VERIFICATION MODEL STRUCTURES FOR DIGITAL SYSTEMS DESIGN SERGEY L. FRENKEL The Institute of Informatics Problems, Russian Academy of Sciences, Vavilova 44,2, 117333, Moscow, Russia. E-mail: slf-ipiran@mtu-net.ru Abstract Exponential computational complexity of digital systems formal verification algorithms excludes any possibilities of full-automatic verification of complex digital systems. On the other hand, the informal design simulation is also impractical time-consuming. Probably, the possible outcome is to form a verification strategy which, on one hand would combine both approaches, and on the other hand would include a guide to issue verifications algorithms-and-tools appropriate for a given design. It implies a characterization of both verification algorithms and design process. In fact, it means a structurization of various models of design, which are used both explicitly and implicitly during design verification activity. This paper, relying on the previous experience in testability design planning [1] as well as corrent publications in formal verification areas considers some possibilities of planning of digital systems verification activity to achieve high degree of functional verification. Key words: formal verification, design verification, digital circuits simulation. 1. INTRODUCTION Designers of complex digital systems (ASIC, application-specific/general-purpose microprocessors (MP)), etc.) need validation methods and tools to guarantee a perfect design before a process of its manufacturing is started. Errors detected after start of fabrication lead both to added production costs and delay the product. This delay may be very critical issue of market control. For example, some data in [2] shows that loss due to late marketing for 10-15 weeks may be up to half million USD. This validation is performed mostly as a “verification”, checking if a system design is correct with respect to a specification (which is understood here as an initial description of aimed design on a given represenation level (e.g., finite –state machine, register-transfer (RTL), or gate level). The traditional and the most common method of the verification is verification via simulation. The alternative is so-called “formal verification” [3]. However, both these approaches have some drawbacks of high computational requirements. Thereby, the complexity of simulation-based methods is due to the large number of test vectors needed to manifest all functional issues, and the complexity of the formal verification of large designs is due to very large state spaces, which cannot be handled even by such techniques as implicit state space traversal. For example, in sequential circuits verification a central problem is the reachability analysis. In this activity, the properties to be checked by an automatic verification have to be reachable from the start state. Reachability analysis is the task of finding this set. If a system is represented as a finite-state machine (FSM), reachability analysis corresponds to a traversal of the state transition graph of an FSM, that as it is well-known may contain billions of nodes [3]. Strictly speaking, the same situation from the point of view of automatic (synthesis-directed) and simulation methods interaction takes place in other areas of Electronic CAD activities, first of all in test pattern generation (TPG). In this area a test designer also has to consider a trade-off between the exponential complexity of automatic test pattern generation (ATPG) (true synthesis) and the necessity to use various simulation tools (a “synthesis through analysis”) to check if an input test vector (“candidate to test”) provides detection of a fault considered. In fact, this methodology changing means the change of design specification model. While the design specification for ATPG consists merely of the Proceedings 17th European Simulation Multiconference (c) SCS Europe BVBA, 2003 ISBN 3-936150-25-7