Compositional Verification for System-on-Chip Designs SRC Student Symposium Paper 16.5 Nishant Sinha Edmund Clarke Carnegie Mellon University.

Slides:

Advertisements

Similar presentations

The Quest for Correctness Joseph Sifakis VERIMAG Laboratory 2nd Sogeti Testing Academy April 29th 2009.

Advertisements

Copyright 2000 Cadence Design Systems. Permission is granted to reproduce without modification. Introduction An overview of formal methods for hardware.

Tintu David Joy. Agenda Motivation Better Verification Through Symmetry-basic idea Structural Symmetry and Multiprocessor Systems Mur ϕ verification system.

Auto-Generation of Test Cases for Infinite States Reactive Systems Based on Symbolic Execution and Formula Rewriting Donghuo Chen School of Computer Science.

M ODEL CHECKING -Vasvi Kakkad University of Sydney.

Algorithmic Software Verification VII. Computation tree logic and bisimulations.

CS 267: Automated Verification Lecture 8: Automata Theoretic Model Checking Instructor: Tevfik Bultan.

Translation-Based Compositional Reasoning for Software Systems Fei Xie and James C. Browne Robert P. Kurshan Cadence Design Systems.

Efficient representation for formal verification of PLC programs Vincent Gourcuff, Olivier de Smet and Jean-Marc Faure LURPA – ENS de Cachan.

Promising Directions in Hardware Design Verification Shaz Qadeer Serdar Tasiran Compaq Systems Research Center.

Introducing Formal Methods, Module 1, Version 1.1, Oct., Formal Specification and Analytical Verification L 5.

Verification of Evolving Software Natasha Sharygina Joint work with Sagar Chaki and Nishant Sinha Carnegie Mellon University.

Architecture-aware Analysis of Concurrent Software Rajeev Alur University of Pennsylvania Amir Pnueli Memorial Symposium New York University, May 2010.

Abstraction and Modular Reasoning for the Verification of Software Corina Pasareanu NASA Ames Research Center.

ECE Synthesis & Verification - L271 ECE 697B (667) Spring 2006 Synthesis and Verification of Digital Systems Model Checking basics.

Model Checking I What are LTL and CTL?. and or dreq q0 dack q0bar.

UPPAAL Introduction Chien-Liang Chen.

Presenter: PCLee VLSI Design, Automatic and Test, (VLSI-TSA-DAT).

Model Checking : Making Automatic Formal Verification Scale Shaz Qadeer EECS Department University of California at Berkeley.

Efficient Reachability Analysis for Verification of Asynchronous Systems Nishant Sinha.

Presenter: PCLee – This paper outlines the MBAC tool for the generation of assertion checkers in hardware. We begin with a high-level presentation.

Automated assume-guarantee reasoning for component verification Dimitra Giannakopoulou (RIACS), Corina Păsăreanu (Kestrel) Automated Software Engineering.

Digitaalsüsteemide verifitseerimise kursus1 Formal verification: Property checking Property checking.

The Software Model Checker BLAST by Dirk Beyer, Thomas A. Henzinger, Ranjit Jhala and Rupak Majumdar Presented by Yunho Kim Provable Software Lab, KAIST.

1 Learning Assumptions for Compositional Verification J. M. Cobleigh, D. Giannakopoulou and C. S. Pasareanu Presented by: Sharon Shoham.

Model Checking. Used in studying behaviors of reactive systems Typically involves three steps: Create a finite state model (FSM) of the system design.

1 Carnegie Mellon UniversitySPINFlavio Lerda SPIN An explicit state model checker.

1 Predicate Abstraction of ANSI-C Programs using SAT Edmund Clarke Daniel Kroening Natalia Sharygina Karen Yorav (modified by Zaher Andraus for presentation.

Predicate Abstraction for Software and Hardware Verification Himanshu Jain Model checking seminar April 22, 2005.

Review of the automata-theoretic approach to model-checking.

© 2007 Carnegie Mellon University Optimized L*-based Assume-Guarantee Reasoning Sagar Chaki, Ofer Strichman March 27, 2007.

Word Level Predicate Abstraction and Refinement for Verifying RTL Verilog Himanshu Jain Daniel Kroening Natasha Sharygina Edmund Clarke Carnegie Mellon.

1 Formal Engineering of Reliable Software LASER 2004 school Tutorial, Lecture1 Natasha Sharygina Carnegie Mellon University.

Compositional Verification of Evolving Component-based Systems Nishant Sinha ECE, CMU PhD Proposal Presentation.

Formal verification Marco A. Peña Universitat Politècnica de Catalunya.

