Module Definition
dashboard | hierarchy | modlist | groups | tests | asserts

Module : lc_ctrl_fsm
SCORELINECONDTOGGLEFSMBRANCHASSERT
91.67 98.17 91.67 71.43 97.10 100.00

Source File(s) :
/workspaces/repo/scratch/os_regression_2024_10_14/lc_ctrl_volatile_unlock_disabled-sim-vcs/default/sim-vcs/../src/lowrisc_ip_lc_ctrl_0.1/rtl/lc_ctrl_fsm.sv

Module self-instances :
NAMESCORELINECONDTOGGLEFSMBRANCHASSERT
tb.dut.u_lc_ctrl_fsm 97.12 98.17 91.67 97.22 98.53 100.00


Module Instance : tb.dut.u_lc_ctrl_fsm

Instance :
SCORELINECONDTOGGLEFSMBRANCHASSERT
97.12 98.17 91.67 97.22 98.53 100.00


Instance's subtree :
SCORELINECONDTOGGLEFSMBRANCHASSERT
96.37 99.22 88.24 97.22 97.20 100.00


Parent :
SCORELINECONDTOGGLEFSMBRANCHASSERTNAME
93.95 100.00 82.35 99.89 100.00 87.50 dut


Subtrees :
NAMESCORELINECONDTOGGLEFSMBRANCHASSERT
gen_syncs[0].u_prim_lc_sync_flash_rma_ack 100.00 100.00 100.00 100.00
gen_syncs[1].u_prim_lc_sync_flash_rma_ack 100.00 100.00 100.00 100.00
u_cnt_regs 100.00 100.00 100.00 100.00
u_fsm_state_regs 100.00 100.00 100.00 100.00
u_lc_ctrl_fsm_cov_if 96.97 100.00 90.91 100.00
u_lc_ctrl_signal_decode 98.86 99.21 97.37 100.00
u_lc_ctrl_state_decode 93.57 100.00 85.71 95.00
u_lc_ctrl_state_transition 87.14 98.46 66.67 96.30
u_prim_lc_sender_check_byp_en 100.00 100.00 100.00
u_prim_lc_sender_clk_byp_req 100.00 100.00 100.00
u_prim_lc_sender_flash_rma_req 100.00 100.00 100.00
u_prim_lc_sync_clk_byp_ack 100.00 100.00 100.00 100.00
u_prim_lc_sync_flash_rma_ack_buf 100.00 100.00 100.00
u_prim_lc_sync_rma_token_valid 100.00 100.00 100.00
u_prim_lc_sync_test_token_valid 100.00 100.00 100.00
u_state_regs 100.00 100.00 100.00 100.00

Line Coverage for Module : lc_ctrl_fsm
Line No.TotalCoveredPercent
TOTAL16416198.17
CONT_ASSIGN12611100.00
ALWAYS14633100.00
CONT_ASSIGN17111100.00
CONT_ASSIGN17811100.00
CONT_ASSIGN17911100.00
ALWAYS20410410298.08
ALWAYS58433100.00
ALWAYS58533100.00
ALWAYS58633100.00
ALWAYS58933100.00
CONT_ASSIGN623100.00
CONT_ASSIGN66611100.00
CONT_ASSIGN66711100.00
CONT_ASSIGN66811100.00
ALWAYS6771515100.00
ALWAYS7121414100.00
CONT_ASSIGN73211100.00
CONT_ASSIGN73611100.00
CONT_ASSIGN74011100.00
CONT_ASSIGN74211100.00
CONT_ASSIGN74911100.00
ALWAYS88233100.00

Click here to see the source line report.
Cond Coverage for Module : lc_ctrl_fsm
TotalCoveredPercent
Conditions726691.67
Logical726691.67
Non-Logical00
Event00

 LINE       251
 EXPRESSION (init_req_i && lc_state_valid_q)
             -----1----    --------2-------
-1--2-StatusTests
01CoveredT1,T2,T3
10CoveredT12,T29,T41
11CoveredT1,T2,T3 

 LINE       284
 EXPRESSION (lc_state_q == LcStScrap)
            ------------1------------
-1-StatusTests
0CoveredT1,T2,T3
1CoveredT1,T14,T5 

 LINE       295
 EXPRESSION ((lc_state_q == LcStRaw) && (trans_target_i == {lc_ctrl_state_pkg::DecLcStateNumRep {DecLcStTestUnlocked0}}) && ((!trans_invalid_error_o)))
             -----------1-----------    ----------------------------------------2---------------------------------------    -------------3------------
-1--2--3-StatusTests
011Unreachable
101Unreachable
110Unreachable
111Unreachable 

 LINE       295
 SUB-EXPRESSION (lc_state_q == LcStRaw)
                -----------1-----------
-1-StatusTests
0Unreachable
1Unreachable 

 LINE       295
 SUB-EXPRESSION (trans_target_i == {lc_ctrl_state_pkg::DecLcStateNumRep {DecLcStTestUnlocked0}})
                ----------------------------------------1---------------------------------------
-1-StatusTests
0Unreachable
1Unreachable 

 LINE       299
 EXPRESSION (unhashed_token_i == lc_ctrl_state_pkg::RndCnstRawUnlockTokenHashed)
            ----------------------------------1---------------------------------
-1-StatusTests
0Unreachable
1Unreachable 

 LINE       305
 EXPRESSION ((lc_cnt_q == LcCnt0) ? LcCnt1 : lc_cnt_q)
             ----------1---------
-1-StatusTests
0Unreachable
1Unreachable 

 LINE       305
 SUB-EXPRESSION (lc_cnt_q == LcCnt0)
                ----------1---------
-1-StatusTests
0Unreachable
1Unreachable 

 LINE       411
 EXPRESSION (lc_clk_byp_req_o != lc_clk_byp_ack[1])
            -------------------1-------------------
-1-StatusTests
0CoveredT1,T2,T3
1CoveredT13,T21,T22 

 LINE       452
 EXPRESSION ((hashed_token_i == hashed_token_mux) && ((!token_hash_err_i)) && ((&hashed_token_valid_mux)))
             ------------------1-----------------    ----------2----------    -------------3-------------
-1--2--3-StatusTests
011CoveredT2,T13,T20
101CoveredT13,T22,T27
110Not Covered
111CoveredT1,T3,T13 

 LINE       452
 SUB-EXPRESSION (hashed_token_i == hashed_token_mux)
                ------------------1-----------------
-1-StatusTests
0CoveredT2,T13,T20
1CoveredT1,T3,T13 

 LINE       466
 EXPRESSION (trans_target_i == {lc_ctrl_state_pkg::DecLcStateNumRep {DecLcStRma}})
            -----------------------------------1----------------------------------
-1-StatusTests
0CoveredT1,T3,T13
1CoveredT1,T13,T14 

 LINE       493
 EXPRESSION ((hashed_token_i == hashed_token_mux) && ((!token_hash_err_i)) && ((&hashed_token_valid_mux)))
             ------------------1-----------------    ----------2----------    -------------3-------------
-1--2--3-StatusTests
011Not Covered
101Not Covered
110Not Covered
111CoveredT1,T3,T13 

 LINE       493
 SUB-EXPRESSION (hashed_token_i == hashed_token_mux)
                ------------------1-----------------
-1-StatusTests
0Not Covered
1CoveredT1,T3,T13 

 LINE       496
 EXPRESSION (fsm_state_q == TokenCheck1St)
            ---------------1--------------
-1-StatusTests
0CoveredT1,T3,T13
1CoveredT1,T3,T13 

 LINE       524
 EXPRESSION (lc_clk_byp_req_o != lc_clk_byp_ack[2])
            -------------------1-------------------
-1-StatusTests
0CoveredT1,T3,T13
1CoveredT45,T46,T47 

 LINE       529
 EXPRESSION 
 Number  Term
      1  ((trans_target_i != {lc_ctrl_state_pkg::DecLcStateNumRep {DecLcStRma}}) && ((lc_flash_rma_req_o != Off) || (lc_flash_rma_ack_buf[2] != Off))) || 
      2  ((trans_target_i == {lc_ctrl_state_pkg::DecLcStateNumRep {DecLcStRma}}) && ((lc_flash_rma_req_o != On) || (lc_flash_rma_ack_buf[2] != On))))
-1--2-StatusTests
00CoveredT1,T3,T13
01CoveredT21,T52,T53
10CoveredT48,T49,T54 

 LINE       529
 SUB-EXPRESSION ((trans_target_i != {lc_ctrl_state_pkg::DecLcStateNumRep {DecLcStRma}}) && ((lc_flash_rma_req_o != Off) || (lc_flash_rma_ack_buf[2] != Off)))
                 -----------------------------------1----------------------------------    --------------------------------2--------------------------------
-1--2-StatusTests
01CoveredT1,T14,T5
10CoveredT1,T3,T13
11CoveredT48,T49,T54 

 LINE       529
 SUB-EXPRESSION (trans_target_i != {lc_ctrl_state_pkg::DecLcStateNumRep {DecLcStRma}})
                -----------------------------------1----------------------------------
-1-StatusTests
0CoveredT1,T14,T5
1CoveredT1,T3,T13 

 LINE       529
 SUB-EXPRESSION ((lc_flash_rma_req_o != Off) || (lc_flash_rma_ack_buf[2] != Off))
                 -------------1-------------    ----------------2---------------
-1--2-StatusTests
00CoveredT1,T3,T13
01CoveredT48,T49,T54
10CoveredT55 

 LINE       529
 SUB-EXPRESSION (lc_flash_rma_req_o != Off)
                -------------1-------------
-1-StatusTests
0CoveredT1,T3,T13
1CoveredT1,T14,T5 

 LINE       529
 SUB-EXPRESSION (lc_flash_rma_ack_buf[2] != Off)
                ----------------1---------------
-1-StatusTests
0CoveredT1,T3,T13
1CoveredT1,T14,T5 

 LINE       529
 SUB-EXPRESSION ((trans_target_i == {lc_ctrl_state_pkg::DecLcStateNumRep {DecLcStRma}}) && ((lc_flash_rma_req_o != On) || (lc_flash_rma_ack_buf[2] != On)))
                 -----------------------------------1----------------------------------    -------------------------------2-------------------------------
-1--2-StatusTests
01CoveredT1,T3,T13
10CoveredT1,T14,T5
11CoveredT21,T52,T53 

 LINE       529
 SUB-EXPRESSION (trans_target_i == {lc_ctrl_state_pkg::DecLcStateNumRep {DecLcStRma}})
                -----------------------------------1----------------------------------
-1-StatusTests
0CoveredT1,T3,T13
1CoveredT1,T14,T5 

 LINE       529
 SUB-EXPRESSION ((lc_flash_rma_req_o != On) || (lc_flash_rma_ack_buf[2] != On))
                 -------------1------------    ---------------2---------------
-1--2-StatusTests
00CoveredT1,T14,T5
01CoveredT21,T52,T53
10Not Covered 

 LINE       529
 SUB-EXPRESSION (lc_flash_rma_req_o != On)
                -------------1------------
-1-StatusTests
0CoveredT1,T14,T5
1CoveredT1,T3,T13 

 LINE       529
 SUB-EXPRESSION (lc_flash_rma_ack_buf[2] != On)
                ---------------1---------------
-1-StatusTests
0CoveredT1,T14,T5
1CoveredT1,T3,T13 

 LINE       567
 EXPRESSION (esc_scrap_state0_i || esc_scrap_state1_i)
             ---------1--------    ---------2--------
-1--2-StatusTests
00CoveredT1,T2,T3
01CoveredT3,T4,T12
10CoveredT3,T4,T12 

 LINE       574
 EXPRESSION ((((|state_invalid_error)) | token_if_fsm_err_i) && (fsm_state_q != EscalateSt))
             -----------------------1-----------------------    -------------2-------------
-1--2-StatusTests
01CoveredT1,T2,T3
10CoveredT12,T6,T26
11CoveredT3,T12,T6 

 LINE       574
 SUB-EXPRESSION (((|state_invalid_error)) | token_if_fsm_err_i)
                 ------------1-----------   ---------2--------
-1--2-StatusTests
00CoveredT1,T2,T3
01CoveredT12,T6,T26
10CoveredT3,T12,T6 

 LINE       574
 SUB-EXPRESSION (fsm_state_q != EscalateSt)
                -------------1-------------
-1-StatusTests
0CoveredT3,T4,T12
1CoveredT1,T2,T3 

 LINE       732
 EXPRESSION 
 Number  Term
      1  ((int'(dec_lc_state_o[0]) < lc_ctrl_state_pkg::NumLcStates) && (int'(trans_target_i[0]) < lc_ctrl_state_pkg::NumLcStates)) ? lc_ctrl_pkg::TransTokenIdxMatrix[dec_lc_state_o[0]][trans_target_i[0]] : InvalidTokenIdx)
-1-StatusTests
0UnreachableT1,T2,T3
1CoveredT1,T2,T3 

 LINE       732
 SUB-EXPRESSION ((int'(dec_lc_state_o[0]) < lc_ctrl_state_pkg::NumLcStates) && (int'(trans_target_i[0]) < lc_ctrl_state_pkg::NumLcStates))
                 -----------------------------1----------------------------    -----------------------------2----------------------------
-1--2-StatusTests
01UnreachableT1,T2,T3
10UnreachableT8,T9,T56
11CoveredT1,T2,T3 

 LINE       736
 EXPRESSION 
 Number  Term
      1  ((int'(dec_lc_state_o[1]) < lc_ctrl_state_pkg::NumLcStates) && (int'(trans_target_i[1]) < lc_ctrl_state_pkg::NumLcStates)) ? lc_ctrl_pkg::TransTokenIdxMatrix[dec_lc_state_o[1]][trans_target_i[1]] : InvalidTokenIdx)
-1-StatusTests
0UnreachableT1,T2,T3
1CoveredT1,T2,T3 

 LINE       736
 SUB-EXPRESSION ((int'(dec_lc_state_o[1]) < lc_ctrl_state_pkg::NumLcStates) && (int'(trans_target_i[1]) < lc_ctrl_state_pkg::NumLcStates))
                 -----------------------------1----------------------------    -----------------------------2----------------------------
-1--2-StatusTests
01UnreachableT1,T2,T3
10UnreachableT8,T28,T9
11CoveredT1,T2,T3 

 LINE       749
 EXPRESSION (trans_invalid_error || (token_idx0 != token_idx1))
             ---------1---------    -------------2------------
-1--2-StatusTests
00CoveredT1,T2,T3
01CoveredT8,T20,T9
10CoveredT13,T22,T27 

