Part of the  

Chip Design Magazine

  Network

About  |  Contact

Posts Tagged ‘JasperGold’

Verification Joins the Adults’ Table

Tuesday, January 24th, 2017

Adam Sherer, Group Director, Product Management, System & Verification Group, Cadence

As we plan for our family gatherings this holiday season, it’s time to welcome Verification to the adults’ table. Design and Implementation are already at the table, having established their own families consisting of architects with the comprehensive experience to manage the overall flow and specialists who provide the deep knowledge needed to make each project succeed. Verification has matured with the realization that it needs its own family of architects and specialists that have the experience and knowledge to rapidly and repeatedly verify complex projects.

Figure 1 The family table

This maturation of Verification occurred as complexity drove the need for the architect’s role. Designs pushed through a billion gates and systems grew their functional dependency on the fusion of analog, software, digital, and power. Meanwhile, the teams verifying these designs became distributed around the globe. A holistic view of verification became necessary and it was rooted in a more rigorous verification planning process. When we listen to the architect at our holiday dinner this year, we’ll hear how she wished for and got verification management automation with Cadence’s vManager solution. In order to close her verification plan, she needs to reuse verification IP (VIP), specify new Cadence VIP protocols, and direct the internal development of new VIP running on a range of verification engines. She also realizes that traditional methods will not scale to complex scenarios that must be verified across the complete SoC, so she is excited by the new portable stimulus standard work in Accellera and is piloting a project using Cadence’s Perspec System Verifier to gain an efficiency edge over her company’s competitors.

Design and Implementation were impressed by the automation that Verification was able to access. They asked Verification if that meant she had resources to spare for their families. She couldn’t help but laugh but then calmed down and explained how her family is growing with the specialists needed to implement the verification plans. She also discussed how those experts are actually already working with experts from Design and Implementation to achieve verification closure.

Figure 2 The Cadence Verification Family

Verification is a multi-engine, multi-abstraction, multi-domain task that starts and finishes with the entire development team. At the start of development, design experts and verification experts apply JasperGold formal analysis with coverage to both raise quality and mark the block-level features as verified in the overall plan. UVM experts then step in to complete comprehensive IP/subsystem verification using high-performance digital and mixed-signal simulation with the Incisive Enterprise Simulator. While the randomization and four-state simulation is critical at this stage, the UVM testbench can consume as much as 50% of the simulation time, which lengthens runtime as the project moves to subsystem and SoC integration. The verification experts then apply acceleration techniques to reduce time spent in the testbench, develop new scenarios with the Perspec System Verifier to enable fast four-state RTL simulation with the Cadence RocketSim Parallel Simulation Engine, and accelerate with the Cadence Palladium Z1 Enterprise Emulation System. As the project moves to the performance, capacity, coverage, and accessibility of the Palladium Z1 engine, new experts are able to address system features dependent on bare metal software and in-circuit data. Since the end customer interacts with the system through application software, the verification experts work with software teams using Cadence Protium Rapid Prototyping Platform, which provides the performance needed to support the verification needs of this team. With all of these experts around the world, the verification architect explains that she needs fabrics that enable them to communicate. She uses the Cadence Indago Debug Platform and vManager to provide unified debug across the engines, and multi-engine metrics to help her automate the verification plan. More and more of the engines provide verification metrics like coverage from simulation and emulation that can be merged together and rolled up to the vManager solution. Even the implementation teams are working together with the verification experts to simulate post PG netlists using the Incisive Enterprise Simulator XL and RocketSim solutions, enabling final signoff on the project.

As Design and Implementation pass dessert around the table, they are very impressed with Verification. They’ve seen the growing complexity in their own families and have been somewhat perplexed by how verification gets done. Verification has talked about new tools, standards, and methodologies for years, and they assumed those productivity enhancements meant that verification engineers could remain generalists by accessing more automation. Hearing more about the breadth and depth of the verification challenge has helped them realize that that there is an absolute need for a complete verification family with architects and experts. Raising a toast to the newest member of the electronic design adults’ table, the family knows that 2017 is going to be a great year.

