Line Coverage for Module :
sram_ctrl
| Line No. | Total | Covered | Percent |
|---|
| TOTAL | | 52 | 52 | 100.00 |
| CONT_ASSIGN | 126 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 134 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 137 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 141 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 145 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 149 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 152 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 184 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 186 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 194 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 202 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 212 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 221 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 226 | 1 | 1 | 100.00 |
| ALWAYS | 230 | 3 | 3 | 100.00 |
| CONT_ASSIGN | 242 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 243 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 267 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 268 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 279 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 284 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 288 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 289 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 293 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 294 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 298 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 299 | 1 | 1 | 100.00 |
| ALWAYS | 302 | 11 | 11 | 100.00 |
| CONT_ASSIGN | 346 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 389 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 466 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 507 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 513 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 514 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 515 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 516 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 517 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 518 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 529 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 567 | 1 | 1 | 100.00 |
125 logic unused_nonce;
126 1/1 assign unused_nonce = ^nonce_q[otp_ctrl_pkg::SramNonceWidth-1:NonceWidth];
Tests: T1 T2 T3
127 end
128
129 //////////////////
130 // Alert Sender //
131 //////////////////
132
133 logic alert_test;
134 1/1 assign alert_test = reg2hw.alert_test.q & reg2hw.alert_test.qe;
Tests: T1 T2 T3
135
136 assign hw2reg.status.bus_integ_error.d = 1'b1;
137 1/1 assign hw2reg.status.bus_integ_error.de = |bus_integ_error;
Tests: T1 T2 T3
138
139 logic init_error;
140 assign hw2reg.status.init_error.d = 1'b1;
141 1/1 assign hw2reg.status.init_error.de = init_error;
Tests: T1 T2 T3
142
143 logic readback_error;
144 assign hw2reg.status.readback_error.d = 1'b1;
145 1/1 assign hw2reg.status.readback_error.de = readback_error;
Tests: T1 T2 T3
146
147 logic sram_alert;
148 assign hw2reg.status.sram_alert.d = 1'b1;
149 1/1 assign hw2reg.status.sram_alert.de = sram_alert;
Tests: T1 T2 T3
150
151 logic alert_req;
152 1/1 assign alert_req = (|bus_integ_error) | init_error | readback_error | sram_alert;
Tests: T1 T2 T3
153
154 prim_alert_sender #(
155 .AsyncOn(AlertAsyncOn[0]),
156 .IsFatal(1)
157 ) u_prim_alert_sender_parity (
158 .clk_i,
159 .rst_ni,
160 .alert_test_i ( alert_test ),
161 .alert_req_i ( alert_req ),
162 .alert_ack_o ( ),
163 .alert_state_o ( ),
164 .alert_rx_i ( alert_rx_i[0] ),
165 .alert_tx_o ( alert_tx_o[0] )
166 );
167
168 /////////////////////////
169 // Escalation Triggers //
170 /////////////////////////
171
172 lc_tx_t [1:0] escalate_en;
173 prim_lc_sync #(
174 .NumCopies (2)
175 ) u_prim_lc_sync (
176 .clk_i,
177 .rst_ni,
178 .lc_en_i (lc_escalate_en_i),
179 .lc_en_o (escalate_en)
180 );
181
182 // SEC_CM: KEY.GLOBAL_ESC
183 logic escalate;
184 1/1 assign escalate = lc_tx_test_true_loose(escalate_en[0]);
Tests: T1 T2 T3
185 assign hw2reg.status.escalated.d = 1'b1;
186 1/1 assign hw2reg.status.escalated.de = escalate;
Tests: T1 T2 T3
187
188 // SEC_CM: KEY.LOCAL_ESC
189 // Aggregate external and internal escalation sources.
190 // This is used in countermeasures further below (key reset and transaction blocking).
191 logic local_esc, local_esc_reg;
192 // This signal only aggregates registered escalation signals and is used for transaction
193 // blocking further below, which is on a timing-critical path.
194 1/1 assign local_esc_reg = reg2hw.status.escalated.q |
Tests: T1 T2 T3
195 reg2hw.status.init_error.q |
196 reg2hw.status.bus_integ_error.q |
197 reg2hw.status.sram_alert.q |
198 reg2hw.status.readback_error.q;
199 // This signal aggregates all escalation trigger signals, including the ones that are generated
200 // in the same cycle such as init_error, sram alert, and bus_integ_error. It is used for
201 // countermeasures that are not on the critical path (such as clearing the scrambling keys).
202 1/1 assign local_esc = escalate |
Tests: T1 T2 T3
203 init_error |
204 (|bus_integ_error) |
205 sram_alert |
206 readback_error |
207 local_esc_reg;
208
209 // Convert registered, local escalation sources to a multibit signal and combine this with
210 // the incoming escalation enable signal before feeding into the TL-UL gate further below.
211 lc_tx_t lc_tlul_gate_en;
212 1/1 assign lc_tlul_gate_en = lc_tx_inv(lc_tx_or_hi(escalate_en[1],
Tests: T1 T2 T3
213 lc_tx_bool_to_lc_tx(local_esc_reg)));
214 ///////////////////////
215 // HW Initialization //
216 ///////////////////////
217
218 // A write to the init register reloads the LFSR seed, resets the init counter and
219 // sets init_q to flag a pending initialization request.
220 logic init_trig, init_q;
221 1/1 assign init_trig = reg2hw.ctrl.init.q &&
Tests: T1 T2 T3
222 reg2hw.ctrl.init.qe &&
223 !init_q; // Ignore new requests while memory init is already pending.
224
225 logic init_d, init_done;
226 1/1 assign init_d = (init_done) ? 1'b0 :
Tests: T1 T2 T3
227 (init_trig) ? 1'b1 : init_q;
228
229 always_ff @(posedge clk_i or negedge rst_ni) begin : p_init_reg
230 1/1 if(!rst_ni) begin
Tests: T1 T2 T3
231 1/1 init_q <= 1'b0;
Tests: T1 T2 T3
232 end else begin
233 1/1 init_q <= init_d;
Tests: T1 T2 T3
234 end
235 end
236
237 // This waits until the scrambling keys are actually valid (this allows the SW to trigger
238 // key renewal and initialization at the same time).
239 logic init_req;
240 logic [AddrWidth-1:0] init_cnt;
241 logic key_req_pending_d, key_req_pending_q;
242 1/1 assign init_req = init_q & ~key_req_pending_q;
Tests: T1 T2 T3
243 1/1 assign init_done = (init_cnt == AddrWidth'(Depth - 1)) & init_req;
Tests: T1 T2 T3
244
245 // We employ two redundant counters to guard against FI attacks.
246 // If any of the two is glitched and the two counter states do not agree,
247 // we trigger an alert.
248 // SEC_CM: INIT.CTR.REDUN
249 prim_count #(
250 .Width(AddrWidth)
251 ) u_prim_count (
252 .clk_i,
253 .rst_ni,
254 .clr_i(init_trig),
255 .set_i(1'b0),
256 .set_cnt_i('0),
257 .incr_en_i(init_req),
258 .decr_en_i(1'b0),
259 .step_i(AddrWidth'(1)),
260 .commit_i(1'b1),
261 .cnt_o(init_cnt),
262 .cnt_after_commit_o(),
263 .err_o(init_error)
264 );
265
266 // Clear this bit on local escalation.
267 1/1 assign hw2reg.status.init_done.d = init_done & ~init_trig & ~local_esc;
Tests: T1 T2 T3
268 1/1 assign hw2reg.status.init_done.de = init_done | init_trig | local_esc;
Tests: T1 T2 T3
269
270 ////////////////////////////
271 // Scrambling Key Request //
272 ////////////////////////////
273
274 // The scrambling key and nonce have to be requested from the OTP controller via a req/ack
275 // protocol. Since the OTP controller works in a different clock domain, we have to synchronize
276 // the req/ack protocol as described in more details here:
277 // https://docs.opentitan.org/hw/ip/otp_ctrl/doc/index.html#interfaces-to-sram-and-otbn-scramblers
278 logic key_req, key_ack;
279 1/1 assign key_req = reg2hw.ctrl.renew_scr_key.q &&
Tests: T1 T2 T3
280 reg2hw.ctrl.renew_scr_key.qe &&
281 !key_req_pending_q && // Ignore new requests while a request is already pending.
282 !init_q; // Ignore new requests while memory init is already pending.
283
284 1/1 assign key_req_pending_d = (key_req) ? 1'b1 :
Tests: T1 T2 T3
285 (key_ack) ? 1'b0 : key_req_pending_q;
286
287 // Clear this bit on local escalation.
288 1/1 assign hw2reg.status.scr_key_valid.d = key_ack & ~key_req & ~local_esc;
Tests: T1 T2 T3
289 1/1 assign hw2reg.status.scr_key_valid.de = key_req | key_ack | local_esc;
Tests: T1 T2 T3
290
291 // As opposed to scr_key_valid, SW is responsible for clearing this register.
292 // It is not automatically cleared by HW, except when escalating.
293 1/1 assign hw2reg.scr_key_rotated.d = (key_ack & ~local_esc) ? MuBi4True : MuBi4False;
Tests: T1 T2 T3
294 1/1 assign hw2reg.scr_key_rotated.de = key_ack | local_esc;
Tests: T1 T2 T3
295
296 // Clear this bit on local escalation.
297 logic key_seed_valid;
298 1/1 assign hw2reg.status.scr_key_seed_valid.d = key_seed_valid & ~local_esc;
Tests: T1 T2 T3
299 1/1 assign hw2reg.status.scr_key_seed_valid.de = key_ack | local_esc;
Tests: T1 T2 T3
300
301 always_ff @(posedge clk_i or negedge rst_ni) begin : p_regs
302 1/1 if (!rst_ni) begin
Tests: T1 T2 T3
303 1/1 key_req_pending_q <= 1'b0;
Tests: T1 T2 T3
304 // reset case does not use buffered values as the
305 // reset value will be directly encoded into flop types
306 1/1 key_q <= RndCnstSramKey;
Tests: T1 T2 T3
307 1/1 nonce_q <= RndCnstSramNonce;
Tests: T1 T2 T3
308 end else begin
309 1/1 key_req_pending_q <= key_req_pending_d;
Tests: T1 T2 T3
310 1/1 if (key_ack) begin
Tests: T1 T2 T3
311 1/1 key_q <= key_d;
Tests: T1 T2 T3
312 1/1 nonce_q <= nonce_d;
Tests: T1 T2 T3
313 end
MISSING_ELSE
314 // This scraps the keys.
315 // SEC_CM: KEY.GLOBAL_ESC
316 // SEC_CM: KEY.LOCAL_ESC
317 1/1 if (local_esc) begin
Tests: T1 T2 T3
318 1/1 key_q <= cnst_sram_key;
Tests: T3 T5 T6
319 1/1 nonce_q <= cnst_sram_nonce;
Tests: T3 T5 T6
320 end
MISSING_ELSE
321 end
322 end
323
324 prim_sync_reqack_data #(
325 .Width($bits(otp_ctrl_pkg::sram_otp_key_rsp_t)-1),
326 .DataSrc2Dst(1'b0)
327 ) u_prim_sync_reqack_data (
328 .clk_src_i ( clk_i ),
329 .rst_src_ni ( rst_ni ),
330 .clk_dst_i ( clk_otp_i ),
331 .rst_dst_ni ( rst_otp_ni ),
332 .req_chk_i ( 1'b1 ),
333 .src_req_i ( key_req_pending_q ),
334 .src_ack_o ( key_ack ),
335 .dst_req_o ( sram_otp_key_o.req ),
336 .dst_ack_i ( sram_otp_key_i.ack ),
337 .data_i ( {sram_otp_key_i.key,
338 sram_otp_key_i.nonce,
339 sram_otp_key_i.seed_valid} ),
340 .data_o ( {key_d,
341 nonce_d,
342 key_seed_valid} )
343 );
344
345 logic unused_csr_sigs;
346 1/1 assign unused_csr_sigs = ^{reg2hw.status.init_done.q,
Tests: T1 T2 T3
347 reg2hw.status.scr_key_seed_valid.q};
348
349 ////////////////////
350 // SRAM Execution //
351 ////////////////////
352
353 mubi4_t en_ifetch;
354 if (InstrExec) begin : gen_instr_ctrl
355 lc_tx_t lc_hw_debug_en;
356 prim_lc_sync #(
357 .NumCopies (1)
358 ) u_prim_lc_sync_hw_debug_en (
359 .clk_i,
360 .rst_ni,
361 .lc_en_i (lc_hw_debug_en_i),
362 .lc_en_o ({lc_hw_debug_en})
363 );
364
365 mubi8_t otp_en_sram_ifetch;
366 prim_mubi8_sync #(
367 .NumCopies (1)
368 ) u_prim_mubi8_sync_otp_en_sram_ifetch (
369 .clk_i,
370 .rst_ni,
371 .mubi_i(otp_en_sram_ifetch_i),
372 .mubi_o({otp_en_sram_ifetch})
373 );
374
375 mubi4_t lc_ifetch_en;
376 mubi4_t reg_ifetch_en;
377 // SEC_CM: INSTR.BUS.LC_GATED
378 assign lc_ifetch_en = lc_to_mubi4(lc_hw_debug_en);
379 // SEC_CM: EXEC.CONFIG.MUBI
380 assign reg_ifetch_en = mubi4_t'(reg2hw.exec.q);
381 // SEC_CM: EXEC.INTERSIG.MUBI
382 assign en_ifetch = (mubi8_test_true_strict(otp_en_sram_ifetch)) ? reg_ifetch_en :
383 lc_ifetch_en;
384 end else begin : gen_tieoff
385 assign en_ifetch = MuBi4False;
386
387 // tie off unused signals
388 logic unused_sigs;
389 1/1 assign unused_sigs = ^{lc_hw_debug_en_i,
Tests: T1 T2 T3
390 reg2hw.exec.q,
391 otp_en_sram_ifetch_i};
392 end
393
394 /////////////////////////
395 // Initialization LFSR //
396 /////////////////////////
397
398 logic [LfsrWidth-1:0] lfsr_out;
399 prim_lfsr #(
400 .LfsrDw ( LfsrWidth ),
401 .EntropyDw ( LfsrWidth ),
402 .StateOutDw ( LfsrWidth ),
403 .DefaultSeed ( RndCnstLfsrSeed ),
404 .StatePermEn ( 1'b1 ),
405 .StatePerm ( RndCnstLfsrPerm )
406 ) u_lfsr (
407 .clk_i,
408 .rst_ni,
409 .lfsr_en_i(init_req),
410 .seed_en_i(init_trig),
411 .seed_i(nonce_q[NonceWidth +: LfsrWidth]),
412 .entropy_i('0),
413 .state_o(lfsr_out)
414 );
415
416 // Compute the correct integrity alongside for the pseudo-random initialization values.