 LINE       749
 SUB-EXPRESSION (token_idx0 != token_idx1)
                -------------1------------
-1-StatusTests
0CoveredT1,T2,T3
1CoveredT8,T20,T9
FSM Coverage for Module : lc_ctrl_fsm
Summary for FSM :: fsm_state_q
TotalCoveredPercent
States 15 15 100.00 (Not included in score)
Transitions 47 34 72.34
Sequences 0 0

State, Transition and Sequence Details for FSM :: fsm_state_q
statesLine No.CoveredTests
ClkMuxSt 327 Covered T1,T2,T3
CntIncrSt 385 Covered T1,T2,T3
CntProgSt 401 Covered T1,T2,T3
EscalateSt 568 Covered T3,T4,T12
FlashRmaSt 455 Covered T1,T3,T13
IdleSt 252 Covered T1,T2,T3
InvalidSt 575 Covered T3,T12,T6
PostTransSt 317 Covered T1,T2,T3
ResetSt 246 Covered T1,T2,T3
ScrapSt 285 Covered T1,T14,T5
TokenCheck0St 469 Covered T1,T3,T13
TokenCheck1St 501 Covered T1,T3,T13
TokenHashSt 434 Covered T1,T2,T3
TransCheckSt 423 Covered T1,T2,T3
TransProgSt 499 Covered T1,T3,T13


transitionsLine No.CoveredTests
ClkMuxSt->CntIncrSt 385 Covered T1,T2,T3
ClkMuxSt->EscalateSt 568 Covered T57,T58,T59
ClkMuxSt->InvalidSt 575 Not Covered
CntIncrSt->CntProgSt 401 Covered T1,T2,T3
CntIncrSt->EscalateSt 568 Covered T25,T57,T60
CntIncrSt->InvalidSt 575 Not Covered
CntIncrSt->PostTransSt 399 Covered T13,T22,T27
CntProgSt->EscalateSt 568 Covered T14,T25,T57
CntProgSt->InvalidSt 575 Not Covered
CntProgSt->PostTransSt 412 Covered T4,T13,T7
CntProgSt->TransCheckSt 423 Covered T1,T2,T3
EscalateSt->InvalidSt 575 Not Covered
FlashRmaSt->EscalateSt 568 Covered T14,T57,T60
FlashRmaSt->InvalidSt 575 Not Covered
FlashRmaSt->TokenCheck0St 469 Covered T1,T3,T13
IdleSt->ClkMuxSt 327 Covered T1,T2,T3
IdleSt->EscalateSt 568 Covered T57,T58,T59
IdleSt->InvalidSt 575 Covered T3,T12,T6
IdleSt->PostTransSt 317 Not Covered
IdleSt->ScrapSt 285 Covered T1,T14,T5
InvalidSt->EscalateSt 568 Covered T3,T12,T6
PostTransSt->EscalateSt 568 Covered T4,T13,T7
PostTransSt->InvalidSt 575 Not Covered
ResetSt->EscalateSt 568 Covered T14,T25,T57
ResetSt->IdleSt 252 Covered T1,T2,T3
ResetSt->InvalidSt 575 Not Covered
ScrapSt->EscalateSt 568 Covered T14,T25,T60
ScrapSt->InvalidSt 575 Covered T61,T62,T63
TokenCheck0St->EscalateSt 568 Covered T14,T25,T58
TokenCheck0St->InvalidSt 575 Not Covered
TokenCheck0St->PostTransSt 483 Covered T13,T20,T21
TokenCheck0St->TokenCheck1St 501 Covered T1,T3,T13
TokenCheck1St->EscalateSt 568 Covered T57,T58,T59
TokenCheck1St->InvalidSt 575 Not Covered
TokenCheck1St->PostTransSt 483 Covered T13,T20,T21
TokenCheck1St->TransProgSt 499 Covered T1,T3,T13
TokenHashSt->EscalateSt 568 Covered T14,T25,T57
TokenHashSt->FlashRmaSt 455 Covered T1,T3,T13
TokenHashSt->InvalidSt 575 Not Covered
TokenHashSt->PostTransSt 457 Covered T2,T13,T20
TransCheckSt->EscalateSt 568 Covered T57,T59,T64
TransCheckSt->InvalidSt 575 Not Covered
TransCheckSt->PostTransSt 432 Covered T13,T20,T22
TransCheckSt->TokenHashSt 434 Covered T1,T2,T3
TransProgSt->EscalateSt 568 Covered T14,T25,T57
TransProgSt->InvalidSt 575 Not Covered
TransProgSt->PostTransSt 525 Covered T1,T3,T13


Summary for FSM :: lc_state_q
TotalCoveredPercent
States 21 21 100.00 (Not included in score)
Transitions 1 0 0.00
Sequences 0 0

State, Transition and Sequence Details for FSM :: lc_state_q
statesLine No.CoveredTests
LcStDev 92 Covered T12,T13,T14
LcStProd 93 Covered T1,T4,T13
LcStProdEnd 94 Covered T1,T3,T4
LcStRaw 295 Covered T2,T3,T4
LcStRma 333 Covered T1,T12,T13
LcStScrap 284 Covered T1,T2,T3
LcStTestLocked0 333 Covered T12,T13,T14
LcStTestLocked1 333 Covered T3,T12,T13
LcStTestLocked2 333 Covered T3,T12,T13
LcStTestLocked3 333 Covered T4,T12,T13
LcStTestLocked4 333 Covered T12,T13,T14
LcStTestLocked5 333 Covered T12,T13,T14
LcStTestLocked6 333 Covered T4,T12,T13
LcStTestUnlocked0 301 Covered T1,T4,T12
LcStTestUnlocked1 333 Covered T1,T4,T12
LcStTestUnlocked2 333 Covered T1,T3,T4
LcStTestUnlocked3 333 Covered T3,T4,T12
LcStTestUnlocked4 333 Covered T1,T12,T13
LcStTestUnlocked5 333 Covered T1,T3,T4
LcStTestUnlocked6 333 Covered T12,T13,T14
LcStTestUnlocked7 333 Covered T3,T13,T14


transitionsLine No.CoveredTests
LcStRaw->LcStTestUnlocked0 301 Not Covered


Summary for FSM :: lc_cnt_q
TotalCoveredPercent
States 25 10 40.00 (Not included in score)
Transitions 1 1 100.00
Sequences 0 0

State, Transition and Sequence Details for FSM :: lc_cnt_q
statesLine No.CoveredTests
LcCnt0 305 Covered T17,T62,T18
LcCnt1 305 Covered T1,T3,T12
LcCnt10 112 Not Covered
LcCnt11 113 Not Covered
LcCnt12 114 Not Covered
LcCnt13 115 Not Covered
LcCnt14 116 Not Covered
LcCnt15 117 Not Covered
LcCnt16 118 Not Covered
LcCnt17 119 Not Covered
LcCnt18 120 Not Covered
LcCnt19 121 Not Covered
LcCnt2 104 Covered T1,T12,T13
LcCnt20 122 Not Covered
LcCnt21 123 Not Covered
LcCnt22 124 Not Covered
LcCnt23 125 Not Covered
LcCnt24 126 Not Covered
LcCnt3 105 Covered T1,T4,T12
LcCnt4 106 Covered T4,T13,T14
LcCnt5 107 Covered T3,T12,T13
LcCnt6 108 Covered T3,T4,T12
LcCnt7 109 Covered T1,T4,T12
LcCnt8 110 Covered T1,T12,T13
LcCnt9 111 Covered T1,T3,T12


transitionsLine No.CoveredTests
LcCnt0->LcCnt1 305 Covered T65,T66,T67


Branch Coverage for Module : lc_ctrl_fsm
Line No.TotalCoveredPercent
Branches 69 67 97.10
TERNARY 732 1 1 100.00
TERNARY 736 1 1 100.00
CASE 242 42 40 95.24
IF 567 3 3 100.00
IF 584 2 2 100.00
IF 585 2 2 100.00
IF 586 2 2 100.00
IF 589 2 2 100.00
IF 684 2 2 100.00
IF 687 2 2 100.00
IF 691 2 2 100.00
IF 694 2 2 100.00
IF 698 2 2 100.00
IF 701 2 2 100.00
IF 882 2 2 100.00 



732          assign token_idx0 = (int'(dec_lc_state_o[0]) < NumLcStates &&
                                                                          
733                               int'(trans_target_i[0]) < NumLcStates) ?
                                                                         -1-  
                                                                         ==>  
                                                                         ==> (Unreachable)

Branches:
-1-StatusTests
1 Covered T1,T2,T3
0 Unreachable T1,T2,T3 



736          assign token_idx1 = (int'(dec_lc_state_o[1]) < NumLcStates &&
                                                                          
737                               int'(trans_target_i[1]) < NumLcStates) ?
                                                                         -1-  
                                                                         ==>  
                                                                         ==> (Unreachable)

