Transaction Based Modeling and Verification of Hardware Protocols Xiaofang Chen, Steven M. German and Ganesh Gopalakrishnan Supported in part by SRC Contract.

Slides:

Advertisements

Similar presentations

Functional Decompositions for Hardware Verification With a few speculations on formal methods for embedded systems Ken McMillan.

Advertisements

Implementation and Verification of a Cache Coherence protocol using Spin Steven Farago.

Tintu David Joy. Agenda Motivation Better Verification Through Symmetry-basic idea Structural Symmetry and Multiprocessor Systems Mur ϕ verification system.

DATE 2003, Munich, Germany Formal Verification of a System-on-Chip Bus Protocol Abhik Roychoudhury Tulika Mitra S.R. Karri National University of Singapore.

Copyright  2003 Dan Gajski and Lukai Cai 1 Transaction Level Modeling: An Overview Daniel Gajski Lukai Cai Center for Embedded Computer Systems University.

Use trace algebra to formalize the YAPI model EE290N Spring2002 Alessandro Pinto Mentors: Roberto Passerone Jerry Burch.

Promising Directions in Hardware Design Verification Shaz Qadeer Serdar Tasiran Compaq Systems Research Center.

Introducing Formal Methods, Module 1, Version 1.1, Oct., Formal Specification and Analytical Verification L 5.

Hierarchical Cache Coherence Protocol Verification One Level at a Time through Assume Guarantee Xiaofang Chen, Yu Yang, Michael Delisi, Ganesh Gopalakrishnan.

Department of Computer Sciences Revisiting the Complexity of Hardware Cache Coherence and Some Implications Rakesh Komuravelli Sarita Adve, Ching-Tsun.

Using Formal Specifications to Monitor and Guide Simulation: Verifying the Cache Coherence Engine of the Alpha Microprocessor Serdar Tasiran Systems.

1 Lecture 4: Directory Protocols Topics: directory-based cache coherence implementations.

Decomposing Refinement Proofs using Assume-Guarantee Reasoning Tom Henzinger (UC Berkeley) Shaz Qadeer (Compaq Research) Sriram Rajamani (Microsoft Research)

Transaction Based Modeling and Verification of Hardware Protocols Xiaofang Chen, Steven M. German and Ganesh Gopalakrishnan Supported in part by SRC Contract.

Transaction Based Modeling and Verification of Hardware Protocols Xiaofang Chen, Steven M. German and Ganesh Gopalakrishnan Supported in part by Intel.

44 nd DAC, June 4-8, 2007 Processor External Interrupt Verification Tool (PEVT) Fu-Ching Yang, Wen-Kai Huang and Ing-Jer Huang Dept. of Computer Science.

1 Adaptive History-Based Memory Schedulers Ibrahim Hur and Calvin Lin IBM Austin The University of Texas at Austin.

6/14/991 Symbolic verification of systems with state machines David L. Dill Jeffrey Su Jens Skakkebaek Computer System Laboratory Stanford University.

Background information Formal verification methods based on theorem proving techniques and modelchecking –to prove the absence of errors (in the formal.

Presenter: PCLee – This paper outlines the MBAC tool for the generation of assertion checkers in hardware. We begin with a high-level presentation.

Reporter:PCLee With a significant increase in the design complexity of cores and associated communication among them, post-silicon validation.

1 Scaling Formal Methods toward Hierarchical Protocols in Shared Memory Processors: Annual Review Presentation – April 2007 Presenters: Ganesh Gopalakrishnan.

Scaling Formal Methods Toward Hierarchical Protocols in Shared Memory Processors Presenters: Ganesh Gopalakrishnan and Xiaofang Chen School of Computing,

1 A Compositional Approach to Verifying Hierarchical Cache Coherence Protocols Xiaofang Chen 1 Yu Yang 1 Ganesh Gopalakrishnan 1 Ching-Tsun Chou 2 1 University.

VIDE Integrated Environment for Development and Verification of Programs.

Formalisms and Verification for Transactional Memories Vasu Singh EPFL Switzerland.

Behavioral Design Outline –Design Specification –Behavioral Design –Behavioral Specification –Hardware Description Languages –Behavioral Simulation –Behavioral.

ECE Synthesis & Verification1 ECE 667 Spring 2011 Synthesis and Verification of Digital Systems Verification Introduction.

Verification of Hierarchical Cache Coherence Protocols for Future Processors Student: Xiaofang Chen Advisor: Ganesh Gopalakrishnan.

Modular Verification of Multithreaded Software Shaz Qadeer Compaq Systems Research Center Shaz Qadeer Compaq Systems Research Center Joint work with Cormac.

Transaction Ordering Verification using Trace Inclusion Refinement Mike Jones 11 January 2000.

1 Scaling Formal Methods Toward Hierarchical Protocols in Shared Memory Processors Joint work with Xiaofang Chen (PhD student) Ching-Tsun Chou (Intel Corporation,

Transaction Ordering Verification using Trace Inclusion Refinement Mike Jones 11 January 2000.

