ADC_CTRL DV document

Goals

DV
- Verify all ADC_CTRL IP features by running dynamic simulations with a SV/UVM based testbench
- Develop and run all tests based on the testplan below towards closing code and functional coverage on the IP and all of its sub-modules
FPV
- Verify TileLink device protocol compliance with an SVA based testbench

Current status

Design features

For detailed information on ADC_CTRL design features, please see the ADC_CTRL HWIP technical specification.

Testbench architecture

ADC_CTRL testbench has been constructed based on the CIP testbench architecture.

Block diagram

Top level testbench

Top level testbench is located at hw/ip/adc_ctrl/dv/tb/tb.sv. It instantiates the ADC_CTRL DUT module hw/ip/adc_ctrl/rtl/adc_ctrl.sv. In addition, it instantiates the following interfaces, connects them to the DUT and sets their handle into uvm_config_db:

Clock and reset interface
Always on clock and reset interface
TileLink host interface
ADC_CTRL IOs
Interrupts (pins_if
Alerts (pins_if
Wakeup (pins_if
[Push Pull Interface] (/hw/dv/sv/push_pull_agent/doc/) combined with some logic in tb.sv to emulate the ADC data interface

Common DV utility components

The following utilities provide generic helper tasks and functions to perform activities that are common across the project:

Global types & methods

All common types and methods defined at the package level can be found in adc_ctrl_env_pkg.

TL_agent

ADC_CTRL testbench instantiates (already handled in CIP base env) tl_agent which provides the ability to drive and independently monitor random traffic via TL host interface into ADC_CTRL device.

push_pull agents

The ADC data interface is emulated using push_pull agents. (push_pull_agent

UVM RAL Model

The ADC_CTRL RAL model is created with the ralgen FuseSoC generator script automatically when the simulation is at the build stage.

It can be created manually by invoking regtool:

Stimulus strategy

Test sequences

All test sequences reside in hw/ip/adc_ctrl/dv/env/seq_lib. The adc_ctrl_base_vseq virtual sequence is extended from cip_base_vseq and serves as a starting point. All test sequences are extended from adc_ctrl_base_vseq. It provides commonly used handles, variables, functions and tasks that the test sequences can use.

Functional coverage

To ensure high quality constrained random stimulus, it is necessary to develop a functional coverage model. The following covergroups have been developed to prove that the test intent has been adequately met:

adc_ctrl_filter_cg: filter configurations, one instance per filter These are sampled by the scoreboard when the ADC_CRTL is enabled by register and also on interrupt and wakeup line assertion. To distinguish between these situations and the fast clock gating status additional flags are also sampled enabling cross coverage.
adc_ctrl_testmode_cg: The mode of operation of the ADC_CTRL with transition bins to show modes can be selected independantly of a previous selected mode.
adc_ctrl_hw_reset_cg: The state of the FSM and counters when a hardware reset is applied.
adc_ctrl_fsm_reset_cg: The state of the FSM and counters when a FSM reset is applied.

Self-checking strategy

Scoreboard

The adc_ctrl_scoreboard is primarily used for end to end checking. It creates the following analysis ports to retrieve the data monitored by corresponding interface agents:

tl_[a_chan, d_chan, dir]_fifo_lc_ctrl_reg_block.analysis_export: Tile Link CSR reads/writes.
m_adc_push_pull_fifo_[0,1,…].analysis_export: Transactions representing the ADC channel data Using data fron the Tile Link and ADC data streams a model within the scoreboard predicts the interrupt and wakeup line logic level at any point in the simulation. It also predicts various volatile register content. The scoreboard uses the predictions to compare against the RTL signals and register read data.