Branches:
-1-StatusTests
1 Covered T1,T2,T3
0 Unreachable T1,T2,T3 



242            unique case (fsm_state_q)
                      -1-  
243              ///////////////////////////////////////////////////////////////////
244              // Wait here until OTP has initialized and the
245              // power manager sends an initialization request.
246              ResetSt: begin
247                init_done_o = 1'b0;
248                lc_clk_byp_req   = Off;
249                lc_flash_rma_req = Off;
250                lc_check_byp_en  = Off;
251                if (init_req_i && lc_state_valid_q) begin
                   -2-  
252                  fsm_state_d = IdleSt;
                     ==>
253                  // Fetch LC state vector from OTP.
254                  lc_state_d  = lc_state_i;
255                  lc_cnt_d    = lc_cnt_i;
256                end
                   MISSING_ELSE
                   ==>
257              end
258              ///////////////////////////////////////////////////////////////////
259              // Idle state where life cycle control signals are broadcast.
260              // Note that the life cycle signals are decoded and broadcast
261              // in the lc_ctrl_signal_decode submodule.
262              IdleSt: begin
263                idle_o = 1'b1;
264        
265                // ---------- VOLATILE_TEST_UNLOCKED CODE SECTION START ----------
266                // NOTE THAT THIS IS A FEATURE FOR TEST CHIPS ONLY TO MITIGATE
267                // THE RISK OF A BROKEN OTP MACRO. THIS WILL BE DISABLED VIA
268                // SecVolatileRawUnlockEn AT COMPILETIME FOR PRODUCTION DEVICES.
269                // ---------------------------------------------------------------
270                // Note that if the volatile unlock mechanism is available,
271                // we have to stop fetching the OTP value after a volatile unlock has succeeded.
272                // Otherwise we unconditionally fetch from OTP in this state.
273                if (!(SecVolatileRawUnlockEn && lc_state_q == LcStTestUnlocked0 && lc_cnt_q != LcCnt0) ||
                   -3-  
274                    prim_mubi_pkg::mubi8_test_false_loose(volatile_raw_unlock_success_q)) begin
275                  // Continuously fetch LC state vector from OTP.
276                  // The state is locked in once a transition is started.
277                  lc_state_d    = lc_state_i;
                     ==>
278                  lc_cnt_d      = lc_cnt_i;
279                end
                   MISSING_ELSE
                   ==>
280                // ----------- VOLATILE_TEST_UNLOCKED CODE SECTION END -----------
281        
282                // If the life cycle state is SCRAP, we move the FSM into a terminal
283                // SCRAP state that does not allow any transitions to be initiated anymore.
284                if (lc_state_q == LcStScrap) begin
                   -4-  
285                  fsm_state_d = ScrapSt;
                     ==>
286        
287                // ---------- VOLATILE_TEST_UNLOCKED CODE SECTION START ----------
288                // NOTE THAT THIS IS A FEATURE FOR TEST CHIPS ONLY TO MITIGATE
289                // THE RISK OF A BROKEN OTP MACRO. THIS WILL BE DISABLED VIA
290                // SecVolatileRawUnlockEn AT COMPILETIME FOR PRODUCTION DEVICES.
291                // ---------------------------------------------------------------
292                // Only enter here if volatile RAW unlock is available and enabled.
293                end else if (SecVolatileRawUnlockEn && volatile_raw_unlock_i && trans_cmd_i) begin
                            -5-  
294                  // We only allow transitions from RAW -> TEST_UNLOCKED0
295                  if (lc_state_q == LcStRaw &&
                     -6-  
296                      trans_target_i == {DecLcStateNumRep{DecLcStTestUnlocked0}} &&
297                      !trans_invalid_error_o) begin
298                    // 128bit token check (without passing it through the KMAC)
299                    if (unhashed_token_i == RndCnstRawUnlockTokenHashed) begin
                       -7-  
300                      // We stay in Idle, but update the life cycle state register (volatile).
301                      lc_state_d = LcStTestUnlocked0;
302                      // If the count is 0, we set it to 1 - otherwise we just leave it as is so that the
303                      // register value is in sync with what has been programmed to OTP already (there may
304                      // have been unsuccessul raw unlock attempts before that already incremented it).
305                      lc_cnt_d = (lc_cnt_q == LcCnt0) ? LcCnt1 : lc_cnt_q;
                                                         -8-  
                                                         ==> (Unreachable)  
                                                         ==> (Unreachable)  
306                      // Re-sample the DFT straps in the pinmux.
307                      // This signal will be delayed by several cycles so that the LC_CTRL signals
308                      // have time to propagate.
309                      set_strap_en_override = 1'b1;
310                      // We have to remember that the transition was successful in order to correctly
311                      // disable the continuos sampling of the life cycle state vector coming from OTP.
312                      volatile_raw_unlock_success_d = prim_mubi_pkg::MuBi8True;
313                      // Indicate that the transition was successful.
314                      trans_success_o = 1'b1;
315                    end else begin
316                      token_invalid_error_o = 1'b1;
                         ==> (Unreachable)
317                      fsm_state_d = PostTransSt;
318                    end
319                  end else begin
320                    // Transition invalid error is set by lc_ctrl_state_transition module.
321                    fsm_state_d = PostTransSt;
                       ==> (Unreachable)
322                  end
323                // ----------- VOLATILE_TEST_UNLOCKED CODE SECTION END -----------
324                // Initiate a transition. This will first increment the
325                // life cycle counter before hashing and checking the token.
326                end else if (trans_cmd_i) begin
                            -9-  
327                  fsm_state_d = ClkMuxSt;
                     ==>
328                end
                   MISSING_ELSE
                   ==>
329                // If we are in a non-PROD life cycle state, steer the clock mux if requested. This
330                // action is available in IdleSt so that the mux can be steered without having to initiate
331                // a life cycle transition. If a transition is initiated however, the life cycle controller
332                // will wait for the clock mux acknowledgement in the ClkMuxSt state before proceeding.
333                if (lc_state_q inside {LcStRaw,
                   -10-  
334                                       LcStTestLocked0,
335                                       LcStTestLocked1,
336                                       LcStTestLocked2,
337                                       LcStTestLocked3,
338                                       LcStTestLocked4,
339                                       LcStTestLocked5,
340                                       LcStTestLocked6,
341                                       LcStTestUnlocked0,
342                                       LcStTestUnlocked1,
343                                       LcStTestUnlocked2,
344                                       LcStTestUnlocked3,
345                                       LcStTestUnlocked4,
346                                       LcStTestUnlocked5,
347                                       LcStTestUnlocked6,
348                                       LcStTestUnlocked7,
349                                       LcStRma}) begin
350                  if (use_ext_clock_i) begin
                     -11-  
351                    lc_clk_byp_req = On;
                       ==>
352                  end
                     MISSING_ELSE
                     ==>
353                end
                   MISSING_ELSE
                   ==>
354              end
355              ///////////////////////////////////////////////////////////////////
356              // Clock mux state. If we are in RAW, TEST* or RMA, it is permissible
357              // to switch to an external clock source. If the bypass request is
358              // asserted, we have to wait until the clock mux and clock manager
359              // have switched the mux and the clock divider. Also, we disable the
360              // life cycle partition checks at this point since we are going to
361              // alter the contents in the OTP memory array, which could lead to
362              // spurious escalations.
363              ClkMuxSt: begin
364                lc_check_byp_en = On;
365                if (lc_state_q inside {LcStRaw,
                   -12-  
366                                       LcStTestLocked0,
367                                       LcStTestLocked1,
368                                       LcStTestLocked2,
369                                       LcStTestLocked3,
370                                       LcStTestLocked4,
371                                       LcStTestLocked5,
372                                       LcStTestLocked6,
373                                       LcStTestUnlocked0,
374                                       LcStTestUnlocked1,
375                                       LcStTestUnlocked2,
376                                       LcStTestUnlocked3,
377                                       LcStTestUnlocked4,
378                                       LcStTestUnlocked5,
379                                       LcStTestUnlocked6,
380                                       LcStTestUnlocked7,
381                                       LcStRma}) begin
382                  if (use_ext_clock_i) begin
                     -13-  
383                    lc_clk_byp_req = On;
384                    if (lc_tx_test_true_strict(lc_clk_byp_ack[0])) begin
                       -14-  
385                      fsm_state_d = CntIncrSt;
                         ==>
386                    end
                       MISSING_ELSE
                       ==>
387                  end else begin
388                    fsm_state_d = CntIncrSt;
                       ==>
389                  end
390                end else begin
391                  fsm_state_d = CntIncrSt;
                     ==>
392                end
393              end
394              ///////////////////////////////////////////////////////////////////
395              // This increments the life cycle counter state.
396              CntIncrSt: begin
397                // If the counter has reached the maximum, bail out.
398                if (trans_cnt_oflw_error_o) begin
                   -15-  
399                  fsm_state_d = PostTransSt;
                     ==>
400                end else begin
401                  fsm_state_d = CntProgSt;
                     ==>
402                end
403              end
404              ///////////////////////////////////////////////////////////////////
405              // This programs the life cycle counter state.
406              CntProgSt: begin
407                otp_prog_req_o = 1'b1;
408        
409                // If the clock mux has been steered, double check that this is still the case.
410                // Otherwise abort the transition operation.
411                if (lc_clk_byp_req_o != lc_clk_byp_ack[1]) begin
                   -16-  
412                    fsm_state_d = PostTransSt;
                       ==>
413                    otp_prog_error_o = 1'b1;
414                end
                   MISSING_ELSE
                   ==>
415        
416                // Check return value and abort if there
417                // was an error.
418                if (otp_prog_ack_i) begin
                   -17-  
419                  if (otp_prog_err_i) begin
                     -18-  
420                    fsm_state_d = PostTransSt;
                       ==>
421                    otp_prog_error_o = 1'b1;
422                  end else begin
423                    fsm_state_d = TransCheckSt;
                       ==>
424                  end
425                end
                   MISSING_ELSE
                   ==>
426              end
427              ///////////////////////////////////////////////////////////////////
428              // First transition valid check. This will be repeated several
429              // times below.
430              TransCheckSt: begin
431                if (trans_invalid_error_o) begin
                   -19-  
432                  fsm_state_d = PostTransSt;
                     ==>
433                end else begin
434                  fsm_state_d = TokenHashSt;
                     ==>
435                end
436              end
437              ///////////////////////////////////////////////////////////////////
438              // Hash and compare the token, no matter whether this transition
439              // is conditional or not. Unconditional transitions just use a known
440              // all-zero token value. That way, we always compare a hashed token
441              // and guarantee that no other control flow path exists that could
442              // bypass the token check.
443              // SEC_CM: TOKEN.DIGEST
444              TokenHashSt: begin
445                token_hash_req_o = 1'b1;
446                if (token_hash_ack_i) begin
                   -20-  
447                  // This is the first comparison.
448                  // The token is compared two more times further below.
449                  // Also note that conditional transitions won't be possible if the
450                  // corresponding token is not valid. This only applies to tokens stored in
451                  // OTP. I.e., these tokens first have to be provisioned, before they can be used.
452                  if (hashed_token_i == hashed_token_mux &&
                     -21-  
453                      !token_hash_err_i &&
454                      &hashed_token_valid_mux) begin
455                    fsm_state_d = FlashRmaSt;
                       ==>
456                  end else begin
457                    fsm_state_d = PostTransSt;
                       ==>
458                    token_invalid_error_o = 1'b1;
459                  end
460                end
                   MISSING_ELSE
                   ==>
461              end
462              ///////////////////////////////////////////////////////////////////
463              // Flash RMA state. Note that we check the flash response again
464              // two times later below.
465              FlashRmaSt: begin
466                if (trans_target_i == {DecLcStateNumRep{DecLcStRma}}) begin
                   -22-  
467                  lc_flash_rma_req = On;
468                  if (lc_tx_test_true_strict(lc_flash_rma_ack_buf[0])) begin
                     -23-  
469                    fsm_state_d = TokenCheck0St;
                       ==>
470                  end
                     MISSING_ELSE
                     ==>
471                end else begin
472                  fsm_state_d = TokenCheck0St;
                     ==>
473                end
474              end
475              ///////////////////////////////////////////////////////////////////
476              // Check again two times whether this transition and the hashed
477              // token are valid. Also check again whether the flash RMA
478              // response is valid.
479              // SEC_CM: TOKEN.DIGEST
480              TokenCheck0St,
481              TokenCheck1St: begin
482                if (trans_invalid_error_o) begin
                   -24-  
483                  fsm_state_d = PostTransSt;
                     ==>
484                end else begin
485                  // If any of these RMA are conditions are true,
486                  // all of them must be true at the same time.
487                  if ((trans_target_i != {DecLcStateNumRep{DecLcStRma}} &&
                     -25-  
488                       lc_tx_test_false_strict(lc_flash_rma_req_o) &&
489                       lc_tx_test_false_strict(lc_flash_rma_ack_buf[1])) ||
490                      (trans_target_i == {DecLcStateNumRep{DecLcStRma}} &&
491                       lc_tx_test_true_strict(lc_flash_rma_req_o) &&
492                       lc_tx_test_true_strict(lc_flash_rma_ack_buf[1]))) begin
493                    if (hashed_token_i == hashed_token_mux &&
                       -26-  
494                        !token_hash_err_i &&
495                        &hashed_token_valid_mux) begin
496                      if (fsm_state_q == TokenCheck1St) begin
                         -27-  
497                        // This is the only way we can get into the
498                        // programming state.
499                        fsm_state_d = TransProgSt;
                           ==>
500                      end else begin
501                        fsm_state_d = TokenCheck1St;
                           ==>
502                      end
503                    end else begin
504                      fsm_state_d = PostTransSt;
                         ==>
505                      token_invalid_error_o = 1'b1;
506                    end
507                  // The flash RMA process failed.
508                  end else begin
509                      fsm_state_d = PostTransSt;
                         ==>
510                      flash_rma_error_o = 1'b1;
511                  end
512                end
513              end
514              ///////////////////////////////////////////////////////////////////
515              // Initiate OTP transaction. Note that the concurrent
516              // LC state check is continuously checking whether the
517              // new LC state remains valid. Once the ack returns we are
518              // done with the transition and can go into the terminal PosTransSt.
519              TransProgSt: begin
520                otp_prog_req_o = 1'b1;
521        
522                // If the clock mux has been steered, double check that this is still the case.
523                // Otherwise abort the transition operation.
524                if (lc_clk_byp_req_o != lc_clk_byp_ack[2]) begin
                   -28-  
525                  fsm_state_d = PostTransSt;
                     ==>
526                  otp_prog_error_o = 1'b1;
527                // Also double check that the RMA signals remain stable.
528                // Otherwise abort the transition operation.
529                end else if ((trans_target_i != {DecLcStateNumRep{DecLcStRma}} &&
                            -29-  
530                              (lc_flash_rma_req_o != Off || lc_flash_rma_ack_buf[2] != Off)) ||
531                             (trans_target_i == {DecLcStateNumRep{DecLcStRma}} &&
532                              (lc_flash_rma_req_o != On || lc_flash_rma_ack_buf[2] != On))) begin
533                  fsm_state_d = PostTransSt;
                     ==>
534                  flash_rma_error_o = 1'b1;
535                end else if (otp_prog_ack_i) begin
                            -30-  
536                  fsm_state_d = PostTransSt;
                     ==>
537                  otp_prog_error_o = otp_prog_err_i;
538                  trans_success_o  = ~otp_prog_err_i;
539                end
                   MISSING_ELSE
                   ==>
540              end
541              ///////////////////////////////////////////////////////////////////
542              // Terminal states.
543              ScrapSt,
544              PostTransSt: ;
                 ==>
545        
546        
547              EscalateSt: begin
548                // During an escalation it is okay to de-assert token_hash_req without receivng ACK.
549                token_hash_req_chk_o = 1'b0;
                   ==>
550              end
551        
552              InvalidSt: begin
553                // During an escalation it is okay to de-assert token_hash_req without receivng ACK.
554                token_hash_req_chk_o = 1'b0;
                   ==>
555                state_invalid_error_o = 1'b1;
556              end
557              ///////////////////////////////////////////////////////////////////
558              // Go to terminal error state if we get here.
559              default: begin
560                fsm_state_d = InvalidSt;
                   ==>

Branches:
-1--2--3--4--5--6--7--8--9--10--11--12--13--14--15--16--17--18--19--20--21--22--23--24--25--26--27--28--29--30-StatusTests
ResetSt 1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - Covered T1,T2,T3
ResetSt 0 - - - - - - - - - - - - - - - - - - - - - - - - - - - - Covered T1,T2,T3
IdleSt - 1 - - - - - - - - - - - - - - - - - - - - - - - - - - - Covered T1,T2,T3
IdleSt - 0 - - - - - - - - - - - - - - - - - - - - - - - - - - - Not Covered
IdleSt - - 1 - - - - - - - - - - - - - - - - - - - - - - - - - - Covered T1,T14,T5
IdleSt - - 0 1 1 1 1 - - - - - - - - - - - - - - - - - - - - - - Unreachable
IdleSt - - 0 1 1 1 0 - - - - - - - - - - - - - - - - - - - - - - Unreachable
IdleSt - - 0 1 1 0 - - - - - - - - - - - - - - - - - - - - - - - Unreachable
IdleSt - - 0 1 0 - - - - - - - - - - - - - - - - - - - - - - - - Unreachable
IdleSt - - 0 0 - - - 1 - - - - - - - - - - - - - - - - - - - - - Covered T1,T2,T3
IdleSt - - 0 0 - - - 0 - - - - - - - - - - - - - - - - - - - - - Covered T1,T2,T3
IdleSt - - - - - - - - 1 1 - - - - - - - - - - - - - - - - - - - Covered T1,T16,T8
IdleSt - - - - - - - - 1 0 - - - - - - - - - - - - - - - - - - - Covered T1,T2,T3
IdleSt - - - - - - - - 0 - - - - - - - - - - - - - - - - - - - - Covered T1,T3,T4
ClkMuxSt - - - - - - - - - - 1 1 1 - - - - - - - - - - - - - - - - Covered T1,T16,T40
ClkMuxSt - - - - - - - - - - 1 1 0 - - - - - - - - - - - - - - - - Covered T68,T69,T70
ClkMuxSt - - - - - - - - - - 1 0 - - - - - - - - - - - - - - - - - Covered T1,T2,T3
ClkMuxSt - - - - - - - - - - 0 - - - - - - - - - - - - - - - - - - Covered T1,T4,T13
CntIncrSt - - - - - - - - - - - - - 1 - - - - - - - - - - - - - - - Covered T13,T22,T27
CntIncrSt - - - - - - - - - - - - - 0 - - - - - - - - - - - - - - - Covered T1,T2,T3
CntProgSt - - - - - - - - - - - - - - 1 - - - - - - - - - - - - - - Covered T13,T21,T22
CntProgSt - - - - - - - - - - - - - - 0 - - - - - - - - - - - - - - Covered T1,T2,T3
CntProgSt - - - - - - - - - - - - - - - 1 1 - - - - - - - - - - - - Covered T4,T7,T42
CntProgSt - - - - - - - - - - - - - - - 1 0 - - - - - - - - - - - - Covered T1,T2,T3
CntProgSt - - - - - - - - - - - - - - - 0 - - - - - - - - - - - - - Covered T1,T2,T3
TransCheckSt - - - - - - - - - - - - - - - - - 1 - - - - - - - - - - - Covered T13,T20,T22
TransCheckSt - - - - - - - - - - - - - - - - - 0 - - - - - - - - - - - Covered T1,T2,T3
TokenHashSt - - - - - - - - - - - - - - - - - - 1 1 - - - - - - - - - Covered T1,T3,T13
TokenHashSt - - - - - - - - - - - - - - - - - - 1 0 - - - - - - - - - Covered T2,T13,T20
TokenHashSt - - - - - - - - - - - - - - - - - - 0 - - - - - - - - - - Covered T1,T2,T3
FlashRmaSt - - - - - - - - - - - - - - - - - - - - 1 1 - - - - - - - Covered T1,T13,T14
FlashRmaSt - - - - - - - - - - - - - - - - - - - - 1 0 - - - - - - - Covered T1,T13,T14
FlashRmaSt - - - - - - - - - - - - - - - - - - - - 0 - - - - - - - - Covered T1,T3,T13
TokenCheck0St TokenCheck1St - - - - - - - - - - - - - - - - - - - - - - 1 - - - - - - Covered T20,T43,T44
TokenCheck0St TokenCheck1St - - - - - - - - - - - - - - - - - - - - - - 0 1 1 1 - - - Covered T1,T3,T13
TokenCheck0St TokenCheck1St - - - - - - - - - - - - - - - - - - - - - - 0 1 1 0 - - - Covered T1,T3,T13
TokenCheck0St TokenCheck1St - - - - - - - - - - - - - - - - - - - - - - 0 1 0 - - - - Not Covered
TokenCheck0St TokenCheck1St - - - - - - - - - - - - - - - - - - - - - - 0 0 - - - - - Covered T13,T21,T22
TransProgSt - - - - - - - - - - - - - - - - - - - - - - - - - - 1 - - Covered T45,T46,T47
TransProgSt - - - - - - - - - - - - - - - - - - - - - - - - - - 0 1 - Covered T21,T48,T49
TransProgSt - - - - - - - - - - - - - - - - - - - - - - - - - - 0 0 1 Covered T1,T3,T13
TransProgSt - - - - - - - - - - - - - - - - - - - - - - - - - - 0 0 0 Covered T1,T3,T13
ScrapSt PostTransSt - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Covered T1,T2,T3
EscalateSt - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Covered T3,T4,T12
InvalidSt - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Covered T3,T12,T6
default - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Covered T3,T12,T26 



