

## Practical Asynchronous System Verilog Assertions



Presenter: Doug Smith Engineer / Instructor

#### **Asynchronous Assertions**

Copyright © 2025 Doulos. All Rights Reserved



```
module Counter (input Clock, Reset, Enable,
                                                       initial begin
Load, UpDn, input [7:0] Data, output [7:0] Q);
                                                           ... Reset = 1;
always @ ( posedge Reset or posedge Clock )
                                                               initial forever
   if (Reset)
                                                                  Clock = #5 ~Clock;
       Q <= 0;
   else
       if (Enable)
          if (Load)
                                       Reset
             Q <= Data;</pre>
          else
                                                6
             if (UpDn)
               Q \le Q + 1;
             else
               Q \le Q - 1;
endmodule
                                   assert property ( @(posedge Reset) Q == 0 );
```

Will this work?

# Copyright © 2025 Doulos. All Rights Reserved

## SystemVerilog Scheduler





### Difficulty with Async Checking

Next time slot





### **Difficulty with Async Checking**

Next time slot





### **Difficulty with Async Checking**





## opyright © 2025 Doulos. All Rights Reservec

### Requirements for Async Assertions



Portable across simulators

Deterministic

Thorough – checks in both directions



In other words, *practical asynchronous assertions* 

See DVCon 2010 paper for other solutions:

"Asynchronous Behaviors Meet Their Match with SystemVerilog Assertions"

https://www.doulos.com/knowhow/systemverilog/asynchronous-behaviors-meet-their-match-with-systemverilog-assertions/





## Synchronous, oversampling, or fast clock





```
default clocking cb @(posedge CLOCK); endclocking

OR default clocking cb @(posedge FAST_CLK); endclocking

assert property ( $rose(POR) |-> ##[0:$] SYS READY );
```

What about glitches?

#### **Event based methods**





```
bit cover_por = 0;
cover property (@(posedge POR) 1 ) cover_por = 1;
```

Then ...

```
assert property ( @(posedge SYS_READY) cover_por );
```

What if SYS\_READY never occurs?

#### **Pros and Cons**



#### Oversampling

Pro – works with any verification flow (sim, emulation, formal, prototyping)

Con – glitchy RTL behavior may go undetected

#### Coverage

Pro – easy to write sophisticated scenarios

Con – overlapping events undetected or event never occurs

Solution? Delay assertion checking ...







#### Async signal causes another async event





```
assert property ( @ (posedge POR) 1 |-> @ (posedge SYS_READY) 1 );
```

- This is a weak property
- Make it strong

```
assert property ( @ (posedge POR) 1 |-> @ (posedge SYS_READY) s_eventually(1) );
```

#### **Coverage Alternative**





POR SYS\_READY

1 1

coverage[\*]

Expect a cause for each effect

nario

## Async signal causes RTL updates





#### **Program blocks**





```
program async_asserts;
  initial
    forever
     @ (posedge reset)
        assert ( q == 0 );
endprogram
Inputs from Observed
```

Scheduled in *Reactive* 



#### Sequence event





```
sequence seq_reset_event;
  @(posedge reset) 1;
endsequence

always
  @(seq_reset_event) assert ( q == 0 );

Sequence end point in Observed
```



#### **Procedural concurrent assertions**



Procedural concurrent assertions mature in *Observed* 



```
always @(posedge reset)
  assert property ( 1 )
  assert ( q == 0 );
```

assert() executes in Observed

OR

```
always_comb
  assert property ( @(posedge reset) 1 )
  assert ( q == 0 );
```



#### A timing delay





```
assign #1 delayed_reset = reset;
assert property ( @ (posedge delayed_reset) q == 0 );
```



```
assign #1step delayed_reset = reset;
assert property ( @ (posedge delayed_reset) q == 0 );
```



-enario's

#### Async event causes async event with updates





#### Multiclocked property

```
assert property (@ (posedge POR) 1 |-> @ (posedge SYS_READY) s_eventually (1) |-> @ (posedge SYS_GOOD) s_eventually (1));
```



#### Overlapping behavior















#### Async event caused by another event



```
POR C SYS_READY
```

```
bit cov_por;
cover property ( @ (posedge POR ) 1 ) cov_por = 1;
assert property ( @ (posedge SYS_READY) cov_por );
```

OR s

```
sequence seq_past_por;
  @ (posedge POR) 1 ##1 @ (posedge SYS_READY) 1;
endsequence
assert property ( @ (posedge SYS_READY) seq_past_por.triggered );
```

