Digital Systems. Validation, verification. R. Pacalet January 4, 2018

Similar documents
Digital Systems Validation, verification

Model Checking I. What are LTL and CTL? dack. and. dreq. and. q0bar

Finite-State Model Checking

Model Checking I. What are LTL and CTL? dack. and. dreq. and. q0bar

Introduction to Model Checking. Debdeep Mukhopadhyay IIT Madras

NPTEL Phase-II Video course on. Design Verification and Test of. Dr. Santosh Biswas Dr. Jatindra Kumar Deka IIT Guwahati

CTL Model checking. 1. finite number of processes, each having a finite number of finite-valued variables. Model-Checking

Design Verification Overview

Overview. Discrete Event Systems Verification of Finite Automata. What can finite automata be used for? What can finite automata be used for?

Verification. Arijit Mondal. Dept. of Computer Science & Engineering Indian Institute of Technology Patna

Model for reactive systems/software

Model checking the basic modalities of CTL with Description Logic

Formal Verification of Systems-on-Chip

A brief history of model checking. Ken McMillan Cadence Berkeley Labs

SMV the Symbolic Model Verifier. Example: the alternating bit protocol. LTL Linear Time temporal Logic

CS256/Winter 2009 Lecture #1. Zohar Manna. Instructor: Zohar Manna Office hours: by appointment

Formal Verification. Lecture 1: Introduction to Model Checking and Temporal Logic¹

Computation Tree Logic (CTL) & Basic Model Checking Algorithms

3. Temporal Logics and Model Checking

Model Checking with CTL. Presented by Jason Simas

Guest lecturer: Prof. Mark Reynolds, The University of Western Australia

Model Checking: An Introduction

Temporal Logic. Stavros Tripakis University of California, Berkeley. We have designed a system. We want to check that it is correct.

Summary. Computation Tree logic Vs. LTL. CTL at a glance. KM,s =! iff for every path " starting at s KM," =! COMPUTATION TREE LOGIC (CTL)

FAIRNESS FOR INFINITE STATE SYSTEMS

ECE 407 Computer Aided Design for Electronic Systems. Simulation. Instructor: Maria K. Michael. Overview

Computer Aided Verification

MODEL CHECKING. Arie Gurfinkel

Lecture 2: Symbolic Model Checking With SAT

Temporal Logic Model Checking

VLSI Design Verification and Test Simulation CMPE 646. Specification. Design(netlist) True-value Simulator

EXAMINATION in Hardware Description and Verification

FORMAL METHODS LECTURE IV: COMPUTATION TREE LOGIC (CTL)

Lecture 16: Computation Tree Logic (CTL)

Formal Verification of Systems-on-Chip Industrial Practices

Reactive Synthesis. Swen Jacobs VTSA 2013 Nancy, France u

Computer-Aided Program Design

ESE601: Hybrid Systems. Introduction to verification

COEN6551: Formal Hardware Verification

Formal Verification of Mobile Network Protocols

Synthesis of Designs from Property Specifications

Double Header. Model Checking. Model Checking. Overarching Plan. Take-Home Message. Spoiler Space. Topic: (Generic) Model Checking

Logic Model Checking

Crash course Verification of Finite Automata CTL model-checking

Symbolic Trajectory Evaluation (STE): Orna Grumberg Technion, Israel

Model Checking. Temporal Logic. Fifth International Symposium in Programming, volume. of concurrent systems in CESAR. In Proceedings of the

Ranking Verification Counterexamples: An Invariant guided approach

Binary Decision Diagrams and Symbolic Model Checking

Testability. Shaahin Hessabi. Sharif University of Technology. Adapted from the presentation prepared by book authors.

Part I. Principles and Techniques

Abstractions and Decision Procedures for Effective Software Model Checking

ECE 448 Lecture 6. Finite State Machines. State Diagrams, State Tables, Algorithmic State Machine (ASM) Charts, and VHDL Code. George Mason University

Model checking, verification of CTL. One must verify or expel... doubts, and convert them into the certainty of YES [Thomas Carlyle]

Formal Verification Techniques. Riccardo Sisto, Politecnico di Torino

Timo Latvala. March 7, 2004

Evaluation and Validation

Program Analysis Part I : Sequential Programs

Using Patterns and Composite Propositions to Automate the Generation of LTL Specifications

Computation Tree Logic

Alan Bundy. Automated Reasoning LTL Model Checking

PSL Model Checking and Run-time Verification via Testers

State-Space Exploration. Stavros Tripakis University of California, Berkeley

Temporal & Modal Logic. Acronyms. Contents. Temporal Logic Overview Classification PLTL Syntax Semantics Identities. Concurrency Model Checking