567            if (esc_scrap_state0_i || esc_scrap_state1_i) begin
               -1-  
568              fsm_state_d = EscalateSt;
                 ==>
569            // SEC_CM: MAIN.FSM.LOCAL_ESC
570            // If at any time the life cycle state encoding or any other FSM state within this module
571            // is not valid, we jump into the terminal error state right away.
572            // Note that state_invalid_error is a multibit error signal
573            // with different error sources - need to reduce this to one bit here.
574            end else if ((|state_invalid_error | token_if_fsm_err_i) && (fsm_state_q != EscalateSt)) begin
                        -2-                                  
575              fsm_state_d = InvalidSt;
                 ==>
576              state_invalid_error_o = 1'b1;
577            end
               MISSING_ELSE
               ==>

Branches:
-1--2-StatusTests
1 - Covered T3,T4,T12
0 1 Covered T3,T12,T6
0 0 Covered T1,T2,T3 



584          `PRIM_FLOP_SPARSE_FSM(u_fsm_state_regs, fsm_state_d, fsm_state_q, fsm_state_e, ResetSt)
             -1-                                                                                       
             ==>                                                                                       
             ==>

Branches:
-1-StatusTests
1 Covered T1,T2,T3
0 Covered T1,T2,T3 



585          `PRIM_FLOP_SPARSE_FSM(u_state_regs, lc_state_d, lc_state_q, lc_state_e, LcStScrap)
             -1-                                                                                  
             ==>                                                                                  
             ==>

Branches:
-1-StatusTests
1 Covered T1,T2,T3
0 Covered T1,T2,T3 



586          `PRIM_FLOP_SPARSE_FSM(u_cnt_regs, lc_cnt_d, lc_cnt_q, lc_cnt_e, LcCnt24)
             -1-                                                                        
             ==>                                                                        
             ==>

Branches:
-1-StatusTests
1 Covered T1,T2,T3
0 Covered T1,T2,T3 



589            if (!rst_ni) begin
               -1-  
590              lc_state_valid_q <= 1'b0;
                 ==>
591            end else begin
592              lc_state_valid_q <= lc_state_valid_d;
                 ==>

Branches:
-1-StatusTests
1 Covered T1,T2,T3
0 Covered T1,T2,T3 



684            if (lc_tx_test_true_strict(test_tokens_valid[0])) begin
               -1-  
685              hashed_tokens_lower[TestUnlockTokenIdx] = test_unlock_token_lower;
                 ==>
686            end
               MISSING_ELSE
               ==>

Branches:
-1-StatusTests
1 Covered T1,T3,T4
0 Covered T21,T50,T51 



687            if (lc_tx_test_true_strict(test_tokens_valid[1])) begin
               -1-  
688              hashed_tokens_upper[TestUnlockTokenIdx] = test_unlock_token_upper;
                 ==>
689            end
               MISSING_ELSE
               ==>

Branches:
-1-StatusTests
1 Covered T1,T3,T4
0 Covered T21,T50,T51 



691            if (lc_tx_test_true_strict(test_tokens_valid[2])) begin
               -1-  
692              hashed_tokens_lower[TestExitTokenIdx] = test_exit_token_lower;
                 ==>
693            end
               MISSING_ELSE
               ==>

Branches:
-1-StatusTests
1 Covered T1,T3,T4
0 Covered T21,T50,T51 



694            if (lc_tx_test_true_strict(test_tokens_valid[3])) begin
               -1-  
695              hashed_tokens_upper[TestExitTokenIdx] = test_exit_token_upper;
                 ==>
696            end
               MISSING_ELSE
               ==>

Branches:
-1-StatusTests
1 Covered T1,T3,T4
0 Covered T21,T50,T51 



698            if (lc_tx_test_true_strict(rma_token_valid[0])) begin
               -1-  
699              hashed_tokens_lower[RmaTokenIdx] = rma_token_lower;
                 ==>
700            end
               MISSING_ELSE
               ==>

Branches:
-1-StatusTests
1 Covered T1,T3,T4
0 Covered T21,T50,T51 



701            if (lc_tx_test_true_strict(rma_token_valid[1])) begin
               -1-  
702              hashed_tokens_upper[RmaTokenIdx] = rma_token_upper;
                 ==>
703            end
               MISSING_ELSE
               ==>

Branches:
-1-StatusTests
1 Covered T1,T3,T4
0 Covered T21,T50,T51 



882          `ASSERT_FPV_LINEAR_FSM(SecCmCFILinear_A, fsm_state_q, fsm_state_e)
             -1-                                                                  
             ==>                                                                  
             ==>

Branches:
-1-StatusTests
1 Covered T1,T2,T3
0 Covered T1,T2,T3

Assert Coverage for Module : lc_ctrl_fsm
TotalAttemptedPercentSucceeded/MatchedPercent
Assertions 15 15 100.00 15 100.00
Cover properties 0 0 0
Cover sequences 0 0 0
Total 15 15 100.00 15 100.00



Assertion Details

NameAttemptsReal SuccessesFailuresIncomplete
ClkBypStaysOnOnceAsserted_A 62074780 3310183 0 59
EscStaysOnOnceAsserted_A 62074780 12085597 0 8
FlashRmaStaysOnOnceAsserted_A 62074780 410529 0 13
FsmStateKnown_A 62074780 58751256 0 0
LcCntKnown_A 62074780 58751256 0 0
LcStateKnown_A 62074780 58751256 0 0
NoClkBypInProdStates_A 62074780 8150108 0 0
SecCmCFILinear_A 62074780 260859 0 2082
SecCmCFITerminal0_A 62074780 9381170 0 0
SecCmCFITerminal1_A 62074780 55153 0 0
SecCmCFITerminal2_A 62074780 4746350 0 0
SecCmCFITerminal3_A 62074780 7297749 0 0
u_cnt_regs_A 56807783 53824602 0 0
u_fsm_state_regs_A 60400954 57204199 0 0
u_state_regs_A 58303813 55308508 0 0


ClkBypStaysOnOnceAsserted_A
NameAttemptsReal SuccessesFailuresIncomplete
Total 62074780 3310183 0 59
T1 9115 1171 0 0
T2 1392 0 0 0
T3 6624 0 0 0
T4 7239 0 0 0
T5 19312 0 0 0
T8 0 18273 0 1
T10 0 16118 0 1
T11 0 0 0 1
T12 21954 0 0 0
T13 26665 0 0 0
T14 36968 0 0 0
T15 881 0 0 0
T16 32649 7371 0 0
T30 0 4051 0 0
T33 0 0 0 1
T34 0 0 0 1
T40 0 2856 0 0
T68 0 11341 0 0
T71 0 14123 0 0
T72 0 2615 0 0
T73 0 3791 0 0
T74 0 0 0 1
T75 0 0 0 1
T76 0 0 0 1
T77 0 0 0 1
T78 0 0 0 1

EscStaysOnOnceAsserted_A
NameAttemptsReal SuccessesFailuresIncomplete
Total 62074780 12085597 0 8
T1 9115 29 0 0
T2 1392 0 0 0
T3 6624 2157 0 0
T4 7239 1931 0 0
T5 19312 414 0 0
T6 0 8125 0 0
T7 0 5028 0 0
T12 21954 13325 0 0
T13 26665 1962 0 0
T14 36968 11767 0 0
T15 881 0 0 0
T16 32649 0 0 0
T17 0 321 0 0
T79 0 0 0 1
T80 0 0 0 1
T81 0 0 0 1
T82 0 0 0 1
T83 0 0 0 1
T84 0 0 0 1
T85 0 0 0 1
T86 0 0 0 1

FlashRmaStaysOnOnceAsserted_A
NameAttemptsReal SuccessesFailuresIncomplete
Total 62074780 410529 0 13
T1 9115 42 0 0
T2 1392 0 0 0
T3 6624 0 0 0
T4 7239 0 0 0
T5 19312 1304 0 1
T6 0 4964 0 0
T12 21954 0 0 0
T13 26665 140 0 0
T14 36968 667 0 0
T15 881 0 0 0
T16 32649 0 0 0
T17 0 264 0 0
T20 0 537 0 0
T21 0 1284 0 0
T22 0 2928 0 0
T26 0 283 0 0
T30 0 0 0 1
T73 0 0 0 1
T87 0 0 0 1
T88 0 0 0 1
T89 0 0 0 1
T90 0 0 0 1
T91 0 0 0 1
T92 0 0 0 1
T93 0 0 0 1

FsmStateKnown_A
NameAttemptsReal SuccessesFailuresIncomplete
Total 62074780 58751256 0 0
T1 9115 8185 0 0
T2 1392 1333 0 0
T3 6624 5777 0 0
T4 7239 6116 0 0
T5 19312 18378 0 0
T12 21954 17054 0 0
T13 26665 19932 0 0
T14 36968 31499 0 0
T15 881 806 0 0
T16 32649 32043 0 0

LcCntKnown_A
NameAttemptsReal SuccessesFailuresIncomplete
Total 62074780 58751256 0 0
T1 9115 8185 0 0
T2 1392 1333 0 0
T3 6624 5777 0 0
T4 7239 6116 0 0
T5 19312 18378 0 0
T12 21954 17054 0 0
T13 26665 19932 0 0
T14 36968 31499 0 0
T15 881 806 0 0
T16 32649 32043 0 0

LcStateKnown_A
NameAttemptsReal SuccessesFailuresIncomplete
Total 62074780 58751256 0 0
T1 9115 8185 0 0
T2 1392 1333 0 0
T3 6624 5777 0 0
T4 7239 6116 0 0
T5 19312 18378 0 0
T12 21954 17054 0 0
T13 26665 19932 0 0
T14 36968 31499 0 0
T15 881 806 0 0
T16 32649 32043 0 0

NoClkBypInProdStates_A
NameAttemptsReal SuccessesFailuresIncomplete
Total 62074780 8150108 0 0
T1 9115 2762 0 0
T2 1392 0 0 0
T3 6624 997 0 0
T4 7239 1407 0 0
T5 19312 9518 0 0
T6 0 12297 0 0
T7 0 5117 0 0
T12 21954 1942 0 0
T13 26665 1159 0 0
T14 36968 6242 0 0
T15 881 0 0 0
T16 32649 7917 0 0

SecCmCFILinear_A
NameAttemptsReal SuccessesFailuresIncomplete
Total 62074780 260859 0 2082
T1 9115 112 0 11
T2 1392 0 0 7
T3 6624 70 0 1
T4 7239 84 0 1
T5 19312 101 0 11
T6 0 111 0 0
T7 0 84 0 0
T12 21954 167 0 1
T13 26665 591 0 1
T14 36968 507 0 1
T15 881 0 0 1
T16 32649 77 0 11

SecCmCFITerminal0_A
NameAttemptsReal SuccessesFailuresIncomplete
Total 62074780 9381170 0 0
T1 9115 983 0 0
T2 1392 1183 0 0
T3 6624 1504 0 0
T4 7239 1116 0 0
T5 19312 2842 0 0
T6 0 14492 0 0
T7 0 5754 0 0
T12 21954 0 0 0
T13 26665 11610 0 0
T14 36968 0 0 0
T15 881 0 0 0
T16 32649 1114 0 0
T17 0 2299 0 0

SecCmCFITerminal1_A
NameAttemptsReal SuccessesFailuresIncomplete
Total 62074780 55153 0 0
T1 9115 29 0 0
T2 1392 0 0 0
T3 6624 0 0 0
T4 7239 0 0 0
T5 19312 414 0 0
T12 21954 0 0 0
T13 26665 0 0 0
T14 36968 4 0 0
T15 881 0 0 0
T16 32649 0 0 0
T17 0 321 0 0
T25 0 4 0 0
T61 0 8 0 0
T62 0 172 0 0
T74 0 367 0 0
T94 0 369 0 0
T95 0 400 0 0

SecCmCFITerminal2_A
NameAttemptsReal SuccessesFailuresIncomplete
Total 62074780 4746350 0 0
T3 6624 1153 0 0
T4 7239 1945 0 0
T5 19312 0 0 0
T6 35209 4007 0 0
T7 25417 5042 0 0
T12 21954 6781 0 0
T13 26665 1978 0 0
T14 36968 11835 0 0
T15 881 0 0 0
T16 32649 0 0 0
T21 0 4443 0 0
T22 0 6542 0 0
T42 0 2475 0 0

SecCmCFITerminal3_A
NameAttemptsReal SuccessesFailuresIncomplete
Total 62074780 7297749 0 0
T3 6624 1007 0 0
T4 7239 0 0 0
T5 19312 0 0 0
T6 35209 4121 0 0
T7 25417 0 0 0
T12 21954 6570 0 0
T13 26665 0 0 0
T14 36968 0 0 0
T15 881 0 0 0
T16 32649 0 0 0
T21 0 1019 0 0
T26 0 706 0 0
T29 0 109958 0 0
T41 0 10408 0 0
T50 0 2428 0 0
T61 0 3560 0 0
T96 0 297 0 0

u_cnt_regs_A
NameAttemptsReal SuccessesFailuresIncomplete
Total 56807783 53824602 0 0
T1 9115 8185 0 0
T2 1392 1333 0 0
T3 4695 4106 0 0
T4 7239 6116 0 0
T5 19312 18378 0 0
T12 16128 12405 0 0
T13 26665 19932 0 0
T14 36968 31499 0 0
T15 881 806 0 0
T16 32649 32043 0 0

u_fsm_state_regs_A
NameAttemptsReal SuccessesFailuresIncomplete
Total 60400954 57204199 0 0
T1 9115 8185 0 0
T2 1392 1333 0 0
T3 5992 5218 0 0
T4 7239 6116 0 0
T5 19312 18378 0 0
T12 18918 14608 0 0
T13 26665 19932 0 0
T14 36968 31499 0 0
T15 881 806 0 0
T16 32649 32043 0 0

u_state_regs_A
NameAttemptsReal SuccessesFailuresIncomplete
Total 58303813 55308508 0 0
T1 9115 8185 0 0
T2 1392 1333 0 0
T3 6536 5745 0 0
T4 7239 6116 0 0
T5 19312 18378 0 0
T12 15550 12244 0 0
T13 26665 19932 0 0
T14 36968 31499 0 0
T15 881 806 0 0
T16 32649 32043 0 0