Cadence Addresses Security in SoC

Tuesday, October 11th, 2016

Steve Carlson, product management group director, Cadence Design Systems

Security has been a growing concern as more examples of failed security come to light in the news. The connected, automated world makes us all more vulnerable, and there is good cause for concern. Whether it has been the demonstration of taking control of a car through hacking or causing nuclear material refinement equipment to spin to destruction, the realization of the gravity of the situation is a widely-shared concern.

To create a secure system a design-for-security mindset needs to be adopted by all parties participating in the product creation. A secure system needs to have security at all layers. At the core, the underlying hardware needs to be designed to be secure. Design methods for creating trusted zones for computation and support for data security are essential.

Layers of security needed for secure system deployment.

Fortunately, there is help in the form of verification technology that can definitively prove whether or not there are any potential side access channels that could leak data. Where normal simulation approaches become intractable, formal methods are targeted and complete.

For example, the JasperGold® Security Path Verification (SPV) App is a formal verification product that uses path sensitization technology to exhaustively prove that secure data:

1.  Can’t be read illegally (no leaks)

2.  Can’t be illegally overwritten (sanctity)

3.  Remains secure in the face of faults or failure

The process of creating secure hardware has become a riskier proposition with the broad use of third party IP and the vertical nature of the foundry model. Hardware Trojans have been inserted into a number of designs that created compromised security. Detection of hardware Trojans is being approached in a number of different ways, but there is no silver bullet, particularly when it is “an inside job.” A formal approach to design verification with detailed metrics is a good component in nefarious content detection. Understanding what is activated in each test scenario can help uncover covertly-added content.

Software-based attacks are incessant. A constant stream of attempted attacks are visible in instrumented IT centers. The nexus of the system hardware and software (firmware or bare metal software) is a point of attack that exploits the perimeter between realms. Here the system verification task requires high performance platforms like emulators that can accurately depict the behavior of the software-hardware interaction in intended and unintended instruction streams. Detection tests are tedious to create and are often not thorough for that reason. Applying automation for software-driven testbench creation provides orders of magnitude improvement in test time creation and ultimately attack scenario coverage.

There are a host of attack methods on encryption have been documented. Attacks based on side channels: power trace, fault attacks (e.g., voltage and clock frequency), timing attacks, scan chain, cache attacks (power trace, memory spy process, time measurement (different data takes different computation time) have all been successful.  Various obfuscation methods such as state space expansion and self-referencing have proved to be effective.

The core computation engines in secure SoCs need to consider not just the processor itself, but also how the interaction with other hardware features are implemented. An example based on the Cadence Tensilica Xtensa processor depicts some the capabilities that are necessary to create a secure system.  Among those is the capability to create instruction set extensions that can create private regions and hidden registers. These capabilities help to frustrate hackers.

Example: Tensilica Xtensa security elements

The further implications of using extension instructions are highlighted in the figure below. These advantages highlight the value of a unique processor. In short, a customized processor creates yet another layer that hackers must seek to defeat.

Cadence Tensilica Xtensa security-related capabilities

Security mechanism support features in Cadence Tensilica Xtensa

A summary of the Tensilica Xtensa processor security capabilities are summarized below:

  1. User defined TIE resources are proprietary (hidden)
    1. Xtensa base instructions cannot access the resources
    2. They are accessed by user-defined proprietary TIE instructions only
  2. User-defined TIE resources
    1. Registers including states
    2. Interfaces (port, queue, lookup)
  3. User-defined TIE resources can be hidden even via debugger
  4. Hidden registers can be used to save such as
    1. Crypto key
    2. Hash value
    3. User ID
  5. Hidden interfaces can be used to connect restricted resources such as
    1. Crypto engine
    2. Hash key generator
    3. Random value generator

Security breaches have alarmed us all. Clearly we need to get better and more methodical about it.  Adopting a holistic design-for-security mindset is essential. You cannot just layer security upon an insecure system and expect good results. As innovative security hackers devise new methods to defeat security, there are corresponding innovations to improve protection. We can all expect to see security in the news for the foreseeable future. While the breaches get all the notoriety, the unsung attack preventions are legion.