417 logic [DataWidth - 1 :0] lfsr_out_integ;
418 tlul_data_integ_enc u_tlul_data_integ_enc (
419 .data_i(lfsr_out),
420 .data_intg_o(lfsr_out_integ)
421 );
422
423 ////////////////////////////
424 // SRAM TL-UL Access Gate //
425 ////////////////////////////
426
427 logic tl_gate_resp_pending;
428 tlul_pkg::tl_h2d_t ram_tl_in_gated;
429 tlul_pkg::tl_d2h_t ram_tl_out_gated;
430
431 // SEC_CM: RAM_TL_LC_GATE.FSM.SPARSE
432 tlul_lc_gate #(
433 .NumGatesPerDirection(2)
434 ) u_tlul_lc_gate (
435 .clk_i,
436 .rst_ni,
437 .tl_h2d_i(ram_tl_i),
438 .tl_d2h_o(ram_tl_o),
439 .tl_h2d_o(ram_tl_in_gated),
440 .tl_d2h_i(ram_tl_out_gated),
441 .flush_req_i('0),
442 .flush_ack_o(),
443 .resp_pending_o(tl_gate_resp_pending),
444 .lc_en_i (lc_tlul_gate_en),
445 .err_o (bus_integ_error[2])
446 );
447
448 /////////////////////////////////
449 // SRAM with scrambling device //
450 /////////////////////////////////
451
452 logic tlul_req, tlul_gnt, tlul_we;
453 logic [AddrWidth-1:0] tlul_addr;
454 logic [DataWidth-1:0] tlul_wdata, tlul_wmask;
455
456 logic sram_intg_error, sram_req, sram_gnt, sram_we, sram_rvalid;
457 logic [AddrWidth-1:0] sram_addr;
458 logic [DataWidth-1:0] sram_wdata, sram_wmask, sram_rdata;
459 logic sram_wpending, sram_wr_collision;
460
461 logic sram_compound_txn_in_progress;
462
463
464 // // SEC_CM: MEM.READBACK
465 mubi4_t reg_readback_en;
466 1/1 assign reg_readback_en = mubi4_t'(reg2hw.readback.q);
Tests: T1 T2 T3
467
468 tlul_adapter_sram #(
469 .SramAw(AddrWidth),
470 .SramDw(DataWidth - tlul_pkg::DataIntgWidth),
471 .Outstanding(2),
472 .ByteAccess(1),
473 .CmdIntgCheck(1),
474 .EnableRspIntgGen(1),
475 .EnableDataIntgGen(0),
476 .EnableDataIntgPt(1), // SEC_CM: MEM.INTEGRITY
477 .SecFifoPtr (1), // SEC_CM: TLUL_FIFO.CTR.REDUN
478 .EnableReadback (1) // SEC_CM: MEM.READBACK
479 ) u_tlul_adapter_sram (
480 .clk_i,
481 .rst_ni,
482 .tl_i (ram_tl_in_gated),
483 .tl_o (ram_tl_out_gated),
484 .en_ifetch_i (en_ifetch),
485 .req_o (tlul_req),
486 .req_type_o (),
487 .gnt_i (tlul_gnt),
488 .we_o (tlul_we),
489 .addr_o (tlul_addr),
490 .wdata_o (tlul_wdata),
491 .wmask_o (tlul_wmask),
492 // SEC_CM: BUS.INTEGRITY
493 .intg_error_o (bus_integ_error[1]),
494 .rdata_i (sram_rdata),
495 .rvalid_i (sram_rvalid),
496 .rerror_i ('0),
497 .compound_txn_in_progress_o (sram_compound_txn_in_progress),
498 .readback_en_i (reg_readback_en),
499 .readback_error_o (readback_error),
500 .wr_collision_i (sram_wr_collision),
501 .write_pending_i (sram_wpending)
502 );
503
504 logic key_valid;
505
506 // Interposing mux logic for initialization with pseudo random data.
507 1/1 assign sram_req = tlul_req | init_req;
Tests: T1 T2 T3
508 // This grant signal acts more like a ready internally in tlul_adapter_sram. In particular it's
509 // fine to assert it when tlul_req is low (it has no effect). So here tlul_gnt is asserted when
510 // a request from tlul_req will be granted regardless of whether a request exists. This is done
511 // for timing reasons so that the output TL ready isn't combinatorially connected to the incoming
512 // TL valid. In particular we must not use `sram_gnt` in the expression to avoid this.
513 1/1 assign tlul_gnt = key_valid & ~init_req;
Tests: T1 T2 T3
514 1/1 assign sram_we = tlul_we | init_req;
Tests: T1 T2 T3
515 1/1 assign sram_intg_error = |bus_integ_error[2:1] & ~init_req;
Tests: T1 T2 T3
516 1/1 assign sram_addr = (init_req) ? init_cnt : tlul_addr;
Tests: T1 T2 T3
517 1/1 assign sram_wdata = (init_req) ? lfsr_out_integ : tlul_wdata;
Tests: T1 T2 T3
518 1/1 assign sram_wmask = (init_req) ? {DataWidth{1'b1}} : tlul_wmask;
Tests: T1 T2 T3
519
520 // The SRAM scrambling wrapper will not accept any transactions while the
521 // key req is pending or if we have escalated. Note that we're not using
522 // the scr_key_valid CSR here, such that the SRAM can be used right after
523 // reset, where the keys are reset to the default netlist constant.
524 //
525 // If we have escalated, but there is a pending request in the TL gate, we may have a pending
526 // read-modify-write transaction or readback in the SRAM adapter. In that case we force key_valid
527 // high to enable that to complete so it returns a response, the TL gate won't accept any new
528 // transactions and the SRAM keys have been clobbered already.
529 1/1 assign key_valid =
Tests: T1 T2 T3
530 (key_req_pending_q) ? 1'b0 :
531 (reg2hw.status.escalated.q) ? (tl_gate_resp_pending & sram_compound_txn_in_progress) : 1'b1;
532
533 // SEC_CM: MEM.SCRAMBLE, ADDR.SCRAMBLE
534 prim_ram_1p_scr #(
535 .Width(DataWidth),
536 .Depth(Depth),
537 .EnableParity(0),
538 .DataBitsPerMask(DataWidth)
539 ) u_prim_ram_1p_scr (
540 .clk_i,
541 .rst_ni,
542
543 .key_valid_i (key_valid),
544 .key_i (key_q),
545 .nonce_i (nonce_q[NonceWidth-1:0]),
546
547 .req_i (sram_req),
548 .intg_error_i (sram_intg_error),
549 .gnt_o (sram_gnt),
550 .write_i (sram_we),
551 .addr_i (sram_addr),
552 .wdata_i (sram_wdata),
553 .wmask_i (sram_wmask),
554 .rdata_o (sram_rdata),
555 .rvalid_o (sram_rvalid),
556 .rerror_o ( ),
557 .raddr_o ( ),
558 .cfg_i,
559 .wr_collision_o (sram_wr_collision),
560 .write_pending_o (sram_wpending),
561 .alert_o (sram_alert)
562 );
563
564 logic unused_sram_gnt;
565 // Ignore sram_gnt signal to avoid creating a bad timing path, see comment on `tlul_gnt` above for
566 // more details.
567 1/1 assign unused_sram_gnt = sram_gnt;
Tests: T1 T2 T3
Cond Coverage for Module :
sram_ctrl
| Total | Covered | Percent |
|---|
| Conditions | 101 | 88 | 87.13 |
| Logical | 101 | 88 | 87.13 |
| Non-Logical | 0 | 0 | |
| Event | 0 | 0 | |
LINE 134
EXPRESSION (reg2hw.alert_test.q & reg2hw.alert_test.qe)
---------1--------- ----------2---------
| -1- | -2- | Status | Tests |
|---|
| 0 | 1 | Covered | T10,T11,T13 |
| 1 | 0 | Covered | T1,T2,T3 |
| 1 | 1 | Covered | T10,T11,T13 |
LINE 152
EXPRESSION (((|bus_integ_error)) | init_error | readback_error | sram_alert)
----------1--------- -----2---- -------3------ -----4----
| -1- | -2- | -3- | -4- | Status | Tests |
|---|
| 0 | 0 | 0 | 0 | Covered | T1,T2,T3 |
| 0 | 0 | 0 | 1 | Not Covered | |
| 0 | 0 | 1 | 0 | Not Covered | |
| 0 | 1 | 0 | 0 | Covered | T5,T14,T15 |
| 1 | 0 | 0 | 0 | Covered | T5,T14,T15 |
LINE 194
EXPRESSION
Number Term
1 reg2hw.status.escalated.q |
2 reg2hw.status.init_error.q |
3 reg2hw.status.bus_integ_error.q |
4 reg2hw.status.sram_alert.q |
5 reg2hw.status.readback_error.q)
| -1- | -2- | -3- | -4- | -5- | Status | Tests |
|---|
| 0 | 0 | 0 | 0 | 0 | Covered | T1,T2,T3 |
| 0 | 0 | 0 | 0 | 1 | Not Covered | |
| 0 | 0 | 0 | 1 | 0 | Not Covered | |
| 0 | 0 | 1 | 0 | 0 | Covered | T5,T14,T15 |
| 0 | 1 | 0 | 0 | 0 | Covered | T5,T14,T15 |
| 1 | 0 | 0 | 0 | 0 | Covered | T3,T6,T7 |
LINE 202
EXPRESSION (escalate | init_error | ((|bus_integ_error)) | sram_alert | readback_error | local_esc_reg)
----1--- -----2---- ----------3--------- -----4---- -------5------ ------6------
| -1- | -2- | -3- | -4- | -5- | -6- | Status | Tests |
|---|
| 0 | 0 | 0 | 0 | 0 | 0 | Covered | T1,T2,T3 |
| 0 | 0 | 0 | 0 | 0 | 1 | Covered | T3,T5,T6 |
| 0 | 0 | 0 | 0 | 1 | 0 | Not Covered | |
| 0 | 0 | 0 | 1 | 0 | 0 | Not Covered | |
| 0 | 0 | 1 | 0 | 0 | 0 | Covered | T5,T14,T15 |
| 0 | 1 | 0 | 0 | 0 | 0 | Covered | T5,T14,T15 |
| 1 | 0 | 0 | 0 | 0 | 0 | Covered | T3,T6,T7 |
LINE 221
EXPRESSION (reg2hw.ctrl.init.q && reg2hw.ctrl.init.qe && ((!init_q)))
---------1-------- ---------2--------- -----3-----
| -1- | -2- | -3- | Status | Tests |
|---|
| 0 | 1 | 1 | Covered | T3,T6,T16 |
| 1 | 0 | 1 | Covered | T1,T2,T3 |
| 1 | 1 | 0 | Not Covered | |
| 1 | 1 | 1 | Covered | T1,T2,T3 |
LINE 226
EXPRESSION (init_done ? 1'b0 : (init_trig ? 1'b1 : init_q))
----1----
| -1- | Status | Tests |
|---|
| 0 | Covered | T1,T2,T3 |
| 1 | Covered | T1,T2,T3 |
LINE 226
SUB-EXPRESSION (init_trig ? 1'b1 : init_q)
----1----
| -1- | Status | Tests |
|---|
| 0 | Covered | T1,T2,T3 |
| 1 | Covered | T1,T2,T3 |
LINE 242
EXPRESSION (init_q & ((~key_req_pending_q)))
---1-- -----------2----------
| -1- | -2- | Status | Tests |
|---|
| 0 | 1 | Covered | T1,T2,T3 |
| 1 | 0 | Covered | T1,T2,T3 |
| 1 | 1 | Covered | T1,T2,T3 |
LINE 243
EXPRESSION ((init_cnt == 10'((Depth - 1))) & init_req)
---------------1-------------- ----2---
| -1- | -2- | Status | Tests |
|---|
| 0 | 1 | Covered | T1,T2,T3 |
| 1 | 0 | Covered | T1,T2,T3 |
| 1 | 1 | Covered | T1,T2,T3 |
LINE 243
SUB-EXPRESSION (init_cnt == 10'((Depth - 1)))
---------------1--------------
| -1- | Status | Tests |
|---|
| 0 | Covered | T1,T2,T3 |
| 1 | Covered | T1,T2,T3 |
LINE 267
EXPRESSION (init_done & ((~init_trig)) & ((~local_esc)))
----1---- -------2------ -------3------
| -1- | -2- | -3- | Status | Tests |
|---|
| 0 | 1 | 1 | Covered | T1,T2,T3 |
| 1 | 0 | 1 | Not Covered | |
| 1 | 1 | 0 | Covered | T3,T6,T7 |
| 1 | 1 | 1 | Covered | T1,T2,T3 |
LINE 268
EXPRESSION (init_done | init_trig | local_esc)
----1---- ----2---- ----3----
| -1- | -2- | -3- | Status | Tests |
|---|
| 0 | 0 | 0 | Covered | T1,T2,T3 |
| 0 | 0 | 1 | Covered | T3,T5,T6 |
| 0 | 1 | 0 | Covered | T1,T2,T3 |
| 1 | 0 | 0 | Covered | T1,T2,T3 |
LINE 279
EXPRESSION (reg2hw.ctrl.renew_scr_key.q && reg2hw.ctrl.renew_scr_key.qe && ((!key_req_pending_q)) && ((!init_q)))
-------------1------------- --------------2------------- -----------3---------- -----4-----
| -1- | -2- | -3- | -4- | Status | Tests |
|---|
| 0 | 1 | 1 | 1 | Covered | T17,T18,T19 |
| 1 | 0 | 1 | 1 | Covered | T1,T2,T3 |
| 1 | 1 | 0 | 1 | Not Covered | |
| 1 | 1 | 1 | 0 | Not Covered | |
| 1 | 1 | 1 | 1 | Covered | T1,T2,T3 |
LINE 284
EXPRESSION (key_req ? 1'b1 : (key_ack ? 1'b0 : key_req_pending_q))
---1---
| -1- | Status | Tests |
|---|
| 0 | Covered | T1,T2,T3 |
| 1 | Covered | T1,T2,T3 |
LINE 284
SUB-EXPRESSION (key_ack ? 1'b0 : key_req_pending_q)
---1---
| -1- | Status | Tests |
|---|
| 0 | Covered | T1,T2,T3 |
| 1 | Covered | T1,T2,T3 |
LINE 288
EXPRESSION (key_ack & ((~key_req)) & ((~local_esc)))
---1--- ------2----- -------3------
| -1- | -2- | -3- | Status | Tests |
|---|
| 0 | 1 | 1 | Covered | T1,T2,T3 |
| 1 | 0 | 1 | Not Covered | |
| 1 | 1 | 0 | Covered | T3,T6,T7 |
| 1 | 1 | 1 | Covered | T1,T2,T3 |
LINE 289
EXPRESSION (key_req | key_ack | local_esc)
---1--- ---2--- ----3----
| -1- | -2- | -3- | Status | Tests |
|---|
| 0 | 0 | 0 | Covered | T1,T2,T3 |
| 0 | 0 | 1 | Covered | T3,T5,T6 |
| 0 | 1 | 0 | Covered | T1,T2,T3 |
| 1 | 0 | 0 | Covered | T1,T2,T3 |
LINE 293
EXPRESSION ((key_ack & ((~local_esc))) ? MuBi4True : MuBi4False)
-------------1------------
| -1- | Status | Tests |
|---|
| 0 | Covered | T1,T2,T3 |
| 1 | Covered | T1,T2,T3 |
LINE 293
SUB-EXPRESSION (key_ack & ((~local_esc)))
---1--- -------2------
| -1- | -2- | Status | Tests |
|---|
| 0 | 1 | Covered | T1,T2,T3 |
| 1 | 0 | Covered | T3,T6,T7 |
| 1 | 1 | Covered | T1,T2,T3 |
LINE 294
EXPRESSION (key_ack | local_esc)
---1--- ----2----
| -1- | -2- | Status | Tests |
|---|
| 0 | 0 | Covered | T1,T2,T3 |
| 0 | 1 | Covered | T3,T5,T6 |
| 1 | 0 | Covered | T1,T2,T3 |
LINE 298
EXPRESSION (key_seed_valid & ((~local_esc)))
-------1------ -------2------
| -1- | -2- | Status | Tests |
|---|
| 0 | 1 | Covered | T2,T3,T9 |
