Presentation is loading. Please wait.

Presentation is loading. Please wait.

Penn ESE 535 Spring 2008 -- DeHon 1 ESE535: Electronic Design Automation Day 22: April 23, 2008 FSM Equivalence Checking.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Penn ESE 535 Spring 2008 -- DeHon 1 ESE535: Electronic Design Automation Day 22: April 23, 2008 FSM Equivalence Checking."— Presentation transcript:

1 Penn ESE 535 Spring 2008 -- DeHon 1 ESE535: Electronic Design Automation Day 22: April 23, 2008 FSM Equivalence Checking

2 Penn ESE 535 Spring 2008 -- DeHon 2 Today Sequential Verification –DFA equivalence –Issues Extracting STG Valid state reduction Incomplete Specification –Solutions State PODEM State/path exploration

3 Penn ESE 535 Spring 2008 -- DeHon 3 Motivation Write at two levels –Java prototype and VHDL implementation –VHDL specification and gate-level implementation Write at high level and synthesize/optimize –Want to verify that synthesis/transforms did not introduce an error

4 Penn ESE 535 Spring 2008 -- DeHon 4 Cornerstone Result Given two DFA’s, can test their equivalence in finite time N.B.: –Can visit all states in a DFA with finite input strings No longer than number of states Any string longer must have visited some state more than once (by pigeon-hole principle) Cannot distinguish any prefix longer than number of states from some shorter prefix which eliminates cycle (pumping lemma)

5 Penn ESE 535 Spring 2008 -- DeHon 5 FSM Equivalence Given same sequence of inputs –Returns same sequence of outputs Observation means can reason about finite sequence prefixes and extend to infinite sequences which DFAs (FSMs) are defined over

6 Penn ESE 535 Spring 2008 -- DeHon 6 Equivalence Brute Force: –Generate all strings of length |state| (for larger DFA) –Feed to both DFAs –Observe any differences? –|Alphabet| states

7 Penn ESE 535 Spring 2008 -- DeHon 7 Smarter Create composite DFA XOR together acceptance of two DFAs in each composite state Ask if the new machine accepts anything –Anything it accepts is a proof of non- equivalence –Accepts nothing  equivalent

8 Penn ESE 535 Spring 2008 -- DeHon 8 Composite DFA Assume know start state for each DFA Each state in composite is labeled by the pair {S1 i, S2 j } –At most product of states Start in {S1 0, S2 0 } For each symbol a, create a new edge: –T(a,{S1 0, S2 0 })  {S1 i, S2 j } If T 1 (a, S1 0 )  S1 i, and T 2 (a, S2 0 )  S2 j Repeat for each composite state reached

9 Penn ESE 535 Spring 2008 -- DeHon 9 Composite DFA At most |alphabet|*|State1|*|State2| edges == work Can group together original edges –i.e. in each state compute intersections of outgoing edges –Really at most |E 1 |*|E 2 |

10 Penn ESE 535 Spring 2008 -- DeHon 10 Acceptance State {S1 i, S2 j } is an accepting state iff –State S1 i accepts and S2 j does not accept –State S1 i does not accept and S2 j accepts If S1 i and S2 j have the same acceptance for all composite states, it is impossible to distinguish the machines –They are equivalent A state with differing acceptance –Implies a string which is accepted by one machine but not the other

11 Penn ESE 535 Spring 2008 -- DeHon 11 Empty Language Now that we have a composite state machine, with this acceptance Question: does this composite state machine accept anything? –Is there a reachable state which accepts the input?

12 Penn ESE 535 Spring 2008 -- DeHon 12 Answering Empty Language Start at composite start state {S1 0, S2 0 } Search for path to an Accepting state Use any search (BFS, DFS) End when find accepting state –Not equivalent OR when have explored entire reachable graph w/out finding –Are equivalent

13 Penn ESE 535 Spring 2008 -- DeHon 13 Reachability Search Worst: explore all edges at most once –O(|E|)=O(|E 1 |*|E 2 |) Actually, should be able to find during composite construction –If only follow edges which fill-in as search

14 Penn ESE 535 Spring 2008 -- DeHon 14 Example s3s4 0 s0 s1s2 0 1 101 1 0 1 0 q0 q1q2 0 1 01 01 = accept state

15 Penn ESE 535 Spring 2008 -- DeHon 15 Issues to Address Get State-Transition Graph from –RTL, Logic Incompletely specified FSM? Know valid (possible) states? Know start State for Logic? Computing the composite FSM may be large

16 Penn ESE 535 Spring 2008 -- DeHon 16 Getting STG Verilog/VHDL Gather up logic to wait statement –Make one state Split states (add edges) on if/else, select Backedges with while/for –Branching edges on loop conditions Start state is first state at beginning of code.