Fundamentals of Simulation-Based Verification 1.Structure of a Testbench - stimulus, checkers, etc. 2.Observation and Assertions - automatic checking of.

Scaling Formal Methods Toward Hierarchical Protocols in Shared Memory Processors Presenters: Ganesh Gopalakrishnan and Xiaofang Chen School of Computing,

Utah Verifier Group Research Overview Robert Palmer.

Operational Semantics Semantics with Applications Chapter 2 H. Nielson and F. Nielson

Word Level Predicate Abstraction and Refinement for Verifying RTL Verilog Himanshu Jain Daniel Kroening Natasha Sharygina Edmund Clarke Carnegie Mellon.

Counterexample Guided Invariant Discovery for Parameterized Cache Coherence Verification Sudhindra Pandav Konrad Slind Ganesh Gopalakrishnan.

1 Reducing Verification Complexity of a Multicore Coherence Protocol Using Assume/Guarantee Xiaofang Chen 1, Yu Yang 1, Ganesh Gopalakrishnan 1, Ching-Tsun.

Formal Verification of SpecC Programs using Predicate Abstraction Himanshu Jain Daniel Kroening Edmund Clarke Carnegie Mellon University.

Principle of Functional Verification Chapter 1~3 Presenter : Fu-Ching Yang.

1 Shared-memory Architectures Adapted from a lecture by Ian Watson, University of Machester.

The chapter will address the following questions:

Maria-Cristina Marinescu Martin Rinard Laboratory for Computer Science Massachusetts Institute of Technology A Synthesis Algorithm for Modular Design of.

Using Mathematica for modeling, simulation and property checking of hardware systems Ghiath AL SAMMANE VDS group : Verification & Modeling of Digital systems.

A Simple Method for Extracting Models from Protocol Code David Lie, Andy Chou, Dawson Engler and David Dill Computer Systems Laboratory Stanford University.

Reporter: PCLee. Although assertions are a great tool for aiding debugging in the design and implementation verification stages, their use.

Joseph Cordina 1/11 The Use of Model-Checking for the Verification of Concurrent Algorithms Joseph Cordina Department of C.S.&A.I.

TEMPLATE DESIGN © Hardware Design, Synthesis, and Verification of a Multicore Communication API Ben Meakin, Ganesh Gopalakrishnan.

An Ontological Framework for Web Service Processes By Claus Pahl and Ronan Barrett.

Design & Co-design of Embedded Systems Next Step: Transaction-Level Modeling Maziar Goudarzi.

© 2006 Synopsys, Inc. (1) CONFIDENTIAL Simulation and Formal Verification: What is the Synergy? Carl Pixley Disclaimer: These opinions are mine alone and.

Using Cycle-Accurate Contract Specifications for Testing Hardware Models Alexander Kamkin Institute for System Programming of RAS

- 1 -  P. Marwedel, Univ. Dortmund, Informatik 12, 05/06 Universität Dortmund Validation - Formal verification -

ATG SoC Memory Modeling in ESL-RTL Equivalence Checking Alfred Koelbl, Jerry Burch, Carl Pixley Advanced Technology Group Synopsys, Inc. June 2007.

From Hoare Logic to Matching Logic Reachability Grigore Rosu and Andrei Stefanescu University of Illinois, USA.

Reasoning about the Behavior of Semantic Web Services with Concurrent Transaction Logic Presented By Dumitru Roman, Michael Kifer University of Innsbruk,

Theory-Aided Model Checking of Concurrent Transition Systems Guy Katz, Clark Barrett, David Harel New York University Weizmann Institute of Science.

2016/2/ “Formal verification of a public-domain DDR2 controller design”, VLSI Design Author: Abhishek Datta, Vigyan Singhal Speaker: Chia-Wei.

Formal Verification. Background Information Formal verification methods based on theorem proving techniques and modelchecking –To prove the absence of.

Parosh Aziz Abdulla 1, Mohamed Faouzi Atig 1, Zeinab Ganjei 2, Ahmed Rezine 2 and Yunyun Zhu 1 1. Uppsala University, Sweden 2. Linköping University, Sweden.

11th International Conference on Web-Age Information Management July 15-17, 2010 Jiuzhaigou, China V Locking Protocol for Materialized Aggregate Join Views.

1 Lecture 8: Snooping and Directory Protocols Topics: 4/5-state snooping protocols, split-transaction implementation details, directory implementations.

Xiaofang Chen1 Yu Yang1 Ganesh Gopalakrishnan1 Ching-Tsun Chou2

Opeoluwa Matthews, Jesse Bingham, Daniel Sorin

Property Directed Reachability with Word-Level Abstraction

Formal Verification of Partial Good Self-Test Fencing Structures

Transaction Level Modeling: An Overview

Coherent caches Adapted from a lecture by Ian Watson, University of Machester.