| 1 | 0 | Covered | T3,T6,T7 |
| 1 | 1 | Covered | T1,T2,T3 |
LINE 299
EXPRESSION (key_ack | local_esc)
---1--- ----2----
| -1- | -2- | Status | Tests |
|---|
| 0 | 0 | Covered | T1,T2,T3 |
| 0 | 1 | Covered | T3,T5,T6 |
| 1 | 0 | Covered | T1,T2,T3 |
LINE 507
EXPRESSION (tlul_req | init_req)
----1--- ----2---
| -1- | -2- | Status | Tests |
|---|
| 0 | 0 | Covered | T1,T2,T3 |
| 0 | 1 | Covered | T1,T2,T3 |
| 1 | 0 | Covered | T2,T3,T4 |
LINE 513
EXPRESSION (key_valid & ((~init_req)))
----1---- ------2------
| -1- | -2- | Status | Tests |
|---|
| 0 | 1 | Covered | T1,T2,T3 |
| 1 | 0 | Covered | T1,T2,T3 |
| 1 | 1 | Covered | T1,T2,T3 |
LINE 514
EXPRESSION (tlul_we | init_req)
---1--- ----2---
| -1- | -2- | Status | Tests |
|---|
| 0 | 0 | Covered | T1,T2,T3 |
| 0 | 1 | Covered | T1,T2,T3 |
| 1 | 0 | Covered | T2,T3,T4 |
LINE 515
EXPRESSION (((|bus_integ_error[2:1])) & ((~init_req)))
------------1------------ ------2------
| -1- | -2- | Status | Tests |
|---|
| 0 | 1 | Covered | T1,T2,T3 |
| 1 | 0 | Not Covered | |
| 1 | 1 | Covered | T5,T14,T15 |
LINE 516
EXPRESSION (init_req ? init_cnt : tlul_addr)
----1---
| -1- | Status | Tests |
|---|
| 0 | Covered | T1,T2,T3 |
| 1 | Covered | T1,T2,T3 |
LINE 517
EXPRESSION (init_req ? lfsr_out_integ : tlul_wdata)
----1---
| -1- | Status | Tests |
|---|
| 0 | Covered | T1,T2,T3 |
| 1 | Covered | T1,T2,T3 |
LINE 518
EXPRESSION (init_req ? ({sram_ctrl_pkg::DataWidth {1'b1}}) : tlul_wmask)
----1---
| -1- | Status | Tests |
|---|
| 0 | Covered | T1,T2,T3 |
| 1 | Covered | T1,T2,T3 |
LINE 529
EXPRESSION (key_req_pending_q ? 1'b0 : (reg2hw.status.escalated.q ? (tl_gate_resp_pending & sram_compound_txn_in_progress) : 1'b1))
--------1--------
| -1- | Status | Tests |
|---|
| 0 | Covered | T1,T2,T3 |
| 1 | Covered | T1,T2,T3 |
LINE 529
SUB-EXPRESSION (reg2hw.status.escalated.q ? (tl_gate_resp_pending & sram_compound_txn_in_progress) : 1'b1)
------------1------------
| -1- | Status | Tests |
|---|
| 0 | Covered | T1,T2,T3 |
| 1 | Covered | T3,T6,T7 |
LINE 529
SUB-EXPRESSION (tl_gate_resp_pending & sram_compound_txn_in_progress)
----------1--------- --------------2--------------
| -1- | -2- | Status | Tests |
|---|
| 0 | 1 | Not Covered | |
| 1 | 0 | Covered | T3,T6,T7 |
| 1 | 1 | Covered | T6,T7,T20 |
Toggle Coverage for Module :
sram_ctrl
| Total | Covered | Percent |
| Totals |
62 |
62 |
100.00 |
| Total Bits |
1230 |
1230 |
100.00 |
| Total Bits 0->1 |
615 |
615 |
100.00 |
| Total Bits 1->0 |
615 |
615 |
100.00 |
| | | |
| Ports |
62 |
62 |
100.00 |
| Port Bits |
1230 |
1230 |
100.00 |
| Port Bits 0->1 |
615 |
615 |
100.00 |
| Port Bits 1->0 |
615 |
615 |
100.00 |
Port Details
| Name | Toggle | Toggle 1->0 | Tests | Toggle 0->1 | Tests | Direction |
| clk_i |
Yes |
Yes |
T1,T2,T3 |
Yes |
T1,T2,T3 |
INPUT |
| rst_ni |
Yes |
Yes |
T3,T5,T6 |
Yes |
T1,T2,T3 |
INPUT |
| clk_otp_i |
Yes |
Yes |
T1,T2,T3 |
Yes |
T1,T2,T3 |
INPUT |
| rst_otp_ni |
Yes |
Yes |
T3,T5,T6 |
Yes |
T1,T2,T3 |
INPUT |
| ram_tl_i.d_ready |
Yes |
Yes |
T1,T3,T10 |
Yes |
T1,T2,T3 |
INPUT |
| ram_tl_i.a_user.data_intg[6:0] |
Yes |
Yes |
T1,T2,T3 |
Yes |
T2,T3,T4 |
INPUT |
| ram_tl_i.a_user.cmd_intg[6:0] |
Yes |
Yes |
T2,T3,T4 |
Yes |
T2,T3,T4 |
INPUT |
| ram_tl_i.a_user.instr_type[3:0] |
Yes |
Yes |
T3,T5,T8 |
Yes |
T1,T3,T5 |
INPUT |
| ram_tl_i.a_user.rsvd[4:0] |
Unreachable |
Unreachable |
|
Unreachable |
|
INPUT |
| ram_tl_i.a_data[31:0] |
Yes |
Yes |
T2,T3,T4 |
Yes |
T2,T3,T4 |
INPUT |
| ram_tl_i.a_mask[3:0] |
Yes |
Yes |
T2,T3,T4 |
Yes |
T2,T3,T4 |
INPUT |
| ram_tl_i.a_address[31:0] |
Yes |
Yes |
T2,T3,T4 |
Yes |
T1,T2,T3 |
INPUT |
| ram_tl_i.a_source[7:0] |
Yes |
Yes |
T1,T2,T3 |
Yes |
T2,T3,T4 |
INPUT |
| ram_tl_i.a_size[1:0] |
Yes |
Yes |
T2,T3,T4 |
Yes |
T2,T3,T4 |
INPUT |
| ram_tl_i.a_param[2:0] |
Unreachable |
Unreachable |
|
Unreachable |
|
INPUT |
| ram_tl_i.a_opcode[2:0] |
Yes |
Yes |
T2,T3,T4 |
Yes |
T2,T3,T4 |
INPUT |
| ram_tl_i.a_valid |
Yes |
Yes |
T2,T3,T4 |
Yes |
T2,T3,T4 |
INPUT |
| ram_tl_o.a_ready |
Yes |
Yes |
T1,T2,T3 |
Yes |
T1,T2,T3 |
OUTPUT |
| ram_tl_o.d_error |
Yes |
Yes |
T1,T2,T3 |
Yes |
T3,T5,T6 |
OUTPUT |
| ram_tl_o.d_user.data_intg[6:0] |
Yes |
Yes |
T2,T3,T4 |
Yes |
T2,T3,T4 |
OUTPUT |
| ram_tl_o.d_user.rsp_intg[5:0] |
Yes |
Yes |
T2,T3,T4 |
Yes |
T1,T2,T3 |
OUTPUT |
| ram_tl_o.d_user.rsp_intg[6] |
Unreachable |
Unreachable |
|
Unreachable |
|
OUTPUT |
| ram_tl_o.d_data[31:0] |
Yes |
Yes |
T2,T3,T4 |
Yes |
T2,T3,T4 |
OUTPUT |
| ram_tl_o.d_sink |
Unreachable |
Unreachable |
|
Unreachable |
|
OUTPUT |
| ram_tl_o.d_source[7:0] |
Yes |
Yes |
T2,T3,T4 |
Yes |
T2,T3,T4 |
OUTPUT |
| ram_tl_o.d_size[1:0] |
Yes |
Yes |
T2,T3,T4 |
Yes |
T2,T3,T4 |
OUTPUT |
| ram_tl_o.d_param[2:0] |
Unreachable |
Unreachable |
|
Unreachable |
|
OUTPUT |
| ram_tl_o.d_opcode[0] |
Yes |
Yes |
*T2,*T3,*T4 |
Yes |
T2,T3,T4 |
OUTPUT |
| ram_tl_o.d_opcode[2:1] |
Unreachable |
Unreachable |
|
Unreachable |
|
OUTPUT |
| ram_tl_o.d_valid |
Yes |
Yes |
T2,T3,T4 |
Yes |
T2,T3,T4 |
OUTPUT |
| regs_tl_i.d_ready |
Yes |
Yes |
T1,T3,T10 |
Yes |
T1,T2,T3 |
INPUT |
| regs_tl_i.a_user.data_intg[6:0] |
Yes |
Yes |
T3,T10,T4 |
Yes |
T1,T3,T10 |
INPUT |
| regs_tl_i.a_user.cmd_intg[6:0] |
Yes |
Yes |
T1,T3,T10 |
Yes |
T3,T10,T4 |
INPUT |
| regs_tl_i.a_user.instr_type[3:0] |
Yes |
Yes |
T1,T3,T10 |
Yes |
T1,T3,T10 |
INPUT |
| regs_tl_i.a_user.rsvd[4:0] |
Unreachable |
Unreachable |
|
Unreachable |
|
INPUT |
| regs_tl_i.a_data[31:0] |
Yes |
Yes |
T1,T3,T10 |
Yes |
T1,T3,T10 |
INPUT |
| regs_tl_i.a_mask[3:0] |
Yes |
Yes |
T1,T3,T10 |
Yes |
T1,T3,T10 |
INPUT |
| regs_tl_i.a_address[31:0] |
Yes |
Yes |
T1,T3,T10 |
Yes |
T3,T10,T4 |
INPUT |
| regs_tl_i.a_source[7:0] |
Yes |
Yes |
T1,T3,T10 |
Yes |
T1,T3,T10 |
INPUT |
| regs_tl_i.a_size[1:0] |
Yes |
Yes |
T1,T3,T10 |
Yes |
T1,T2,T3 |
INPUT |
| regs_tl_i.a_param[2:0] |
Unreachable |
Unreachable |
|
Unreachable |
|
INPUT |
| regs_tl_i.a_opcode[2:0] |
Yes |
Yes |
T1,T3,T10 |
Yes |
T1,T2,T3 |
INPUT |
| regs_tl_i.a_valid |
Yes |
Yes |
T1,T2,T3 |
Yes |
T1,T2,T3 |
INPUT |
| regs_tl_o.a_ready |
Yes |
Yes |
T1,T2,T3 |
Yes |
T1,T2,T3 |
OUTPUT |
| regs_tl_o.d_error |
Yes |
Yes |
T21,T17,T18 |
Yes |
T21,T17,T18 |
OUTPUT |
| regs_tl_o.d_user.data_intg[6:0] |
Yes |
Yes |
T3,T5,T6 |
Yes |
T3,T5,T6 |
OUTPUT |
| regs_tl_o.d_user.rsp_intg[5:0] |
Yes |
Yes |
*T3,*T10,*T5 |
Yes |
T2,T3,T10 |
OUTPUT |
| regs_tl_o.d_user.rsp_intg[6] |
Unreachable |
Unreachable |
|
Unreachable |
|
OUTPUT |
| regs_tl_o.d_data[31:0] |
Yes |
Yes |
T3,T5,T6 |
Yes |
T1,T2,T3 |
OUTPUT |
| regs_tl_o.d_sink |
Unreachable |
Unreachable |
|
Unreachable |
|
OUTPUT |
| regs_tl_o.d_source[7:0] |
Yes |
Yes |
T3,T10,T8 |
Yes |
T1,T3,T10 |
OUTPUT |
| regs_tl_o.d_size[1:0] |
Yes |
Yes |
T3,T10,T5 |
Yes |
T2,T3,T10 |
OUTPUT |
| regs_tl_o.d_param[2:0] |
Unreachable |
Unreachable |
|
Unreachable |
|
OUTPUT |
| regs_tl_o.d_opcode[0] |
Yes |
Yes |
*T3,*T5,*T6 |
Yes |
T3,T5,T6 |
OUTPUT |
| regs_tl_o.d_opcode[2:1] |
Unreachable |
Unreachable |
|
Unreachable |
|
OUTPUT |
| regs_tl_o.d_valid |
Yes |
Yes |
T1,T2,T3 |
Yes |
T1,T2,T3 |
OUTPUT |
| alert_rx_i[0].ack_n |
Yes |
Yes |
T1,T2,T3 |
Yes |
T1,T2,T3 |
INPUT |
| alert_rx_i[0].ack_p |
Yes |
Yes |
T10,T5,T11 |
Yes |
T10,T5,T11 |
INPUT |
| alert_rx_i[0].ping_n |
Unreachable |
Unreachable |
|
Unreachable |
|
INPUT |
| alert_rx_i[0].ping_p |
Unreachable |
Unreachable |
|
Unreachable |
|
INPUT |
| alert_tx_o[0].alert_n |
Yes |
Yes |
T1,T2,T3 |
Yes |
T1,T2,T3 |
OUTPUT |
| alert_tx_o[0].alert_p |
Yes |
Yes |
T10,T5,T11 |
Yes |
T10,T5,T11 |
OUTPUT |
| lc_escalate_en_i[3:0] |
Yes |
Yes |
T3,T6,T7 |
Yes |
T3,T6,T7 |
INPUT |
| lc_hw_debug_en_i[3:0] |
Yes |
Yes |
T17,T18,T19 |
Yes |
T17,T18,T19 |
INPUT |
| otp_en_sram_ifetch_i[7:0] |
Yes |
Yes |
T17,T18,T22 |
Yes |
T17,T18,T22 |
INPUT |
| sram_otp_key_o.req |
Yes |
Yes |
T1,T2,T3 |
Yes |
T1,T2,T3 |
OUTPUT |
| sram_otp_key_i.seed_valid |
Yes |
Yes |
T2,T3,T6 |
Yes |
T3,T9,T6 |
INPUT |
| sram_otp_key_i.nonce[127:0] |
Yes |
Yes |
T2,T3,T6 |
Yes |
T3,T6,T23 |
INPUT |
| sram_otp_key_i.key[127:0] |
Yes |
Yes |
T2,T3,T6 |
Yes |
T3,T6,T16 |
INPUT |
| sram_otp_key_i.ack |
Yes |
Yes |
T1,T2,T3 |
Yes |
T1,T2,T3 |
INPUT |
| cfg_i.rf_cfg.cfg[3:0] |
Yes |
Yes |
T1,T12,T24 |
Yes |
T1,T12,T24 |
INPUT |
| cfg_i.rf_cfg.cfg_en |
Yes |
Yes |
T1,T12,T24 |
Yes |
T1,T12,T24 |
INPUT |
| cfg_i.rf_cfg.test |
Yes |
Yes |
T1,T12,T24 |
Yes |
T1,T12,T24 |
INPUT |
| cfg_i.ram_cfg.cfg[3:0] |
Yes |
Yes |
T1,T12,T24 |
Yes |
T1,T12,T24 |
INPUT |
| cfg_i.ram_cfg.cfg_en |
Yes |
Yes |
T1,T12,T24 |
Yes |
T1,T12,T24 |
INPUT |
| cfg_i.ram_cfg.test |
Yes |
Yes |
T1,T12,T24 |
Yes |
T1,T12,T24 |
INPUT |
*Tests covering at least one bit in the range
Branch Coverage for Module :
sram_ctrl
| Line No. | Total | Covered | Percent |
| Branches |
|
24 |
24 |
100.00 |
| TERNARY |
226 |
3 |
3 |
100.00 |
| TERNARY |
284 |
3 |
3 |
100.00 |
| TERNARY |
293 |
2 |
2 |
100.00 |
| TERNARY |
516 |
2 |
2 |
100.00 |
| TERNARY |
517 |
2 |
2 |
100.00 |
| TERNARY |
518 |
2 |
2 |
100.00 |
| TERNARY |
529 |
3 |
3 |
100.00 |
| IF |
230 |
2 |
2 |
100.00 |
| IF |
302 |
5 |
5 |
100.00 |
226 assign init_d = (init_done) ? 1'b0 :
-1-
==>
227 (init_trig) ? 1'b1 : init_q;
-2-
==>
==>
Branches:
| -1- | -2- | Status | Tests |
| 1 |
- |
Covered |
T1,T2,T3 |
| 0 |
1 |
Covered |
T1,T2,T3 |
| 0 |
0 |
Covered |
T1,T2,T3 |
284 assign key_req_pending_d = (key_req) ? 1'b1 :
-1-
==>
285 (key_ack) ? 1'b0 : key_req_pending_q;
-2-
==>
==>
Branches:
| -1- | -2- | Status | Tests |
| 1 |
- |
Covered |
T1,T2,T3 |
| 0 |
1 |
Covered |
T1,T2,T3 |
| 0 |
0 |
Covered |
T1,T2,T3 |
293 assign hw2reg.scr_key_rotated.d = (key_ack & ~local_esc) ? MuBi4True : MuBi4False;
-1-
==>
==>
Branches:
| -1- | Status | Tests |
| 1 |
Covered |
T1,T2,T3 |
| 0 |
Covered |
T1,T2,T3 |
516 assign sram_addr = (init_req) ? init_cnt : tlul_addr;
-1-
==>
==>
Branches:
| -1- | Status | Tests |
| 1 |
Covered |
T1,T2,T3 |
| 0 |
Covered |
T1,T2,T3 |
517 assign sram_wdata = (init_req) ? lfsr_out_integ : tlul_wdata;
-1-
==>
==>
Branches:
| -1- | Status | Tests |
| 1 |
Covered |
T1,T2,T3 |
| 0 |
Covered |
T1,T2,T3 |
518 assign sram_wmask = (init_req) ? {DataWidth{1'b1}} : tlul_wmask;
-1-
==>
==>
Branches:
| -1- | Status | Tests |
| 1 |
Covered |
T1,T2,T3 |
| 0 |
Covered |
T1,T2,T3 |
529 assign key_valid =
530 (key_req_pending_q) ? 1'b0 :
-1-
==>
531 (reg2hw.status.escalated.q) ? (tl_gate_resp_pending & sram_compound_txn_in_progress) : 1'b1;
-2-
==>
==>
Branches:
| -1- | -2- | Status | Tests |
| 1 |
- |
Covered |
T1,T2,T3 |
| 0 |
1 |
Covered |
T3,T6,T7 |
| 0 |
0 |
Covered |
T1,T2,T3 |
230 if(!rst_ni) begin
-1-
231 init_q <= 1'b0;
==>
232 end else begin
233 init_q <= init_d;
==>
Branches:
| -1- | Status | Tests |
| 1 |
Covered |
T1,T2,T3 |
| 0 |
Covered |
T1,T2,T3 |
302 if (!rst_ni) begin
-1-
303 key_req_pending_q <= 1'b0;
==>
304 // reset case does not use buffered values as the
305 // reset value will be directly encoded into flop types
306 key_q <= RndCnstSramKey;
307 nonce_q <= RndCnstSramNonce;
308 end else begin
309 key_req_pending_q <= key_req_pending_d;
310 if (key_ack) begin
-2-
311 key_q <= key_d;
==>
312 nonce_q <= nonce_d;
313 end
MISSING_ELSE
==>
314 // This scraps the keys.