Line Coverage for Instance : tb.dut.u_lc_ctrl_fsm
Line No.TotalCoveredPercent
TOTAL16416198.17
CONT_ASSIGN12611100.00
ALWAYS14633100.00
CONT_ASSIGN17111100.00
CONT_ASSIGN17811100.00
CONT_ASSIGN17911100.00
ALWAYS20410410298.08
ALWAYS58433100.00
ALWAYS58533100.00
ALWAYS58633100.00
ALWAYS58933100.00
CONT_ASSIGN623100.00
CONT_ASSIGN66611100.00
CONT_ASSIGN66711100.00
CONT_ASSIGN66811100.00
ALWAYS6771515100.00
ALWAYS7121414100.00
CONT_ASSIGN73211100.00
CONT_ASSIGN73611100.00
CONT_ASSIGN74011100.00
CONT_ASSIGN74211100.00
CONT_ASSIGN74911100.00
ALWAYS88233100.00

Click here to see the source line report.
Cond Coverage for Instance : tb.dut.u_lc_ctrl_fsm
TotalCoveredPercent
Conditions726691.67
Logical726691.67
Non-Logical00
Event00

 LINE       251
 EXPRESSION (init_req_i && lc_state_valid_q)
             -----1----    --------2-------
-1--2-StatusTests
01CoveredT1,T2,T3
10CoveredT12,T29,T41
11CoveredT1,T2,T3 

 LINE       284
 EXPRESSION (lc_state_q == LcStScrap)
            ------------1------------
-1-StatusTests
0CoveredT1,T2,T3
1CoveredT1,T14,T5 

 LINE       295
 EXPRESSION ((lc_state_q == LcStRaw) && (trans_target_i == {lc_ctrl_state_pkg::DecLcStateNumRep {DecLcStTestUnlocked0}}) && ((!trans_invalid_error_o)))
             -----------1-----------    ----------------------------------------2---------------------------------------    -------------3------------
-1--2--3-StatusTests
011Unreachable
101Unreachable
110Unreachable
111Unreachable 

 LINE       295
 SUB-EXPRESSION (lc_state_q == LcStRaw)
                -----------1-----------
-1-StatusTests
0Unreachable
1Unreachable 

 LINE       295
 SUB-EXPRESSION (trans_target_i == {lc_ctrl_state_pkg::DecLcStateNumRep {DecLcStTestUnlocked0}})
                ----------------------------------------1---------------------------------------
-1-StatusTests
0Unreachable
1Unreachable 

 LINE       299
 EXPRESSION (unhashed_token_i == lc_ctrl_state_pkg::RndCnstRawUnlockTokenHashed)
            ----------------------------------1---------------------------------
-1-StatusTests
0Unreachable
1Unreachable 

 LINE       305
 EXPRESSION ((lc_cnt_q == LcCnt0) ? LcCnt1 : lc_cnt_q)
             ----------1---------
-1-StatusTests
0Unreachable
1Unreachable 

 LINE       305
 SUB-EXPRESSION (lc_cnt_q == LcCnt0)
                ----------1---------
-1-StatusTests
0Unreachable
1Unreachable 

 LINE       411
 EXPRESSION (lc_clk_byp_req_o != lc_clk_byp_ack[1])
            -------------------1-------------------
-1-StatusTests
0CoveredT1,T2,T3
1CoveredT13,T21,T22 

 LINE       452
 EXPRESSION ((hashed_token_i == hashed_token_mux) && ((!token_hash_err_i)) && ((&hashed_token_valid_mux)))
             ------------------1-----------------    ----------2----------    -------------3-------------
-1--2--3-StatusTests
011CoveredT2,T13,T20
101CoveredT13,T22,T27
110Not Covered
111CoveredT1,T3,T13 

 LINE       452
 SUB-EXPRESSION (hashed_token_i == hashed_token_mux)
                ------------------1-----------------
-1-StatusTests
0CoveredT2,T13,T20
1CoveredT1,T3,T13 

 LINE       466
 EXPRESSION (trans_target_i == {lc_ctrl_state_pkg::DecLcStateNumRep {DecLcStRma}})
            -----------------------------------1----------------------------------
-1-StatusTests
0CoveredT1,T3,T13
1CoveredT1,T13,T14 

 LINE       493
 EXPRESSION ((hashed_token_i == hashed_token_mux) && ((!token_hash_err_i)) && ((&hashed_token_valid_mux)))
             ------------------1-----------------    ----------2----------    -------------3-------------
-1--2--3-StatusTests
011Not Covered
101Not Covered
110Not Covered
111CoveredT1,T3,T13 

 LINE       493
 SUB-EXPRESSION (hashed_token_i == hashed_token_mux)
                ------------------1-----------------
-1-StatusTests
0Not Covered
1CoveredT1,T3,T13 

 LINE       496
 EXPRESSION (fsm_state_q == TokenCheck1St)
            ---------------1--------------
-1-StatusTests
0CoveredT1,T3,T13
1CoveredT1,T3,T13 

 LINE       524
 EXPRESSION (lc_clk_byp_req_o != lc_clk_byp_ack[2])
            -------------------1-------------------
-1-StatusTests
0CoveredT1,T3,T13
1CoveredT45,T46,T47 

 LINE       529
 EXPRESSION 
 Number  Term
      1  ((trans_target_i != {lc_ctrl_state_pkg::DecLcStateNumRep {DecLcStRma}}) && ((lc_flash_rma_req_o != Off) || (lc_flash_rma_ack_buf[2] != Off))) || 
      2  ((trans_target_i == {lc_ctrl_state_pkg::DecLcStateNumRep {DecLcStRma}}) && ((lc_flash_rma_req_o != On) || (lc_flash_rma_ack_buf[2] != On))))
-1--2-StatusTests
00CoveredT1,T3,T13
01CoveredT21,T52,T53
10CoveredT48,T49,T54 

 LINE       529
 SUB-EXPRESSION ((trans_target_i != {lc_ctrl_state_pkg::DecLcStateNumRep {DecLcStRma}}) && ((lc_flash_rma_req_o != Off) || (lc_flash_rma_ack_buf[2] != Off)))
                 -----------------------------------1----------------------------------    --------------------------------2--------------------------------
-1--2-StatusTests
01CoveredT1,T14,T5
10CoveredT1,T3,T13
11CoveredT48,T49,T54 

 LINE       529
 SUB-EXPRESSION (trans_target_i != {lc_ctrl_state_pkg::DecLcStateNumRep {DecLcStRma}})
                -----------------------------------1----------------------------------
-1-StatusTests
0CoveredT1,T14,T5
1CoveredT1,T3,T13 

 LINE       529
 SUB-EXPRESSION ((lc_flash_rma_req_o != Off) || (lc_flash_rma_ack_buf[2] != Off))
                 -------------1-------------    ----------------2---------------
-1--2-StatusTests
00CoveredT1,T3,T13
01CoveredT48,T49,T54
10CoveredT55 

 LINE       529
 SUB-EXPRESSION (lc_flash_rma_req_o != Off)
                -------------1-------------
-1-StatusTests
0CoveredT1,T3,T13
1CoveredT1,T14,T5 

 LINE       529
 SUB-EXPRESSION (lc_flash_rma_ack_buf[2] != Off)
                ----------------1---------------
-1-StatusTests
0CoveredT1,T3,T13
1CoveredT1,T14,T5 

 LINE       529
 SUB-EXPRESSION ((trans_target_i == {lc_ctrl_state_pkg::DecLcStateNumRep {DecLcStRma}}) && ((lc_flash_rma_req_o != On) || (lc_flash_rma_ack_buf[2] != On)))
                 -----------------------------------1----------------------------------    -------------------------------2-------------------------------
-1--2-StatusTests
01CoveredT1,T3,T13
10CoveredT1,T14,T5
11CoveredT21,T52,T53 

 LINE       529
 SUB-EXPRESSION (trans_target_i == {lc_ctrl_state_pkg::DecLcStateNumRep {DecLcStRma}})
                -----------------------------------1----------------------------------
-1-StatusTests
0CoveredT1,T3,T13
1CoveredT1,T14,T5 

 LINE       529
 SUB-EXPRESSION ((lc_flash_rma_req_o != On) || (lc_flash_rma_ack_buf[2] != On))
                 -------------1------------    ---------------2---------------
-1--2-StatusTests
00CoveredT1,T14,T5
01CoveredT21,T52,T53
10Not Covered 

 LINE       529
 SUB-EXPRESSION (lc_flash_rma_req_o != On)
                -------------1------------
-1-StatusTests
0CoveredT1,T14,T5
1CoveredT1,T3,T13 

 LINE       529
 SUB-EXPRESSION (lc_flash_rma_ack_buf[2] != On)
                ---------------1---------------
-1-StatusTests
0CoveredT1,T14,T5
1CoveredT1,T3,T13 

 LINE       567
 EXPRESSION (esc_scrap_state0_i || esc_scrap_state1_i)
             ---------1--------    ---------2--------
-1--2-StatusTests
00CoveredT1,T2,T3
01CoveredT3,T4,T12
10CoveredT3,T4,T12 

 LINE       574
 EXPRESSION ((((|state_invalid_error)) | token_if_fsm_err_i) && (fsm_state_q != EscalateSt))
             -----------------------1-----------------------    -------------2-------------
-1--2-StatusTests
01CoveredT1,T2,T3
10CoveredT12,T6,T26
11CoveredT3,T12,T6 

 LINE       574
 SUB-EXPRESSION (((|state_invalid_error)) | token_if_fsm_err_i)
                 ------------1-----------   ---------2--------
-1--2-StatusTests
00CoveredT1,T2,T3
01CoveredT12,T6,T26
10CoveredT3,T12,T6 

 LINE       574
 SUB-EXPRESSION (fsm_state_q != EscalateSt)
                -------------1-------------
-1-StatusTests
0CoveredT3,T4,T12
1CoveredT1,T2,T3 

 LINE       732
 EXPRESSION 
 Number  Term
      1  ((int'(dec_lc_state_o[0]) < lc_ctrl_state_pkg::NumLcStates) && (int'(trans_target_i[0]) < lc_ctrl_state_pkg::NumLcStates)) ? lc_ctrl_pkg::TransTokenIdxMatrix[dec_lc_state_o[0]][trans_target_i[0]] : InvalidTokenIdx)
-1-StatusTests
0UnreachableT1,T2,T3
1CoveredT1,T2,T3 

 LINE       732
 SUB-EXPRESSION ((int'(dec_lc_state_o[0]) < lc_ctrl_state_pkg::NumLcStates) && (int'(trans_target_i[0]) < lc_ctrl_state_pkg::NumLcStates))
                 -----------------------------1----------------------------    -----------------------------2----------------------------
-1--2-StatusTests
01UnreachableT1,T2,T3
10UnreachableT8,T9,T56
11CoveredT1,T2,T3 

 LINE       736
 EXPRESSION 
 Number  Term
      1  ((int'(dec_lc_state_o[1]) < lc_ctrl_state_pkg::NumLcStates) && (int'(trans_target_i[1]) < lc_ctrl_state_pkg::NumLcStates)) ? lc_ctrl_pkg::TransTokenIdxMatrix[dec_lc_state_o[1]][trans_target_i[1]] : InvalidTokenIdx)
-1-StatusTests
0UnreachableT1,T2,T3
1CoveredT1,T2,T3 

 LINE       736
 SUB-EXPRESSION ((int'(dec_lc_state_o[1]) < lc_ctrl_state_pkg::NumLcStates) && (int'(trans_target_i[1]) < lc_ctrl_state_pkg::NumLcStates))
                 -----------------------------1----------------------------    -----------------------------2----------------------------
-1--2-StatusTests
01UnreachableT1,T2,T3
10UnreachableT8,T28,T9
11CoveredT1,T2,T3 

 LINE       749
 EXPRESSION (trans_invalid_error || (token_idx0 != token_idx1))
             ---------1---------    -------------2------------
-1--2-StatusTests
00CoveredT1,T2,T3
01CoveredT8,T20,T9
10CoveredT13,T22,T27 

 LINE       749
 SUB-EXPRESSION (token_idx0 != token_idx1)
                -------------1------------
-1-StatusTests
0CoveredT1,T2,T3
1CoveredT8,T20,T9
FSM Coverage for Instance : tb.dut.u_lc_ctrl_fsm
Summary for FSM :: fsm_state_q
TotalCoveredPercent
States 15 15 100.00 (Not included in score)
Transitions 34 34 100.00
Sequences 0 0

