5/2/2017 SystemVerilogAssertions:ElectroSofts.

com

HOME ElectronicsDirectory Articles/Tutorials eBooks

AboutUs FORUM Links ContactUs

SystemVerilogTutorialPART18:byAbhiramRao

AssertionsinSystemVerilogPart1
<PreviousTOCNext>

SystemVerilogAssertionsBenefits:

SystemVerilog built assertions directly into the design and

verification language, and that provides clear benefits. In
fact, SystemVerilog has effectively unified assertions with
the design and verification language for use in both
simulationandformalverification.ThekeybenefitsofSVA
canbesummarizedasfollows:

Easeofadoptionbecauseitisbuiltonafamiliarlanguage
andsyntax

Lessassertioncodeduetoautomaticcontextualunderstandingofdesigncontrollogic

Simplehookupandinteractionbetweenassertionsandthetestbenchwithoutspecialinterfaces

Customizationandcontrolofmessaginganderrorseveritylevels

AbilitytointeractwithVerilogandCfunctions

Avoidance of mismatching results between simulation and formal evaluations with clearly defined
schedulingsemantics

Ability to improve verification performance by eliminating assertion cosimulation overhead and reusing
simulationoptimizationalgorithms

Thesebenefitswillbedescribedinthefollowingsections.

SystemVerilogAssertionsOverview

SystemVerilog assertions were developed to provide design and verification engineers the means to
describecomplexbehaviorsabouttheirdesignsinaclearandconcisemanner,buildingonconceptswith
whichusersarealreadyfamiliar.WithSVAunifiedsyntacticallywiththerestofSystemVerilog,theuseris
ableto embed assertions directly inline with the design and other verification code, allowing the tools to
infer a great deal of information from the context of the surrounding code. This reduces, in many cases
http://electrosofts.com/systemverilog/assertions1.html 1/6
5/2/2017 SystemVerilogAssertions:ElectroSofts.com

substantially,theamountofcodetheusermustwritetospecifythebehavior,andsimplifiestheusagemodel
sincethisinformationdoesnothavetobeduplicated,asitwouldwithaseparateassertionlanguage.

ThesemanticsofSVAaredefinedsuchthattheevaluationoftheassertionsisguaranteedtobeequivalent
betweensimulation,whichiseventbased,andformalverification,whichis cyclebased. This equivalence
ensuresthatmultipletoolswillallinterpretthebehaviorsspecifiedinSVAinthesameway.Moreover, the
unificationofassertionswithdesignandverificationcodestreamlinesinteractiontoaugmentthepowerof
assertions.Inparticular,SystemVerilogallowsassertionstocommunicateinformationtothetestbenchand
allows the testbench to react to the status of assertions without requiring a separate application
programminginterface(API)ofanykind.

SystemVerilog provides two types of assertions: immediate and concurrent. Both assertion types are
intendedtoconveytheintentofthedesignengineerandtoidentifythesourceofaproblemasquicklyand
directly as possible. Immediate assertions are procedural statements that can occur anywhere within
alwaysorinitialblocks, and include a conditional expression to be tested and a set of statements to be
executeddependingontheresultoftheexpressionevaluation.

Thesyntaxofanimmediateassertionisshownhere:

immediate_assert_statement::=

assert(expression)[[pass_stmt]elsefail_stmt]1.

Theexpressionisevaluatedimmediatelywhenthestatementisexecuted,exactlyasitwouldbeforanif
statement. The pass_stmt is executed if the expression evaluates to true, otherwise the fail_stmt is
executed. The pass and fail statements, if present, are executed immediately after the expression is
evaluated.Becauseanassertioncarrieswithittheimplicationthattheexpressionwillbetrue,thefailureof
an assertion has a severity associated with it. SystemVerilog includes four system tasks ($fatal, $error,
$warningand$info)thatcanbeincludedinthefailstatementblocktoindicatetheseverityofthefailureand
printadditionaluserdefineddebugmessages,ifdesired.ThisisroughlythesamefunctionalityastheVHDL
assertstatement.