Not as portable

#### Overlapping effect-cause



```
POR C C C SYS_READY
```

```
sequence seq_past_por,
  @(posedge POR) 1 ##0 @(posedge SYS_READY) 1;
endsequence
assert property ( @(posedge SYS_READY) seq_past_por.triggered );
```

Avoid - inconsistent support across tools

## RTL updated by async event





```
bit cov_reset;
always @ (posedge reset) cov_reset = 1;

always_comb
   assert property ( @ (q) 1 )
      assert ( cov_reset )
      cov_reset = 0;
   else $error ( ... );
```

#### Multiple causes for a sequence of events





## Async timing window effect-and-cause



```
POR T ns?
```





### **Asynchronous communication**



Common types:

Clock domain crossing Interface handshaking

Solution: multi-clocked sequences

#### **Clock domain crossing**



```
sequence flag; !line ##1 line[*6] ##1 !line; endsequence
sequence irq; $fell( nIRQ ); endsequence
                                                       unclocked
              line
                                         ##1
           cpu_ck
            nIRQ
        sampling for $fell
                             clock handover
assert property
   ( @ (posedge line ck) flag ##1 @ (posedge cpu ck) irq );
```

#### **Asynchronous protocol - UART**







# Copyright © 2025 Doulos. All Rights Reserved

### **Async transfer with sampling**



```
sequence handshake;
 @ (posedge rts) 1 |##1|
 @(posedge cts) 1;
endsequence
                                     sample clk
   rts
                       clock handover
assert property ( handshake |=> check trans );
sequence check trans;
 logic [7:0] tr;
                    // Local variable
 @(posedge sample clk) 1 ##1 // Skip start bit
           (1, tr[0] = data) ##1 (1, tr[1] = data) ##1
           (1, tr[2] = data) ##1 (1, tr[3] = data) ##1
           (1, tr[4] = data) ##1 (1, tr[5] = data) ##1
           (1, tr[6] = data) ##1 (1, tr[7] = data) ##1
           data === ^tr
                            ##1 // Check parity
           data === 1;
                                 // Check stop bit
endsequence
```

## Simplified SCSI I/O





## **SCSI** protocol





# Copyright © 2025 Doulos. All Rights Reserved

#### Handshaking assertion



```
sequence data cmd;
                                           state X
             !cd && io && !msg;
                                         datareg
           endsequence
                                               c/d
                                               i/o
property check data;
 data t txdata; // Local variable
                                              msg
                                               req
                     RTL signals
                                              ack
 @ (posedge clk)←
 ( state == TX, txdata = datareg ) | =>
                                           databus
       @(posedge REQ) data cmd ##1
                                        clock handover
       @ (posedge ACK) databus == txdata;
endproperty
assert property ( check data );
```





#### Cause and effect scenarios



(1) Async signal causes another async event



(2) Async signal causes RTL updates



(3) Async event causes async event with updates



(4) Async timing window



## pyright © 2025 Doulos. All Rights Reserved

#### The effect and the cause scenarios



(5) Async event caused by another event

(6) RTL updated by async event

(7) Multiple causes for a sequence of events

(8) Async timing window effect-and-cause



#### Recommendations



#### Asynchronous bus protocols

Use multi-clocked properties (usually straightforward)

#### Asynchronous controls

Oversampling generally good enough

Coverage approach works in most cases (plus bonus of functional coverage)

Other scenarios, find a way to delay the checker's sampling



## SoC Design & Verification

FPGA & Hardware Design

Embedded Software & Arm

**Python, AI & Machine Learning** 

- » SystemVerilog » UVM » Formal
- » SystemC » TLM-2.0
- » VHDL » Verilog » SystemVerilog
- » Tcl » AMD
- » Emb C/C++ » Emb Linux » Yocto » RTOS
- » Security » Android » Arm » Rust » Zephyr
- » Python » Edge AI » Deep Learning

Examples available at: https://edaplayground.com/x/qB72





















### **New Design and Verification courses**



#### **Advanced Formal Verification**

- equips you to tackle complex verification challenges by taking full advantage of formal verification in your engineering projects.
- Forms a complete learning path with **Essential Formal Verification** course, which gives you a solid, practical grounding in formal verification.

### SystemVerilog for New Designers: Self-Paced course

- get project-ready for FPGA or ASIC design, including RTL synthesis, block-level test benches, and FPGA design flows.
- high-quality content developed by expert instructors now in self-paced format.

## IC Verification with Python and cocotb

➤ learn cocotb principles, constructing different aspects of a verification environment using cocotb and Verification strategies and tactics.