Automata-Theoretic Model Checking of Reactive Systems

T Reactive Systems: Temporal Logic LTL

Technology Mapping for Reliability Enhancement in Logic Synthesis

IC3 and Beyond: Incremental, Inductive Verification

Single Stuck-At Fault Model Other Fault Models Redundancy and Untestable Faults Fault Equivalence and Fault Dominance Method of Boolean Difference

THEORY OF SYSTEMS MODELING AND ANALYSIS. Henny Sipma Stanford University. Master class Washington University at St Louis November 16, 2006

The research thesis was done under the supervision of Prof. Orna Grumberg, in the Faculty of Computer Science, the Technion - Israel Institute of Tech

COSC3330 Computer Architecture Lecture 2. Combinational Logic

Algorithmic verification

Introduction to Embedded Systems

CSE370: Introduction to Digital Design

Performance Analysis of ARQ Protocols using a Theorem Prover

Cycle Error Correction in Asynchronous Clock Modeling for Cycle-Based Simulation

Probabilistic Model Checking Michaelmas Term Dr. Dave Parker. Department of Computer Science University of Oxford

What is Temporal Logic? The Basic Paradigm. The Idea of Temporal Logic. Formulas

Model Checking. Boris Feigin March 9, University College London

A Brief Introduction to Model Checking

3-Valued Abstraction-Refinement

2. Elements of the Theory of Computation, Lewis and Papadimitrou,

CMP 338: Third Class

Integrating Induction and Deduction for Verification and Synthesis

Linear Temporal Logic (LTL)

19. Extending the Capacity of Formal Engines. Bottlenecks for Fully Automated Formal Verification of SoCs

Computation Tree Logic (CTL)

Using Patterns and Composite Propositions to Automate the Generation of Complex LTL Specifications

CS 226: Digital Logic Design

Hardware Equivalence & Property Verification

Intro To Digital Logic

Temporal Logic. M φ. Outline. Why not standard logic? What is temporal logic? LTL CTL* CTL Fairness. Ralf Huuck. Kripke Structure

Symmetry Reductions. A. Prasad Sistla University Of Illinois at Chicago

Postprint.

Generating Linear Temporal Logic Formulas for Pattern-Based Specifications

Helsinki University of Technology Laboratory for Theoretical Computer Science Research Reports 66

Software Verification

Course Runtime Verification

COSC 243. Introduction to Logic And Combinatorial Logic. Lecture 4 - Introduction to Logic and Combinatorial Logic. COSC 243 (Computer Architecture)

Motivation Framework Proposed theory Summary

Transcription:

Digital Systems Validation, verification R. Pacalet January 4, 2018 2/98

Simulation Extra design tasks Reference model Simulation environment A simulation cannot be exhaustive Can discover a bug Cannot guarantee correctness Simulation before and after synthesis sometimes behave differently Usually CPU intensive 6/98 R. Pacalet January 4, 2018 7/98

Simulation Simulation-based verification Generate input stimulus Random Driven by a given functionality Generated from constraints (Vera, Verisity) Generate expected results (reference model) Simulate with input stimulus Compare simulation output with expected results (offline or online) 12/98 R. Pacalet January 4, 2018 13/98

Formal verification, history The theory dates back to the 70 s In 1980 systems with about 10 6 states could already be verified In 1990 Clarke et al. (CMU) dramatically improve model checking algorithms with SMV 10 20 states Hard critical bugs discovered in real world designs Cache coherency protocol,... Today Commercial tools exist Industry is interested Very large states space systems verified 16/98 R. Pacalet January 4, 2018 17/98

Combinational equivalence checking Comparison of 2 designs Synthesizable or synthesized (Almost) same memory elements (re-targeting) Fast (several runs/day, multi-million gates designs) Exhaustive Affordable (tools, learning curve) Reference golden model needed 21/98 R. Pacalet January 4, 2018 22/98

Combinational equivalence checking The size of a BDD highly depends on the variable ordering Function: a1b1 +a2b2 +a3b3 a1 a1 b1 a2 a2 a2 a3 a3 a3 a3 b2 b1 b1 b1 b1 a3 b2 b2 b3 b3 0 1 0 1 a1 < b1 < a2 < b2 < a3 < b3 a1 < a2 < a3 < b1 < b2 < b3 25/98 R. Pacalet January 4, 2018 26/98

Sequential equivalence checking Comparison of 2 designs Synthesizable or synthesized Without constraints on memory elements Slow and memory-hungry (limited to a few hundreds of DFF) Exhaustive Affordable (tools and learning curve) Reference golden model is needed 30/98 R. Pacalet January 4, 2018 31/98