Assertions

TLUL assertions: The sva/adc_ctrl_bind.sv binds the tlul_assert assertions to the IP to ensure TileLink interface protocol compliance.
ADC_CTRL FSM assertions sva/adc_ctrl_fsm_sva.sv bound inside adc_ctrl_fsm
- FsmStateSwReset_A: Checks FSM is reset by rst_aon_ni
- PwrupTimerCntSwReset_A: Checks powerup timer counter is reset by rst_aon_ni
- WakeupTimerCntSwReset_A: Checks wakeup timer counter is reset by rst_aon_ni
- NpSampleCntSwReset_A: Checks normal power sample counter is reset by rst_aon_ni
- LpSampleCntSwReset_A: Checks low power sample counter is reset by rst_aon_ni
- FsmStateHwReset_A: Checks FSM is reset by register adc_fsm_rst
- PwrupTimerCntHwReset_A: Checks powerup timer counter is reset by register adc_fsm_rst
- WakeupTimerCntHwReset_A: Checks wakeup timer counter is reset by register adc_fsm_rst
- NpSampleCntHwReset_A: Checks normal power sample counter is reset register adc_fsm_rst
- LpSampleCntHwReset_A: Checks low power sample counter is reset by register adc_fsm_rst
Unknown checks on DUT outputs: The RTL has assertions to ensure all outputs are initialized to known values after coming out of reset.
Assertions in tb.sv
- ChannelSelOnehot_A: Checks at most one ADC channel select is asserted at any time
- ChannelSelKnown_A: Checks all ADC channel selects have a known logic value
- PwrupTime_A: Checks the time period between low power sampling cycles is consistant with the value in the configuration object.
- WakeupTime_A: Checks the time period between power up and first channel selected is consistant with the value in the configuration object.
- EnterLowPower_A: Checks the ADC power down is asserted between sampling periods in low power mode.

Building and running tests

We are using our in-house developed regression tool for building and running our tests and regressions. Please take a look at the link for detailed information on the usage, capabilities, features and known issues. Here’s how to run a smoke test:

$ $REPO_TOP/util/dvsim/dvsim.py $REPO_TOP/hw/ip/adc_ctrl/dv/adc_ctrl_sim_cfg.hjson -i adc_ctrl_smoke

