Testpoints
Stage | Name | Tests | Description |
---|---|---|---|
V1 | smoke | csrng_smoke | Verify that sending an instantiate command via the SW path returns OK. Instantiate the CSRNG with flag0 set to true and clen set to 12. Verify that sending a generate command via the SW path returns glen=1 number of words followed by an OK. |
V1 | csr_hw_reset | csrng_csr_hw_reset | Verify the reset values as indicated in the RAL specification.
|
V1 | csr_rw | csrng_csr_rw | Verify accessibility of CSRs as indicated in the RAL specification.
|
V1 | csr_bit_bash | csrng_csr_bit_bash | Verify no aliasing within individual bits of a CSR.
|
V1 | csr_aliasing | csrng_csr_aliasing | Verify no aliasing within the CSR address space.
|
V1 | csr_mem_rw_with_rand_reset | csrng_csr_mem_rw_with_rand_reset | Verify random reset during CSR/memory access.
|
V1 | regwen_csr_and_corresponding_lockable_csr | csrng_csr_rw csrng_csr_aliasing | Verify regwen CSR and its corresponding lockable CSRs.
Note:
This is only applicable if the block contains regwen and locakable CSRs. |
V2 | interrupts | csrng_intr | This test verifies the behavior of the Interrupt State Register. Verify cs_cmd_req_done interrupt asserts when glen number of genbit words have been generated. Verify cs_entropy_req interrupt asserts when instantiate or reseed is called with flag0 set to false. Verify cs_hw_inst_exc interrupt asserts when any of the application interfaces responds with a CSRNG_ERROR response status signal. Verify cs_fatal_err interrupt asserts when any bit of err_code register is set. Verify that each interrupt clears back to 0 after writing the corresponding interrupt state bit. |
V2 | alerts | csrng_alert | Verify recov_alert asserts when recov_alert_sts becomes non-zero. Verify each respective bit of recov_alert_sts asserts when:
|
V2 | err | csrng_err | Verify err_code register bits assert when:
|
V2 | cmds | csrng_cmds | Verify all csrng commands req/status behave as predicted on all applications: HW0, HW1 and SW. Verify above for all valid values of acmd, clen, flags, glen. Verify for multiple hw app interfaces running in parallel. Verify sw/hw app interfaces running in parallel. Verify main_sm_state for sw/hw apps. Verify that genbits generates the amount specified by glen. Verify fips bit is set to the inverse of flag0 that was used on the last initialize or reseed. Verify that if otp_en_csrng_sw_app_read is set, genbits and int_state_value registers are readable, and unreadable otherwise. Verify that when AES_HALT is set during a generate command that no request is sent to the AES block. Verify commands with continuous/non-continuous valid. Verify that if FIPS bit drops at input from entropy source that the generated block also has FIPS low. |
V2 | life cycle | csrng_cmds | Verify lifecycle hardware debug mode. When lc_hw_debug_en_i is set to on, the seed from the entropy source must be xor'ed with the diversification value. |
V2 | stress_all | csrng_stress_all | Combine the other individual testpoints while injecting TL errors and running CSR tests in parallel. |
V2 | intr_test | csrng_intr_test | Verify common intr_test CSRs that allows SW to mock-inject interrupts.
|
V2 | alert_test | csrng_alert_test | Verify common
|
V2 | tl_d_oob_addr_access | csrng_tl_errors | Access out of bounds address and verify correctness of response / behavior |
V2 | tl_d_illegal_access | csrng_tl_errors | Drive unsupported requests via TL interface and verify correctness of response / behavior. Below error cases are tested bases on the TLUL spec
|
V2 | tl_d_outstanding_access | csrng_csr_hw_reset csrng_csr_rw csrng_csr_aliasing csrng_same_csr_outstanding | Drive back-to-back requests without waiting for response to ensure there is one transaction outstanding within the TL device. Also, verify one outstanding when back- to-back accesses are made to the same address. |
V2 | tl_d_partial_access | csrng_csr_hw_reset csrng_csr_rw csrng_csr_aliasing csrng_same_csr_outstanding | Access CSR with one or more bytes of data. For read, expect to return all word value of the CSR. For write, enabling bytes should cover all CSR valid fields. |
V2S | tl_intg_err | csrng_tl_intg_err csrng_sec_cm | Verify that the data integrity check violation generates an alert.