315 // SEC_CM: KEY.GLOBAL_ESC
316 // SEC_CM: KEY.LOCAL_ESC
317 if (local_esc) begin
-3-
318 key_q <= cnst_sram_key;
==>
319 nonce_q <= cnst_sram_nonce;
320 end
MISSING_ELSE
==>
Branches:
| -1- | -2- | -3- | Status | Tests |
| 1 |
- |
- |
Covered |
T1,T2,T3 |
| 0 |
1 |
- |
Covered |
T1,T2,T3 |
| 0 |
0 |
- |
Covered |
T1,T2,T3 |
| 0 |
- |
1 |
Covered |
T3,T5,T6 |
| 0 |
- |
0 |
Covered |
T1,T2,T3 |
Assert Coverage for Module :
sram_ctrl
Assertion Details
AlertOutKnown_A
| Name | Attempts | Real Successes | Failures | Incomplete |
| Total |
300519288 |
300410729 |
0 |
0 |
| T1 |
1803 |
1741 |
0 |
0 |
| T2 |
6026 |
5964 |
0 |
0 |
| T3 |
11544 |
11419 |
0 |
0 |
| T4 |
5695 |
5640 |
0 |
0 |
| T5 |
16001 |
10504 |
0 |
0 |
| T8 |
28898 |
28846 |
0 |
0 |
| T9 |
3560 |
3509 |
0 |
0 |
| T10 |
864 |
785 |
0 |
0 |
| T11 |
821 |
771 |
0 |
0 |
| T12 |
2413 |
2359 |
0 |
0 |
FpvSecCmCntCheck_A
| Name | Attempts | Real Successes | Failures | Incomplete |
| Total |
300519288 |
90 |
0 |
0 |
| T5 |
16001 |
20 |
0 |
0 |
| T6 |
42794 |
0 |
0 |
0 |
| T8 |
28898 |
0 |
0 |
0 |
| T11 |
821 |
0 |
0 |
0 |
| T12 |
2413 |
0 |
0 |
0 |
| T13 |
987 |
0 |
0 |
0 |
| T14 |
24512 |
20 |
0 |
0 |
| T15 |
0 |
20 |
0 |
0 |
| T23 |
2906 |
0 |
0 |
0 |
| T25 |
0 |
10 |
0 |
0 |
| T26 |
0 |
20 |
0 |
0 |
| T27 |
3922 |
0 |
0 |
0 |
| T28 |
2261 |
0 |
0 |
0 |
FpvSecCmLcGateFsmCheck_A
| Name | Attempts | Real Successes | Failures | Incomplete |
| Total |
300519288 |
0 |
0 |
0 |
FpvSecCmRegWeOnehotCheck_A
| Name | Attempts | Real Successes | Failures | Incomplete |
| Total |
300519288 |
90 |
0 |
0 |
| T5 |
16001 |
20 |
0 |
0 |
| T6 |
42794 |
0 |
0 |
0 |
| T8 |
28898 |
0 |
0 |
0 |
| T11 |
821 |
0 |
0 |
0 |
| T12 |
2413 |
0 |
0 |
0 |
| T13 |
987 |
0 |
0 |
0 |
| T14 |
24512 |
20 |
0 |
0 |
| T15 |
0 |
20 |
0 |
0 |
| T23 |
2906 |
0 |
0 |
0 |
| T25 |
0 |
10 |
0 |
0 |
| T26 |
0 |
20 |
0 |
0 |
| T27 |
3922 |
0 |
0 |
0 |
| T28 |
2261 |
0 |
0 |
0 |
FpvSecCmReqFifoRptrCheck_A
| Name | Attempts | Real Successes | Failures | Incomplete |
| Total |
300519288 |
0 |
0 |
0 |
FpvSecCmReqFifoWptrCheck_A
| Name | Attempts | Real Successes | Failures | Incomplete |
| Total |
300519288 |
0 |
0 |
0 |
FpvSecCmRspFifoRptrCheck_A
| Name | Attempts | Real Successes | Failures | Incomplete |
| Total |
300519288 |
90 |
0 |
0 |
| T5 |
16001 |
20 |
0 |
0 |
| T6 |
42794 |
0 |
0 |
0 |
| T8 |
28898 |
0 |
0 |
0 |
| T11 |
821 |
0 |
0 |
0 |
| T12 |
2413 |
0 |
0 |
0 |
| T13 |
987 |
0 |
0 |
0 |
| T14 |
24512 |
20 |
0 |
0 |
| T15 |
0 |
20 |
0 |
0 |
| T23 |
2906 |
0 |
0 |
0 |
| T25 |
0 |
10 |
0 |
0 |
| T26 |
0 |
20 |
0 |
0 |
| T27 |
3922 |
0 |
0 |
0 |
| T28 |
2261 |
0 |
0 |
0 |
FpvSecCmRspFifoWptrCheck_A
| Name | Attempts | Real Successes | Failures | Incomplete |
| Total |
300519288 |
90 |
0 |
0 |
| T5 |
16001 |
20 |
0 |
0 |
| T6 |
42794 |
0 |
0 |
0 |
| T8 |
28898 |
0 |
0 |
0 |
| T11 |
821 |
0 |
0 |
0 |
| T12 |
2413 |
0 |
0 |
0 |
| T13 |
987 |
0 |
0 |
0 |
| T14 |
24512 |
20 |
0 |
0 |
| T15 |
0 |
20 |
0 |
0 |
| T23 |
2906 |
0 |
0 |
0 |
| T25 |
0 |
10 |
0 |
0 |
| T26 |
0 |
20 |
0 |
0 |
| T27 |
3922 |
0 |
0 |
0 |
| T28 |
2261 |
0 |
0 |
0 |
FpvSecCmSramReqFifoRptrCheck_A
| Name | Attempts | Real Successes | Failures | Incomplete |
| Total |
300519288 |
0 |
0 |
0 |
FpvSecCmSramReqFifoWptrCheck_A
| Name | Attempts | Real Successes | Failures | Incomplete |
| Total |
300519288 |
0 |
0 |
0 |
NonceWidthsLessThanSource_A
| Name | Attempts | Real Successes | Failures | Incomplete |
| Total |
894 |
894 |
0 |
0 |
| T1 |
1 |
1 |
0 |
0 |
| T2 |
1 |
1 |
0 |
0 |
| T3 |
1 |
1 |
0 |
0 |
| T4 |
1 |
1 |
0 |
0 |
| T5 |
1 |
1 |
0 |
0 |
| T8 |
1 |
1 |
0 |
0 |
| T9 |
1 |
1 |
0 |
0 |
| T10 |
1 |
1 |
0 |
0 |
| T11 |
1 |
1 |
0 |
0 |
| T12 |
1 |
1 |
0 |
0 |
RamTlOutKnown_A
| Name | Attempts | Real Successes | Failures | Incomplete |
| Total |
300519288 |
300410729 |
0 |
0 |
| T1 |
1803 |
1741 |
0 |
0 |
| T2 |
6026 |
5964 |
0 |
0 |
| T3 |
11544 |
11419 |
0 |
0 |
| T4 |
5695 |
5640 |
0 |
0 |
| T5 |
16001 |
10504 |
0 |
0 |
| T8 |
28898 |
28846 |
0 |
0 |
| T9 |
3560 |
3509 |
0 |
0 |
| T10 |
864 |
785 |
0 |
0 |
| T11 |
821 |
771 |
0 |
0 |
| T12 |
2413 |
2359 |
0 |
0 |
RamTlOutPayLoadKnown_A
| Name | Attempts | Real Successes | Failures | Incomplete |
| Total |
300519288 |
136285515 |
0 |
0 |
| T2 |
6026 |
1413 |
0 |
0 |
| T3 |
11544 |
638 |
0 |
0 |
| T4 |
5695 |
938 |
0 |
0 |
| T5 |
16001 |
983 |
0 |
0 |
| T6 |
0 |
3236 |
0 |
0 |
| T8 |
28898 |
9632 |
0 |
0 |
| T9 |
3560 |
99 |
0 |
0 |
| T10 |
864 |
0 |
0 |
0 |
| T11 |
821 |
0 |
0 |
0 |
| T12 |
2413 |
0 |
0 |
0 |
| T23 |
0 |
5 |
0 |
0 |
| T27 |
3922 |
996 |
0 |
0 |
| T28 |
0 |
562 |
0 |
0 |
RamTlOutPayLoadKnown_AKnownEnable
| Name | Attempts | Real Successes | Failures | Incomplete |
| Total |
300519288 |
300410729 |
0 |
0 |
| T1 |
1803 |
1741 |
0 |
0 |
| T2 |
6026 |
5964 |
0 |
0 |
| T3 |
11544 |
11419 |
0 |
0 |
| T4 |
5695 |
5640 |
0 |
0 |
| T5 |
16001 |
10504 |
0 |
0 |
| T8 |
28898 |
28846 |
0 |
0 |
| T9 |
3560 |
3509 |
0 |
0 |
| T10 |
864 |
785 |
0 |
0 |
| T11 |
821 |
771 |
0 |
0 |
| T12 |
2413 |
2359 |
0 |
0 |
RegsTlOutKnown_A
| Name | Attempts | Real Successes | Failures | Incomplete |
| Total |
300519288 |
300410729 |
0 |
0 |
| T1 |
1803 |
1741 |
0 |
0 |
| T2 |
6026 |
5964 |
0 |
0 |
| T3 |
11544 |
11419 |
0 |
0 |
| T4 |
5695 |
5640 |
0 |
0 |
| T5 |
16001 |
10504 |
0 |
0 |
| T8 |
28898 |
28846 |
0 |
0 |
| T9 |
3560 |
3509 |
0 |
0 |
| T10 |
864 |
785 |
0 |
0 |
| T11 |
821 |
771 |
0 |
0 |
| T12 |
2413 |
2359 |
0 |
0 |
SramOtpKeyKnown_A
| Name | Attempts | Real Successes | Failures | Incomplete |
| Total |
300519288 |
300410729 |
0 |
0 |
| T1 |
1803 |
1741 |
0 |
0 |
| T2 |
6026 |
5964 |
0 |
0 |
| T3 |
11544 |
11419 |
0 |
0 |
| T4 |
5695 |
5640 |
0 |
0 |
| T5 |
16001 |
10504 |
0 |
0 |
| T8 |
28898 |
28846 |
0 |
0 |
| T9 |
3560 |
3509 |
0 |
0 |
| T10 |
864 |
785 |
0 |
0 |
| T11 |
821 |
771 |
0 |
0 |
| T12 |
2413 |
2359 |
0 |
0 |
TlulGntIsCorrect_A
| Name | Attempts | Real Successes | Failures | Incomplete |
| Total |
300519288 |
65721254 |
0 |
0 |
| T2 |
6026 |
1976 |
0 |
0 |
| T3 |
11544 |
179 |
0 |
0 |
| T4 |
5695 |
2418 |
0 |
0 |
| T5 |
16001 |
0 |
0 |
0 |
| T6 |
0 |
1235 |
0 |
0 |
| T8 |
28898 |
3570 |
0 |
0 |
| T9 |
3560 |
136 |
0 |
0 |
| T10 |
864 |
0 |
0 |
0 |
| T11 |
821 |
0 |
0 |
0 |
| T12 |
2413 |
0 |
0 |
0 |
| T23 |
0 |
5 |
0 |
0 |
| T27 |
3922 |
1560 |
0 |
0 |
| T28 |
0 |
585 |
0 |
0 |
| T29 |
0 |
3889 |
0 |
0 |
Line Coverage for Instance : tb.dut
| Line No. | Total | Covered | Percent |
|---|
| TOTAL | | 52 | 52 | 100.00 |
| CONT_ASSIGN | 126 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 134 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 137 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 141 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 145 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 149 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 152 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 184 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 186 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 194 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 202 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 212 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 221 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 226 | 1 | 1 | 100.00 |
| ALWAYS | 230 | 3 | 3 | 100.00 |
| CONT_ASSIGN | 242 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 243 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 267 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 268 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 279 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 284 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 288 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 289 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 293 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 294 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 298 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 299 | 1 | 1 | 100.00 |
| ALWAYS | 302 | 11 | 11 | 100.00 |
| CONT_ASSIGN | 346 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 389 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 466 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 507 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 513 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 514 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 515 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 516 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 517 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 518 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 529 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 567 | 1 | 1 | 100.00 |
125 logic unused_nonce;
126 1/1 assign unused_nonce = ^nonce_q[otp_ctrl_pkg::SramNonceWidth-1:NonceWidth];
Tests: T1 T2 T3
127 end
128
129 //////////////////
130 // Alert Sender //
131 //////////////////
132
133 logic alert_test;
134 1/1 assign alert_test = reg2hw.alert_test.q & reg2hw.alert_test.qe;
Tests: T1 T2 T3
135
136 assign hw2reg.status.bus_integ_error.d = 1'b1;
137 1/1 assign hw2reg.status.bus_integ_error.de = |bus_integ_error;
Tests: T1 T2 T3
138
139 logic init_error;
140 assign hw2reg.status.init_error.d = 1'b1;
141 1/1 assign hw2reg.status.init_error.de = init_error;
Tests: T1 T2 T3
142
143 logic readback_error;
144 assign hw2reg.status.readback_error.d = 1'b1;
145 1/1 assign hw2reg.status.readback_error.de = readback_error;
Tests: T1 T2 T3
146
147 logic sram_alert;
148 assign hw2reg.status.sram_alert.d = 1'b1;
149 1/1 assign hw2reg.status.sram_alert.de = sram_alert;
Tests: T1 T2 T3
150
151 logic alert_req;
152 1/1 assign alert_req = (|bus_integ_error) | init_error | readback_error | sram_alert;
Tests: T1 T2 T3
153
154 prim_alert_sender #(
155 .AsyncOn(AlertAsyncOn[0]),
156 .IsFatal(1)
157 ) u_prim_alert_sender_parity (
158 .clk_i,
159 .rst_ni,
160 .alert_test_i ( alert_test ),
161 .alert_req_i ( alert_req ),
162 .alert_ack_o ( ),
163 .alert_state_o ( ),
164 .alert_rx_i ( alert_rx_i[0] ),
165 .alert_tx_o ( alert_tx_o[0] )
166 );
167
168 /////////////////////////
169 // Escalation Triggers //
170 /////////////////////////
171
172 lc_tx_t [1:0] escalate_en;
173 prim_lc_sync #(
174 .NumCopies (2)
175 ) u_prim_lc_sync (
176 .clk_i,
177 .rst_ni,
178 .lc_en_i (lc_escalate_en_i),
179 .lc_en_o (escalate_en)
180 );
181
182 // SEC_CM: KEY.GLOBAL_ESC
183 logic escalate;
184 1/1 assign escalate = lc_tx_test_true_loose(escalate_en[0]);
Tests: T1 T2 T3
185 assign hw2reg.status.escalated.d = 1'b1;
186 1/1 assign hw2reg.status.escalated.de = escalate;
Tests: T1 T2 T3
187
188 // SEC_CM: KEY.LOCAL_ESC
189 // Aggregate external and internal escalation sources.
