Skip to content

Commit e23c26c

Browse files
nasahlpanasahlpa
committed
[rtl] Split data and ECC of the register file
Until now, a single instance of the register file containing 32-bit data words and 7-bit ECC tags was used. While the input of the register file was driven by the main core, the output of the register file was distributed to the main and the shadow core. In this commit, we are splitting up the data and ECC parts into two different register file instances: - (1) This instance is driven by the main core and only operates on the 32-bit data words. The outputs (32-bit data words) are forwarded to the main and the shadow core. - (2) This instance is driven by the shadow core and only operates on the 7-bit ECC words. The 7-bit ECC output is combined with the delayed 32-bit data output of the (1) RF instance. The shadow core uses ECC checkers to check if data and ECC (a) match and (b) are not manipulated using FI. This helps us to save around 6 kGE of area. Signed-off-by: Pascal Nasahl <nasahlpa@lowrisc.org>
1 parent 8fda2d6 commit e23c26c

6 files changed

Lines changed: 246 additions & 203 deletions

File tree

doc/03_reference/coverage_plan.rst

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -338,6 +338,8 @@ For more detail about each security countermeasure in Ibex see :ref:`security`
338338

339339
* ``cp_lockstep_err`` - Lockstep glitch fault seen.
340340

341+
* ``cp_rf_glitch_err`` - Register file fault seen.
342+
341343
* ``cp_pc_mismatch_err`` - PC mismatch error seen.
342344

343345
The :ref:`security features Ibex implements <security>` are given specific security countermeasure names in OpenTitan (see 'Security Countermeasures' in the `Comportability Definition and Specification <https://opentitan.org/book/doc/contributing/hw/comportability/index.html#security-countermeasures>`_ documentation section).
@@ -358,6 +360,8 @@ The mapping between security countermeasures and coverpoints that demonstrate it
358360
+--------------------------------+-------------------------------------------------------+
359361
| DATA_REG_SW.INTEGRITY | ``cp_rf_a_ecc_err`` ``cp_rf_b_ecc_err`` |
360362
+--------------------------------+-------------------------------------------------------+
363+
| DATA_REG_SW.GLITCH_DETECT | ``cp_rf_glitch_err`` |
364+
+--------------------------------+-------------------------------------------------------+
361365
| LOGIC.SHADOW | ``cp_lockstep_err`` |
362366
+--------------------------------+-------------------------------------------------------+
363367
| FETCH.CTRL.LC_GATED | ``cp_fetch_enable`` |

doc/03_reference/verification_stages.rst

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -163,6 +163,8 @@ The mapping between countermeasures and tests is given below
163163
+--------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
164164
| DATA_REG_SW.INTEGRITY | ``riscv_rf_intg_test`` in Ibex DV. |
165165
+--------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
166+
| DATA_REG_SW.GLITCH_DETECT | Covered by formal verification of security countermeasures within OpenTitan. |
167+
+--------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
166168
| LOGIC.SHADOW | ``chip_sw_rv_core_ibex_lockstep_glitch`` top-level test in OpenTitan |
167169
+--------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
168170
| FETCH.CTRL.LC_GATED | ``riscv_rand_instr_test`` in Ibex DV. |

dv/uvm/core_ibex/fcov/core_ibex_fcov_if.sv

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -395,6 +395,7 @@ interface core_ibex_fcov_if import ibex_pkg::*; (
395395
id_stall_type_last_valid;
396396

397397
// V2S Related Probes for Top-Level
398+
logic rf_glitch_err;
398399
logic lockstep_glitch_err;
399400

400401
logic imem_single_cycle_response, dmem_single_cycle_response;
@@ -492,6 +493,7 @@ interface core_ibex_fcov_if import ibex_pkg::*; (
492493
`DV_FCOV_EXPR_SEEN(mem_store_ecc_err, load_store_unit_i.store_resp_intg_err_o)
493494

494495
`DV_FCOV_EXPR_SEEN(lockstep_err, lockstep_glitch_err)
496+
`DV_FCOV_EXPR_SEEN(rf_glitch_err, rf_glitch_err)
495497
`DV_FCOV_EXPR_SEEN(pc_mismatch_err, if_stage_i.pc_mismatch_alert_o)
496498

497499
cp_fetch_enable: coverpoint fetch_enable_i {

dv/uvm/core_ibex/tb/core_ibex_tb_top.sv

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -198,6 +198,8 @@ module core_ibex_tb_top;
198198
end
199199

200200
`ifndef DV_FCOV_DISABLE
201+
assign dut.u_ibex_top.u_ibex_core.u_fcov_bind.rf_glitch_err =
202+
dut.u_ibex_top.alert_major_internal_o;
201203
assign dut.u_ibex_top.u_ibex_core.u_fcov_bind.lockstep_glitch_err =
202204
dut.u_ibex_top.lockstep_alert_major_internal;
203205
`endif

0 commit comments

Comments
 (0)