Nvidia: Static Sign-Off Best Practices

I think you all associate Nvidia with computer graphics.  We invented the GPU, or Graphics Processing Unit.

Basically, these are among the largest chips that are done in the industry.  We’re always pushing the limits of performance, power and area.

Accordingly, we need very high capacity, very good performance, and very good accuracy from our EDA tools.

We take chips like Volta and we apply it to a number of different markets. Graphics is our bread and butter, and we’ve started doing in hardware which is sort of the holy grail of computer graphics.

The architecture of a GPU is also applicable to several other large and fast-growing industries, such as supercomputing, deep learning for artificial intelligence, and in the future, for driving autonomous vehicles as well. We’re getting traction in all these markets.

So why do we do this?

Lint is great for an early vetting of the RTL. It’s quicker and easier to get feedback than running simulation or synthesis.  

CDC gives us complete coverage to ensure that our interfaces are clean. We try to minimize the potential for CDC problems by having strong design guidelines, using golden IP, and certain simulation techniques.  However, as Prakash [Prakash Narain, Real Intent] mentioned, those techniques do not cover everything; we need a solution to do so.

RDC is a similar situation. The class of bugs that can be quite subtle and quite hard to find — and if any escape into silicon it can be hard to debug. 

So again, RDC tools provide a solution to catching any problems with your reset synchronization.

To apply these tools, some of the best practices that we recommend, much as Hamid [Hamid Shojaei, Google] mentioned, we have a lot of emphasis on automation.

We want to make it easy for our designers to run things in sort of a push-button manner, and we want the grading of the results to be clearly “Go” or “No go”.

We post it to a dashboard so the chip management and design teams can see whether they’re clean as far as static sign-off. All of this is very automated and run frequently.

What static sign-off is not is someone just running CDC one time, saying it’s okay and telling their manager.

It needs to be repeated and continuous so that you know that no bugs are slipping in.  Our automation provides that capability.

If you’re evaluating new tools, here are some of the things that differentiate the static sign-off tools.

1. The main thing to look for is the coverage and the correctness of the analysis. That’s why the tool exists. You want to make sure that it’s catching everything that you’re concerned about and that it’s not an optimistic tool. It’s conservative and it’s going to flag everything.
2. Static sign-off tools are notorious for being noisy.  They’ll generate lots of messages that are either incorrect or not of interest to the designer.  This is another area where tools differentiate from one another. You want a tool that doesn’t generate lots of false violations, you want a tool that generates compact reports.
3. Ideally, the tool should that focus on the root cause of the problem, rather than the myriad symptoms that are triggered by that root cause. That’s something else to look at when you’re comparing tools.
4. Finally, because of the emphasis that I think we all have on automation, the tool needs to lend itself to automation script-ability and debug-ability. For example, the implementation tools like synthesis and static timing analysis are really good in this respect. They all have TCl interfaces, they have access to design objects, they have attributes you can query. We need the same things from static sign off tools so we can script things and have them be push-button.