190 // This is used in countermeasures further below (key reset and transaction blocking).
191 logic local_esc, local_esc_reg;
192 // This signal only aggregates registered escalation signals and is used for transaction
193 // blocking further below, which is on a timing-critical path.
194 1/1 assign local_esc_reg = reg2hw.status.escalated.q |
Tests: T1 T2 T3
195 reg2hw.status.init_error.q |
196 reg2hw.status.bus_integ_error.q |
197 reg2hw.status.sram_alert.q |
198 reg2hw.status.readback_error.q;
199 // This signal aggregates all escalation trigger signals, including the ones that are generated
200 // in the same cycle such as init_error, sram alert, and bus_integ_error. It is used for
201 // countermeasures that are not on the critical path (such as clearing the scrambling keys).
202 1/1 assign local_esc = escalate |
Tests: T1 T2 T3
203 init_error |
204 (|bus_integ_error) |
205 sram_alert |
206 readback_error |
207 local_esc_reg;
208
209 // Convert registered, local escalation sources to a multibit signal and combine this with
210 // the incoming escalation enable signal before feeding into the TL-UL gate further below.
211 lc_tx_t lc_tlul_gate_en;
212 1/1 assign lc_tlul_gate_en = lc_tx_inv(lc_tx_or_hi(escalate_en[1],
Tests: T1 T2 T3
213 lc_tx_bool_to_lc_tx(local_esc_reg)));
214 ///////////////////////
215 // HW Initialization //
216 ///////////////////////
217
218 // A write to the init register reloads the LFSR seed, resets the init counter and
219 // sets init_q to flag a pending initialization request.
220 logic init_trig, init_q;
221 1/1 assign init_trig = reg2hw.ctrl.init.q &&
Tests: T1 T2 T3
222 reg2hw.ctrl.init.qe &&
223 !init_q; // Ignore new requests while memory init is already pending.
224
225 logic init_d, init_done;
226 1/1 assign init_d = (init_done) ? 1'b0 :
Tests: T1 T2 T3
227 (init_trig) ? 1'b1 : init_q;
228
229 always_ff @(posedge clk_i or negedge rst_ni) begin : p_init_reg
230 1/1 if(!rst_ni) begin
Tests: T1 T2 T3
231 1/1 init_q <= 1'b0;
Tests: T1 T2 T3
232 end else begin
233 1/1 init_q <= init_d;
Tests: T1 T2 T3
234 end
235 end
236
237 // This waits until the scrambling keys are actually valid (this allows the SW to trigger
238 // key renewal and initialization at the same time).
239 logic init_req;
240 logic [AddrWidth-1:0] init_cnt;
241 logic key_req_pending_d, key_req_pending_q;
242 1/1 assign init_req = init_q & ~key_req_pending_q;
Tests: T1 T2 T3
243 1/1 assign init_done = (init_cnt == AddrWidth'(Depth - 1)) & init_req;
Tests: T1 T2 T3
244
245 // We employ two redundant counters to guard against FI attacks.
246 // If any of the two is glitched and the two counter states do not agree,
247 // we trigger an alert.
248 // SEC_CM: INIT.CTR.REDUN
249 prim_count #(
250 .Width(AddrWidth)
251 ) u_prim_count (
252 .clk_i,
253 .rst_ni,
254 .clr_i(init_trig),
255 .set_i(1'b0),
256 .set_cnt_i('0),
257 .incr_en_i(init_req),
258 .decr_en_i(1'b0),
259 .step_i(AddrWidth'(1)),
260 .commit_i(1'b1),
261 .cnt_o(init_cnt),
262 .cnt_after_commit_o(),
263 .err_o(init_error)
264 );
265
266 // Clear this bit on local escalation.
267 1/1 assign hw2reg.status.init_done.d = init_done & ~init_trig & ~local_esc;
Tests: T1 T2 T3
268 1/1 assign hw2reg.status.init_done.de = init_done | init_trig | local_esc;
Tests: T1 T2 T3
269
270 ////////////////////////////
271 // Scrambling Key Request //
272 ////////////////////////////
273
274 // The scrambling key and nonce have to be requested from the OTP controller via a req/ack
275 // protocol. Since the OTP controller works in a different clock domain, we have to synchronize
276 // the req/ack protocol as described in more details here:
277 // https://docs.opentitan.org/hw/ip/otp_ctrl/doc/index.html#interfaces-to-sram-and-otbn-scramblers
278 logic key_req, key_ack;
279 1/1 assign key_req = reg2hw.ctrl.renew_scr_key.q &&
Tests: T1 T2 T3
280 reg2hw.ctrl.renew_scr_key.qe &&
281 !key_req_pending_q && // Ignore new requests while a request is already pending.
282 !init_q; // Ignore new requests while memory init is already pending.
283
284 1/1 assign key_req_pending_d = (key_req) ? 1'b1 :
Tests: T1 T2 T3
285 (key_ack) ? 1'b0 : key_req_pending_q;
286
287 // Clear this bit on local escalation.
288 1/1 assign hw2reg.status.scr_key_valid.d = key_ack & ~key_req & ~local_esc;
Tests: T1 T2 T3
289 1/1 assign hw2reg.status.scr_key_valid.de = key_req | key_ack | local_esc;
Tests: T1 T2 T3
290
291 // As opposed to scr_key_valid, SW is responsible for clearing this register.
292 // It is not automatically cleared by HW, except when escalating.
293 1/1 assign hw2reg.scr_key_rotated.d = (key_ack & ~local_esc) ? MuBi4True : MuBi4False;
Tests: T1 T2 T3
294 1/1 assign hw2reg.scr_key_rotated.de = key_ack | local_esc;
Tests: T1 T2 T3
295
296 // Clear this bit on local escalation.
297 logic key_seed_valid;
298 1/1 assign hw2reg.status.scr_key_seed_valid.d = key_seed_valid & ~local_esc;
Tests: T1 T2 T3
299 1/1 assign hw2reg.status.scr_key_seed_valid.de = key_ack | local_esc;
Tests: T1 T2 T3
300
301 always_ff @(posedge clk_i or negedge rst_ni) begin : p_regs
302 1/1 if (!rst_ni) begin
Tests: T1 T2 T3
303 1/1 key_req_pending_q <= 1'b0;
Tests: T1 T2 T3
304 // reset case does not use buffered values as the
305 // reset value will be directly encoded into flop types
306 1/1 key_q <= RndCnstSramKey;
Tests: T1 T2 T3
307 1/1 nonce_q <= RndCnstSramNonce;
Tests: T1 T2 T3
308 end else begin
309 1/1 key_req_pending_q <= key_req_pending_d;
Tests: T1 T2 T3
310 1/1 if (key_ack) begin
Tests: T1 T2 T3
311 1/1 key_q <= key_d;
Tests: T1 T2 T3
312 1/1 nonce_q <= nonce_d;
Tests: T1 T2 T3
313 end
MISSING_ELSE
314 // This scraps the keys.
315 // SEC_CM: KEY.GLOBAL_ESC
316 // SEC_CM: KEY.LOCAL_ESC
317 1/1 if (local_esc) begin
Tests: T1 T2 T3
318 1/1 key_q <= cnst_sram_key;
Tests: T3 T5 T6
319 1/1 nonce_q <= cnst_sram_nonce;
Tests: T3 T5 T6
320 end
MISSING_ELSE
321 end
322 end
323
324 prim_sync_reqack_data #(
325 .Width($bits(otp_ctrl_pkg::sram_otp_key_rsp_t)-1),
326 .DataSrc2Dst(1'b0)
327 ) u_prim_sync_reqack_data (
328 .clk_src_i ( clk_i ),
329 .rst_src_ni ( rst_ni ),
330 .clk_dst_i ( clk_otp_i ),
331 .rst_dst_ni ( rst_otp_ni ),
332 .req_chk_i ( 1'b1 ),
333 .src_req_i ( key_req_pending_q ),
334 .src_ack_o ( key_ack ),
335 .dst_req_o ( sram_otp_key_o.req ),
336 .dst_ack_i ( sram_otp_key_i.ack ),
337 .data_i ( {sram_otp_key_i.key,
338 sram_otp_key_i.nonce,
339 sram_otp_key_i.seed_valid} ),
340 .data_o ( {key_d,
341 nonce_d,
342 key_seed_valid} )
343 );
344
345 logic unused_csr_sigs;
346 1/1 assign unused_csr_sigs = ^{reg2hw.status.init_done.q,
Tests: T1 T2 T3
347 reg2hw.status.scr_key_seed_valid.q};
348
349 ////////////////////
350 // SRAM Execution //
351 ////////////////////
352
353 mubi4_t en_ifetch;
354 if (InstrExec) begin : gen_instr_ctrl
355 lc_tx_t lc_hw_debug_en;
356 prim_lc_sync #(
357 .NumCopies (1)
358 ) u_prim_lc_sync_hw_debug_en (
359 .clk_i,
360 .rst_ni,
361 .lc_en_i (lc_hw_debug_en_i),
362 .lc_en_o ({lc_hw_debug_en})
363 );
364
365 mubi8_t otp_en_sram_ifetch;
366 prim_mubi8_sync #(
367 .NumCopies (1)
368 ) u_prim_mubi8_sync_otp_en_sram_ifetch (
369 .clk_i,
370 .rst_ni,
371 .mubi_i(otp_en_sram_ifetch_i),
372 .mubi_o({otp_en_sram_ifetch})
373 );
374
375 mubi4_t lc_ifetch_en;
376 mubi4_t reg_ifetch_en;
377 // SEC_CM: INSTR.BUS.LC_GATED
378 assign lc_ifetch_en = lc_to_mubi4(lc_hw_debug_en);
379 // SEC_CM: EXEC.CONFIG.MUBI
380 assign reg_ifetch_en = mubi4_t'(reg2hw.exec.q);
381 // SEC_CM: EXEC.INTERSIG.MUBI
382 assign en_ifetch = (mubi8_test_true_strict(otp_en_sram_ifetch)) ? reg_ifetch_en :
383 lc_ifetch_en;
384 end else begin : gen_tieoff
385 assign en_ifetch = MuBi4False;
386
387 // tie off unused signals
388 logic unused_sigs;
389 1/1 assign unused_sigs = ^{lc_hw_debug_en_i,
Tests: T1 T2 T3
390 reg2hw.exec.q,
391 otp_en_sram_ifetch_i};
392 end
393
394 /////////////////////////
395 // Initialization LFSR //
396 /////////////////////////
397
398 logic [LfsrWidth-1:0] lfsr_out;
399 prim_lfsr #(
400 .LfsrDw ( LfsrWidth ),
401 .EntropyDw ( LfsrWidth ),
402 .StateOutDw ( LfsrWidth ),
403 .DefaultSeed ( RndCnstLfsrSeed ),
404 .StatePermEn ( 1'b1 ),
405 .StatePerm ( RndCnstLfsrPerm )
406 ) u_lfsr (
407 .clk_i,
408 .rst_ni,
409 .lfsr_en_i(init_req),
410 .seed_en_i(init_trig),
411 .seed_i(nonce_q[NonceWidth +: LfsrWidth]),
412 .entropy_i('0),
413 .state_o(lfsr_out)
414 );
415
416 // Compute the correct integrity alongside for the pseudo-random initialization values.