17 Penn ESE 535 Spring 2008 -- DeHon 17 Getting STG from Logic Brute Force –For each state For each input minterm –Simulate/compute output –Add edges –Compute set of states will transition to Smarter –Use modified PODEM to justify outputs and next state Exploit cube grouping, search pruning

18 Penn ESE 535 Spring 2008 -- DeHon 18 PODEM state extraction Search for all reachable states –Don’t stop once find one output –Keep enumerating and generating possible outputs

19 Penn ESE 535 Spring 2008 -- DeHon 19 Delay Computation Modification of a testing routine –used to justify an output value for a circuit PODEM –backtracking search to find a suitable input vector associated with some target output –Simply a branching search with implication pruning Heuristic for smart variable ordering Day 7

20 Penn ESE 535 Spring 2008 -- DeHon 20 Incomplete State Specification Add edge for unspecified transition to –Single, new, terminal state Reachability of this state may indicate problem –Actually, if both transition to this new state for same cases Might say are equivalent Just need to distinguish one machine in this state and other not

21 Penn ESE 535 Spring 2008 -- DeHon 21 Valid States PODEM justification finds set of possibly reachable states Composite state construction and reachability further show what’s reachable So, end up finding set of valid states –Not all possible states from state bits

22 Penn ESE 535 Spring 2008 -- DeHon 22 Start State for Logic Start states should output same thing between two FSMs Start search with state set {S1 0, S2 i } for all S2 i with same output as S1 0 Use these for acceptance (contradiction) reachability search

23 Penn ESE 535 Spring 2008 -- DeHon 23 Memory? Concern for size of search space –Product set of states –Nodes in search space Combine –Generation –Reachability –State justification/enumeration

24 Penn ESE 535 Spring 2008 -- DeHon 24 Composite Algorithm PathEnumerate(st, path, ValStates) –// st is a state of M1 –ValStates+=st –While !(st.enumerated) Edge=EnumerateStateFanout(st) // PODEM Simulate Edge on M2 –Equivalent result? If not return(FAIL) If (Edge.FaninState(M1),Edge.FaninState(M2) in Path.Spairs) –Return(PATH_OK) ;; already visisted/expanded that state Else –ValStates+=Edge.FaninState(M1) –Path=Path+Edge; Update Path.Spairs –PathEnuemrate(Edge.FaninState(M1),Path,ValStates)

25 Penn ESE 535 Spring 2008 -- DeHon 25 Start Composite Algorithm PathEnumerate(Start(M1),empty,empty) Succeed if complete path search and not fail –Not encounter contradiction

26 Penn ESE 535 Spring 2008 -- DeHon 26 Admin Reading Assignment 7

27 Penn ESE 535 Spring 2008 -- DeHon 27 Big Ideas Equivalence –Same observable behavior –Internal implementation irrelevant Number/organization of states, encoding of state bits… Exploit structure –Finite DFA … necessity of reconvergent paths –Pruning Search – group together cubes –Limit to valid/reachable states Proving invariants vs. empirical verification

Download ppt "Penn ESE 535 Spring 2008 -- DeHon 1 ESE535: Electronic Design Automation Day 22: April 23, 2008 FSM Equivalence Checking."

Similar presentations

Chapter Three: Closure Properties for Regular Languages

Chapter Three: Closure Properties for Regular Languages
CSE 311 Foundations of Computing I

CSE 311 Foundations of Computing I
Automatic Verification Book: Chapter 6. What is verification? Traditionally, verification means proof of correctness automatic: model checking deductive:

Automatic Verification Book: Chapter 6. What is verification? Traditionally, verification means proof of correctness automatic: model checking deductive:
PROTOCOL VERIFICATION & PROTOCOL VALIDATION. Protocol Verification Communication Protocols should be checked for correctness, robustness and performance,

PROTOCOL VERIFICATION & PROTOCOL VALIDATION. Protocol Verification Communication Protocols should be checked for correctness, robustness and performance,
CSE 311: Foundations of Computing Fall 2013 Lecture 23: Finite state machines and minimization.