State, Transition and Sequence Details for FSM :: fsm_state_q
statesLine No.CoveredTests
ClkMuxSt 327 Covered T1,T2,T3
CntIncrSt 385 Covered T1,T2,T3
CntProgSt 401 Covered T1,T2,T3
EscalateSt 568 Covered T3,T4,T12
FlashRmaSt 455 Covered T1,T3,T13
IdleSt 252 Covered T1,T2,T3
InvalidSt 575 Covered T3,T12,T6
PostTransSt 317 Covered T1,T2,T3
ResetSt 246 Covered T1,T2,T3
ScrapSt 285 Covered T1,T14,T5
TokenCheck0St 469 Covered T1,T3,T13
TokenCheck1St 501 Covered T1,T3,T13
TokenHashSt 434 Covered T1,T2,T3
TransCheckSt 423 Covered T1,T2,T3
TransProgSt 499 Covered T1,T3,T13


transitionsLine No.CoveredTestsExclude Annotation
ClkMuxSt->CntIncrSt 385 Covered T1,T2,T3
ClkMuxSt->EscalateSt 568 Covered T57,T58,T59
ClkMuxSt->InvalidSt 575 Excluded [LOW_RISK] The transition from any state to error_terminal state is fully verified in FPV.
CntIncrSt->CntProgSt 401 Covered T1,T2,T3
CntIncrSt->EscalateSt 568 Covered T25,T57,T60
CntIncrSt->InvalidSt 575 Excluded [LOW_RISK] The transition from any state to error_terminal state is fully verified in FPV.
CntIncrSt->PostTransSt 399 Covered T13,T22,T27
CntProgSt->EscalateSt 568 Covered T14,T25,T57
CntProgSt->InvalidSt 575 Excluded [LOW_RISK] The transition from any state to error_terminal state is fully verified in FPV.
CntProgSt->PostTransSt 412 Covered T4,T13,T7
CntProgSt->TransCheckSt 423 Covered T1,T2,T3
EscalateSt->InvalidSt 575 Excluded VC_COV_UNR
FlashRmaSt->EscalateSt 568 Covered T14,T57,T60
FlashRmaSt->InvalidSt 575 Excluded [LOW_RISK] The transition from any state to error_terminal state is fully verified in FPV.
FlashRmaSt->TokenCheck0St 469 Covered T1,T3,T13
IdleSt->ClkMuxSt 327 Covered T1,T2,T3
IdleSt->EscalateSt 568 Covered T57,T58,T59
IdleSt->InvalidSt 575 Covered T3,T12,T6
IdleSt->PostTransSt 317 Excluded VC_COV_UNR
IdleSt->ScrapSt 285 Covered T1,T14,T5
InvalidSt->EscalateSt 568 Covered T3,T12,T6
PostTransSt->EscalateSt 568 Covered T4,T13,T7
PostTransSt->InvalidSt 575 Excluded [LOW_RISK] The transition from any state to error_terminal state is fully verified in FPV.
ResetSt->EscalateSt 568 Covered T14,T25,T57
ResetSt->IdleSt 252 Covered T1,T2,T3
ResetSt->InvalidSt 575 Excluded [LOW_RISK] The transition from any state to error_terminal state is fully verified in FPV.
ScrapSt->EscalateSt 568 Covered T14,T25,T60
ScrapSt->InvalidSt 575 Covered T61,T62,T63
TokenCheck0St->EscalateSt 568 Covered T14,T25,T58
TokenCheck0St->InvalidSt 575 Excluded [LOW_RISK] The transition from any state to error_terminal state is fully verified in FPV.
TokenCheck0St->PostTransSt 483 Covered T13,T20,T21
TokenCheck0St->TokenCheck1St 501 Covered T1,T3,T13
TokenCheck1St->EscalateSt 568 Covered T57,T58,T59
TokenCheck1St->InvalidSt 575 Excluded [LOW_RISK] The transition from any state to error_terminal state is fully verified in FPV.
TokenCheck1St->PostTransSt 483 Covered T13,T20,T21
TokenCheck1St->TransProgSt 499 Covered T1,T3,T13
TokenHashSt->EscalateSt 568 Covered T14,T25,T57
TokenHashSt->FlashRmaSt 455 Covered T1,T3,T13
TokenHashSt->InvalidSt 575 Excluded [LOW_RISK] The transition from any state to error_terminal state is fully verified in FPV.
TokenHashSt->PostTransSt 457 Covered T2,T13,T20
TransCheckSt->EscalateSt 568 Covered T57,T59,T64
TransCheckSt->InvalidSt 575 Excluded [LOW_RISK] The transition from any state to error_terminal state is fully verified in FPV.
TransCheckSt->PostTransSt 432 Covered T13,T20,T22
TransCheckSt->TokenHashSt 434 Covered T1,T2,T3
TransProgSt->EscalateSt 568 Covered T14,T25,T57
TransProgSt->InvalidSt 575 Excluded [LOW_RISK] The transition from any state to error_terminal state is fully verified in FPV.
TransProgSt->PostTransSt 525 Covered T1,T3,T13


Summary for FSM :: lc_state_q
TotalCoveredPercent
States 21 21 100.00 (Not included in score)
Transitions 1 0 0.00
Sequences 0 0

State, Transition and Sequence Details for FSM :: lc_state_q
statesLine No.CoveredTests
LcStDev 92 Covered T12,T13,T14
LcStProd 93 Covered T1,T4,T13
LcStProdEnd 94 Covered T1,T3,T4
LcStRaw 295 Covered T2,T3,T4
LcStRma 333 Covered T1,T12,T13
LcStScrap 284 Covered T1,T2,T3
LcStTestLocked0 333 Covered T12,T13,T14
LcStTestLocked1 333 Covered T3,T12,T13
LcStTestLocked2 333 Covered T3,T12,T13
LcStTestLocked3 333 Covered T4,T12,T13
LcStTestLocked4 333 Covered T12,T13,T14
LcStTestLocked5 333 Covered T12,T13,T14
LcStTestLocked6 333 Covered T4,T12,T13
LcStTestUnlocked0 301 Covered T1,T4,T12
LcStTestUnlocked1 333 Covered T1,T4,T12
LcStTestUnlocked2 333 Covered T1,T3,T4
LcStTestUnlocked3 333 Covered T3,T4,T12
LcStTestUnlocked4 333 Covered T1,T12,T13
LcStTestUnlocked5 333 Covered T1,T3,T4
LcStTestUnlocked6 333 Covered T12,T13,T14
LcStTestUnlocked7 333 Covered T3,T13,T14


transitionsLine No.CoveredTests
LcStRaw->LcStTestUnlocked0 301 Not Covered


Summary for FSM :: lc_cnt_q
TotalCoveredPercent
States 25 10 40.00 (Not included in score)
Transitions 1 1 100.00
Sequences 0 0

State, Transition and Sequence Details for FSM :: lc_cnt_q
statesLine No.CoveredTests
LcCnt0 305 Covered T17,T62,T18
LcCnt1 305 Covered T1,T3,T12
LcCnt10 112 Not Covered
LcCnt11 113 Not Covered
LcCnt12 114 Not Covered
LcCnt13 115 Not Covered
LcCnt14 116 Not Covered
LcCnt15 117 Not Covered
LcCnt16 118 Not Covered
LcCnt17 119 Not Covered
LcCnt18 120 Not Covered
LcCnt19 121 Not Covered
LcCnt2 104 Covered T1,T12,T13
LcCnt20 122 Not Covered
LcCnt21 123 Not Covered
LcCnt22 124 Not Covered
LcCnt23 125 Not Covered
LcCnt24 126 Not Covered
LcCnt3 105 Covered T1,T4,T12
LcCnt4 106 Covered T4,T13,T14
LcCnt5 107 Covered T3,T12,T13
LcCnt6 108 Covered T3,T4,T12
LcCnt7 109 Covered T1,T4,T12
LcCnt8 110 Covered T1,T12,T13
LcCnt9 111 Covered T1,T3,T12


transitionsLine No.CoveredTests
LcCnt0->LcCnt1 305 Covered T65,T66,T67


Branch Coverage for Instance : tb.dut.u_lc_ctrl_fsm
Line No.TotalCoveredPercent
Branches 68 67 98.53
TERNARY 732 1 1 100.00
TERNARY 736 1 1 100.00
CASE 242 41 40 97.56
IF 567 3 3 100.00
IF 584 2 2 100.00
IF 585 2 2 100.00
IF 586 2 2 100.00
IF 589 2 2 100.00
IF 684 2 2 100.00
IF 687 2 2 100.00
IF 691 2 2 100.00
IF 694 2 2 100.00
IF 698 2 2 100.00
IF 701 2 2 100.00
IF 882 2 2 100.00 



732          assign token_idx0 = (int'(dec_lc_state_o[0]) < NumLcStates &&
                                                                          
733                               int'(trans_target_i[0]) < NumLcStates) ?
                                                                         -1-  
                                                                         ==>  
                                                                         ==> (Unreachable)

Branches:
-1-StatusTests
1 Covered T1,T2,T3
0 Unreachable T1,T2,T3 



736          assign token_idx1 = (int'(dec_lc_state_o[1]) < NumLcStates &&
                                                                          
737                               int'(trans_target_i[1]) < NumLcStates) ?
                                                                         -1-  
                                                                         ==>  
                                                                         ==> (Unreachable)