417 logic [DataWidth - 1 :0] lfsr_out_integ;
418 tlul_data_integ_enc u_tlul_data_integ_enc (
419 .data_i(lfsr_out),
420 .data_intg_o(lfsr_out_integ)
421 );
422
423 ////////////////////////////
424 // SRAM TL-UL Access Gate //
425 ////////////////////////////
426
427 logic tl_gate_resp_pending;
428 tlul_pkg::tl_h2d_t ram_tl_in_gated;
429 tlul_pkg::tl_d2h_t ram_tl_out_gated;
430
431 // SEC_CM: RAM_TL_LC_GATE.FSM.SPARSE
432 tlul_lc_gate #(
433 .NumGatesPerDirection(2)
434 ) u_tlul_lc_gate (
435 .clk_i,
436 .rst_ni,
437 .tl_h2d_i(ram_tl_i),
438 .tl_d2h_o(ram_tl_o),
439 .tl_h2d_o(ram_tl_in_gated),
440 .tl_d2h_i(ram_tl_out_gated),
441 .flush_req_i('0),
442 .flush_ack_o(),
443 .resp_pending_o(tl_gate_resp_pending),
444 .lc_en_i (lc_tlul_gate_en),
445 .err_o (bus_integ_error[2])
446 );
447
448 /////////////////////////////////
449 // SRAM with scrambling device //
450 /////////////////////////////////
451
452 logic tlul_req, tlul_gnt, tlul_we;
453 logic [AddrWidth-1:0] tlul_addr;
454 logic [DataWidth-1:0] tlul_wdata, tlul_wmask;
455
456 logic sram_intg_error, sram_req, sram_gnt, sram_we, sram_rvalid;
457 logic [AddrWidth-1:0] sram_addr;
458 logic [DataWidth-1:0] sram_wdata, sram_wmask, sram_rdata;
459 logic sram_wpending, sram_wr_collision;
460
461 logic sram_compound_txn_in_progress;
462
463
464 // // SEC_CM: MEM.READBACK
465 mubi4_t reg_readback_en;
466 1/1 assign reg_readback_en = mubi4_t'(reg2hw.readback.q);
Tests: T1 T2 T3
467
468 tlul_adapter_sram #(
469 .SramAw(AddrWidth),
470 .SramDw(DataWidth - tlul_pkg::DataIntgWidth),
471 .Outstanding(2),
472 .ByteAccess(1),
473 .CmdIntgCheck(1),
474 .EnableRspIntgGen(1),
475 .EnableDataIntgGen(0),
476 .EnableDataIntgPt(1), // SEC_CM: MEM.INTEGRITY
477 .SecFifoPtr (1), // SEC_CM: TLUL_FIFO.CTR.REDUN
478 .EnableReadback (1) // SEC_CM: MEM.READBACK
479 ) u_tlul_adapter_sram (
480 .clk_i,
481 .rst_ni,
482 .tl_i (ram_tl_in_gated),
483 .tl_o (ram_tl_out_gated),
484 .en_ifetch_i (en_ifetch),
485 .req_o (tlul_req),
486 .req_type_o (),
487 .gnt_i (tlul_gnt),
488 .we_o (tlul_we),
489 .addr_o (tlul_addr),
490 .wdata_o (tlul_wdata),
491 .wmask_o (tlul_wmask),
492 // SEC_CM: BUS.INTEGRITY
493 .intg_error_o (bus_integ_error[1]),
494 .rdata_i (sram_rdata),
495 .rvalid_i (sram_rvalid),
496 .rerror_i ('0),
497 .compound_txn_in_progress_o (sram_compound_txn_in_progress),
498 .readback_en_i (reg_readback_en),
499 .readback_error_o (readback_error),
500 .wr_collision_i (sram_wr_collision),
501 .write_pending_i (sram_wpending)
502 );
503
504 logic key_valid;
505
506 // Interposing mux logic for initialization with pseudo random data.
507 1/1 assign sram_req = tlul_req | init_req;
Tests: T1 T2 T3
508 // This grant signal acts more like a ready internally in tlul_adapter_sram. In particular it's
509 // fine to assert it when tlul_req is low (it has no effect). So here tlul_gnt is asserted when
510 // a request from tlul_req will be granted regardless of whether a request exists. This is done
511 // for timing reasons so that the output TL ready isn't combinatorially connected to the incoming
512 // TL valid. In particular we must not use `sram_gnt` in the expression to avoid this.
513 1/1 assign tlul_gnt = key_valid & ~init_req;
Tests: T1 T2 T3
514 1/1 assign sram_we = tlul_we | init_req;
Tests: T1 T2 T3
515 1/1 assign sram_intg_error = |bus_integ_error[2:1] & ~init_req;
Tests: T1 T2 T3
516 1/1 assign sram_addr = (init_req) ? init_cnt : tlul_addr;
Tests: T1 T2 T3
517 1/1 assign sram_wdata = (init_req) ? lfsr_out_integ : tlul_wdata;
Tests: T1 T2 T3
518 1/1 assign sram_wmask = (init_req) ? {DataWidth{1'b1}} : tlul_wmask;
Tests: T1 T2 T3
519
520 // The SRAM scrambling wrapper will not accept any transactions while the
521 // key req is pending or if we have escalated. Note that we're not using
522 // the scr_key_valid CSR here, such that the SRAM can be used right after
523 // reset, where the keys are reset to the default netlist constant.
524 //
525 // If we have escalated, but there is a pending request in the TL gate, we may have a pending
526 // read-modify-write transaction or readback in the SRAM adapter. In that case we force key_valid
527 // high to enable that to complete so it returns a response, the TL gate won't accept any new
528 // transactions and the SRAM keys have been clobbered already.
529 1/1 assign key_valid =
Tests: T1 T2 T3
530 (key_req_pending_q) ? 1'b0 :
531 (reg2hw.status.escalated.q) ? (tl_gate_resp_pending & sram_compound_txn_in_progress) : 1'b1;
532
533 // SEC_CM: MEM.SCRAMBLE, ADDR.SCRAMBLE
534 prim_ram_1p_scr #(
535 .Width(DataWidth),
536 .Depth(Depth),
537 .EnableParity(0),
538 .DataBitsPerMask(DataWidth)
539 ) u_prim_ram_1p_scr (
540 .clk_i,
541 .rst_ni,
542
543 .key_valid_i (key_valid),
544 .key_i (key_q),
545 .nonce_i (nonce_q[NonceWidth-1:0]),
546
547 .req_i (sram_req),
548 .intg_error_i (sram_intg_error),
549 .gnt_o (sram_gnt),
550 .write_i (sram_we),
551 .addr_i (sram_addr),
552 .wdata_i (sram_wdata),
553 .wmask_i (sram_wmask),
554 .rdata_o (sram_rdata),
555 .rvalid_o (sram_rvalid),
556 .rerror_o ( ),
557 .raddr_o ( ),
558 .cfg_i,
559 .wr_collision_o (sram_wr_collision),
560 .write_pending_o (sram_wpending),
561 .alert_o (sram_alert)
562 );
563
564 logic unused_sram_gnt;
565 // Ignore sram_gnt signal to avoid creating a bad timing path, see comment on `tlul_gnt` above for
566 // more details.
567 1/1 assign unused_sram_gnt = sram_gnt;
Tests: T1 T2 T3
Cond Coverage for Instance : tb.dut
| Total | Covered | Percent |
|---|
| Conditions | 99 | 88 | 88.89 |
| Logical | 99 | 88 | 88.89 |
| Non-Logical | 0 | 0 | |
| Event | 0 | 0 | |
LINE 134
EXPRESSION (reg2hw.alert_test.q & reg2hw.alert_test.qe)
---------1--------- ----------2---------
| -1- | -2- | Status | Tests |
|---|
| 0 | 1 | Covered | T10,T11,T13 |
| 1 | 0 | Covered | T1,T2,T3 |
| 1 | 1 | Covered | T10,T11,T13 |
LINE 152
EXPRESSION (((|bus_integ_error)) | init_error | readback_error | sram_alert)
----------1--------- -----2---- -------3------ -----4----
| -1- | -2- | -3- | -4- | Status | Tests |
|---|
| 0 | 0 | 0 | 0 | Covered | T1,T2,T3 |
| 0 | 0 | 0 | 1 | Not Covered | |
| 0 | 0 | 1 | 0 | Not Covered | |
| 0 | 1 | 0 | 0 | Covered | T5,T14,T15 |
| 1 | 0 | 0 | 0 | Covered | T5,T14,T15 |
LINE 194
EXPRESSION
Number Term
1 reg2hw.status.escalated.q |
2 reg2hw.status.init_error.q |
3 reg2hw.status.bus_integ_error.q |
4 reg2hw.status.sram_alert.q |
5 reg2hw.status.readback_error.q)
| -1- | -2- | -3- | -4- | -5- | Status | Tests |
|---|
| 0 | 0 | 0 | 0 | 0 | Covered | T1,T2,T3 |
| 0 | 0 | 0 | 0 | 1 | Not Covered | |
| 0 | 0 | 0 | 1 | 0 | Not Covered | |
| 0 | 0 | 1 | 0 | 0 | Covered | T5,T14,T15 |
| 0 | 1 | 0 | 0 | 0 | Covered | T5,T14,T15 |
| 1 | 0 | 0 | 0 | 0 | Covered | T3,T6,T7 |
LINE 202
EXPRESSION (escalate | init_error | ((|bus_integ_error)) | sram_alert | readback_error | local_esc_reg)
----1--- -----2---- ----------3--------- -----4---- -------5------ ------6------
| -1- | -2- | -3- | -4- | -5- | -6- | Status | Tests |
|---|
| 0 | 0 | 0 | 0 | 0 | 0 | Covered | T1,T2,T3 |
| 0 | 0 | 0 | 0 | 0 | 1 | Covered | T3,T5,T6 |
| 0 | 0 | 0 | 0 | 1 | 0 | Not Covered | |
| 0 | 0 | 0 | 1 | 0 | 0 | Not Covered | |
| 0 | 0 | 1 | 0 | 0 | 0 | Covered | T5,T14,T15 |
| 0 | 1 | 0 | 0 | 0 | 0 | Covered | T5,T14,T15 |
| 1 | 0 | 0 | 0 | 0 | 0 | Covered | T3,T6,T7 |
LINE 221
EXPRESSION (reg2hw.ctrl.init.q && reg2hw.ctrl.init.qe && ((!init_q)))
---------1-------- ---------2--------- -----3-----
| -1- | -2- | -3- | Status | Tests |
|---|
| 0 | 1 | 1 | Covered | T3,T6,T16 |
| 1 | 0 | 1 | Covered | T1,T2,T3 |
| 1 | 1 | 0 | Not Covered | |
| 1 | 1 | 1 | Covered | T1,T2,T3 |
LINE 226
EXPRESSION (init_done ? 1'b0 : (init_trig ? 1'b1 : init_q))
----1----
| -1- | Status | Tests |
|---|
| 0 | Covered | T1,T2,T3 |
| 1 | Covered | T1,T2,T3 |
LINE 226
SUB-EXPRESSION (init_trig ? 1'b1 : init_q)
----1----
| -1- | Status | Tests |
|---|
| 0 | Covered | T1,T2,T3 |
| 1 | Covered | T1,T2,T3 |
LINE 242
EXPRESSION (init_q & ((~key_req_pending_q)))
---1-- -----------2----------
| -1- | -2- | Status | Tests |
|---|
| 0 | 1 | Covered | T1,T2,T3 |
| 1 | 0 | Covered | T1,T2,T3 |
| 1 | 1 | Covered | T1,T2,T3 |
LINE 243
EXPRESSION ((init_cnt == 10'((Depth - 1))) & init_req)
---------------1-------------- ----2---
| -1- | -2- | Status | Tests |
|---|
| 0 | 1 | Covered | T1,T2,T3 |
| 1 | 0 | Covered | T1,T2,T3 |
| 1 | 1 | Covered | T1,T2,T3 |
LINE 243
SUB-EXPRESSION (init_cnt == 10'((Depth - 1)))
---------------1--------------
| -1- | Status | Tests |
|---|
| 0 | Covered | T1,T2,T3 |
| 1 | Covered | T1,T2,T3 |
LINE 267
EXPRESSION (init_done & ((~init_trig)) & ((~local_esc)))
----1---- -------2------ -------3------
| -1- | -2- | -3- | Status | Tests | Exclude Annotation |
|---|
| 0 | 1 | 1 | Covered | T1,T2,T3 |
| 1 | 0 | 1 | Excluded | |
[LOWRISK] we don't issue a new init when there is a unfinished init |
| 1 | 1 | 0 | Covered | T3,T6,T7 |
| 1 | 1 | 1 | Covered | T1,T2,T3 |
LINE 268
EXPRESSION (init_done | init_trig | local_esc)
----1---- ----2---- ----3----
| -1- | -2- | -3- | Status | Tests |
|---|
| 0 | 0 | 0 | Covered | T1,T2,T3 |
| 0 | 0 | 1 | Covered | T3,T5,T6 |
| 0 | 1 | 0 | Covered | T1,T2,T3 |
| 1 | 0 | 0 | Covered | T1,T2,T3 |
LINE 279
EXPRESSION (reg2hw.ctrl.renew_scr_key.q && reg2hw.ctrl.renew_scr_key.qe && ((!key_req_pending_q)) && ((!init_q)))
-------------1------------- --------------2------------- -----------3---------- -----4-----
| -1- | -2- | -3- | -4- | Status | Tests |
|---|
| 0 | 1 | 1 | 1 | Covered | T17,T18,T19 |
| 1 | 0 | 1 | 1 | Covered | T1,T2,T3 |
| 1 | 1 | 0 | 1 | Not Covered | |
| 1 | 1 | 1 | 0 | Not Covered | |
| 1 | 1 | 1 | 1 | Covered | T1,T2,T3 |
LINE 284
EXPRESSION (key_req ? 1'b1 : (key_ack ? 1'b0 : key_req_pending_q))
---1---
| -1- | Status | Tests |
|---|
| 0 | Covered | T1,T2,T3 |
| 1 | Covered | T1,T2,T3 |
LINE 284
SUB-EXPRESSION (key_ack ? 1'b0 : key_req_pending_q)
---1---
| -1- | Status | Tests |
|---|
| 0 | Covered | T1,T2,T3 |
| 1 | Covered | T1,T2,T3 |
LINE 288
EXPRESSION (key_ack & ((~key_req)) & ((~local_esc)))
---1--- ------2----- -------3------
| -1- | -2- | -3- | Status | Tests | Exclude Annotation |
|---|
| 0 | 1 | 1 | Covered | T1,T2,T3 |
| 1 | 0 | 1 | Excluded | |
[UNSUPPORTED] ACK can't come without REQ |
| 1 | 1 | 0 | Covered | T3,T6,T7 |
| 1 | 1 | 1 | Covered | T1,T2,T3 |
LINE 289
EXPRESSION (key_req | key_ack | local_esc)
---1--- ---2--- ----3----
| -1- | -2- | -3- | Status | Tests |
|---|
| 0 | 0 | 0 | Covered | T1,T2,T3 |
| 0 | 0 | 1 | Covered | T3,T5,T6 |
| 0 | 1 | 0 | Covered | T1,T2,T3 |
| 1 | 0 | 0 | Covered | T1,T2,T3 |
LINE 293
EXPRESSION ((key_ack & ((~local_esc))) ? MuBi4True : MuBi4False)
-------------1------------
| -1- | Status | Tests |
|---|
| 0 | Covered | T1,T2,T3 |
| 1 | Covered | T1,T2,T3 |
LINE 293
SUB-EXPRESSION (key_ack & ((~local_esc)))
---1--- -------2------
| -1- | -2- | Status | Tests |
|---|
| 0 | 1 | Covered | T1,T2,T3 |
| 1 | 0 | Covered | T3,T6,T7 |
| 1 | 1 | Covered | T1,T2,T3 |
LINE 294
EXPRESSION (key_ack | local_esc)
---1--- ----2----
| -1- | -2- | Status | Tests |
|---|
| 0 | 0 | Covered | T1,T2,T3 |
| 0 | 1 | Covered | T3,T5,T6 |
| 1 | 0 | Covered | T1,T2,T3 |
LINE 298
EXPRESSION (key_seed_valid & ((~local_esc)))
-------1------ -------2------