Testplan

Testpoints

Milestone	Name	Tests	Description
V1	smoke	adc_ctrl_smoke	Verify datapath between AST ADC interface and ADC sample registers. Stimulus: For a number of iterations: Configure DUT no filters or events. Generate ADC data. Sample into capture registers using oneshot mode. Checks: From monitored ADC data predict the value of the ADC sample register Compare sample registers against expected. Check oneshot bit of interrupt status register works as expected.
V1	csr_hw_reset	adc_ctrl_csr_hw_reset	Verify the reset values as indicated in the RAL specification. Write all CSRs with a random value. Apply reset to the DUT as well as the RAL model. Read each CSR and compare it against the reset value. it is mandatory to replicate this test for each reset that affects all or a subset of the CSRs. It is mandatory to run this test for all available interfaces the CSRs are accessible from. Shuffle the list of CSRs first to remove the effect of ordering.
V1	csr_rw	adc_ctrl_csr_rw	Verify accessibility of CSRs as indicated in the RAL specification. Loop through each CSR to write it with a random value. Read the CSR back and check for correctness while adhering to its access policies. It is mandatory to run this test for all available interfaces the CSRs are accessible from. Shuffle the list of CSRs first to remove the effect of ordering.
V1	csr_bit_bash	adc_ctrl_csr_bit_bash	Verify no aliasing within individual bits of a CSR. Walk a 1 through each CSR by flipping 1 bit at a time. Read the CSR back and check for correctness while adhering to its access policies. This verify that writing a specific bit within the CSR did not affect any of the other bits. It is mandatory to run this test for all available interfaces the CSRs are accessible from. Shuffle the list of CSRs first to remove the effect of ordering.
V1	csr_aliasing	adc_ctrl_csr_aliasing	Verify no aliasing within the CSR address space. Loop through each CSR to write it with a random value Shuffle and read ALL CSRs back. All CSRs except for the one that was written in this iteration should read back the previous value. The CSR that was written in this iteration is checked for correctness while adhering to its access policies. It is mandatory to run this test for all available interfaces the CSRs are accessible from. Shuffle the list of CSRs first to remove the effect of ordering.
V1	csr_mem_rw_with_rand_reset	adc_ctrl_csr_mem_rw_with_rand_reset	Verify random reset during CSR/memory access. Run csr_rw sequence to randomly access CSRs If memory exists, run mem_partial_access in parallel with csr_rw Randomly issue reset and then use hw_reset sequence to check all CSRs are reset to default value It is mandatory to run this test for all available interfaces the CSRs are accessible from.
V1	regwen_csr_and_corresponding_lockable_csr	adc_ctrl_csr_rw adc_ctrl_csr_aliasing	Verify regwen CSR and its corresponding lockable CSRs. Randomly access all CSRs Test when regwen CSR is set, its corresponding lockable CSRs become read-only registers Note: If regwen CSR is HW read-only, this feature can be fully tested by common CSR tests - csr_rw and csr_aliasing. If regwen CSR is HW updated, a separate test should be created to test it. This is only applicable if the block contains regwen and locakable CSRs.
V2	filters_polled	adc_ctrl_filters_polled	Verify filter functionality by polling filter status register. Stimulus: For a number of iterations: Configure DUT with randomized filter parameters, filters enabled but no interrupts or wake events. Generate ADC data stream. Checks: From monitored ADC data predict when filters should be triggered. Confirm this by reading the filter status register. Ensure that only one ADC channel is selected at a time.
V2	filters_polled_fixed	adc_ctrl_filters_polled_fixed	As filters_polled but with filter parameters fixed during the test.
V2	filters_interrupt	adc_ctrl_filters_interrupt	Verify filter interrupt functionality. Stimulus: For a number of iterations: Configure DUT with randomized filter parameters, filters and interrupts enabled. Generate ADC data stream. Checks: From monitored ADC data predict when filters should be triggered. Confirm this by reading the filter status register and interrupt status register. Confirm correct interrupt sample value has been captured in ADC sample registers(s) Check interrupt signal operates as expected.
V2	filters_interrupt_fixed	adc_ctrl_filters_interrupt_fixed	As filters_interrupt but with filter parameters fixed during the test.
V2	filters_wakeup	adc_ctrl_filters_wakeup	Verify filter wakeup functionality Stimulus: For a number of iterations: Configure DUT with randomized filter parameters, filters and wakeup enabled, low power sampling mode. Generate ADC data stream. Checks: From monitored ADC data predict when filters should be triggered. Confirm this by reading the filter status register. Check wakeup signal operates as expected.
V2	filters_wakeup_fixed	adc_ctrl_filters_wakeup_fixed	As filters_wakeup but with filter parameters fixed during the test.
V2	filters_both	adc_ctrl_filters_both	Verify filter wakeup and interrupt function correctly together Stimulus: For a number of iterations: Configure DUT with randomized filter parameters, filters, interrupt and wakeup enabled, randomized low/high power sampling mode. Generate ADC data stream. Checks: From monitored ADC data predict when filters should be triggered. Confirm this by reading the filter status register and interrupt status register. Check wakeup signal operates as expected. Check interrupt signal operates as expected.
V2	clock_gating	adc_ctrl_clock_gating	Verify filter wakeup and interrupts function correctly when fast clock is turned off as would occur in the system. Stimulus: For a number of iterations: Configure DUT with randomized filter parameters, filters, interrupt and wakeup enabled, low power sampling mode. Turn off fast clock. Generate ADC data stream. When wakeup occurs after a further random period turn fast clock back on. Checks: From monitored ADC data predict when filters should be triggered. Confirm this by reading the filter status register and interrupt status register. Check wakeup signal operates as expected. Check interrupt signal operates as expected.