|
V2S | sec_cm_config_regwen | csrng_csr_rw csrng_regwen | Verify the countermeasure(s) CONFIG.REGWEN. Verify that:
|
V2S | sec_cm_config_mubi | csrng_alert | Verify the countermeasure(s) CONFIG.MUBI. Verify that upon writing invalid MUBI values to the CTRL register:
|
V2S | sec_cm_intersig_mubi | csrng_stress_all | Verify the countermeasure(s) INTERSIG.MUBI. Verify that unless the otp_en_csrng_sw_app_read input signal is equal to MuBi8True and CTRL.SW_APP_ENABLE or CTRL.READ_INT_STATE is set to kMultiBitBool4True the DUT doesn't allow reading the genbits or the internal state from the GENBITS or INT_STATE_VAL register, respectively. |
V2S | sec_cm_main_sm_fsm_sparse | csrng_sec_cm csrng_intr csrng_err | Verify the countermeasure(s) MAIN_SM.FSM.SPARSE. The csrng_intr and csrng_err tests verify that if the FSM state is forced to an illegal state encoding 1) this is reported with a cs_fatal_err interrupt in the INTR_STATE register and 2) the corresponding bit in the ERR_CODE register is set. They currently don't check whether the DUT actually triggers a fatal alert. Alert connection and triggering are verified through automated FPV. |
V2S | sec_cm_update_fsm_sparse | csrng_sec_cm csrng_intr csrng_err | Verify the countermeasure(s) UPDATE.FSM.SPARSE. The csrng_intr and csrng_err tests verify that if the FSM state is forced to an illegal state encoding 1) this is reported with a cs_fatal_err interrupt in the INTR_STATE register and 2) the corresponding bit in the ERR_CODE register is set. They currently don't check whether the DUT actually triggers a fatal alert. Alert connection and triggering are verified through automated FPV. |
V2S | sec_cm_blk_enc_fsm_sparse | csrng_sec_cm csrng_intr csrng_err | Verify the countermeasure(s) BLK_ENC.FSM.SPARSE. The csrng_intr and csrng_err tests verify that if the FSM state is forced to an illegal state encoding 1) this is reported with a cs_fatal_err interrupt in the INTR_STATE register and 2) the corresponding bit in the ERR_CODE register is set. They currently don't check whether the DUT actually triggers a fatal alert. Alert connection and triggering are verified through automated FPV. |
V2S | sec_cm_outblk_fsm_sparse | csrng_sec_cm csrng_intr csrng_err | Verify the countermeasure(s) OUTBLK.FSM.SPARSE. The csrng_intr and csrng_err tests verify that if the FSM state is forced to an illegal state encoding 1) this is reported with a cs_fatal_err interrupt in the INTR_STATE register and 2) the corresponding bit in the ERR_CODE register is set. They currently don't check whether the DUT actually triggers a fatal alert. Alert connection and triggering are verified through automated FPV. |
V2S | sec_cm_gen_cmd_ctr_redun | csrng_sec_cm csrng_intr csrng_err | Verify the countermeasure(s) GEN_CMD.CTR.REDUN. The csrng_intr and csrng_err tests verify that if there is a mismatch in the redundant counters of the Generate command counter 1) this is reported with a cs_fatal_err interrupt in the INTR_STATE register and 2) the corresponding bit in the ERR_CODE register is set. They currently don't check whether the DUT actually triggers a fatal alert. Alert connection and triggering are verified through automated FPV. |
V2S | sec_cm_drbg_upd_ctr_redun | csrng_sec_cm csrng_intr csrng_err | Verify the countermeasure(s) DRBG_UPD.CTR.REDUN. The csrng_intr and csrng_err tests verify that if there is a mismatch in the redundant counters of the CTR_DRBG update counter 1) this is reported with a cs_fatal_err interrupt in the INTR_STATE register and 2) the corresponding bit in the ERR_CODE register is set. They currently don't check whether the DUT actually triggers a fatal alert. Alert connection and triggering are verified through automated FPV. |
V2S | sec_cm_drbg_gen_ctr_redun | csrng_sec_cm csrng_intr csrng_err | Verify the countermeasure(s) DRBG_GEN.CTR.REDUN. The csrng_intr and csrng_err tests verify that if there is a mismatch in the redundant counters of the CTR_DRBG generate counter 1) this is reported with a cs_fatal_err interrupt in the INTR_STATE register and 2) the corresponding bit in the ERR_CODE register is set. They currently don't check whether the DUT actually triggers a fatal alert. Alert connection and triggering are verified through automated FPV. |
V2S | sec_cm_ctrl_mubi | csrng_alert | Verify the countermeasure(s) CTRL.MUBI. Verify that upon writing an Application Interface Command Header for an Instantiate or Reseed command to the CMD_REQ register with an invalid MUBI value in the FLAG0 field, the DUT signals a recoverable alert and sets the correct bit in the RECOV_ALERT_STS register. |
V2S | sec_cm_main_sm_ctr_local_esc | csrng_intr csrng_err | Verify the countermeasure(s) MAIN_SM.CTR.LOCAL_ESC. Verify that upon a mismatch in any of the redundant counters the main FSM enters a terminal error state and that the DUT signals a fatal alert. |