| -1- | -2- | Status | Tests |
|---|
| 0 | 1 | Covered | T2,T3,T9 |
| 1 | 0 | Covered | T3,T6,T7 |
| 1 | 1 | Covered | T1,T2,T3 |
LINE 299
EXPRESSION (key_ack | local_esc)
---1--- ----2----
| -1- | -2- | Status | Tests |
|---|
| 0 | 0 | Covered | T1,T2,T3 |
| 0 | 1 | Covered | T3,T5,T6 |
| 1 | 0 | Covered | T1,T2,T3 |
LINE 507
EXPRESSION (tlul_req | init_req)
----1--- ----2---
| -1- | -2- | Status | Tests |
|---|
| 0 | 0 | Covered | T1,T2,T3 |
| 0 | 1 | Covered | T1,T2,T3 |
| 1 | 0 | Covered | T2,T3,T4 |
LINE 513
EXPRESSION (key_valid & ((~init_req)))
----1---- ------2------
| -1- | -2- | Status | Tests |
|---|
| 0 | 1 | Covered | T1,T2,T3 |
| 1 | 0 | Covered | T1,T2,T3 |
| 1 | 1 | Covered | T1,T2,T3 |
LINE 514
EXPRESSION (tlul_we | init_req)
---1--- ----2---
| -1- | -2- | Status | Tests |
|---|
| 0 | 0 | Covered | T1,T2,T3 |
| 0 | 1 | Covered | T1,T2,T3 |
| 1 | 0 | Covered | T2,T3,T4 |
LINE 515
EXPRESSION (((|bus_integ_error[2:1])) & ((~init_req)))
------------1------------ ------2------
| -1- | -2- | Status | Tests |
|---|
| 0 | 1 | Covered | T1,T2,T3 |
| 1 | 0 | Not Covered | |
| 1 | 1 | Covered | T5,T14,T15 |
LINE 516
EXPRESSION (init_req ? init_cnt : tlul_addr)
----1---
| -1- | Status | Tests |
|---|
| 0 | Covered | T1,T2,T3 |
| 1 | Covered | T1,T2,T3 |
LINE 517
EXPRESSION (init_req ? lfsr_out_integ : tlul_wdata)
----1---
| -1- | Status | Tests |
|---|
| 0 | Covered | T1,T2,T3 |
| 1 | Covered | T1,T2,T3 |
LINE 518
EXPRESSION (init_req ? ({sram_ctrl_pkg::DataWidth {1'b1}}) : tlul_wmask)
----1---
| -1- | Status | Tests |
|---|
| 0 | Covered | T1,T2,T3 |
| 1 | Covered | T1,T2,T3 |
LINE 529
EXPRESSION (key_req_pending_q ? 1'b0 : (reg2hw.status.escalated.q ? (tl_gate_resp_pending & sram_compound_txn_in_progress) : 1'b1))
--------1--------
| -1- | Status | Tests |
|---|
| 0 | Covered | T1,T2,T3 |
| 1 | Covered | T1,T2,T3 |
LINE 529
SUB-EXPRESSION (reg2hw.status.escalated.q ? (tl_gate_resp_pending & sram_compound_txn_in_progress) : 1'b1)
------------1------------
| -1- | Status | Tests |
|---|
| 0 | Covered | T1,T2,T3 |
| 1 | Covered | T3,T6,T7 |
LINE 529
SUB-EXPRESSION (tl_gate_resp_pending & sram_compound_txn_in_progress)
----------1--------- --------------2--------------
| -1- | -2- | Status | Tests |
|---|
| 0 | 1 | Not Covered | |
| 1 | 0 | Covered | T3,T6,T7 |
| 1 | 1 | Covered | T6,T7,T20 |
Toggle Coverage for Instance : tb.dut
| Total | Covered | Percent |
| Totals |
62 |
62 |
100.00 |
| Total Bits |
1230 |
1230 |
100.00 |
| Total Bits 0->1 |
615 |
615 |
100.00 |
| Total Bits 1->0 |
615 |
615 |
100.00 |
| | | |
| Ports |
62 |
62 |
100.00 |
| Port Bits |
1230 |
1230 |
100.00 |
| Port Bits 0->1 |
615 |
615 |
100.00 |
| Port Bits 1->0 |
615 |
615 |
100.00 |
Port Details
| Name | Toggle | Toggle 1->0 | Tests | Toggle 0->1 | Tests | Direction |
| clk_i |
Yes |
Yes |
T1,T2,T3 |
Yes |
T1,T2,T3 |
INPUT |
| rst_ni |
Yes |
Yes |
T3,T5,T6 |
Yes |
T1,T2,T3 |
INPUT |
| clk_otp_i |
Yes |
Yes |
T1,T2,T3 |
Yes |
T1,T2,T3 |
INPUT |
| rst_otp_ni |
Yes |
Yes |
T3,T5,T6 |
Yes |
T1,T2,T3 |
INPUT |
| ram_tl_i.d_ready |
Yes |
Yes |
T1,T3,T10 |
Yes |
T1,T2,T3 |
INPUT |
| ram_tl_i.a_user.data_intg[6:0] |
Yes |
Yes |
T1,T2,T3 |
Yes |
T2,T3,T4 |
INPUT |
| ram_tl_i.a_user.cmd_intg[6:0] |
Yes |
Yes |
T2,T3,T4 |
Yes |
T2,T3,T4 |
INPUT |
| ram_tl_i.a_user.instr_type[3:0] |
Yes |
Yes |
T3,T5,T8 |
Yes |
T1,T3,T5 |
INPUT |
| ram_tl_i.a_user.rsvd[4:0] |
Unreachable |
Unreachable |
|
Unreachable |
|
INPUT |
| ram_tl_i.a_data[31:0] |
Yes |
Yes |
T2,T3,T4 |
Yes |
T2,T3,T4 |
INPUT |
| ram_tl_i.a_mask[3:0] |
Yes |
Yes |
T2,T3,T4 |
Yes |
T2,T3,T4 |
INPUT |
| ram_tl_i.a_address[31:0] |
Yes |
Yes |
T2,T3,T4 |
Yes |
T1,T2,T3 |
INPUT |
| ram_tl_i.a_source[7:0] |
Yes |
Yes |
T1,T2,T3 |
Yes |
T2,T3,T4 |
INPUT |
| ram_tl_i.a_size[1:0] |
Yes |
Yes |
T2,T3,T4 |
Yes |
T2,T3,T4 |
INPUT |
| ram_tl_i.a_param[2:0] |
Unreachable |
Unreachable |
|
Unreachable |
|
INPUT |
| ram_tl_i.a_opcode[2:0] |
Yes |
Yes |
T2,T3,T4 |
Yes |
T2,T3,T4 |
INPUT |
| ram_tl_i.a_valid |
Yes |
Yes |
T2,T3,T4 |
Yes |
T2,T3,T4 |
INPUT |
| ram_tl_o.a_ready |
Yes |
Yes |
T1,T2,T3 |
Yes |
T1,T2,T3 |
OUTPUT |
| ram_tl_o.d_error |
Yes |
Yes |
T1,T2,T3 |
Yes |
T3,T5,T6 |
OUTPUT |
| ram_tl_o.d_user.data_intg[6:0] |
Yes |
Yes |
T2,T3,T4 |
Yes |
T2,T3,T4 |
OUTPUT |
| ram_tl_o.d_user.rsp_intg[5:0] |
Yes |
Yes |
T2,T3,T4 |
Yes |
T1,T2,T3 |
OUTPUT |
| ram_tl_o.d_user.rsp_intg[6] |
Unreachable |
Unreachable |
|
Unreachable |
|
OUTPUT |
| ram_tl_o.d_data[31:0] |
Yes |
Yes |
T2,T3,T4 |
Yes |
T2,T3,T4 |
OUTPUT |
| ram_tl_o.d_sink |
Unreachable |
Unreachable |
|
Unreachable |
|
OUTPUT |
| ram_tl_o.d_source[7:0] |
Yes |
Yes |
T2,T3,T4 |
Yes |
T2,T3,T4 |
OUTPUT |
| ram_tl_o.d_size[1:0] |
Yes |
Yes |
T2,T3,T4 |
Yes |
T2,T3,T4 |
OUTPUT |
| ram_tl_o.d_param[2:0] |
Unreachable |
Unreachable |
|
Unreachable |
|
OUTPUT |
| ram_tl_o.d_opcode[0] |
Yes |
Yes |
*T2,*T3,*T4 |
Yes |
T2,T3,T4 |
OUTPUT |
| ram_tl_o.d_opcode[2:1] |
Unreachable |
Unreachable |
|
Unreachable |
|
OUTPUT |
| ram_tl_o.d_valid |
Yes |
Yes |
T2,T3,T4 |
Yes |
T2,T3,T4 |
OUTPUT |
| regs_tl_i.d_ready |
Yes |
Yes |
T1,T3,T10 |
Yes |
T1,T2,T3 |
INPUT |
| regs_tl_i.a_user.data_intg[6:0] |
Yes |
Yes |
T3,T10,T4 |
Yes |
T1,T3,T10 |
INPUT |
| regs_tl_i.a_user.cmd_intg[6:0] |
Yes |
Yes |
T1,T3,T10 |
Yes |
T3,T10,T4 |
INPUT |
| regs_tl_i.a_user.instr_type[3:0] |
Yes |
Yes |
T1,T3,T10 |
Yes |
T1,T3,T10 |
INPUT |
| regs_tl_i.a_user.rsvd[4:0] |
Unreachable |
Unreachable |
|
Unreachable |
|
INPUT |
| regs_tl_i.a_data[31:0] |
Yes |
Yes |
T1,T3,T10 |
Yes |
T1,T3,T10 |
INPUT |
| regs_tl_i.a_mask[3:0] |
Yes |
Yes |
T1,T3,T10 |
Yes |
T1,T3,T10 |
INPUT |
| regs_tl_i.a_address[31:0] |
Yes |
Yes |
T1,T3,T10 |
Yes |
T3,T10,T4 |
INPUT |
| regs_tl_i.a_source[7:0] |
Yes |
Yes |
T1,T3,T10 |
Yes |
T1,T3,T10 |
INPUT |
| regs_tl_i.a_size[1:0] |
Yes |
Yes |
T1,T3,T10 |
Yes |
T1,T2,T3 |
INPUT |
| regs_tl_i.a_param[2:0] |
Unreachable |
Unreachable |
|
Unreachable |
|
INPUT |
| regs_tl_i.a_opcode[2:0] |
Yes |
Yes |
T1,T3,T10 |
Yes |
T1,T2,T3 |
INPUT |
| regs_tl_i.a_valid |
Yes |
Yes |
T1,T2,T3 |
Yes |
T1,T2,T3 |
INPUT |
| regs_tl_o.a_ready |
Yes |
Yes |
T1,T2,T3 |
Yes |
T1,T2,T3 |
OUTPUT |
| regs_tl_o.d_error |
Yes |
Yes |
T21,T17,T18 |
Yes |
T21,T17,T18 |
OUTPUT |
| regs_tl_o.d_user.data_intg[6:0] |
Yes |
Yes |
T3,T5,T6 |
Yes |
T3,T5,T6 |
OUTPUT |
| regs_tl_o.d_user.rsp_intg[5:0] |
Yes |
Yes |
*T3,*T10,*T5 |
Yes |
T2,T3,T10 |
OUTPUT |
| regs_tl_o.d_user.rsp_intg[6] |
Unreachable |
Unreachable |
|
Unreachable |
|
OUTPUT |
| regs_tl_o.d_data[31:0] |
Yes |
Yes |
T3,T5,T6 |
Yes |
T1,T2,T3 |
OUTPUT |
| regs_tl_o.d_sink |
Unreachable |
Unreachable |
|
Unreachable |
|
OUTPUT |
| regs_tl_o.d_source[7:0] |
Yes |
Yes |
T3,T10,T8 |
Yes |
T1,T3,T10 |
OUTPUT |
| regs_tl_o.d_size[1:0] |
Yes |
Yes |
T3,T10,T5 |
Yes |
T2,T3,T10 |
OUTPUT |
| regs_tl_o.d_param[2:0] |
Unreachable |
Unreachable |
|
Unreachable |
|
OUTPUT |
| regs_tl_o.d_opcode[0] |
Yes |
Yes |
*T3,*T5,*T6 |
Yes |
T3,T5,T6 |
OUTPUT |
| regs_tl_o.d_opcode[2:1] |
Unreachable |
Unreachable |
|
Unreachable |
|
OUTPUT |
| regs_tl_o.d_valid |
Yes |
Yes |
T1,T2,T3 |
Yes |
T1,T2,T3 |
OUTPUT |
| alert_rx_i[0].ack_n |
Yes |
Yes |
T1,T2,T3 |
Yes |
T1,T2,T3 |
INPUT |
| alert_rx_i[0].ack_p |
Yes |
Yes |
T10,T5,T11 |
Yes |
T10,T5,T11 |
INPUT |
| alert_rx_i[0].ping_n |
Unreachable |
Unreachable |
|
Unreachable |
|
INPUT |
| alert_rx_i[0].ping_p |
Unreachable |
Unreachable |
|
Unreachable |
|
INPUT |
| alert_tx_o[0].alert_n |
Yes |
Yes |
T1,T2,T3 |
Yes |
T1,T2,T3 |
OUTPUT |
| alert_tx_o[0].alert_p |
Yes |
Yes |
T10,T5,T11 |
Yes |
T10,T5,T11 |
OUTPUT |
| lc_escalate_en_i[3:0] |
Yes |
Yes |
T3,T6,T7 |
Yes |
T3,T6,T7 |
INPUT |
| lc_hw_debug_en_i[3:0] |
Yes |
Yes |
T17,T18,T19 |
Yes |
T17,T18,T19 |
INPUT |
| otp_en_sram_ifetch_i[7:0] |
Yes |
Yes |
T17,T18,T22 |
Yes |
T17,T18,T22 |
INPUT |
| sram_otp_key_o.req |
Yes |
Yes |
T1,T2,T3 |
Yes |
T1,T2,T3 |
OUTPUT |
| sram_otp_key_i.seed_valid |
Yes |
Yes |
T2,T3,T6 |
Yes |
T3,T9,T6 |
INPUT |
| sram_otp_key_i.nonce[127:0] |
Yes |
Yes |
T2,T3,T6 |
Yes |
T3,T6,T23 |
INPUT |
| sram_otp_key_i.key[127:0] |
Yes |
Yes |
T2,T3,T6 |
Yes |
T3,T6,T16 |
INPUT |
| sram_otp_key_i.ack |
Yes |
Yes |
T1,T2,T3 |
Yes |
T1,T2,T3 |
INPUT |
| cfg_i.rf_cfg.cfg[3:0] |
Yes |
Yes |
T1,T12,T24 |
Yes |
T1,T12,T24 |
INPUT |
| cfg_i.rf_cfg.cfg_en |
Yes |
Yes |
T1,T12,T24 |
Yes |
T1,T12,T24 |
INPUT |
| cfg_i.rf_cfg.test |
Yes |
Yes |
T1,T12,T24 |
Yes |
T1,T12,T24 |
INPUT |
| cfg_i.ram_cfg.cfg[3:0] |
Yes |
Yes |
T1,T12,T24 |
Yes |
T1,T12,T24 |
INPUT |
| cfg_i.ram_cfg.cfg_en |
Yes |
Yes |
T1,T12,T24 |
Yes |
T1,T12,T24 |
INPUT |
| cfg_i.ram_cfg.test |
Yes |
Yes |
T1,T12,T24 |
Yes |
T1,T12,T24 |
INPUT |
*Tests covering at least one bit in the range
Branch Coverage for Instance : tb.dut
| Line No. | Total | Covered | Percent |
| Branches |
|
24 |
24 |
100.00 |
| TERNARY |
226 |
3 |
3 |
100.00 |
| TERNARY |
284 |
3 |
3 |
100.00 |
| TERNARY |
293 |
2 |
2 |
100.00 |
| TERNARY |
516 |
2 |
2 |
100.00 |
| TERNARY |
517 |
2 |
2 |
100.00 |
| TERNARY |
518 |
2 |
2 |
100.00 |
| TERNARY |
529 |
3 |
3 |
100.00 |
| IF |
230 |
2 |
2 |
100.00 |
| IF |
302 |
5 |
5 |
100.00 |
226 assign init_d = (init_done) ? 1'b0 :
-1-
==>
227 (init_trig) ? 1'b1 : init_q;
-2-
==>
==>
Branches:
| -1- | -2- | Status | Tests |
| 1 |
- |
Covered |
T1,T2,T3 |
| 0 |
1 |
Covered |
T1,T2,T3 |
| 0 |
0 |
Covered |
T1,T2,T3 |
284 assign key_req_pending_d = (key_req) ? 1'b1 :
-1-
==>
285 (key_ack) ? 1'b0 : key_req_pending_q;
-2-
==>
==>
Branches:
| -1- | -2- | Status | Tests |
| 1 |
- |
Covered |
T1,T2,T3 |
| 0 |
1 |
Covered |
T1,T2,T3 |
| 0 |
0 |
Covered |
T1,T2,T3 |
293 assign hw2reg.scr_key_rotated.d = (key_ack & ~local_esc) ? MuBi4True : MuBi4False;
-1-
==>
==>
Branches:
| -1- | Status | Tests |
| 1 |
Covered |
T1,T2,T3 |
| 0 |
Covered |
T1,T2,T3 |
516 assign sram_addr = (init_req) ? init_cnt : tlul_addr;
-1-
==>
==>
Branches:
| -1- | Status | Tests |
| 1 |
Covered |
T1,T2,T3 |
| 0 |
Covered |
T1,T2,T3 |
517 assign sram_wdata = (init_req) ? lfsr_out_integ : tlul_wdata;
-1-
==>
==>
Branches:
| -1- | Status | Tests |
| 1 |
Covered |
T1,T2,T3 |
| 0 |
Covered |
T1,T2,T3 |
518 assign sram_wmask = (init_req) ? {DataWidth{1'b1}} : tlul_wmask;
-1-
==>
==>
Branches:
| -1- | Status | Tests |
| 1 |
Covered |
T1,T2,T3 |
| 0 |
Covered |
T1,T2,T3 |
529 assign key_valid =
530 (key_req_pending_q) ? 1'b0 :
-1-
==>
531 (reg2hw.status.escalated.q) ? (tl_gate_resp_pending & sram_compound_txn_in_progress) : 1'b1;
-2-
==>
==>
Branches:
| -1- | -2- | Status | Tests |
| 1 |
- |
Covered |
T1,T2,T3 |
| 0 |
1 |
Covered |
T3,T6,T7 |
| 0 |
0 |
Covered |
T1,T2,T3 |
230 if(!rst_ni) begin
-1-
231 init_q <= 1'b0;
==>
232 end else begin
233 init_q <= init_d;
==>
Branches:
| -1- | Status | Tests |
| 1 |
Covered |
T1,T2,T3 |
| 0 |
Covered |
T1,T2,T3 |
302 if (!rst_ni) begin
-1-
303 key_req_pending_q <= 1'b0;
==>
304 // reset case does not use buffered values as the
305 // reset value will be directly encoded into flop types
306 key_q <= RndCnstSramKey;
307 nonce_q <= RndCnstSramNonce;
308 end else begin
309 key_req_pending_q <= key_req_pending_d;
310 if (key_ack) begin
-2-
311 key_q <= key_d;
==>
312 nonce_q <= nonce_d;
313 end
MISSING_ELSE
==>
314 // This scraps the keys.