Formal Verification of SpecC Programs using Predicate Abstraction Himanshu Jain Daniel Kroening Edmund Clarke Carnegie Mellon University.

272: Software Engineering Fall 2012 Instructor: Tevfik Bultan Lecture 4: SMT-based Bounded Model Checking of Concurrent Software.

MCAI 2.0 Model Checking in Ten Minutes Edmund Clarke School of Computer Science Carnegie Mellon University.

Maria-Cristina Marinescu Martin Rinard Laboratory for Computer Science Massachusetts Institute of Technology A Synthesis Algorithm for Modular Design of.

Presenter : Cheng-Ta Wu Vijay D’silva, S. Ramesh Indian Institute of Technology Bombay Arcot Sowmya University of New South Wales, Sydney.

Verification technique on SA applications using Incremental Model Checking 컴퓨터학과 신영주.

Cheng/Dillon-Software Engineering: Formal Methods Model Checking.

Formal Verification of fFSM Model Sachoun Park, Gihwon Kwon Department of Computer Science Kyonggi University, Korea IWFST, Shanghai, China,

Finite-State Verification. A quick look at three approaches to FSV Model Checking Flow Equations Data Flow Analysis FLAVERS.

Speaking Bluntly about SharpHDL: Some Old Stuff and Some Other Proposed Future Extensions Gordon J. Pace & Christine Vella Synchron’05 Malta, November.

Learning Based Assume-Guarantee Reasoning Corina Păsăreanu Perot Systems Government Services, NASA Ames Research Center Joint work with: Dimitra Giannakopoulou.

Automatic Assumption Generation for Compositional Verification Dimitra Giannakopoulou (RIACS), Corina Păsăreanu (Kestrel) Automated Software Engineering.

B. Fernández, D. Darvas, E. Blanco Formal methods appliedto PLC code verification Automation seminar CERN – IFAC (CEA) 02/06/2014.

CS6133 Software Specification and Verification

Dynamic Component Substitutability Analysis Edmund Clarke Natasha Sharygina* Nishant Sinha Carnegie Mellon University The University of Lugano.

CIS 540 Principles of Embedded Computation Spring Instructor: Rajeev Alur

Quality Driven SystemC Design By Nasir Mahmood. Hybrid Approach The idea here is to combine the strengths of simulation – namely the ability to handle.

CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.

Towards a Compositional SPIN Corina Păsăreanu QSS, NASA Ames Research Center Dimitra Giannakopoulou RIACS/USRA, NASA Ames Research Center.

1 Predicate Abstraction and Refinement for Verifying Hardware Designs Himanshu Jain Joint work with Daniel Kroening, Natasha Sharygina, Edmund M. Clarke.

Learning Symbolic Interfaces of Software Components Zvonimir Rakamarić.

Learning Universally Quantified Invariants of Linear Data Structures Pranav Garg 1, Christof Loding, 2 P. Madhusudan 1 and Daniel Neider 2 1 University.

Formal Verification. Background Information Formal verification methods based on theorem proving techniques and modelchecking –To prove the absence of.

Automated Formal Verification of PLC (Programmable Logic Controller) Programs

SystemC Semantics by Actors and Reduction Techniques in Model Checking Marjan Sirjani Formal Methods Lab, ECE Dept. University of Tehran, Iran MoCC 2008.

Verifying Component Substitutability Nishant Sinha Sagar Chaki Edmund Clarke Natasha Sharygina Carnegie Mellon University.

On Concurrency Idioms and their Effect on Program Analysis Weizmann Institute of Science Guy Katz and David Harel.

Symbolic Model Checking of Software Nishant Sinha with Edmund Clarke, Flavio Lerda, Michael Theobald Carnegie Mellon University.

CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.

Fundamentals of Fault-Tolerant Distributed Computing In Asynchronous Environments Paper by Felix C. Gartner Graeme Coakley COEN 317 November 23, 2003.

Presentation Title 2/4/2018 Software Verification using Predicate Abstraction and Iterative Refinement: Part Bug Catching: Automated Program Verification.

What is the SMV (Symbolic Model Verifier) System ?

High-Level Abstraction of Concurrent Finite Automata

An explicit state model checker

Introduction to SMV 2/19/2003.

