Automated design flow for applying triple modular redundancy in complex semi-custom digital integrated circuits / Fluxo de projeto automatizado para aplicar redundância modular tripla em circuitos semicustomizados complexos

Benites, Luis Alberto Contreras

January 2018

Os efeitos de radiação têm sido um dos problemas mais sérios em aplicações militares e espaciais. Mas eles também são uma preocupação crescente em tecnologias modernas, mesmo para aplicações comerciais no nível do solo. A proteção dos circuitos integrados contra os efeitos da radiação podem ser obtidos através do uso de processos de fabricação aprimorados e de estratégias em diferentes estágios do projeto do circuito. A técnica de TMR é bem conhecida e amplamente empregada para mascarar falhas únicas sem detectálas. No entanto, o projeto de circuitos TMR não é automatizado por ferramentas EDA comerciais e até mesmo eles podem remover parcial ou totalmente a lógica redundante. Por outro lado, existem várias ferramentas que podem ser usadas para implementar a técnica de TMR em circuitos integrados, embora a maioria delas sejam ferramentas comerciais licenciadas, convenientes apenas para dispositivos específicos, ou com uso restrito por causa do regime ITAR. O presente trabalho pretende superar esses incovenientes, para isso uma metodologia é proposta para automatizar o projeto de circuitos TMR utilizando um fluxo de projeto comercial. A abordagem proposta utiliza um netlist estruturado para implementar automaticamente os circuitos TMR em diferentes níveis de granularidade de redundância para projetos baseados em células e FPGA. A otimização do circuito TMR resultante também é aplicada com base na abordagem do dimensionamento de portas lógicas. Além disso, a verificação do circuito TMR implementado é baseada na verificação de equivalência e garante sua funcionalidade correta e sua capacidade de tolerancia a falhas simples. Experimentos com um circuito derivado de HLS e uma descrição ofuscada do soft-core ARM Cortex-M0 foram realizados para mostrar o uso e as vantagens do fluxo de projeto proposto. Diversas questões relacionadas à remoção da lógica redundante implementada foram encontradas, bem como o impacto no incremento de área causado pelos votadores de maioria. Além disso, a confiabilidade de diferentes implementações de TMR do soft core ARM sintetizado em FPGA foi avaliada usando campanhas de injeção de falhas emuladas. Como resultado, foi reforçado o nível de alta confiabilidade da implemntação com mais fina granularidade, mesmo na presença de até 10 falhas acumuladas, e a menor capacidade de mitigação correspondente à replicação de flip-flops apenas. / Radiation effects have been one of the most serious issues in military and space applications. But they are also an increasing concern in modern technologies, even for commercial applications at the ground level. Protection or hardening of integrated circuits against radiation effects can be obtained through the use of enhanced fabrication processes and strategies at different stages of the circuit design. The triple modular redundancy (TMR) technique is a widely and well-known technique employed to mask single faults without detecting them. However, the design of TMR circuits is not automated by commercial electronic design automation (EDA) tools and even they can remove partially or totally the redundant logic. On the other hand, there are several tools that can be used to implement the TMR technique in integrated circuits, although most of them are licensed commercial tools, convenient only for specific devices, or with restricted use because of the International Traffic in Arms Regulations (ITAR) regimen. The present work intends to overcome these issues so a methodology is proposed to automate the design of TMR circuits using a commercial design flow. The proposed approach uses a structured netlist to implement automatically TMR circuits at different granularity levels of redundancy for cell-based and field-programmable gate array (FPGA) designs. Optimization of the resulting TMR circuit is also applied based on the gate sizing approach. Moreover, verification of the implemented TMR circuit is based on equivalence checking, and guarantee its correct functionality and its fault-tolerant capability against soft errors. Experiments with an high-level synthesis (HLS)-derived circuit and an obfuscated description of the ARM Cortex-M0 soft-core are performed to show the use and the advantages of the proposed design flow. Several issues related to the removal of the implemented redundant logic were found as well as the impact in the increment of area caused by the majority voters. Furthermore, the reliability of different TMR implementations of the ARM soft-core synthesized in FPGA was evaluated using emulated-simulation fault injection campaigns. As a result, it was reinforced the high-reliability level of the finest granularity implementation even in the presence of up to 10 accumulated faults and the poorest mitigation capacity corresponding to the replication of flip-flops solely.