ConcurrentAssertions

The real power of SVA, both for simulation and formal verification, is the ability to specify behavior over
time,whichVHDLassertionscannotdo.Concurrentassertionsprovidetheabilitytospecifysuchsequential
behaviorconciselyandtoevaluatethatbehavioratdiscretepointsintime,usuallyclockticks(e.g.posedge
clk).Theconceptsandcomponentsthatmakeupconcurrentassertionscanbestbeunderstoodasasetof
layers,eachbuildingonthelayer(s)below:

Thebasicfunctionofanassertionistospecifyasetofbehaviorsthatisexpectedtoholdtrueforagiven
design or component. The Boolean expressions layer is the most basic, and specifies the values of
elementsataparticularpointintime,whilethesequentialregularexpressionslayerbuildsontheBoolean
layertospecifythetemporalrelationshipbetweenelementsoveraperiodoftime.Thepropertydeclarations

http://electrosofts.com/systemverilog/assertions1.html 2/6
5/2/2017 SystemVerilogAssertions:ElectroSofts.com

layer builds on sequences to specify the actual behaviors of interest, and the assertion directives layer
explicitlyassociatesthesebehaviorswiththedesignandguidesverificationtoolsabouthowtousethem.

Sampling

Toensureconsistencybetweensimulationandformalverificationtools,whichapplyacyclebasedviewof
thedesign,concurrentassertionsinSystemVerilogusesampledvaluesofsignalstoevaluateexpressions.
The sampled value of signals is defined to be the value of the signal at the end (i.e. at readonly
synchronizationtimeasdefinedbythePLI2)ofthelastsimulationtimestepbeforetheclockoccurs.This
way, a predictable result can be obtained from the evaluation, regardless of the simulators internal
mechanismoforderingandevaluatingevents.

This explicit notion of sampling signals relative to a clock edge is an integral part of the behavior of
SystemVerilogassertionsandismadepossibleinpartbecausetheassertionsaresimplyanotherpartofthe
SystemVeriloglanguage.TheexistingVerilogschedulingmechanismhasbeenextendedtosupportvalue
samplingandtoprovidehooksfortheassertionstoworkseamlesslywiththerestofthelanguage.These
scheduling extensions allow simulators and other tools to apply existing optimization algorithms to the
executionofassertionsaswellasthemodelingofthedesignandthetestbench.

Separateassertionlanguagescannotdefinethisexplicitsamplingmechanismbecausetherequiredhooks
arenotpartofVerilog.ThebehaviorcanbeapproximatedinVeriloginsomecasesiftheuseradherestoa
restrictedcodingstyle.Butthepossibilityofraceconditionsandmulticlocksystemsmakesitimpossibleto
guarantee consistency between formal verification and simulation tools in all cases, without specifically
enhancingtheVerilogschedulingexplicitlytosupportthisparticulargoal.

Race conditions are an artifact of the eventbased scheduling semantics of Verilog, which allow multiple
eventstooccuratagivensimulationtime.Sincesynthesisandformalverificationtoolstakeacyclebased
view of the design, race conditions are always resolved according to the same sampling semantics that
SystemVerilogassertionsuse.Thismeansthattheassertions,ineffect,givetheuserapostsynthesisview
ofthedesignduringpresynthesisRTLverification,eliminatingpreandpostsynthesismismatches.

http://electrosofts.com/systemverilog/assertions1.html 3/6
5/2/2017 SystemVerilogAssertions:ElectroSofts.com

Concurrent assertions differ from immediate assertions in two important ways. First, in addition to being
instantiatedprocedurallyinadesignasastatementinanalwaysorinitialblock,concurrentassertionscan
alsobeinstantiateddeclarativelyasamodulelevelstatement(similartoacontinuousassignment)outside
of procedural blocks. The second difference is that concurrent assertions allow the specification of a
temporalbehaviortobechecked,insteadofjustacombinationalconditionasimmediateassertionsdo.

Thesyntaxofaconcurrentassertionis:

concurrent_assert_statement::=

assertproperty(sequential_expr_or_property)

[[pass_stmt]elsefail_stmt]

Thesequentialexpressionisevaluated using sampled values of the signals, and the pass/fail statements
allowtheassertiontocommunicatewiththetestbench.Becausetheassertionsareanintegralpartofthe
language, these statements can use the full breadth of SystemVerilog to trigger events, record coverage
informationorotherwiseaffecttheflowoftheverificationcode,includingcallingCcode.Separateassertion
languages are effectively readonly in that they can only monitor design behavior but cannot affect
elementsineitherthedesignorthetestbench.