Branches:
-1-StatusTests
1 Covered T1,T2,T3
0 Unreachable T1,T2,T3 



242            unique case (fsm_state_q)
                      -1-  
243              ///////////////////////////////////////////////////////////////////
244              // Wait here until OTP has initialized and the
245              // power manager sends an initialization request.
246              ResetSt: begin
247                init_done_o = 1'b0;
248                lc_clk_byp_req   = Off;
249                lc_flash_rma_req = Off;
250                lc_check_byp_en  = Off;
251                if (init_req_i && lc_state_valid_q) begin
                   -2-  
252                  fsm_state_d = IdleSt;
                     ==>
253                  // Fetch LC state vector from OTP.
254                  lc_state_d  = lc_state_i;
255                  lc_cnt_d    = lc_cnt_i;
256                end
                   MISSING_ELSE
                   ==>
257              end
258              ///////////////////////////////////////////////////////////////////
259              // Idle state where life cycle control signals are broadcast.
260              // Note that the life cycle signals are decoded and broadcast
261              // in the lc_ctrl_signal_decode submodule.
262              IdleSt: begin
263                idle_o = 1'b1;
264        
265                // ---------- VOLATILE_TEST_UNLOCKED CODE SECTION START ----------
266                // NOTE THAT THIS IS A FEATURE FOR TEST CHIPS ONLY TO MITIGATE
267                // THE RISK OF A BROKEN OTP MACRO. THIS WILL BE DISABLED VIA
268                // SecVolatileRawUnlockEn AT COMPILETIME FOR PRODUCTION DEVICES.
269                // ---------------------------------------------------------------
270                // Note that if the volatile unlock mechanism is available,
271                // we have to stop fetching the OTP value after a volatile unlock has succeeded.
272                // Otherwise we unconditionally fetch from OTP in this state.
273                if (!(SecVolatileRawUnlockEn && lc_state_q == LcStTestUnlocked0 && lc_cnt_q != LcCnt0) ||
                   -3-  
274                    prim_mubi_pkg::mubi8_test_false_loose(volatile_raw_unlock_success_q)) begin
275                  // Continuously fetch LC state vector from OTP.
276                  // The state is locked in once a transition is started.
277                  lc_state_d    = lc_state_i;
                     ==>
278                  lc_cnt_d      = lc_cnt_i;
279                end
                   MISSING_ELSE
                   ==> (Excluded)
Exclude Annotation: VC_COV_UNR
280                // ----------- VOLATILE_TEST_UNLOCKED CODE SECTION END -----------
281        
282                // If the life cycle state is SCRAP, we move the FSM into a terminal
283                // SCRAP state that does not allow any transitions to be initiated anymore.
284                if (lc_state_q == LcStScrap) begin
                   -4-  
285                  fsm_state_d = ScrapSt;
                     ==>
286        
287                // ---------- VOLATILE_TEST_UNLOCKED CODE SECTION START ----------
288                // NOTE THAT THIS IS A FEATURE FOR TEST CHIPS ONLY TO MITIGATE
289                // THE RISK OF A BROKEN OTP MACRO. THIS WILL BE DISABLED VIA
290                // SecVolatileRawUnlockEn AT COMPILETIME FOR PRODUCTION DEVICES.
291                // ---------------------------------------------------------------
292                // Only enter here if volatile RAW unlock is available and enabled.
293                end else if (SecVolatileRawUnlockEn && volatile_raw_unlock_i && trans_cmd_i) begin
                            -5-  
294                  // We only allow transitions from RAW -> TEST_UNLOCKED0
295                  if (lc_state_q == LcStRaw &&
                     -6-  
296                      trans_target_i == {DecLcStateNumRep{DecLcStTestUnlocked0}} &&
297                      !trans_invalid_error_o) begin
298                    // 128bit token check (without passing it through the KMAC)
299                    if (unhashed_token_i == RndCnstRawUnlockTokenHashed) begin
                       -7-  
300                      // We stay in Idle, but update the life cycle state register (volatile).
301                      lc_state_d = LcStTestUnlocked0;
302                      // If the count is 0, we set it to 1 - otherwise we just leave it as is so that the
303                      // register value is in sync with what has been programmed to OTP already (there may
304                      // have been unsuccessul raw unlock attempts before that already incremented it).
305                      lc_cnt_d = (lc_cnt_q == LcCnt0) ? LcCnt1 : lc_cnt_q;
                                                         -8-  
                                                         ==> (Unreachable)  
                                                         ==> (Unreachable)  
306                      // Re-sample the DFT straps in the pinmux.
307                      // This signal will be delayed by several cycles so that the LC_CTRL signals
308                      // have time to propagate.
309                      set_strap_en_override = 1'b1;
310                      // We have to remember that the transition was successful in order to correctly
311                      // disable the continuos sampling of the life cycle state vector coming from OTP.
312                      volatile_raw_unlock_success_d = prim_mubi_pkg::MuBi8True;
313                      // Indicate that the transition was successful.
314                      trans_success_o = 1'b1;
315                    end else begin
316                      token_invalid_error_o = 1'b1;
                         ==> (Unreachable)
317                      fsm_state_d = PostTransSt;
318                    end
319                  end else begin
320                    // Transition invalid error is set by lc_ctrl_state_transition module.
321                    fsm_state_d = PostTransSt;
                       ==> (Unreachable)
322                  end
323                // ----------- VOLATILE_TEST_UNLOCKED CODE SECTION END -----------
324                // Initiate a transition. This will first increment the
325                // life cycle counter before hashing and checking the token.
326                end else if (trans_cmd_i) begin
                            -9-  
327                  fsm_state_d = ClkMuxSt;
                     ==>
328                end
                   MISSING_ELSE
                   ==>
329                // If we are in a non-PROD life cycle state, steer the clock mux if requested. This
330                // action is available in IdleSt so that the mux can be steered without having to initiate
331                // a life cycle transition. If a transition is initiated however, the life cycle controller
332                // will wait for the clock mux acknowledgement in the ClkMuxSt state before proceeding.
333                if (lc_state_q inside {LcStRaw,
                   -10-  
334                                       LcStTestLocked0,
335                                       LcStTestLocked1,
336                                       LcStTestLocked2,
337                                       LcStTestLocked3,
338                                       LcStTestLocked4,
339                                       LcStTestLocked5,
340                                       LcStTestLocked6,
341                                       LcStTestUnlocked0,
342                                       LcStTestUnlocked1,
343                                       LcStTestUnlocked2,
344                                       LcStTestUnlocked3,
345                                       LcStTestUnlocked4,
346                                       LcStTestUnlocked5,
347                                       LcStTestUnlocked6,
348                                       LcStTestUnlocked7,
349                                       LcStRma}) begin
350                  if (use_ext_clock_i) begin
                     -11-  
351                    lc_clk_byp_req = On;
                       ==>
352                  end
                     MISSING_ELSE
                     ==>
353                end
                   MISSING_ELSE
                   ==>
354              end
355              ///////////////////////////////////////////////////////////////////
356              // Clock mux state. If we are in RAW, TEST* or RMA, it is permissible
357              // to switch to an external clock source. If the bypass request is
358              // asserted, we have to wait until the clock mux and clock manager
359              // have switched the mux and the clock divider. Also, we disable the
360              // life cycle partition checks at this point since we are going to
361              // alter the contents in the OTP memory array, which could lead to
362              // spurious escalations.
363              ClkMuxSt: begin
364                lc_check_byp_en = On;
365                if (lc_state_q inside {LcStRaw,
                   -12-  
366                                       LcStTestLocked0,
367                                       LcStTestLocked1,
368                                       LcStTestLocked2,
369                                       LcStTestLocked3,
370                                       LcStTestLocked4,
371                                       LcStTestLocked5,
372                                       LcStTestLocked6,
373                                       LcStTestUnlocked0,
374                                       LcStTestUnlocked1,
375                                       LcStTestUnlocked2,
376                                       LcStTestUnlocked3,
377                                       LcStTestUnlocked4,
378                                       LcStTestUnlocked5,
379                                       LcStTestUnlocked6,
380                                       LcStTestUnlocked7,
381                                       LcStRma}) begin
382                  if (use_ext_clock_i) begin
                     -13-  
383                    lc_clk_byp_req = On;
384                    if (lc_tx_test_true_strict(lc_clk_byp_ack[0])) begin
                       -14-  
385                      fsm_state_d = CntIncrSt;
                         ==>
386                    end
                       MISSING_ELSE
                       ==>
387                  end else begin
388                    fsm_state_d = CntIncrSt;
                       ==>
389                  end
390                end else begin
391                  fsm_state_d = CntIncrSt;
                     ==>
392                end
393              end
394              ///////////////////////////////////////////////////////////////////
395              // This increments the life cycle counter state.
396              CntIncrSt: begin
397                // If the counter has reached the maximum, bail out.
398                if (trans_cnt_oflw_error_o) begin
                   -15-  
399                  fsm_state_d = PostTransSt;
                     ==>
400                end else begin
401                  fsm_state_d = CntProgSt;
                     ==>
402                end
403              end
404              ///////////////////////////////////////////////////////////////////
405              // This programs the life cycle counter state.
406              CntProgSt: begin
407                otp_prog_req_o = 1'b1;
408        
409                // If the clock mux has been steered, double check that this is still the case.
410                // Otherwise abort the transition operation.
411                if (lc_clk_byp_req_o != lc_clk_byp_ack[1]) begin
                   -16-  
412                    fsm_state_d = PostTransSt;
                       ==>
413                    otp_prog_error_o = 1'b1;
414                end
                   MISSING_ELSE
                   ==>
415        
416                // Check return value and abort if there
417                // was an error.
418                if (otp_prog_ack_i) begin
                   -17-  
419                  if (otp_prog_err_i) begin
                     -18-  
420                    fsm_state_d = PostTransSt;
                       ==>
421                    otp_prog_error_o = 1'b1;
422                  end else begin
423                    fsm_state_d = TransCheckSt;
                       ==>
424                  end
425                end
                   MISSING_ELSE
                   ==>
426              end
427              ///////////////////////////////////////////////////////////////////
428              // First transition valid check. This will be repeated several
429              // times below.
430              TransCheckSt: begin
431                if (trans_invalid_error_o) begin
                   -19-  
432                  fsm_state_d = PostTransSt;
                     ==>
433                end else begin
434                  fsm_state_d = TokenHashSt;
                     ==>
435                end
436              end
437              ///////////////////////////////////////////////////////////////////
438              // Hash and compare the token, no matter whether this transition
439              // is conditional or not. Unconditional transitions just use a known
440              // all-zero token value. That way, we always compare a hashed token
441              // and guarantee that no other control flow path exists that could
442              // bypass the token check.
443              // SEC_CM: TOKEN.DIGEST
444              TokenHashSt: begin
445                token_hash_req_o = 1'b1;
446                if (token_hash_ack_i) begin
                   -20-  
447                  // This is the first comparison.
448                  // The token is compared two more times further below.
449                  // Also note that conditional transitions won't be possible if the
450                  // corresponding token is not valid. This only applies to tokens stored in
451                  // OTP. I.e., these tokens first have to be provisioned, before they can be used.
452                  if (hashed_token_i == hashed_token_mux &&
                     -21-  
453                      !token_hash_err_i &&
454                      &hashed_token_valid_mux) begin
455                    fsm_state_d = FlashRmaSt;
                       ==>
456                  end else begin
457                    fsm_state_d = PostTransSt;
                       ==>
458                    token_invalid_error_o = 1'b1;
459                  end
460                end
                   MISSING_ELSE
                   ==>
461              end
462              ///////////////////////////////////////////////////////////////////
463              // Flash RMA state. Note that we check the flash response again
464              // two times later below.
465              FlashRmaSt: begin
466                if (trans_target_i == {DecLcStateNumRep{DecLcStRma}}) begin
                   -22-  
467                  lc_flash_rma_req = On;
468                  if (lc_tx_test_true_strict(lc_flash_rma_ack_buf[0])) begin
                     -23-  
469                    fsm_state_d = TokenCheck0St;
                       ==>
470                  end
                     MISSING_ELSE
                     ==>
471                end else begin
472                  fsm_state_d = TokenCheck0St;
                     ==>
473                end
474              end
475              ///////////////////////////////////////////////////////////////////
476              // Check again two times whether this transition and the hashed
477              // token are valid. Also check again whether the flash RMA
478              // response is valid.
479              // SEC_CM: TOKEN.DIGEST
480              TokenCheck0St,
481              TokenCheck1St: begin
482                if (trans_invalid_error_o) begin
                   -24-  
483                  fsm_state_d = PostTransSt;
                     ==>
484                end else begin
485                  // If any of these RMA are conditions are true,
486                  // all of them must be true at the same time.
487                  if ((trans_target_i != {DecLcStateNumRep{DecLcStRma}} &&
                     -25-  
488                       lc_tx_test_false_strict(lc_flash_rma_req_o) &&
489                       lc_tx_test_false_strict(lc_flash_rma_ack_buf[1])) ||
490                      (trans_target_i == {DecLcStateNumRep{DecLcStRma}} &&
491                       lc_tx_test_true_strict(lc_flash_rma_req_o) &&
492                       lc_tx_test_true_strict(lc_flash_rma_ack_buf[1]))) begin
493                    if (hashed_token_i == hashed_token_mux &&
                       -26-  
494                        !token_hash_err_i &&
495                        &hashed_token_valid_mux) begin
496                      if (fsm_state_q == TokenCheck1St) begin
                         -27-  
497                        // This is the only way we can get into the
498                        // programming state.
499                        fsm_state_d = TransProgSt;
                           ==>
500                      end else begin
501                        fsm_state_d = TokenCheck1St;
                           ==>
502                      end
503                    end else begin
504                      fsm_state_d = PostTransSt;
                         ==>
505                      token_invalid_error_o = 1'b1;
506                    end
507                  // The flash RMA process failed.
508                  end else begin
509                      fsm_state_d = PostTransSt;
                         ==>
510                      flash_rma_error_o = 1'b1;
511                  end
512                end
513              end
514              ///////////////////////////////////////////////////////////////////
515              // Initiate OTP transaction. Note that the concurrent
516              // LC state check is continuously checking whether the
517              // new LC state remains valid. Once the ack returns we are
518              // done with the transition and can go into the terminal PosTransSt.
519              TransProgSt: begin
520                otp_prog_req_o = 1'b1;
521        
522                // If the clock mux has been steered, double check that this is still the case.
523                // Otherwise abort the transition operation.
524                if (lc_clk_byp_req_o != lc_clk_byp_ack[2]) begin
                   -28-  
525                  fsm_state_d = PostTransSt;
                     ==>
526                  otp_prog_error_o = 1'b1;
527                // Also double check that the RMA signals remain stable.
528                // Otherwise abort the transition operation.
529                end else if ((trans_target_i != {DecLcStateNumRep{DecLcStRma}} &&
                            -29-  
530                              (lc_flash_rma_req_o != Off || lc_flash_rma_ack_buf[2] != Off)) ||
531                             (trans_target_i == {DecLcStateNumRep{DecLcStRma}} &&
532                              (lc_flash_rma_req_o != On || lc_flash_rma_ack_buf[2] != On))) begin
533                  fsm_state_d = PostTransSt;
                     ==>
534                  flash_rma_error_o = 1'b1;
535                end else if (otp_prog_ack_i) begin
                            -30-  
536                  fsm_state_d = PostTransSt;
                     ==>
537                  otp_prog_error_o = otp_prog_err_i;
538                  trans_success_o  = ~otp_prog_err_i;
539                end
                   MISSING_ELSE
                   ==>
540              end
541              ///////////////////////////////////////////////////////////////////
542              // Terminal states.
543              ScrapSt,
544              PostTransSt: ;
                 ==>
545        
546        
547              EscalateSt: begin
548                // During an escalation it is okay to de-assert token_hash_req without receivng ACK.
549                token_hash_req_chk_o = 1'b0;
                   ==>
550              end
551        
552              InvalidSt: begin
553                // During an escalation it is okay to de-assert token_hash_req without receivng ACK.
554                token_hash_req_chk_o = 1'b0;
                   ==>
555                state_invalid_error_o = 1'b1;
556              end
557              ///////////////////////////////////////////////////////////////////
558              // Go to terminal error state if we get here.
559              default: begin
560                fsm_state_d = InvalidSt;
                   ==>

Branches:
-1--2--3--4--5--6--7--8--9--10--11--12--13--14--15--16--17--18--19--20--21--22--23--24--25--26--27--28--29--30-StatusTestsExclude Annotation
ResetSt 1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - Covered T1,T2,T3
ResetSt 0 - - - - - - - - - - - - - - - - - - - - - - - - - - - - Covered T1,T2,T3
IdleSt - 1 - - - - - - - - - - - - - - - - - - - - - - - - - - - Covered T1,T2,T3
IdleSt - 0 - - - - - - - - - - - - - - - - - - - - - - - - - - - Excluded VC_COV_UNR
IdleSt - - 1 - - - - - - - - - - - - - - - - - - - - - - - - - - Covered T1,T14,T5
IdleSt - - 0 1 1 1 1 - - - - - - - - - - - - - - - - - - - - - - Unreachable
IdleSt - - 0 1 1 1 0 - - - - - - - - - - - - - - - - - - - - - - Unreachable
IdleSt - - 0 1 1 0 - - - - - - - - - - - - - - - - - - - - - - - Unreachable
IdleSt - - 0 1 0 - - - - - - - - - - - - - - - - - - - - - - - - Unreachable
IdleSt - - 0 0 - - - 1 - - - - - - - - - - - - - - - - - - - - - Covered T1,T2,T3
IdleSt - - 0 0 - - - 0 - - - - - - - - - - - - - - - - - - - - - Covered T1,T2,T3
IdleSt - - - - - - - - 1 1 - - - - - - - - - - - - - - - - - - - Covered T1,T16,T8
IdleSt - - - - - - - - 1 0 - - - - - - - - - - - - - - - - - - - Covered T1,T2,T3
IdleSt - - - - - - - - 0 - - - - - - - - - - - - - - - - - - - - Covered T1,T3,T4
ClkMuxSt - - - - - - - - - - 1 1 1 - - - - - - - - - - - - - - - - Covered T1,T16,T40
ClkMuxSt - - - - - - - - - - 1 1 0 - - - - - - - - - - - - - - - - Covered T68,T69,T70
ClkMuxSt - - - - - - - - - - 1 0 - - - - - - - - - - - - - - - - - Covered T1,T2,T3
ClkMuxSt - - - - - - - - - - 0 - - - - - - - - - - - - - - - - - - Covered T1,T4,T13
CntIncrSt - - - - - - - - - - - - - 1 - - - - - - - - - - - - - - - Covered T13,T22,T27
CntIncrSt - - - - - - - - - - - - - 0 - - - - - - - - - - - - - - - Covered T1,T2,T3
CntProgSt - - - - - - - - - - - - - - 1 - - - - - - - - - - - - - - Covered T13,T21,T22
CntProgSt - - - - - - - - - - - - - - 0 - - - - - - - - - - - - - - Covered T1,T2,T3
CntProgSt - - - - - - - - - - - - - - - 1 1 - - - - - - - - - - - - Covered T4,T7,T42
CntProgSt - - - - - - - - - - - - - - - 1 0 - - - - - - - - - - - - Covered T1,T2,T3
CntProgSt - - - - - - - - - - - - - - - 0 - - - - - - - - - - - - - Covered T1,T2,T3
TransCheckSt - - - - - - - - - - - - - - - - - 1 - - - - - - - - - - - Covered T13,T20,T22
TransCheckSt - - - - - - - - - - - - - - - - - 0 - - - - - - - - - - - Covered T1,T2,T3
TokenHashSt - - - - - - - - - - - - - - - - - - 1 1 - - - - - - - - - Covered T1,T3,T13
TokenHashSt - - - - - - - - - - - - - - - - - - 1 0 - - - - - - - - - Covered T2,T13,T20
TokenHashSt - - - - - - - - - - - - - - - - - - 0 - - - - - - - - - - Covered T1,T2,T3
FlashRmaSt - - - - - - - - - - - - - - - - - - - - 1 1 - - - - - - - Covered T1,T13,T14
FlashRmaSt - - - - - - - - - - - - - - - - - - - - 1 0 - - - - - - - Covered T1,T13,T14
FlashRmaSt - - - - - - - - - - - - - - - - - - - - 0 - - - - - - - - Covered T1,T3,T13
TokenCheck0St TokenCheck1St - - - - - - - - - - - - - - - - - - - - - - 1 - - - - - - Covered T20,T43,T44
TokenCheck0St TokenCheck1St - - - - - - - - - - - - - - - - - - - - - - 0 1 1 1 - - - Covered T1,T3,T13
TokenCheck0St TokenCheck1St - - - - - - - - - - - - - - - - - - - - - - 0 1 1 0 - - - Covered T1,T3,T13
TokenCheck0St TokenCheck1St - - - - - - - - - - - - - - - - - - - - - - 0 1 0 - - - - Not Covered
TokenCheck0St TokenCheck1St - - - - - - - - - - - - - - - - - - - - - - 0 0 - - - - - Covered T13,T21,T22
TransProgSt - - - - - - - - - - - - - - - - - - - - - - - - - - 1 - - Covered T45,T46,T47
TransProgSt - - - - - - - - - - - - - - - - - - - - - - - - - - 0 1 - Covered T21,T48,T49
TransProgSt - - - - - - - - - - - - - - - - - - - - - - - - - - 0 0 1 Covered T1,T3,T13
TransProgSt - - - - - - - - - - - - - - - - - - - - - - - - - - 0 0 0 Covered T1,T3,T13
ScrapSt PostTransSt - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Covered T1,T2,T3
EscalateSt - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Covered T3,T4,T12
InvalidSt - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Covered T3,T12,T6
default - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Covered T3,T12,T26 