Microeletrônica

Tolerancia : Falhas

Fault tolerance

FPGA

ASIC

Semicustom design flow

Equivalence checking

TMR

Radiation effects

Automated design flow for applying triple modular redundancy in complex semi-custom digital integrated circuits / Fluxo de projeto automatizado para aplicar redundância modular tripla em circuitos semicustomizados complexos

Benites, Luis Alberto Contreras

January 2018

Os efeitos de radiação têm sido um dos problemas mais sérios em aplicações militares e espaciais. Mas eles também são uma preocupação crescente em tecnologias modernas, mesmo para aplicações comerciais no nível do solo. A proteção dos circuitos integrados contra os efeitos da radiação podem ser obtidos através do uso de processos de fabricação aprimorados e de estratégias em diferentes estágios do projeto do circuito. A técnica de TMR é bem conhecida e amplamente empregada para mascarar falhas únicas sem detectálas. No entanto, o projeto de circuitos TMR não é automatizado por ferramentas EDA comerciais e até mesmo eles podem remover parcial ou totalmente a lógica redundante. Por outro lado, existem várias ferramentas que podem ser usadas para implementar a técnica de TMR em circuitos integrados, embora a maioria delas sejam ferramentas comerciais licenciadas, convenientes apenas para dispositivos específicos, ou com uso restrito por causa do regime ITAR. O presente trabalho pretende superar esses incovenientes, para isso uma metodologia é proposta para automatizar o projeto de circuitos TMR utilizando um fluxo de projeto comercial. A abordagem proposta utiliza um netlist estruturado para implementar automaticamente os circuitos TMR em diferentes níveis de granularidade de redundância para projetos baseados em células e FPGA. A otimização do circuito TMR resultante também é aplicada com base na abordagem do dimensionamento de portas lógicas. Além disso, a verificação do circuito TMR implementado é baseada na verificação de equivalência e garante sua funcionalidade correta e sua capacidade de tolerancia a falhas simples. Experimentos com um circuito derivado de HLS e uma descrição ofuscada do soft-core ARM Cortex-M0 foram realizados para mostrar o uso e as vantagens do fluxo de projeto proposto. Diversas questões relacionadas à remoção da lógica redundante implementada foram encontradas, bem como o impacto no incremento de área causado pelos votadores de maioria. Além disso, a confiabilidade de diferentes implementações de TMR do soft core ARM sintetizado em FPGA foi avaliada usando campanhas de injeção de falhas emuladas. Como resultado, foi reforçado o nível de alta confiabilidade da implemntação com mais fina granularidade, mesmo na presença de até 10 falhas acumuladas, e a menor capacidade de mitigação correspondente à replicação de flip-flops apenas. / Radiation effects have been one of the most serious issues in military and space applications. But they are also an increasing concern in modern technologies, even for commercial applications at the ground level. Protection or hardening of integrated circuits against radiation effects can be obtained through the use of enhanced fabrication processes and strategies at different stages of the circuit design. The triple modular redundancy (TMR) technique is a widely and well-known technique employed to mask single faults without detecting them. However, the design of TMR circuits is not automated by commercial electronic design automation (EDA) tools and even they can remove partially or totally the redundant logic. On the other hand, there are several tools that can be used to implement the TMR technique in integrated circuits, although most of them are licensed commercial tools, convenient only for specific devices, or with restricted use because of the International Traffic in Arms Regulations (ITAR) regimen. The present work intends to overcome these issues so a methodology is proposed to automate the design of TMR circuits using a commercial design flow. The proposed approach uses a structured netlist to implement automatically TMR circuits at different granularity levels of redundancy for cell-based and field-programmable gate array (FPGA) designs. Optimization of the resulting TMR circuit is also applied based on the gate sizing approach. Moreover, verification of the implemented TMR circuit is based on equivalence checking, and guarantee its correct functionality and its fault-tolerant capability against soft errors. Experiments with an high-level synthesis (HLS)-derived circuit and an obfuscated description of the ARM Cortex-M0 soft-core are performed to show the use and the advantages of the proposed design flow. Several issues related to the removal of the implemented redundant logic were found as well as the impact in the increment of area caused by the majority voters. Furthermore, the reliability of different TMR implementations of the ARM soft-core synthesized in FPGA was evaluated using emulated-simulation fault injection campaigns. As a result, it was reinforced the high-reliability level of the finest granularity implementation even in the presence of up to 10 accumulated faults and the poorest mitigation capacity corresponding to the replication of flip-flops solely.