Presentation transcript:

Transaction Based Modeling and Verification of Hardware Protocols Xiaofang Chen, Steven M. German and Ganesh Gopalakrishnan Supported in part by SRC Contract TJ1318 Also supported thru an IBM Summer Internship

2 Cycle accurate RTL level Hardware Protocols Specification Abstraction level Model size

3 Problem Addressed  Specifications –Usually verifiable –But do they correctly represent the implementations?  RTL implementations –Real designs usually too complex to be verified – Even if verifiable, does the impl meet the spec?  Our goal – Develop a practical approach to check refinement

4 Project Summary  This paper –Basic refinement theory and implementation –Preliminary experiment results  More experiment results –A complete case study on a benchmark protocol – Bugs found – Verification time: over a day  30 min

5 Outline  Our approach of refinement check  Compositional refinement check  Experimental results and related work

6 Differences in Modeling: Specs vs. Impls home remote buf router One step in high-level Multiple steps in low-level home remote

7 Differences in Execution: Specs vs. Impls Interleaving in HL Concurrency in LL

8 Our Approach of Refinement  Modeling –Specification: Murphi –Implementation: Hardware Murphi  Use transactions in Impl to relate to Spec  Verification –Muv: Hardware Murphi  synthesizable VHDL –Tool: IBM SixthSense

9 Hardware Murphi  Murphi extension by S. German and G. Janssen  A concurrent shared variable language –On each cycle Multiple transitions execute concurrently Exclusive write to a variable Shared reads to variables Write immediately visible within the same transition Write visible to other transitions on the next cycle  Support transactions, signals, etc

10 Transactions  Group a multi-step execution in implementations Spec Impl

11 Tool: Muv  Initially developed by S. German and G. Janssen  Hardware Murphi  synthesizable VHDL  Generate refinement assertions  Other usages: –Write verification drivers/checkers –Prototype VHDL implementations –Cycle-accurate modeling

12 Our Definition of Refinement … l0l0 … h n0 l1l1 l2l2 h n1 h n2 … … Impl: Spec: Category 1: interface vars

13 Our Definition of Refinement … l0l0 … h n0 l1l1 l2l2 h n1 h n2 … … Impl: Spec: Category 2: transactional vars

14 Our Definition of Refinement … l0l0 … h n0 l1l1 l2l2 h n1 h n2 … … Impl: Spec: Category 3: non-observable vars

15 Our Refinement Check Spec( I ) I Spec( I ’) Spec transition Multi-step Impl transaction I’ Guard for Spec transition must hold I is a reachable Impl state Observable vars changed by either must match

16 An Example of Refinement Check Transaction Rule-1 guard1 action1; Rule-2 guard2 action2; Rule-3 guard3 action3; End; assert impl_var1 = spec_var1; assert impl_var2 = spec_var2; … assert spec_guard; spec_action;

17 Workflow of Our Refinement Check Hardware Murphi Impl model Product model in Hardware Murphi Product model in VHDL Murphi Spec model Property check Muv Check implementation meets specification

18 Driving Benchmark Buf Remote DirCache Mem Router Buf Local Home Remote DirCache Mem S. German and G. Janssen, IBM Research Tech Report 2006 Local Home

19 Bugs Found with Refinement Check  Benchmark satisfies cache coherence already  Bugs still found –Bug 1: router unit loses messages –Bug 2: home unit replies twice for one request –Bug 3: cache unit gets updated twice from one reply  Refinement check is a convenient way of constructing checks

20 Outline Our approach of refinement check  Compositional refinement check  Experimental results and related work

21 Model Checking Approaches  Monolithic –Product model + property check  Compositional –Divide and conquer Product model in VHDL Monolithic Compositional

22 Compositional Refinement Check Spec( I ) I Spec( I ’) Spec transition Multi-step Impl transaction I’ Guard for Spec transition must hold I is a reachable Impl state Observable vars changed by either must match

23 Basic Techniques of Our Compositional Approach  Abstraction –Removing details to make verification easier  Assume guarantee –A form of induction which introduces assumptions and justifies them

24 Abstraction  Change variables to free input variables  Add all transitions that write to a variable to the submodel  If a read of a variable is self-sourced, this read is conservatively abstract

25 Assume Guarantee Reasoning Transaction-i Transaction-j write impl v write spec v read free input spec v, impl v Guarantee: spec v = impl v Assume: input spec v = input impl v

26 Additional Checks Needed for Abstraction & A/G  Write-write conflicts  Serializability check  Read-write dependencies  Currently performed on the monolithic model  Only involve the control logic

27 Outline Our approach of refinement check Compositional refinement check  Experimental results and related work

28 Experiment Results with SixthSense Verification Time 1-bit 10-bit 1-day Datapath 30 min Monolithic approach Compositional approach * Configuration: Node = 2, Addr = 2

29 Related Work  Bluespec –Arvind et al.  Aggregation of distributed actions –Park and Dill  Compositional verification –Many previous works: McMillan[97], C. B. Jones[83], etc.

30 Conclusion  Developed a formal theory of refinement  Developed a compositional approach  Obtained promising experimental results

31 Future Work  Simulation-based check –VHDL design + Hardware Murphi test cases  Planned Work –Mechanize the tool –More case studies, eg. pipelining

32  IBM SixthSense, RuleBase  Cadence IFV Thanks

33 Questions?