatically generated assertion statements can be tested stand-alone before being integrated into the simulation environment

# C. INPUT SHEETS REQUIRED BY ATG

### 1. Parameters

| IP             | ``  | <b>`DSP</b> | <b>`DSP</b>  | `DSP    |
|----------------|-----|-------------|--------------|---------|
| SIGNAL NAME    | S   | SE          | CV           | СН      |
| SIGNAL WIDTH   |     |             | [2:0]        | [2:0]   |
|                | (   | C           | 0            | 3       |
| values         | 1   | 1           | 1            | 5       |
| values         |     |             | 2            |         |
|                |     |             |              |         |
| 2. Clocks      |     |             | <b>3.</b> As | sertion |
| CLOCK NAME CK1 |     |             | A_CHC        | )P      |
| Phase delay    | 0ns |             |              |         |
| High pulso     | Enc |             |              |         |

Parameter combinations:

- SE=0, CV=0, CH=3 2. SE=0, CV=0, CH=5
- 3. SE=0, CV=1, CH=3
- 4. SE=0, CV=1, CH=5
- 5. SE=0, CV=2, CH=3
- SE=0, CV=2, CH=5 🚺
- 7. SE=1, CV=0, CH=3
- 8. SE=1, CV=0, CH=5 9. SE=1, CV=1, CH=3
- 10. SE=1, CV=1, CH=5
- 11. SE=1, CV=2, CH=3
- 12. SE=1, CV=2, CH=5

# 4. Timings (template)

ow Pulse 5ns

| DISABLE   | TRIGGER   | GROUP<br>NAME | GROUP<br>VALUE | ROW<br>NAME | row<br>Value | SIGNAL<br>A | <br>SIGNAL<br>N | EVENT |
|-----------|-----------|---------------|----------------|-------------|--------------|-------------|-----------------|-------|
| condition | condition |               |                |             |              |             |                 | Е     |
|           |           |               |                |             | Rvalue       | Svalue      | <br>Svalue      | Е     |
|           |           | Gname         | Gvalue         | Rname       | Rvalue       | Svalue      | <br>Svalue      | Е     |
|           |           | Gname         | Gvalue         | Rname       | Rvalue       | Svalue      | <br>Svalue      | Е     |
|           |           |               |                |             |              |             | <br>            |       |
|           |           | Gname         | Gvalue         | Rname       | Rvalue       | Svalue      | <br>Svalue      | Е     |
|           |           |               |                |             |              |             |                 | E     |

#### Gvalue, Rvalue:

a) Function of Parameter Sheet

b) Sequence Repetition Expression:

[\*N] [\* N : M ] [\* N : \$ ]

[=N] [-> N ]

value: a) Verilog value b) don't care "-"

n capturing event for the <u>previous</u> row E is the as **E** is the **sequence** launching event for the <u>current</u> row

A4. SPECIFICATION2VERIFICATION: HARD TEAMWORK!

Several players involved editing and understanding the specification: time consuming & error prone Several on-chip programmable parameters affect the specification: big effort to reach 100% coverage

=> ATG is the solution !



D. EXAMPLE

## **Timings** sheet

| DISABLE         | TRIGGER                   | GROUP NAME | GROUP VALUE | ROW NAME  | ROW VALUE | СНОР         | SETTLING | RESET | EVENT               |
|-----------------|---------------------------|------------|-------------|-----------|-----------|--------------|----------|-------|---------------------|
| `DSP.RESET == 1 | \$fell(Assertion_Trigger) |            |             |           |           |              |          |       | @(posedge `DSP.CK1) |
|                 |                           |            |             | reset     | [* 2 ]    | 1'b1         | 1'b1     | 1'b0  | @(posedge `DSP.CK1) |
|                 |                           |            |             | settling  | SE+3      | 1'b1         | 1'b0     | 1'b0  | @(posedge `DSP.CK1) |
|                 |                           | Conversion | 2**CV       | chop_low  | 10-CH     | <b>1'b</b> 0 | 1'b0     | 1'b0  | @(posedge `DSP.CK1) |
|                 |                           | Conversion | 2**CV       | chop_high | CH        | 1'b1         | 1'b0     | 1'b0  | @(posedge `DSP.CK1) |
|                 |                           |            |             |           |           |              |          |       | @(posedge `DSP.CK1) |

# **SystemVerilog assertion property** generated by ATG from:

# Timings sheet

E CHOF

------

·····• RESET

Parameters, Clocks, Assertion sheets in Table C. Parameter values: SE=0, CV=2, CH=3

| Ι |                                             |                                                       |  |  |  |  |  |  |
|---|---------------------------------------------|-------------------------------------------------------|--|--|--|--|--|--|
|   | property A_CHOP_DSP_SE                      | _0CV_2CH_3;                                           |  |  |  |  |  |  |
|   | disable iff (`DSP.RESE                      |                                                       |  |  |  |  |  |  |
|   | (@( <b>posedge</b> `DSP.CK1) (              | <pre>\$fell(Assertion_Trigger) &amp;&amp; `DSP.</pre> |  |  |  |  |  |  |
|   | ( <b>posedge</b> )DSP CK1)                  | ( CHOP==1'b1 && SETTLING==1'b1                        |  |  |  |  |  |  |
|   |                                             | ( CHOP==1'b1 && SETTLING==1'b0                        |  |  |  |  |  |  |
|   |                                             |                                                       |  |  |  |  |  |  |
|   |                                             | ) ( CHOP==1'b0 && SETTLING==1'b0                      |  |  |  |  |  |  |
|   | @( <b>posedge</b> `DSP.CK1                  | ) ( CHOP==1'bl && SETTLING==1'b0                      |  |  |  |  |  |  |
|   | ); endproperty                              |                                                       |  |  |  |  |  |  |
|   | ,,FFFZ                                      |                                                       |  |  |  |  |  |  |
|   | Signal waveforms of the tes                 | stbench generated by ATG from:                        |  |  |  |  |  |  |
|   | • Timings sheet above.                      |                                                       |  |  |  |  |  |  |
|   | s mings sheet above.                        |                                                       |  |  |  |  |  |  |
|   | <ul> <li>Parameters, Clocks, Ass</li> </ul> | sertion sheets in Table C. Parameter valu             |  |  |  |  |  |  |
|   |                                             |                                                       |  |  |  |  |  |  |
|   | :                                           |                                                       |  |  |  |  |  |  |
|   | ⊞                                           | ¥ 2                                                   |  |  |  |  |  |  |
|   |                                             |                                                       |  |  |  |  |  |  |
|   | 亩                                           |                                                       |  |  |  |  |  |  |
|   | CK1                                         |                                                       |  |  |  |  |  |  |
|   |                                             |                                                       |  |  |  |  |  |  |
|   |                                             |                                                       |  |  |  |  |  |  |







## lues: SE=0, CV=2, CH=3