Microeletrônica

Tolerancia : Falhas

Fault tolerance

FPGA

ASIC

Semicustom design flow

Equivalence checking

TMR

Radiation effects

Automated design flow for applying triple modular redundancy in complex semi-custom digital integrated circuits / Fluxo de projeto automatizado para aplicar redundância modular tripla em circuitos semicustomizados complexos

Benites, Luis Alberto Contreras

January 2018

Os efeitos de radiação têm sido um dos problemas mais sérios em aplicações militares e espaciais. Mas eles também são uma preocupação crescente em tecnologias modernas, mesmo para aplicações comerciais no nível do solo. A proteção dos circuitos integrados contra os efeitos da radiação podem ser obtidos através do uso de processos de fabricação aprimorados e de estratégias em diferentes estágios do projeto do circuito. A técnica de TMR é bem conhecida e amplamente empregada para mascarar falhas únicas sem detectálas. No entanto, o projeto de circuitos TMR não é automatizado por ferramentas EDA comerciais e até mesmo eles podem remover parcial ou totalmente a lógica redundante. Por outro lado, existem várias ferramentas que podem ser usadas para implementar a técnica de TMR em circuitos integrados, embora a maioria delas sejam ferramentas comerciais licenciadas, convenientes apenas para dispositivos específicos, ou com uso restrito por causa do regime ITAR. O presente trabalho pretende superar esses incovenientes, para isso uma metodologia é proposta para automatizar o projeto de circuitos TMR utilizando um fluxo de projeto comercial. A abordagem proposta utiliza um netlist estruturado para implementar automaticamente os circuitos TMR em diferentes níveis de granularidade de redundância para projetos baseados em células e FPGA. A otimização do circuito TMR resultante também é aplicada com base na abordagem do dimensionamento de portas lógicas. Além disso, a verificação do circuito TMR implementado é baseada na verificação de equivalência e garante sua funcionalidade correta e sua capacidade de tolerancia a falhas simples. Experimentos com um circuito derivado de HLS e uma descrição ofuscada do soft-core ARM Cortex-M0 foram realizados para mostrar o uso e as vantagens do fluxo de projeto proposto. Diversas questões relacionadas à remoção da lógica redundante implementada foram encontradas, bem como o impacto no incremento de área causado pelos votadores de maioria. Além disso, a confiabilidade de diferentes implementações de TMR do soft core ARM sintetizado em FPGA foi avaliada usando campanhas de injeção de falhas emuladas. Como resultado, foi reforçado o nível de alta confiabilidade da implemntação com mais fina granularidade, mesmo na presença de até 10 falhas acumuladas, e a menor capacidade de mitigação correspondente à replicação de flip-flops apenas. / Radiation effects have been one of the most serious issues in military and space applications. But they are also an increasing concern in modern technologies, even for commercial applications at the ground level. Protection or hardening of integrated circuits against radiation effects can be obtained through the use of enhanced fabrication processes and strategies at different stages of the circuit design. The triple modular redundancy (TMR) technique is a widely and well-known technique employed to mask single faults without detecting them. However, the design of TMR circuits is not automated by commercial electronic design automation (EDA) tools and even they can remove partially or totally the redundant logic. On the other hand, there are several tools that can be used to implement the TMR technique in integrated circuits, although most of them are licensed commercial tools, convenient only for specific devices, or with restricted use because of the International Traffic in Arms Regulations (ITAR) regimen. The present work intends to overcome these issues so a methodology is proposed to automate the design of TMR circuits using a commercial design flow. The proposed approach uses a structured netlist to implement automatically TMR circuits at different granularity levels of redundancy for cell-based and field-programmable gate array (FPGA) designs. Optimization of the resulting TMR circuit is also applied based on the gate sizing approach. Moreover, verification of the implemented TMR circuit is based on equivalence checking, and guarantee its correct functionality and its fault-tolerant capability against soft errors. Experiments with an high-level synthesis (HLS)-derived circuit and an obfuscated description of the ARM Cortex-M0 soft-core are performed to show the use and the advantages of the proposed design flow. Several issues related to the removal of the implemented redundant logic were found as well as the impact in the increment of area caused by the majority voters. Furthermore, the reliability of different TMR implementations of the ARM soft-core synthesized in FPGA was evaluated using emulated-simulation fault injection campaigns. As a result, it was reinforced the high-reliability level of the finest granularity implementation even in the presence of up to 10 accumulated faults and the poorest mitigation capacity corresponding to the replication of flip-flops solely.