Model checking Purely functional (physical characteristics ignored) A design passes property iff No counter-example Used to validate Functionality of synthesizable model Modifications 35/98 R. Pacalet January 4, 2018 36/98

The controller sel IDLE pss=0 ack=0 sel req READY pss=0 ack=0 sel ( req) sel sel req PASS pss=1 ack=0 sel ( req) req BUSY pss=0 ack=1 req 39/98 R. Pacalet January 4, 2018 40/98

Temporal logics Classical boolean logic true,false,,,,, Atomic formula p = ((ack = 1) (req = 0)) Temporal operators characterize execution (path in state tree) X (next): Xp = next state satisfies p (STATE = PASS) X(STATE = IDLE) F (Futur): Fp = a future state satisfies p (req = 1) F (ack = 1) 43/98 R. Pacalet January 4, 2018 44/98

Temporal logics Path - time pairs AGp: p always satisfied, for every execution, for every state (safety) AG ((acka = 1) (ackb = 1)) EGp: there exist one execution for which p always satisfied EG (reqa = 1) AXp: starting from current state all next states satisfy p EXp: starting from current state there exist one next state satisfying p 47/98 R. Pacalet January 4, 2018 48/98

Temporal logics CTL: CTL* with the constraint that every temporal operator (X,F,G,U) is preceded by a path operator (A,E) CTL formulas are state formulas CTL formulas depend only on the current state, not on the current execution (path) CTL cannot write F FCTL: extension of CTL (F for Fair) allowing to express F The model checking on CTL or FCTL is more efficient than on LTL...... But designers prefer LTL 51/98 R. Pacalet January 4, 2018 52/98

Counter-examples Counter-example may be finite... Safety AG(r) : r,g... Or infinite Liveness AF (g) : r,r,r,r,... Infinite counter-example made of stem and cycle Cycle Stem 55/98 R. Pacalet January 4, 2018 56/98

Why using non-determinism? To model environments Example System to verify = arbiter + controller Environment of system = clients Requests asserted in non-deterministic way Non-determinism allows modeling of any behavior of clients In the following $ND will be our non-deterministic statement 1 wire rand ; 2 assign rand = $ND(0,1) ; 3 i f ( rand )... 1 s i g n a l rand : boolean ; 2 rand <= $ND( false, t r u e ) ; 3 i f ( rand ) then 4... 59/98 R. Pacalet January 4, 2018 60/98

Algorithms of CTL model checking Notations Let Q be the set of states of A Let L(q) be the set of atomic properties p satisfied in state q Let T be the set of transitions (q,q ) from state q of A to another state q of A Let degree(q) be the number of successors of q in state diagram of A Complexity of model checking of CTL formula ϕ is O( A ϕ ) 63/98 R. Pacalet January 4, 2018 64/98

Algorithms of CTL model checking Case #4: ϕ = EX ψ procedure MARKING(ϕ) O( Q + T ) MARKING(ψ); for every q Q do q.ϕ false; Initialization for every (q,q ) T do if q.ψ then q.ϕ true; end if end for end for end procedure 67/98 R. Pacalet January 4, 2018 68/98

Specification of whole system? Exercise #6: If client requests the bus, it will not release its request until it is granted the bus? Exercise #7: If client A holds the bus and client B requests it, it is impossible that A releases the bus, then requests and is granted the bus again before client B is granted the bus 71/98 R. Pacalet January 4, 2018 74/98

Functional simulation Warning: simulation speed and debugging capabilities frequently antinomic Dynamic verifications (VHDL) Warning: simulation speed and expressiveness frequently antinomic Parallelism Sequential scheduling Variables versus signals 77/98 R. Pacalet January 4, 2018 78/98

Gate level simulation Netlist (network of interconnected gates) can also be simulated Gate level simulation with or without timing information (back-annotation, VITAL/SDF) Different temporal models, with different accuracy vs. performance ratios Prop Ramp Delay Input Slope Model Wave tabular... 82/98 R. Pacalet January 4, 2018 83/98

Electrical simulation Transistor-based electrical simulation (SPICE, ELDO) provides more accurate results Used for standard cells characterization or simulation of full custom designs Very slow, very accurate Unavoidable in some specific cases Limited to few hundreds of transistors 87/98 R. Pacalet January 4, 2018 89/98

What is it used for? Speed up simulation of synthesizable code Warning: not always best choice Warning: what you simulate not always what you think Speed up fault simulation Emulate chip in system environment Ease hardware-software co-design Increase designer s confidence Heat building 92/98 R. Pacalet January 4, 2018 93/98

Verification effort Figure : Breakdown of verification effort (ITRS 1999) 97/98 R. Pacalet January 4, 2018 98/98

2024 © sciencedocbox.com Privacy Policy | Terms of Service | Feedback