Presentation transcript:

Compositional Verification for System-on-Chip Designs SRC Student Symposium Paper 16.5 Nishant Sinha Edmund Clarke Carnegie Mellon University

Nishant Sinha, Carnegie Mellon University 2 Overview Compositional Reasoning Verifying HDL challenges Synchronous Intermediate Language (SIL) Automated Compositional Reasoning for SIL An example Making it efficient

Nishant Sinha, Carnegie Mellon University 3 Compositional Reasoning Verification of a concurrent hardware/software system by direct composition does not scale –State space explosion Compositional Reasoning is a divide-and-conquer approach to alleviate the state space explosion M1M1 M2M2 P? M1M1 M2M2 P1?P1? P2?P2? P

Nishant Sinha, Carnegie Mellon University 4 HDL Verification Hardware Description Languages (HDLs) –Verilog, SystemC, SystemVerilog –Basis of industrial SoC design Towards formal verification –Problems: informally specified semantics, language peculiarities –Need standard formal semantics Although informal semantics differ, several notions/operators are common –Synchronous execution via delta-cycles, blocking/non-blocking assignments We define a synchronous intermediate language (SIL) with common HDL operators and constructs

Nishant Sinha, Carnegie Mellon University 5 Synchronous Intermediate Lang. (SIL) A SIL Program consists of one or more modules –Modules execute synchronously –Communicate by global shared variables Each module specified in an imperative style –Initialization and Combinational Logic blocks Variable Types: bit-vectors, integers Guarded control flow Blocking (Immediate)/ Non-blocking (Delayed) assignments

Nishant Sinha, Carnegie Mellon University 6 A SIL Program Example Module bus { INIT { ack = 0;} LOGIC { } do :: true ! if :: !req ! ack <= 0; :: else ! ack <= 2; fi; pause; od; } Module node { INIT { req = false; err = false;} LOGIC { } do :: true ! req <= true; if :: ack==0 ! err <= false; :: else ! err <= true; fi; pause; od; } bv ack; bool req, err;

Nishant Sinha, Carnegie Mellon University 7 SIL Safety Property Checking We have defined SIL program semantics in terms of composition of Kripke Structures The specification is provided as a Communicating Finite Automata (CFA) –Alphabet  = { (I,O) | I and O are constraints on previous and next states} Kripke M µ CFA P –Finite language containment: L(M) µ L(P) (err:1, ack: X) (err:0, ack: X)

Nishant Sinha, Carnegie Mellon University 8 Automated Compositional Reasoning Assume-Guarantee Reasoning (AGR) –M 1, M 2 are Kripke structures, P is a CFA Automatically generate assumption CFA A –Based on work by Cobleigh et al. ’03 Use learning algorithm for regular languages, L* –L* is assisted by a model checker M 1 || A  P M 2  A M 1 || M 2  P AG - Non Circular

Nishant Sinha, Carnegie Mellon University 9 L* learner Learning Regular languages: L* Proposed by D. Angluin, improved by Rivest et al. –Learning regular sets from queries and counterexamples, Information and Computation, 75(2), –Learns the minimal DFA corresponding to an unknown regular lang. Minimally adequate Teacher IsMember( trace  ) IsCandidate( DFA D ) a b a b Unknown Regular Language U ±Counterexample/ Yes Modelchecker Yes/No Minimum DFA Polynomial in the number of states and length of max counterexample

Nishant Sinha, Carnegie Mellon University 10 Automated AGR using L* R 1 : M 1 || A  P R 2 : M 2  A true L* Assumption Generation A CE CE Analysis Actual CE M 1 || M 2  P -CE for A +CE for A Teacher M 1 || M 2  P true

Nishant Sinha, Carnegie Mellon University 11 AGR for SIL programs Continued from previous example.. –M 1 = node, M 2 = bus, –P checks for (err==1) An assumption CFA A for module M 1 is (req == X, ack != 0) (req == X, ack == 0) (req == X, ack == X) Environment should never write (ack != 0) M 1 || A  P M 2  A M 1 || M 2  P

Nishant Sinha, Carnegie Mellon University 12 Making it efficient Two main problems: –Each module itself has a huge state space Idea: Use Bounded model checker as a teacher Fast membership query replies –Naïve learning suffers from alphabet explosion Idea: Cluster alphabet during learning Fewer membership queries Ongoing implementation in SYMODA –SYnchronous MODular Analyzer

Nishant Sinha, Carnegie Mellon University 13 Related Work RTL Verilog program verification –Via Predicate abstraction Andraus et al., Jain et al. –Via Symbolic Simulation Kolbl et al. Via Translations to SMV-like languages –Verilog: VIS, Brayton et al. –SystemC: Moy et al., Tahar et al. None of these approaches are compositional

Nishant Sinha, Carnegie Mellon University 14 Related Work Compositional Hardware Verification –Mcmillan ’99 (using SMV) –Khashidashvili et al. ’06 (net-list level) –Chen et al. ’06 (using Murphi) –… None of the above approaches are automated