Microeletrônica

Tolerancia : Falhas

Fault tolerance

FPGA

ASIC

Semicustom design flow

Equivalence checking

TMR

Radiation effects

Graph dominators in logic synthesis and verification

Krenz, René

January 2004

This work focuses on the usage of dominators in circuit graphs in order to reduce the complexity of synthesis and verification tasks. One of the contributions of this thesis is a new algorithm for computing multiple-vertex dominators in circuit graphs. Previous algorithms, based on single-vertex dominators suffer from their rare appearance in many circuits. The presented approach searches efficiently for multiple-vertex dominators in circuit graphs. It finds dominator relations, where algorithms for computing single-vertex dominators fail. Another contribution of this thesis is the application of dominators for combinational equivalence checking based on the arithmetic transform. Previous algorithms rely on representations providing an explicit or implicit disjoint function cover, which is usually excessive in memory requirements. The new algorithm allows a partitioned evaluation of the arithmetic transform directly on the circuit graph using dominator relations. The results show that the algorithm brings significant improvements in memory consumption for many benchmarks. Proper cuts are used in many areas of VLSI. They provide cut points, where a given problem can be split into two disjoint sub-problems. The algorithm proposed in this thesis efficiently detects proper cuts in a circuit graph and is based on a novel concept of a reduced dominator tree. The runtime of the algorithm is less than 0.4 seconds for the largest benchmark circuit. The final contribution of this thesis is the application of the proper cut algorithm as a structural method to decompose a Boolean function, represented by a circuit graph. In combination with a functional approach, it outperforms previous methods, which rely on functional decomposition only.

formal verification

logic synthesis

dominators

equivalence checking

decomposition

Computer Sciences

Datavetenskap (datalogi)

Functional Verification of Arithmetic Circuits using Linear Algebra Methods

Ameer Abdul Kader, Mohamed Basith Abdul

01 January 2011

This thesis describes an efficient method for speeding up functional verification of arithmetic circuits namely linear network such as wallace trees, counters using linear algebra techniques. The circuit is represented as a network of half adders, full adders and inverters, and modeled as a system of linear equations. The proof of functional correctness of the design is obtained by computing its algebraic signature using standard linear programming (LP) solver and comparing it with the reference signature provided by the designer. Initial experimental results and comparison with Satisfiability Modulo Theorem (SMT) solvers show that the method is efficient, scalable and applicable to complex arithmetic designs, including large multipliers. It is intended to provide a new front end theory/engine to enhance SMT solvers.

