Verification Academy Patterns Library

Verification Academy Patterns Library

Pattern Name: Absence Property Pattern
 Intent: The Absence Property Pattern is used to specify portions of a design
model’s verification execution where a specific state or event1 should never
occur. Also known as Never.

 Motivation: In the normal execution of an RTL state-based model, there are

often specific events or states that should never occur. One of the most
common examples of the Absence Property Pattern is mutual exclusion.

 Applicability: Any event that can be expressed as a proposition (e.g., Boolean

equation), and describes undesirable behavior in a design, can be formulated
into an absence property.

 Implementation: The Absence Property Pattern can be expressed using any of

the industry standard specification languages (such as SVA or PSL). In addition,
the Open Verification Library assertions ovl_never could be used for this
property.

The following table has been created only to provide a better understanding of
the semantics of the Absence Property Pattern for our five basic scopes—where
a scope is the extent of the model’s verification execution over which the
property must hold. Pattern scopes are not necessarily applied to the overall
property. That is, often a scope is applied to a sub-property that is used to form
a more complex overall property (e.g., sequence_expr |->

1
An event could be specified as a Boolean equation that references state elements or variables from the RTL.

Page 1 © Mentor Graphics Corporation, all rights reserved.

 Verification Academy Patterns Library

property_expr, where the pattern scope might be applied to the sub-

property property_expr versus the overall property).

For the examples in the following table, Q, R and P are Boolean.

Scope Definition
Global always !P
Before2,3 R (R[->1]) implies (!P s_until R)
After2 Q always (Q |-> always !P)
Between4 Q and R always ((Q & !R ## R[->1]) implies (!P s_until R))
After5 Q until R always (Q |-> (!P until R))

 Example: The following is an SVA implementation example of an Absence

Property Pattern for the cases where two bus enable signals, which must remain
mutually exclusive:

property p_en_mutex(bus_en_0, bus_en_1);

@(posedge clk) disable iff (~reset_n)
!( bus_en_0 & bus_en_1);
endproperty

 Scope: The Absence Property Pattern’s scope is global for our specific example.
The figure below illustrates the scope of our example where two bus enable

2
The property associated with the Before scope holds with respect to the first clock tick for the portion of a design
model’s verification execution under consideration. For example, if we apply the pattern scope to the sub-property
T, then for the overall property S |=> T, the scope is relative to the first clock that occurs after the sequence S.
3
What the Before scope is specifying is that if R eventually occurs with respect to the start of the portion of the
model’s verification execution under consideration, then not P holds before the first occurrence of R. If R does not
occur, then not P need not hold. Caution, this scope may incur performance issues, and the SVA implies and
s_until operators may not be fully supported by all tools with respect to the form property operator property.
4
What the Between scope is specifying is that if R eventually occurs after the occurrence of Q, then not P holds
between Q up to, but not necessarily including, R. If R does not occur after a Q, then the not P is not required to hold.
Caution, this scope may incur performance issues, and the SVA implies and s_until operators may not be fully
supported by all tools with respect to the form property operator property.
5
What the After-Until scope is specifying is that if R eventually occurs after the occurrence of Q, then not P holds
between Q up to, but not necessarily including, R. However, not P is still required to hold event if R never occurs.

Page 2 © Mentor Graphics Corporation, all rights reserved.

Verification Academy Patterns Library

signals, which must remain mutually exclusive the extent of the model’s
verification execution that is being considered.

Global Scope: !(bus_en_1 & bus_en_2)

Scope: The extent of the model’s verification execution over which the property must holds.

Obviously, the Absence Property Pattern is applicable to other scopes besides

global that we demonstrated in our previous example (e.g., before, after,
between, or after-until).

 Related Patterns: The Absence is classified as a Specification Occurrence

pattern. This pattern is the dual of the Existence Property Pattern.

 Contributor: Harry Foster, based on the following works:

“Property Specification Patterns for Finite-state Verification,” Matthew B.

Dwyer, George S. Avrunin and James C. Corbett in the 2nd Workshop on
Formal Methods in Software Practice, March, 1998.
“Patterns in Property Specifications for Finite-state Verification,” Matthew B.
Dwyer, George S. Avrunin and James C. Corbett to appear in Proceedings of
the 21st International Conference on Software Engineering, May, 1999.

 Release Date: February 26, 2016

Corrections and Suggestions: To improve the quality of the Verification Academy

Patterns Library we welcome your comments, suggestions, and corrections. Please
contact us at: https://verificationacademy.com/contact

Page 3 © Mentor Graphics Corporation, all rights reserved.