CSE 311: Foundations of Computing Fall 2013 Lecture 23: Finite state machines and minimization.
1 1 CDT314 FABER Formal Languages, Automata and Models of Computation Lecture 3 School of Innovation, Design and Engineering Mälardalen University 2012.

1 1 CDT314 FABER Formal Languages, Automata and Models of Computation Lecture 3 School of Innovation, Design and Engineering Mälardalen University 2012.
1 Introduction to Computability Theory Lecture12: Decidable Languages Prof. Amos Israeli.

1 Introduction to Computability Theory Lecture12: Decidable Languages Prof. Amos Israeli.
1 Introduction to Computability Theory Lecture11: Variants of Turing Machines Prof. Amos Israeli.

1 Introduction to Computability Theory Lecture11: Variants of Turing Machines Prof. Amos Israeli.
Penn ESE 535 Spring 2009 -- DeHon 1 ESE535: Electronic Design Automation Day 13: March 4, 2009 FSM Equivalence Checking.

Penn ESE 535 Spring DeHon 1 ESE535: Electronic Design Automation Day 13: March 4, 2009 FSM Equivalence Checking.
1 More Properties of Regular Languages. 2 We have proven Regular languages are closed under: Union Concatenation Star operation Reverse.

1 More Properties of Regular Languages. 2 We have proven Regular languages are closed under: Union Concatenation Star operation Reverse.
Costas Busch - RPI1 Standard Representations of Regular Languages Regular Languages DFAs NFAs Regular Expressions Regular Grammars.

Costas Busch - RPI1 Standard Representations of Regular Languages Regular Languages DFAs NFAs Regular Expressions Regular Grammars.
Penn ESE535 Spring 2008 -- DeHon 1 ESE535: Electronic Design Automation Day 7: February 11, 2008 Static Timing Analysis and Multi-Level Speedup.

Penn ESE535 Spring DeHon 1 ESE535: Electronic Design Automation Day 7: February 11, 2008 Static Timing Analysis and Multi-Level Speedup.
Computation Engines: BDDs and SAT (part 2) 290N: The Unknown Component Problem Lecture 8.

Computation Engines: BDDs and SAT (part 2) 290N: The Unknown Component Problem Lecture 8.
ECE 667 - Synthesis & Verification - L211 ECE 697B (667) Spring 2006 Synthesis and Verification of Digital Systems Verification Equivalence checking.

ECE Synthesis & Verification - L211 ECE 697B (667) Spring 2006 Synthesis and Verification of Digital Systems Verification Equivalence checking.
Penn ESE535 Spring 2009 -- DeHon 1 ESE535: Electronic Design Automation Day 12: March 2, 2009 Sequential Optimization (FSM Encoding)

Penn ESE535 Spring DeHon 1 ESE535: Electronic Design Automation Day 12: March 2, 2009 Sequential Optimization (FSM Encoding)
Fall 2004COMP 3351 Standard Representations of Regular Languages Regular Languages DFAs NFAs Regular Expressions Regular Grammars.

Fall 2004COMP 3351 Standard Representations of Regular Languages Regular Languages DFAs NFAs Regular Expressions Regular Grammars.
Theory of Computing Lecture 22 MAS 714 Hartmut Klauck.

Theory of Computing Lecture 22 MAS 714 Hartmut Klauck.
CS 3240 - Chapter 2. LanguageMachineGrammar RegularFinite AutomatonRegular Expression, Regular Grammar Context-FreePushdown AutomatonContext-Free Grammar.

CS Chapter 2. LanguageMachineGrammar RegularFinite AutomatonRegular Expression, Regular Grammar Context-FreePushdown AutomatonContext-Free Grammar.
Penn ESE535 Spring 2009 -- DeHon 1 ESE535: Electronic Design Automation Day 15: March 18, 2009 Static Timing Analysis and Multi-Level Speedup.

Penn ESE535 Spring DeHon 1 ESE535: Electronic Design Automation Day 15: March 18, 2009 Static Timing Analysis and Multi-Level Speedup.
FORMAL LANGUAGES, AUTOMATA AND COMPUTABILITY 15-453.

FORMAL LANGUAGES, AUTOMATA AND COMPUTABILITY

Similar presentations

Ads by Google