Functional Verification

Arithmetic Circuits

Linear Algebra

SMT

Arithmetic bit-level

Equivalence checking

Electrical and Computer Engineering

Circuit Design Methods with Emerging Nanotechnologies

Zheng, Yexin

28 December 2009

As complementary metal-oxide semiconductor (CMOS) technology faces more and more severe physical barriers down the path of continuously feature size scaling, innovative nano-scale devices and other post-CMOS technologies have been developed to enhance future circuit design and computation. These nanotechnologies have shown promising potentials to achieve magnitude improvement in performance and integration density. The substitution of CMOS transistors with nano-devices is expected to not only continue along the exponential projection of Moore's Law, but also raise significant challenges and opportunities, especially in the field of electronic design automation. The major obstacles that the designers are experiencing with emerging nanotechnology design include: i) the existing computer-aided design (CAD) approaches in the context of conventional CMOS Boolean design cannot be directly employed in the nanoelectronic design process, because the intrinsic electrical characteristics of many nano-devices are not best suited for Boolean implementations but demonstrate strong capability for implementing non-conventional logic such as threshold logic and reversible logic; ii) due to the density and size factors of nano-devices, the defect rate of nanoelectronic system is much higher than conventional CMOS systems, therefore existing design paradigms cannot guarantee design quality and lead to even worse result in high failure ratio. Motivated by the compelling potentials and design challenges of emerging post-CMOS technologies, this dissertation work focuses on fundamental design methodologies to effectively and efficiently achieve high quality nanoscale design. A novel programmable logic element (PLE) is first proposed to explore the versatile functionalities of threshold gates (TGs) and multi-threshold threshold gates (MTTGs). This PLE structure can realize all three- or four-variable logic functions through configuring binary control bits. This is the first single threshold logic structure that provides complete Boolean logic implementation. Based on the PLEs, a reconfigurable architecture is constructed to offer dynamic reconfigurability with little or no reconfiguration overhead, due to the intrinsic self-latching property of nanopipelining. Our reconfiguration data generation algorithm can further reduce the reconfiguration cost. To fully take advantage of such threshold logic design using emerging nanotechnologies, we also developed a combinational equivalence checking (CEC) framework for threshold logic design. Based on the features of threshold logic gates and circuits, different techniques of formulating a given threshold logic in conjunctive normal form (CNF) are introduced to facilitate efficient SAT-based verification. Evaluated with mainstream benchmarks, our hybrid algorithm, which takes into account both input symmetry and input weight order of threshold gates, can efficiently generate CNF formulas in terms of both SAT solving time and CNF generating time. Then the reversible logic synthesis problem is considered as we focus on efficient synthesis heuristics which can provide high quality synthesis results within a reasonable computation time. We have developed a weighted directed graph model for function representation and complexity measurement. An atomic transformation is constructed to associate the function complexity variation with reversible gates. The efficiency of our heuristic lies in maximally decreasing the function complexity during synthesis steps as well as the capability to climb out of local optimums. Thereafter, swarm intelligence, one of the machine learning techniques is employed in the space searching for reversible logic synthesis, which achieves further performance improvement. To tackle the high defect-rate during the emerging nanotechnology manufacturing process, we have developed a novel defect-aware logic mapping framework for nanowire-based PLA architecture via Boolean satisfiability (SAT). The PLA defects of various types are formulated as covering and closure constraints. The defect-aware logic mapping is then solved efficiently by using available SAT solvers. This approach can generate valid logic mapping with a defect rate as high as 20%. The proposed method is universally suitable for various nanoscale PLAs, including AND/OR, NOR/NOR structures, etc. In summary, this work provides some initial attempts to address two major problems confronting future nanoelectronic system designs: the development of electronic design automation tools and the reliability issues. However, there are still a lot of challenging open questions remain in this emerging and promising area. We hope our work can lay down stepstones on nano-scale circuit design optimization through exploiting the distinctive characteristics of emerging nanotechnologies. / Ph. D.

design automation

ant colony optimization

satisfiability

equivalence checking

defect tolerance

logic synthesis

nanotechnology

circuit design

Testing and Verification Strategies for Enhancing Trust in Third Party IPs

Banga, Mainak

17 December 2010

Globalization in semiconductor industry has surged up the trend of outsourcing component design and manufacturing process across geographical boundaries. While cost reduction and short time to market are the driving factors behind this trend, the authenticity of the final product remains a major question. Third party deliverables are solely based on mutual trust and any manufacturer with a malicious intent can fiddle with the original design to make it work otherwise than expected in certain specific situations. In case such a backfire happens, the consequences can be disastrous especially for mission critical systems such as space-explorations, defense equipments such as missiles, life saving equipments such as medical gadgets where a single failure can translate to a loss of lives or millions of dollars. Thus accompanied with outsourcing, comes the question of trustworthy design - "how to ensure that integrity of the product manufactured by a third party has not been compromised". This dissertation aims towards developing verification methodologies and implementing non-destructive testing strategies to ensure the authenticity of a third party IP. This can be accomplished at various levels in the IC product life cycle. At the design stage, special testability features can be incorporated in the circuit to enhance its overall testability thereby making the otherwise hard to test portions of the design testable at the post silicon stage. We propose two different approaches to enhance the testability of the overall circuit. The first allows improved at-speed testing for the design while the second aims to exaggerate the effect of unwanted tampering (if present) on the IC. At the verification level, techniques like sequential equivalence checking can be employed to compare the third-party IP against a genuine specification and filter out components showing any deviation from the intended behavior. At the post silicon stage power discrepancies beyond a certain threshold between two otherwise identical ICs can indicate the presence of a malicious insertion in one of them. We have addressed all of them in this dissertation and suggested techniques that can be employed at each stage. Our experiments show promising results for detecting such alterations/insertions in the original design. / Ph. D.