V2S | sec_cm_constants_lc_gated | csrng_stress_all | Verify the countermeasure(s) CONSTANTS.LC_GATED. Verify that the RndCnstCsKeymgrDivNonProduction seed diversification constant can be used if and only if the lc_hw_debug_en input signal is driven to On and that RndCnstCsKeymgrDivProduction is used otherwise. |
V2S | sec_cm_sw_genbits_bus_consistency | csrng_alert | Verify the countermeasure(s) SW_GENBITS.BUS.CONSISTENCY. Verify that if two subsequent read requests to the SW application interface obtain the same data, the DUT signals a recoverable alert and sets the correct bit in the RECOV_ALERT_STS register. Verify that the RECOV_ALERT_STS register can be cleared. |
V2S | sec_cm_tile_link_bus_integrity | csrng_tl_intg_err | Verify the countermeasure(s) TILE_LINK.BUS.INTEGRITY. |
V2S | sec_cm_aes_cipher_fsm_sparse | csrng_sec_cm csrng_intr csrng_err | Verify the countermeasure(s) AES_CIPHER.FSM.SPARSE. The csrng_intr and csrng_err tests verify that if the FSM state is forced to an illegal state encoding 1) this is reported with a cs_fatal_err interrupt in the INTR_STATE register and 2) the corresponding bit in the ERR_CODE register is set. They currently don't check whether the DUT actually triggers a fatal alert. Alert connection and triggering are verified through automated FPV. |
V2S | sec_cm_aes_cipher_fsm_redun | csrng_intr csrng_err | Verify the countermeasure(s) AES_CIPHER.FSM.REDUN. It is ensured that upon forcing the state of any of the independent, redundant logic rails of the AES cipher core FSM to a different valid encoding, 1) this signals a fatal alert, 2) this is reported with a cs_fatal_err interrupt in the INTR_STATE register and 3) the corresponding bit in the ERR_CODE register is set. |
V2S | sec_cm_aes_cipher_ctrl_sparse | csrng_intr csrng_err | Verify the countermeasure(s) AES_CIPHER.CTRL.SPARSE. It is ensured that upon forcing the value of an important critical control signal inside the AES cipher core to an invalid encoding, 1) this signals a fatal alert, 2) this is reported with a cs_fatal_err interrupt in the INTR_STATE register and 3) the corresponding bit in the ERR_CODE register is set. |
V2S | sec_cm_aes_cipher_fsm_local_esc | csrng_intr csrng_err | Verify the countermeasure(s) AES_CIPHER.FSM.LOCAL_ESC. Upon detecting a local alert condition inside the AES cipher core FSM, the FSM stops processing data and locks up. The DUT must 1) signal a fatal alert, 2) report this with a cs_fatal_err interrupt in the INTR_STATE register and 3) set corresponding bit in the ERR_CODE register. |
V2S | sec_cm_aes_cipher_ctr_redun | csrng_sec_cm csrng_intr csrng_err | Verify the countermeasure(s) AES_CIPHER.CTR.REDUN. It is ensured that upon forcing the value of any of the independent, redundant logic rails of round counter inside the AES cipher core FSM, the FSM stops processing data and locks up. The DUT must 1) signal a fatal alert, 2) report this with a cs_fatal_err interrupt in the INTR_STATE register and 3) set corresponding bit in the ERR_CODE register. |
V2S | sec_cm_aes_cipher_data_reg_local_esc | csrng_intr csrng_err | Verify the countermeasure(s) AES_CIPHER.DATA_REG.LOCAL_ESC. SVAs inside the testbench are used to ensure that upon local escalation triggered through FI the AES cipher core doesn't release intermediate state into other CSRNG registers. |
V3 | stress_all_with_rand_reset | csrng_stress_all_with_rand_reset | This test runs 3 parallel threads - stress_all, tl_errors and random reset. After reset is asserted, the test will read and check all valid CSR registers. |
Covergroups
Name | Description |
---|---|
csrng_cfg_cg | Covers that all csrng configuration options have been tested. Individual config settings that will be covered include:
|
csrng_cmds_cg | Covers that all csrng commands and variations have been tested for all apps. Individual commands and command options that will be covered include:
|
csrng_err_code_cg | Covers all possible fatal errors and possible AES FSM errors inside CSRNG. |
csrng_err_code_test_cg | Covers ERR_CODE_TEST register values for setting up fatal errors. |
csrng_recov_alert_sts_cg | Covers all possible recoverable alert cases. |
csrng_sfifo_cg | Covers each app's stage FIFO statuses.
|
csrng_sts_cg | Covers all possible hw_exc_sts responses from each HW instance and the sub-fields of sw_cmd_sts, which are cmd_rdy and cmd_sts. |
regwen_val_when_new_value_written_cg | Cover each lockable reg field with these 2 cases:
This is only applicable if the block contains regwen and locakable CSRs. |
tl_errors_cg | Cover the following error cases on TL-UL bus:
|
tl_intg_err_cg | Cover all kinds of integrity errors (command, data or both) and cover number of error bits on each integrity check. Cover the kinds of integrity errors with byte enabled write on memory if applicable: Some memories store the integrity values. When there is a subword write, design re-calculate the integrity with full word data and update integrity in the memory. This coverage ensures that memory byte write has been issued and the related design logic has been verfied. |