Immediateassertions

Theimmediateassertionstatementisatestofanexpressionperformedwhenthestatementisexecutedin
theproceduralcode.Theexpressionisnontemporalandisinterpretedthesamewayasanexpressionin
the condition of a procedural if statement. That is, if the expression evaluates to X, Z or 0, then it is
interpretedasbeingfalseandtheassertionissaidtofail.Otherwise,theexpressionisinterpretedasbeing
trueandtheassertionissaidtopass.

The immediate assert statement is a statement_item and can be specified anywhere a procedural
statementisspecified.

procedural_assertion_statement::=

...

immediate_assert_statement

immediate_assert_statement::=

assert(expression)action_block

action_block::=

statement_or_null

[statement]elsestatement

http://electrosofts.com/systemverilog/assertions1.html 4/6
5/2/2017 SystemVerilogAssertions:ElectroSofts.com

Theaction_blockspecifieswhatactionsaretakenuponsuccessorfailureoftheassertion.Thestatement
associatedwiththesuccessoftheassertstatementisthefirststatement.Itiscalledthepassstatementand
isexecutediftheexpressionevaluatestotrue.Thepassstatementcan,forexample,recordthenumberof
successesforacoveragelog,butcanbeomittedaltogether.Ifthepassstatementisomitted,thennouser
specifiedactionistakenwhentheassertexpressionistrue.Thestatementassociatedwithelseiscalleda
failstatementandisexecutediftheexpressionevaluatestofalse.Theelsestatementcanalsobeomitted.
Theactionblockisexecutedimmediatelyaftertheevaluationoftheassertexpression.

Theoptionalstatementlabel(identifierandcolon)createsanamedblockaroundtheassertionstatement(or
anyotherSystemVerilogstatement)andcanbedisplayedusingthe%mformatspecification.

assert_foo:assert(foo)$display("%mpassed")else$display("%mfailed")

Since the assertion is a statement that something must be true, the failure of an assertion shall have a
severityassociatedwithit.Bydefault,theseverityofanassertionfailureiserror.Otherseveritylevelscan
bespecifiedbyincludingoneofthefollowingseveritysystemtasksinthefailstatement:

$fatalisaruntimefatal.

$errorisaruntimeerror.

$warningisaruntimewarning,whichcanbesuppressedinatoolspecificmanner.

$infoindicatesthattheassertionfailurecarriesnospecificseverity.

Ifanassertionfailsand no else clause is specified, the tool shall, by default, call $error, unless a
toolspecificoption,suchasacommandlineoption,isenabledtosuppressthefailure.

All of these severity system tasks shall print a toolspecific message indicating the severity of the failure,
andspecificinformationaboutthespecificfailure,whichshallincludethefollowinginformation:

Thefilenameandlinenumberoftheassertionstatement.

Thehierarchicalnameoftheassertion,ifitislabeled,orthescopeoftheassertionifitisnotlabeled.

Forsimulationtools,thesetasksshallalsoincludethesimulationruntimeatwhichtheseveritysystemtask
iscalled.Eachsystemtaskcanalsoincludeadditionaluserspecifiedinformationusingthesameformatas
theVerilog$display.

If more than one of these system tasks is included in the else clause, then each shall be executed as
specified. If the severity system task is executed at a time other than when the assertion fails, the actual
failuretimeoftheassertioncanberecordedanddisplayedprogrammatically.Forexample:

timet

always@(posedgeclk)

http://electrosofts.com/systemverilog/assertions1.html 5/6
5/2/2017 SystemVerilogAssertions:ElectroSofts.com

if(state==REQ)

assert(req1||req2)

elsebegin

t=$time

#5$error("assertfailedattime%0t",t)

end

If theassertionfails at time 10, the error message shall be printed at time 15, but the userdefined string
printedshallbeassertfailedattime10.

Thedisplayofmessages ofwarning and info types can be controlled by a toolspecific option, such as a
commandlineoption.

Since the fail statement, like the pass statement, is any legal SystemVerilog procedural statement, it can
alsobeusedtosignalafailuretoanotherpartofthetestbench.

assert(myfunc(a,b))count1=count+1else>event1

assert(y==0)elseflag=1

<PreviousTOCNext>

Adsby Google 1 MailboxStorage 2 MailboxNew 3 IntheMailbox
Home|AboutUs|Articles/Tutorials|Downloads|Feedback|Links|eBooks|PrivacyPolicy
Copyright20052007electroSofts.com.
webmaster@electroSofts.com

http://electrosofts.com/systemverilog/assertions1.html 6/6