Design for Testability

Side-Channel Analysis

Sequential Equivalence Checking

Trojans

Third party IP

Sufficiency-based Filtering of Invariants for Sequential Equivalence Checking

Hu, Wei

14 February 2011

Verification, as opposed to Testing and Post-Silicon Validation, is a critical step for Integrated Circuits (IC) Design, answering the question "Are we designing the right function?" before the chips are manufactured. One of the core areas of Verification is Equivalence Checking (EC), which is a special yet independent case of Model Checking (MC). Equivalence Checking aims to prove that two circuits, when fed with the same inputs, produce the exact same outputs. There are broadly two ways to conduct Equivalence Checking, simulation and Formal Equivalence Checking. Simulation requires one to try out different input combinations and observe if the two circuits produce the same output. Obviously, since it is not possible to enumerate all combinations of different inputs, completeness cannot be guaranteed. On the other hand, Formal Equivalence Checking can achieve 100% confidence. As the number of gates and in particular, the number of flip-flops, in circuits has grown tremendously during the recent years, the problem of Formal Equivalence Checking has become much harder â A recent evaluation of a general-case Formal Equivalence Checking engine [1] shows that about 15% of industrial designs cannot be verified after a typical sequential synthesis flow. As a result, a lot of attention on Formal Equivalence Checking has been drawn both academically and industrially. For years Combinational Equivalence Checking(CEC) has been the pervasive framework for Formal Equivalence Checking(FEC) in the industry. However, due to the limitation of being able to verify circuits only with 1:1 flip-flop pairing, a pure CEC-based methodology requires a full regression of the verification process, meaning that performing sequential optimizations like retiming or FSM re-encoding becomes somewhat of a bottleneck in the design cycle [2]. Therefore, a more powerful framework — Sequential Equivalence Checking (SEC) — has been gradually adopted in industry. In this thesis, we target on Sequential Equivalence Checking by finding efficient yet powerful group of relationships (invariants) among the signals of the two circuits being compared. In order to achieve a high success rate on some of the extremely hard-to-verify circuits, we are interested in both two-node and multi-node (up to 4 nodes) invariants. Also we are interested in invariants among both flip-flops and internal signals. For large circuits, there can be too many potential invariants requiring much time to prove. However, we observed that a large portion of them may not even contribute to equivalence checking. Moreover, equivalence checking can be significantly helped if there exists a method to check if a subset of potential invariants would be sufficient (e.g., whether two-nodes are enough or multi-nodes are also needed) prior to the verification step. Therefore, we propose two sufficiency-based approaches to identify useful invariants out of the initial potential invariants for SEC. Experimental results show that our approach can either demonstrate insufficiency of the invariants or select a small portion of them to successfully prove the equivalence property. Our approaches are quite case-independent and flexible. They can be applied on circuits with different synthesis techniques and combined with other techniques. / Master of Science

Invariant filtering

Assume and Verify

Boolean Satisfiability(SAT)

Sequential Equivalence Checking(SEC)

Enhancing SAT-based Formal Verification Methods using Global Learning

Arora, Rajat

25 May 2004

With the advances in VLSI and System-On-Chip (SOC) technology, the complexity of hardware systems has increased manifold. Today, 70% of the design cost is spent in verifying these intricate systems. The two most widely used formal methods for design verification are Equivalence Checking and Model Checking. Equivalence Checking requires that the implementation circuit should be exactly equivalent to the specification circuit (golden model). In other words, for each possible input pattern, the implementation circuit should yield the same outputs as the specification circuit. Model checking, on the other hand, checks to see if the design holds certain properties, which in turn are indispensable for the proper functionality of the design. Complexities in both Equivalence Checking and Model Checking are exponential to the circuit size. In this thesis, we firstly propose a novel technique to improve SAT-based Combinational Equivalence Checking (CEC) and Bounded Model Checking (BMC). The idea is to perform a low-cost preprocessing that will statically induce global signal relationships into the original CNF formula of the circuit under verification and hence reduce the complexity of the SAT instance. This efficient and effective preprocessing quickly builds up the implication graph for the circuit under verification, yielding a large set of logic implications composed of direct, indirect and extended backward implications. These two-node implications (spanning time-frame boundaries) are converted into two-literal clauses, and added to the original CNF database. The added clauses constrain the search space of the SAT-solver engine, and provide correlation among the different variables, which enhances the Boolean Constraint Propagation (BCP). Experimental results on large and difficult ISCAS'85, ISCAS'89 (full scan) and ITC'99 (full scan) CEC instances and ISCAS'89 BMC instances show that our approach is independent of the state-of-the-art SAT-solver used, and that the added clauses help to achieve more than an order of magnitude speedup over the conventional approach. Also, comparison with Hyper-Resolution [Bacchus 03] suggests that our technique is much more powerful, yielding non-trivial clauses that significantly simplify the SAT instance complexity. Secondly, we propose a novel global learning technique that helps to identify highly non-trivial relationships among signals in the circuit netlist, thereby boosting the power of the existing implication engine. We call this new class of implications as 'extended forward implications', and show its effectiveness through additional untestable faults they help to identify. Thirdly, we propose a suite of lemmas and theorems to formalize global learning. We show through implementation that these theorems help to significantly simplify a generic CNF formula (from Formal Verification, Artificial Intelligence etc.) by identifying the necessary assignments, equivalent signals, complementary signals and other non-trivial implication relationships among its variables. We further illustrate through experimental results that the CNF formula simplification obtained using our tool outshines the simplification obtained using other preprocessors. / Master of Science