V2	poweron_counter	adc_ctrl_poweron_counter	Verify ADC power on counter Stimulus: For a number of iterations: Configure DUT with a random ADC power on count. Enable ADC. Generate ADC data stream. Checks: Confirm timing of power down and channel select signals to ADC.
V2	lowpower_counter	adc_ctrl_lowpower_counter	Verify ADC low power counter Stimulus: For a number of iterations: Configure DUT with a random low power sample count. Enable ADC in low power mode. Generate ADC data stream. Checks: Confirm return to fast sampling happens as expected.
V2	fsm_reset	adc_ctrl_fsm_reset	Verify ADC controller FSM software reset Stimulus: For a number of iterations: Configure DUT with a random low power sample count. Enable ADC randomly in low or high power mode. Generate ADC data stream. Trigger a software reset by writing to adc_fsm_rst register. Checks: Ensure ADC controller FSM and counters are reset.
V2	stress_all	adc_ctrl_stress_all	Combine above sequences in one test then randomly select for running Stimulus: Start sequences and randomly add reset between each sequence Checking: All sequences should be finished and checked by the scoreboard
V2	alert_test	adc_ctrl_alert_test	Verify common `alert_test` CSR that allows SW to mock-inject alert requests. Enable a random set of alert requests by writing random value to alert_test CSR. Check each `alert_tx.alert_p` pin to verify that only the requested alerts are triggered. During alert_handshakes, write `alert_test` CSR again to verify that: If `alert_test` writes to current ongoing alert handshake, the `alert_test` request will be ignored. If `alert_test` writes to current idle alert handshake, a new alert_handshake should be triggered. Wait for the alert handshakes to finish and verify `alert_tx.alert_p` pins all sets back to 0. Repeat the above steps a bunch of times.
V2	intr_test	adc_ctrl_intr_test	Verify common intr_test CSRs that allows SW to mock-inject interrupts. Enable a random set of interrupts by writing random value(s) to intr_enable CSR(s). Randomly "turn on" interrupts by writing random value(s) to intr_test CSR(s). Read all intr_state CSR(s) back to verify that it reflects the same value as what was written to the corresponding intr_test CSR. Check the cfg.intr_vif pins to verify that only the interrupts that were enabled and turned on are set. Clear a random set of interrupts by writing a randomly value to intr_state CSR(s). Repeat the above steps a bunch of times.
V2	tl_d_oob_addr_access	adc_ctrl_tl_errors	Access out of bounds address and verify correctness of response / behavior
V2	tl_d_illegal_access	adc_ctrl_tl_errors	Drive unsupported requests via TL interface and verify correctness of response / behavior. Below error cases are tested bases on the [TLUL spec]({{< relref "hw/ip/tlul/doc/_index.md#explicit-error-cases" >}}) TL-UL protocol error cases invalid opcode some mask bits not set when opcode is `PutFullData` mask does not match the transfer size, e.g. `a_address = 0x00`, `a_size = 0`, `a_mask = 'b0010` mask and address misaligned, e.g. `a_address = 0x01`, `a_mask = 'b0001` address and size aren't aligned, e.g. `a_address = 0x01`, `a_size != 0` size is greater than 2 OpenTitan defined error cases access unmapped address, expect `d_error = 1` when `devmode_i == 1` write a CSR with unaligned address, e.g. `a_address[1:0] != 0` write a CSR less than its width, e.g. when CSR is 2 bytes wide, only write 1 byte write a memory with `a_mask != '1` when it doesn't support partial accesses read a WO (write-only) memory write a RO (read-only) memory write with `instr_type = True`
V2	tl_d_outstanding_access	adc_ctrl_csr_hw_reset adc_ctrl_csr_rw adc_ctrl_csr_aliasing adc_ctrl_same_csr_outstanding	Drive back-to-back requests without waiting for response to ensure there is one transaction outstanding within the TL device. Also, verify one outstanding when back- to-back accesses are made to the same address.
V2	tl_d_partial_access	adc_ctrl_csr_hw_reset adc_ctrl_csr_rw adc_ctrl_csr_aliasing adc_ctrl_same_csr_outstanding	Access CSR with one or more bytes of data. For read, expect to return all word value of the CSR. For write, enabling bytes should cover all CSR valid fields.
V2S	tl_intg_err	adc_ctrl_tl_intg_err adc_ctrl_sec_cm	Verify that the data integrity check violation generates an alert. Randomly inject errors on the control, data, or the ECC bits during CSR accesses. Verify that triggers the correct fatal alert. Inject a fault at the onehot check in `u_reg.u_prim_reg_we_check` and verify the corresponding fatal alert occurs
V2S	sec_cm_bus_integrity	adc_ctrl_tl_intg_err	Verify the countermeasure(s) BUS.INTEGRITY.
V3	stress_all_with_rand_reset	adc_ctrl_stress_all_with_rand_reset	This test runs 3 parallel threads - stress_all, tl_errors and random reset. After reset is asserted, the test will read and check all valid CSR registers.

Covergroups

Name	Description
adc_ctrl_filter_cg	Cover filter configuration (one instance per filter)
adc_ctrl_fsm_reset_cg	Cover FSM state and counter values when fsm_reset is triggered
adc_ctrl_hw_reset_cg	Cover FSM state and counter values when hardware reset is asserted
adc_ctrl_power_mode_cg	Cover power mode configuration
regwen_val_when_new_value_written_cg	Cover each lockable reg field with these 2 cases: When regwen = 1, a different value is written to the lockable CSR field, and a read occurs after that. When regwen = 0, a different value is written to the lockable CSR field, and a read occurs after that. This is only applicable if the block contains regwen and locakable CSRs.
tl_errors_cg	Cover the following error cases on TL-UL bus: TL-UL protocol error cases. OpenTitan defined error cases, refer to testpoint `tl_d_illegal_access`.
tl_intg_err_cg	Cover all kinds of integrity errors (command, data or both) and cover number of error bits on each integrity check. Cover the kinds of integrity errors with byte enabled write on memory if applicable: Some memories store the integrity values. When there is a subword write, design re-calculate the integrity with full word data and update integrity in the memory. This coverage ensures that memory byte write has been issued and the related design logic has been verfied.