315 // SEC_CM: KEY.GLOBAL_ESC
316 // SEC_CM: KEY.LOCAL_ESC
317 if (local_esc) begin
-3-
318 key_q <= cnst_sram_key;
==>
319 nonce_q <= cnst_sram_nonce;
320 end
MISSING_ELSE
==>
Branches:
| -1- | -2- | -3- | Status | Tests |
| 1 |
- |
- |
Covered |
T1,T2,T3 |
| 0 |
1 |
- |
Covered |
T1,T2,T3 |
| 0 |
0 |
- |
Covered |
T1,T2,T3 |
| 0 |
- |
1 |
Covered |
T3,T5,T6 |
| 0 |
- |
0 |
Covered |
T1,T2,T3 |
Assert Coverage for Instance : tb.dut
Assertion Details
AlertOutKnown_A
| Name | Attempts | Real Successes | Failures | Incomplete |
| Total |
300519288 |
300410729 |
0 |
0 |
| T1 |
1803 |
1741 |
0 |
0 |
| T2 |
6026 |
5964 |
0 |
0 |
| T3 |
11544 |
11419 |
0 |
0 |
| T4 |
5695 |
5640 |
0 |
0 |
| T5 |
16001 |
10504 |
0 |
0 |
| T8 |
28898 |
28846 |
0 |
0 |
| T9 |
3560 |
3509 |
0 |
0 |
| T10 |
864 |
785 |
0 |
0 |
| T11 |
821 |
771 |
0 |
0 |
| T12 |
2413 |
2359 |
0 |
0 |
FpvSecCmCntCheck_A
| Name | Attempts | Real Successes | Failures | Incomplete |
| Total |
300519288 |
90 |
0 |
0 |
| T5 |
16001 |
20 |
0 |
0 |
| T6 |
42794 |
0 |
0 |
0 |
| T8 |
28898 |
0 |
0 |
0 |
| T11 |
821 |
0 |
0 |
0 |
| T12 |
2413 |
0 |
0 |
0 |
| T13 |
987 |
0 |
0 |
0 |
| T14 |
24512 |
20 |
0 |
0 |
| T15 |
0 |
20 |
0 |
0 |
| T23 |
2906 |
0 |
0 |
0 |
| T25 |
0 |
10 |
0 |
0 |
| T26 |
0 |
20 |
0 |
0 |
| T27 |
3922 |
0 |
0 |
0 |
| T28 |
2261 |
0 |
0 |
0 |
FpvSecCmLcGateFsmCheck_A
| Name | Attempts | Real Successes | Failures | Incomplete |
| Total |
300519288 |
0 |
0 |
0 |
FpvSecCmRegWeOnehotCheck_A
| Name | Attempts | Real Successes | Failures | Incomplete |
| Total |
300519288 |
90 |
0 |
0 |
| T5 |
16001 |
20 |
0 |
0 |
| T6 |
42794 |
0 |
0 |
0 |
| T8 |
28898 |
0 |
0 |
0 |
| T11 |
821 |
0 |
0 |
0 |
| T12 |
2413 |
0 |
0 |
0 |
| T13 |
987 |
0 |
0 |
0 |
| T14 |
24512 |
20 |
0 |
0 |
| T15 |
0 |
20 |
0 |
0 |
| T23 |
2906 |
0 |
0 |
0 |
| T25 |
0 |
10 |
0 |
0 |
| T26 |
0 |
20 |
0 |
0 |
| T27 |
3922 |
0 |
0 |
0 |
| T28 |
2261 |
0 |
0 |
0 |
FpvSecCmReqFifoRptrCheck_A
| Name | Attempts | Real Successes | Failures | Incomplete |
| Total |
300519288 |
0 |
0 |
0 |
FpvSecCmReqFifoWptrCheck_A
| Name | Attempts | Real Successes | Failures | Incomplete |
| Total |
300519288 |
0 |
0 |
0 |
FpvSecCmRspFifoRptrCheck_A
| Name | Attempts | Real Successes | Failures | Incomplete |
| Total |
300519288 |
90 |
0 |
0 |
| T5 |
16001 |
20 |
0 |
0 |
| T6 |
42794 |
0 |
0 |
0 |
| T8 |
28898 |
0 |
0 |
0 |
| T11 |
821 |
0 |
0 |
0 |
| T12 |
2413 |
0 |
0 |
0 |
| T13 |
987 |
0 |
0 |
0 |
| T14 |
24512 |
20 |
0 |
0 |
| T15 |
0 |
20 |
0 |
0 |
| T23 |
2906 |
0 |
0 |
0 |
| T25 |
0 |
10 |
0 |
0 |
| T26 |
0 |
20 |
0 |
0 |
| T27 |
3922 |
0 |
0 |
0 |
| T28 |
2261 |
0 |
0 |
0 |
FpvSecCmRspFifoWptrCheck_A
| Name | Attempts | Real Successes | Failures | Incomplete |
| Total |
300519288 |
90 |
0 |
0 |
| T5 |
16001 |
20 |
0 |
0 |
| T6 |
42794 |
0 |
0 |
0 |
| T8 |
28898 |
0 |
0 |
0 |
| T11 |
821 |
0 |
0 |
0 |
| T12 |
2413 |
0 |
0 |
0 |
| T13 |
987 |
0 |
0 |
0 |
| T14 |
24512 |
20 |
0 |
0 |
| T15 |
0 |
20 |
0 |
0 |
| T23 |
2906 |
0 |
0 |
0 |
| T25 |
0 |
10 |
0 |
0 |
| T26 |
0 |
20 |
0 |
0 |
| T27 |
3922 |
0 |
0 |
0 |
| T28 |
2261 |
0 |
0 |
0 |
FpvSecCmSramReqFifoRptrCheck_A
| Name | Attempts | Real Successes | Failures | Incomplete |
| Total |
300519288 |
0 |
0 |
0 |
FpvSecCmSramReqFifoWptrCheck_A
| Name | Attempts | Real Successes | Failures | Incomplete |
| Total |
300519288 |
0 |
0 |
0 |
NonceWidthsLessThanSource_A
| Name | Attempts | Real Successes | Failures | Incomplete |
| Total |
894 |
894 |
0 |
0 |
| T1 |
1 |
1 |
0 |
0 |
| T2 |
1 |
1 |
0 |
0 |
| T3 |
1 |
1 |
0 |
0 |
| T4 |
1 |
1 |
0 |
0 |
| T5 |
1 |
1 |
0 |
0 |
| T8 |
1 |
1 |
0 |
0 |
| T9 |
1 |
1 |
0 |
0 |
| T10 |
1 |
1 |
0 |
0 |
| T11 |
1 |
1 |
0 |
0 |
| T12 |
1 |
1 |
0 |
0 |
RamTlOutKnown_A
| Name | Attempts | Real Successes | Failures | Incomplete |
| Total |
300519288 |
300410729 |
0 |
0 |
| T1 |
1803 |
1741 |
0 |
0 |
| T2 |
6026 |
5964 |
0 |
0 |
| T3 |
11544 |
11419 |
0 |
0 |
| T4 |
5695 |
5640 |
0 |
0 |
| T5 |
16001 |
10504 |
0 |
0 |
| T8 |
28898 |
28846 |
0 |
0 |
| T9 |
3560 |
3509 |
0 |
0 |
| T10 |
864 |
785 |
0 |
0 |
| T11 |
821 |
771 |
0 |
0 |
| T12 |
2413 |
2359 |
0 |
0 |
RamTlOutPayLoadKnown_A
| Name | Attempts | Real Successes | Failures | Incomplete |
| Total |
300519288 |
136285515 |
0 |
0 |
| T2 |
6026 |
1413 |
0 |
0 |
| T3 |
11544 |
638 |
0 |
0 |
| T4 |
5695 |
938 |
0 |
0 |
| T5 |
16001 |
983 |
0 |
0 |
| T6 |
0 |
3236 |
0 |
0 |
| T8 |
28898 |
9632 |
0 |
0 |
| T9 |
3560 |
99 |
0 |
0 |
| T10 |
864 |
0 |
0 |
0 |
| T11 |
821 |
0 |
0 |
0 |
| T12 |
2413 |
0 |
0 |
0 |
| T23 |
0 |
5 |
0 |
0 |
| T27 |
3922 |
996 |
0 |
0 |
| T28 |
0 |
562 |
0 |
0 |
RamTlOutPayLoadKnown_AKnownEnable
| Name | Attempts | Real Successes | Failures | Incomplete |
| Total |
300519288 |
300410729 |
0 |
0 |
| T1 |
1803 |
1741 |
0 |
0 |
| T2 |
6026 |
5964 |
0 |
0 |
| T3 |
11544 |
11419 |
0 |
0 |
| T4 |
5695 |
5640 |
0 |
0 |
| T5 |
16001 |
10504 |
0 |
0 |
| T8 |
28898 |
28846 |
0 |
0 |
| T9 |
3560 |
3509 |
0 |
0 |
| T10 |
864 |
785 |
0 |
0 |
| T11 |
821 |
771 |
0 |
0 |
| T12 |
2413 |
2359 |
0 |
0 |
RegsTlOutKnown_A
| Name | Attempts | Real Successes | Failures | Incomplete |
| Total |
300519288 |
300410729 |
0 |
0 |
| T1 |
1803 |
1741 |
0 |
0 |
| T2 |
6026 |
5964 |
0 |
0 |
| T3 |
11544 |
11419 |
0 |
0 |
| T4 |
5695 |
5640 |
0 |
0 |
| T5 |
16001 |
10504 |
0 |
0 |
| T8 |
28898 |
28846 |
0 |
0 |
| T9 |
3560 |
3509 |
0 |
0 |
| T10 |
864 |
785 |
0 |
0 |
| T11 |
821 |
771 |
0 |
0 |
| T12 |
2413 |
2359 |
0 |
0 |
SramOtpKeyKnown_A
| Name | Attempts | Real Successes | Failures | Incomplete |
| Total |
300519288 |
300410729 |
0 |
0 |
| T1 |
1803 |
1741 |
0 |
0 |
| T2 |
6026 |
5964 |
0 |
0 |
| T3 |
11544 |
11419 |
0 |
0 |
| T4 |
5695 |
5640 |
0 |
0 |
| T5 |
16001 |
10504 |
0 |
0 |
| T8 |
28898 |
28846 |
0 |
0 |
| T9 |
3560 |
3509 |
0 |
0 |
| T10 |
864 |
785 |
0 |
0 |
| T11 |
821 |
771 |
0 |
0 |
| T12 |
2413 |
2359 |
0 |
0 |
TlulGntIsCorrect_A
| Name | Attempts | Real Successes | Failures | Incomplete |
| Total |
300519288 |
65721254 |
0 |
0 |
| T2 |
6026 |
1976 |
0 |
0 |
| T3 |
11544 |
179 |
0 |
0 |
| T4 |
5695 |
2418 |
0 |
0 |
| T5 |
16001 |
0 |
0 |
0 |
| T6 |
0 |
1235 |
0 |
0 |
| T8 |
28898 |
3570 |
0 |
0 |
| T9 |
3560 |
136 |
0 |
0 |
| T10 |
864 |
0 |
0 |
0 |
| T11 |
821 |
0 |
0 |
0 |
| T12 |
2413 |
0 |
0 |
0 |
| T23 |
0 |
5 |
0 |
0 |
| T27 |
3922 |
1560 |
0 |
0 |
| T28 |
0 |
585 |
0 |
0 |
| T29 |
0 |
3889 |
0 |
0 |