Boolean Satisfiability (SAT)

Static Logic Implications

Combinational Equivalence Checking (CEC)

Bounded Model Checking (BMC)

Propositional Formula

Sequential Equivalence Checking with Efficient Filtering Strategies for Inductive Invariants

Nguyen, Huy

24 May 2011

Powerful sequential optimization techniques can drastically change the Integrated Circuit (IC) design paradigm. Due to the limited capability of sequential verification tools, aggressive sequential optimization is shunned nowadays as there is no efficient way to prove the preservation of equivalence after optimization. Due to the fact that the number of transistors fitting on single fixed-size die increases with Moore's law, the problem gets harder over time and in an exponential rate. It is no surprise that functional verification becomes a major bottleneck in the time-to-market of a product. In fact, literature has reported that 70% of design time is spent on making sure the design is bug-free and operating correctly. One of the core verification tasks in achieving high quality products is equivalence checking. Essentially, equivalence checking ensures the preservation of optimized product's functionality to the unoptimized model. This is important for industry because the products are modified constantly to meet different goals such as low power, high performance, etc. The mainstream in conducting equivalence checking includes simulation and formal verification. In simulation approach, golden design and design under verification (DUV) are fed with same stimuli for input expecting outputs to produce identical responses. In case of discrepancy, traces will be generated and DUV will undergo modifications. With the increase in input pins and state elements in designs, exhaustive simulation becomes infeasible. Hence, the completeness of the approach is not guaranteed and notions of coverage has to be accompanied. On the other hand, formal verification incorporates mathematical proofs and guarantee the completeness over the search space. However, formal verification has problems of its own in which it is usually resource intensive. In addition, not all design can be verified after optimization processes. That is to say the golden model and DUV are vastly different in structure which cause modern checker to give inconclusive result. Due to this nature, this thesis focuses in improving the strength and the efficiency of sequential equivalence checking (SEC) using formal approach. While there has been great strides made in the verification for combinational circuits, SEC still remains rather rudimentary. Without powerful SEC as a backbone, aggressive sequential synthesis and optimization are often avoided if the optimized design cannot be proved to be equivalent to the original one. In an attempt to take on the challenges of SEC, we propose two frameworks that successfully determining equivalence for hard-to-verify circuits. The first framework utilizes arbitrary relations between any two nodes within the two sequential circuits in question. The two nodes can reside in the same or across the circuits; likewise, they can be from the same time-frame or across time-frames. The merit for this approach is to use global structure of the circuits to speed up the verification process. The second framework introduces techniques to identify subset but yet powerful multi-node relations (involve more than 2 nodes) which then help to prune large don't care search space and result in a successful SEC framework. In contrast with previous approaches in which exponential number of multi-node relations are mined and learned, we alleviate the computation cost by selecting much fewer invariants to achieve desired conclusion. Although independent, the two frameworks could be used in sequential to complement each other. Experimental results demonstrate that our frameworks can take on many hard-to-verify cases and show a significant speed up over previous approaches. / Master of Science

Boolean Satisfiability(SAT)

Sequential Equivalence Checking(SEC)

Formal Verification

Dynamic Invariant Filtering

Implications