567            if (esc_scrap_state0_i || esc_scrap_state1_i) begin
               -1-  
568              fsm_state_d = EscalateSt;
                 ==>
569            // SEC_CM: MAIN.FSM.LOCAL_ESC
570            // If at any time the life cycle state encoding or any other FSM state within this module
571            // is not valid, we jump into the terminal error state right away.
572            // Note that state_invalid_error is a multibit error signal
573            // with different error sources - need to reduce this to one bit here.
574            end else if ((|state_invalid_error | token_if_fsm_err_i) && (fsm_state_q != EscalateSt)) begin
                        -2-                                  
575              fsm_state_d = InvalidSt;
                 ==>
576              state_invalid_error_o = 1'b1;
577            end
               MISSING_ELSE
               ==>

Branches:
-1--2-StatusTests
1 - Covered T3,T4,T12
0 1 Covered T3,T12,T6
0 0 Covered T1,T2,T3 



584          `PRIM_FLOP_SPARSE_FSM(u_fsm_state_regs, fsm_state_d, fsm_state_q, fsm_state_e, ResetSt)
             -1-                                                                                       
             ==>                                                                                       
             ==>

Branches:
-1-StatusTests
1 Covered T1,T2,T3
0 Covered T1,T2,T3 



585          `PRIM_FLOP_SPARSE_FSM(u_state_regs, lc_state_d, lc_state_q, lc_state_e, LcStScrap)
             -1-                                                                                  
             ==>                                                                                  
             ==>

Branches:
-1-StatusTests
1 Covered T1,T2,T3
0 Covered T1,T2,T3 



586          `PRIM_FLOP_SPARSE_FSM(u_cnt_regs, lc_cnt_d, lc_cnt_q, lc_cnt_e, LcCnt24)
             -1-                                                                        
             ==>                                                                        
             ==>

Branches:
-1-StatusTests
1 Covered T1,T2,T3
0 Covered T1,T2,T3 



589            if (!rst_ni) begin
               -1-  
590              lc_state_valid_q <= 1'b0;
                 ==>
591            end else begin
592              lc_state_valid_q <= lc_state_valid_d;
                 ==>

Branches:
-1-StatusTests
1 Covered T1,T2,T3
0 Covered T1,T2,T3 



684            if (lc_tx_test_true_strict(test_tokens_valid[0])) begin
               -1-  
685              hashed_tokens_lower[TestUnlockTokenIdx] = test_unlock_token_lower;
                 ==>
686            end
               MISSING_ELSE
               ==>

Branches:
-1-StatusTests
1 Covered T1,T3,T4
0 Covered T21,T50,T51 



687            if (lc_tx_test_true_strict(test_tokens_valid[1])) begin
               -1-  
688              hashed_tokens_upper[TestUnlockTokenIdx] = test_unlock_token_upper;
                 ==>
689            end
               MISSING_ELSE
               ==>

Branches:
-1-StatusTests
1 Covered T1,T3,T4
0 Covered T21,T50,T51 



691            if (lc_tx_test_true_strict(test_tokens_valid[2])) begin
               -1-  
692              hashed_tokens_lower[TestExitTokenIdx] = test_exit_token_lower;
                 ==>
693            end
               MISSING_ELSE
               ==>

Branches:
-1-StatusTests
1 Covered T1,T3,T4
0 Covered T21,T50,T51 



694            if (lc_tx_test_true_strict(test_tokens_valid[3])) begin
               -1-  
695              hashed_tokens_upper[TestExitTokenIdx] = test_exit_token_upper;
                 ==>
696            end
               MISSING_ELSE
               ==>

Branches:
-1-StatusTests
1 Covered T1,T3,T4
0 Covered T21,T50,T51 



698            if (lc_tx_test_true_strict(rma_token_valid[0])) begin
               -1-  
699              hashed_tokens_lower[RmaTokenIdx] = rma_token_lower;
                 ==>
700            end
               MISSING_ELSE
               ==>

Branches:
-1-StatusTests
1 Covered T1,T3,T4
0 Covered T21,T50,T51 



701            if (lc_tx_test_true_strict(rma_token_valid[1])) begin
               -1-  
702              hashed_tokens_upper[RmaTokenIdx] = rma_token_upper;
                 ==>
703            end
               MISSING_ELSE
               ==>

Branches:
-1-StatusTests
1 Covered T1,T3,T4
0 Covered T21,T50,T51 



882          `ASSERT_FPV_LINEAR_FSM(SecCmCFILinear_A, fsm_state_q, fsm_state_e)
             -1-                                                                  
             ==>                                                                  
             ==>

Branches:
-1-StatusTests
1 Covered T1,T2,T3
0 Covered T1,T2,T3

Assert Coverage for Instance : tb.dut.u_lc_ctrl_fsm
TotalAttemptedPercentSucceeded/MatchedPercent
Assertions 15 15 100.00 15 100.00
Cover properties 0 0 0
Cover sequences 0 0 0
Total 15 15 100.00 15 100.00



Assertion Details

NameAttemptsReal SuccessesFailuresIncomplete
ClkBypStaysOnOnceAsserted_A 62074780 3310183 0 59
EscStaysOnOnceAsserted_A 62074780 12085597 0 8
FlashRmaStaysOnOnceAsserted_A 62074780 410529 0 13
FsmStateKnown_A 62074780 58751256 0 0
LcCntKnown_A 62074780 58751256 0 0
LcStateKnown_A 62074780 58751256 0 0
NoClkBypInProdStates_A 62074780 8150108 0 0
SecCmCFILinear_A 62074780 260859 0 2082
SecCmCFITerminal0_A 62074780 9381170 0 0
SecCmCFITerminal1_A 62074780 55153 0 0
SecCmCFITerminal2_A 62074780 4746350 0 0
SecCmCFITerminal3_A 62074780 7297749 0 0
u_cnt_regs_A 56807783 53824602 0 0
u_fsm_state_regs_A 60400954 57204199 0 0
u_state_regs_A 58303813 55308508 0 0


ClkBypStaysOnOnceAsserted_A
NameAttemptsReal SuccessesFailuresIncomplete
Total 62074780 3310183 0 59
T1 9115 1171 0 0
T2 1392 0 0 0
T3 6624 0 0 0
T4 7239 0 0 0
T5 19312 0 0 0
T8 0 18273 0 1
T10 0 16118 0 1
T11 0 0 0 1
T12 21954 0 0 0
T13 26665 0 0 0
T14 36968 0 0 0
T15 881 0 0 0
T16 32649 7371 0 0
T30 0 4051 0 0
T33 0 0 0 1
T34 0 0 0 1
T40 0 2856 0 0
T68 0 11341 0 0
T71 0 14123 0 0
T72 0 2615 0 0
T73 0 3791 0 0
T74 0 0 0 1
T75 0 0 0 1
T76 0 0 0 1
T77 0 0 0 1
T78 0 0 0 1

EscStaysOnOnceAsserted_A
NameAttemptsReal SuccessesFailuresIncomplete
Total 62074780 12085597 0 8
T1 9115 29 0 0
T2 1392 0 0 0
T3 6624 2157 0 0
T4 7239 1931 0 0
T5 19312 414 0 0
T6 0 8125 0 0
T7 0 5028 0 0
T12 21954 13325 0 0
T13 26665 1962 0 0
T14 36968 11767 0 0
T15 881 0 0 0
T16 32649 0 0 0
T17 0 321 0 0
T79 0 0 0 1
T80 0 0 0 1
T81 0 0 0 1
T82 0 0 0 1
T83 0 0 0 1
T84 0 0 0 1
T85 0 0 0 1
T86 0 0 0 1

FlashRmaStaysOnOnceAsserted_A
NameAttemptsReal SuccessesFailuresIncomplete
Total 62074780 410529 0 13
T1 9115 42 0 0
T2 1392 0 0 0
T3 6624 0 0 0
T4 7239 0 0 0
T5 19312 1304 0 1
T6 0 4964 0 0
T12 21954 0 0 0
T13 26665 140 0 0
T14 36968 667 0 0
T15 881 0 0 0
T16 32649 0 0 0
T17 0 264 0 0
T20 0 537 0 0
T21 0 1284 0 0
T22 0 2928 0 0
T26 0 283 0 0
T30 0 0 0 1
T73 0 0 0 1
T87 0 0 0 1
T88 0 0 0 1
T89 0 0 0 1
T90 0 0 0 1
T91 0 0 0 1
T92 0 0 0 1
T93 0 0 0 1

FsmStateKnown_A
NameAttemptsReal SuccessesFailuresIncomplete
Total 62074780 58751256 0 0
T1 9115 8185 0 0
T2 1392 1333 0 0
T3 6624 5777 0 0
T4 7239 6116 0 0
T5 19312 18378 0 0
T12 21954 17054 0 0
T13 26665 19932 0 0
T14 36968 31499 0 0
T15 881 806 0 0
T16 32649 32043 0 0

LcCntKnown_A
NameAttemptsReal SuccessesFailuresIncomplete
Total 62074780 58751256 0 0
T1 9115 8185 0 0
T2 1392 1333 0 0
T3 6624 5777 0 0
T4 7239 6116 0 0
T5 19312 18378 0 0
T12 21954 17054 0 0
T13 26665 19932 0 0
T14 36968 31499 0 0
T15 881 806 0 0
T16 32649 32043 0 0

LcStateKnown_A
NameAttemptsReal SuccessesFailuresIncomplete
Total 62074780 58751256 0 0
T1 9115 8185 0 0
T2 1392 1333 0 0
T3 6624 5777 0 0
T4 7239 6116 0 0
T5 19312 18378 0 0
T12 21954 17054 0 0
T13 26665 19932 0 0
T14 36968 31499 0 0
T15 881 806 0 0
T16 32649 32043 0 0

NoClkBypInProdStates_A
NameAttemptsReal SuccessesFailuresIncomplete
Total 62074780 8150108 0 0
T1 9115 2762 0 0
T2 1392 0 0 0
T3 6624 997 0 0
T4 7239 1407 0 0
T5 19312 9518 0 0
T6 0 12297 0 0
T7 0 5117 0 0
T12 21954 1942 0 0
T13 26665 1159 0 0
T14 36968 6242 0 0
T15 881 0 0 0
T16 32649 7917 0 0

SecCmCFILinear_A
NameAttemptsReal SuccessesFailuresIncomplete
Total 62074780 260859 0 2082
T1 9115 112 0 11
T2 1392 0 0 7
T3 6624 70 0 1
T4 7239 84 0 1
T5 19312 101 0 11
T6 0 111 0 0
T7 0 84 0 0
T12 21954 167 0 1
T13 26665 591 0 1
T14 36968 507 0 1
T15 881 0 0 1
T16 32649 77 0 11

SecCmCFITerminal0_A
NameAttemptsReal SuccessesFailuresIncomplete
Total 62074780 9381170 0 0
T1 9115 983 0 0
T2 1392 1183 0 0
T3 6624 1504 0 0
T4 7239 1116 0 0
T5 19312 2842 0 0
T6 0 14492 0 0
T7 0 5754 0 0
T12 21954 0 0 0
T13 26665 11610 0 0
T14 36968 0 0 0
T15 881 0 0 0
T16 32649 1114 0 0
T17 0 2299 0 0

SecCmCFITerminal1_A
NameAttemptsReal SuccessesFailuresIncomplete
Total 62074780 55153 0 0
T1 9115 29 0 0
T2 1392 0 0 0
T3 6624 0 0 0
T4 7239 0 0 0
T5 19312 414 0 0
T12 21954 0 0 0
T13 26665 0 0 0
T14 36968 4 0 0
T15 881 0 0 0
T16 32649 0 0 0
T17 0 321 0 0
T25 0 4 0 0
T61 0 8 0 0
T62 0 172 0 0
T74 0 367 0 0
T94 0 369 0 0
T95 0 400 0 0

SecCmCFITerminal2_A
NameAttemptsReal SuccessesFailuresIncomplete
Total 62074780 4746350 0 0
T3 6624 1153 0 0
T4 7239 1945 0 0
T5 19312 0 0 0
T6 35209 4007 0 0
T7 25417 5042 0 0
T12 21954 6781 0 0
T13 26665 1978 0 0
T14 36968 11835 0 0
T15 881 0 0 0
T16 32649 0 0 0
T21 0 4443 0 0
T22 0 6542 0 0
T42 0 2475 0 0

SecCmCFITerminal3_A
NameAttemptsReal SuccessesFailuresIncomplete
Total 62074780 7297749 0 0
T3 6624 1007 0 0
T4 7239 0 0 0
T5 19312 0 0 0
T6 35209 4121 0 0
T7 25417 0 0 0
T12 21954 6570 0 0
T13 26665 0 0 0
T14 36968 0 0 0
T15 881 0 0 0
T16 32649 0 0 0
T21 0 1019 0 0
T26 0 706 0 0
T29 0 109958 0 0
T41 0 10408 0 0
T50 0 2428 0 0
T61 0 3560 0 0
T96 0 297 0 0

u_cnt_regs_A
NameAttemptsReal SuccessesFailuresIncomplete
Total 56807783 53824602 0 0
T1 9115 8185 0 0
T2 1392 1333 0 0
T3 4695 4106 0 0
T4 7239 6116 0 0
T5 19312 18378 0 0
T12 16128 12405 0 0
T13 26665 19932 0 0
T14 36968 31499 0 0
T15 881 806 0 0
T16 32649 32043 0 0

u_fsm_state_regs_A
NameAttemptsReal SuccessesFailuresIncomplete
Total 60400954 57204199 0 0
T1 9115 8185 0 0
T2 1392 1333 0 0
T3 5992 5218 0 0
T4 7239 6116 0 0
T5 19312 18378 0 0
T12 18918 14608 0 0
T13 26665 19932 0 0
T14 36968 31499 0 0
T15 881 806 0 0
T16 32649 32043 0 0

u_state_regs_A
NameAttemptsReal SuccessesFailuresIncomplete
Total 58303813 55308508 0 0
T1 9115 8185 0 0
T2 1392 1333 0 0
T3 6536 5745 0 0
T4 7239 6116 0 0
T5 19312 18378 0 0
T12 15550 12244 0 0
T13 26665 19932 0 0
T14 36968 31499 0 0
T15 881 806 0 0
T16 32649 32043 0 0

0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100%