| Preface | p. xi |
| Introduction | p. 1 |
| Writing Our First Formal Specification | p. 2 |
| Is My Specification Correct? | p. 5 |
| Have I written Enough Properties? | p. 6 |
| Property Verification | p. 8 |
| The Dynamic ABV Approach | p. 9 |
| The FPV Approach | p. 11 |
| Verification by Specification Refinement | p. 14 |
| The New Flow | p. 17 |
| Languages for Temporal Properties | p. 19 |
| The Basic Temporal Operators | p. 22 |
| Intuitive Explanation | p. 23 |
| Formal Semantics | p. 24 |
| Logics for Temporal Specification | p. 25 |
| Linear Temporal Logic | p. 26 |
| Computation Tree Logic | p. 27 |
| LTL versus CTL | p. 29 |
| Real Time Temporal Logics | p. 30 |
| System Verilog Assertions | p. 31 |
| A Quick Overview | p. 32 |
| The Notion of Sequences | p. 37 |
| Sequence Operations: Repetition | p. 38 |
| Sequence Operations: And, Intersect, Or | p. 40 |
| Local Variables | p. 41 |
| Properties | p. 42 |
| Assume-Assert Specifications | p. 44 |
| The Cover Statement | p. 47 |
| Architectural Styles for Assertion IPs | p. 47 |
| The Main Steps | p. 49 |
| Coding Styles: Event and State-based Checkers | p. 50 |
| Concluding Remarks | p. 56 |
| Bibliographic Notes | p. 57 |
| How Does the Property Checker Work? | p. 59 |
| Checkers are State Machines! | p. 61 |
| The Verification Strategy | p. 63 |
| Dynamic Property Verification | p. 64 |
| Formal Property Verification | p. 67 |
| Creating the Checker Automaton | p. 68 |
| FSM Extraction | p. 72 |
| Computing the Product | p. 74 |
| BDD-based Formal Property Verification | p. 78 |
| What is a BDD? | p. 79 |
| BDDs for State Machines | p. 83 |
| Symbolic Reachability | p. 84 |
| CTL Model Checking | p. 90 |
| SAT-based Formal Property Verification | p. 92 |
| What is SAT? | p. 92 |
| SAT-based Reachability | p. 93 |
| Detecting Loops | p. 95 |
| Unfolding Properties | p. 96 |
| Bounded Model Checking | p. 96 |
| Concluding Remarks | p. 97 |
| Bibliographic Notes | p. 99 |
| Is My Specification Consistent? | p. 101 |
| Satisfiability and Vacuity | p. 103 |
| Writing Unsatisfiable Specifications | p. 103 |
| The Notion of Vacuity | p. 105 |
| Satisfiability is not Enough | p. 105 |
| Readability | p. 107 |
| Receptiveness | p. 109 |
| Games with the Environment | p. 114 |
| Methods for Consistency Checking | p. 115 |
| Alternating Automata and LTL | p. 117 |
| Satisfiability Checks | p. 119 |
| Realizability Checks | p. 121 |
| Receptiveness Checks | p. 124 |
| The SpecChecker Tool | p. 125 |
| Concluding Remarks | p. 126 |
| Bibliographic Notes | p. 128 |
| Have I Written Enough Properties? | p. 129 |
| Simulation Coverage Metrics | p. 131 |
| Mutation-based FPV Coverage | p. 132 |
| Falsity and Vacuity Coverage | p. 134 |
| FSM Coverage | p. 135 |
| Code and Circuit Coverage | p. 136 |
| Structural Versus Functional Coverage | p. 136 |
| Fault-based FPV Coverage | p. 138 |
| The Coverage Strategy | p. 141 |
| Coverage of Faults on Non-inputs | p. 142 |
| Coverage of Faults on Inputs | p. 145 |
| LTL-Covanalyzer: The Tool | p. 148 |
| Building it Over FPV Tools | p. 149 |
| Other Fault Models | p. 153 |
| Concluding Remarks | p. 154 |
| Bibliographic Notes | p. 155 |
| Design Intent Coverage | p. 157 |
| An Introductory Example | p. 160 |
| Priority Cache Access: Architectural Specs | p. 160 |
| Is my Implementation Plan Correct? | p. 162 |
| The Correct Architecture | p. 165 |
| How Does Design Intent Coverage Help? | p. 166 |
| The Formal Problem | p. 167 |
| Where is the Coverage Gap? | p. 171 |
| How Should We Present the Coverage Hole? | p. 173 |
| The Intent Coverage Algorithm | p. 174 |
| Unfolding the Coverage Gap | p. 175 |
| Elimination of Non-architectural Signals | p. 177 |
| The Term Distribution Algorithm | p. 178 |
| Weakening Unbounded Temporal Properties | p. 182 |
| Special Treatment of Invariant Properties | p. 184 |
| Soundness of the Intent Coverage Algorithm | p. 186 |
| Multi-property Representation of the Coverage Gap | p. 186 |
| SpecMatcher - The Intent Coverage Tool | p. 188 |
| Priority Cache Access - A Closer Look | p. 189 |
| Concluding Remarks | p. 192 |
| Bibliographic Notes | p. 193 |
| Test Generation Games | p. 195 |
| Constrained Random Test Generation | p. 196 |
| Layered Verification Methodologies | p. 197 |
| The Benefits | p. 199 |
| The Limitations | p. 201 |
| Dynamic Coverage Driven Verification | p. 202 |
| Assertions Viewed as Coverage Points! | p. 203 |
| Games with the Environment | p. 204 |
| Vacuity Games | p. 205 |
| Readability Games | p. 207 |
| Intelligent Test Generation for Property Coverage | p. 208 |
| Dynamic Monitoring | p. 208 |
| Online Test Generation | p. 209 |
| Test Generation Algorithms | p. 210 |
| The Integrated Verification Flow | p. 212 |
| Concluding Remarks | p. 214 |
| Bibliographic Notes | p. 215 |
| A Roadmap for Formal Property Verification | p. 217 |
| Simulation-based Validation Flow | p. 218 |
| Formal Verification Flow | p. 221 |
| The Three Pillars | p. 224 |
| What's Between Simulation and Model Checking? | p. 229 |
| What's between Intent Coverage and Model Checking? | p. 231 |
| What's between Intent Coverage and Simulation? | p. 233 |
| The Integrated Flow | p. 234 |
| Architectural Validation | p. 235 |
| RTL Validation | p. 236 |
| Sharing the Task | p. 238 |
| Architect's Corner | p. 238 |
| Design Manager's Corner | p. 239 |
| Unit Designer's Corner | p. 240 |
| Concluding Remarks | p. 240 |
| References | p. 243 |
| Index | p. 249 |
| Table of Contents provided by Ingram. All Rights Reserved. |
