Presentation is loading. Please wait.

Presentation is loading. Please wait.

Sequential Verification Overview Robert Brayton UC Berkeley.

Published byEdward Austin Modified over 8 years ago

Similar presentations

Presentation on theme: "Sequential Verification Overview Robert Brayton UC Berkeley."— Presentation transcript:

1 Sequential Verification Overview Robert Brayton UC Berkeley

2 2 Overview Sequential verification Sequential verification Problem representation Problem representation Verification flow Verification flow Verification engines Verification engines Examples Examples Future work Future work

3 3 Sequential Verification Property checking Property checking Create miter from the design and the property Create miter from the design and the property Equivalence checking Equivalence checking Create miter from two versions of the same design Create miter from two versions of the same design Assuming the initial state is given Assuming the initial state is given The goal is to prove that the output of the miter is 0, for all states reachable from the initial The goal is to prove that the output of the miter is 0, for all states reachable from the initial D2 D1 Equivalence checking miter 0 D1 Property checking miter 0 p

4 4 Comb / Seq Verification Combinational miter Combinational miter Primary inputs Primary inputs Primary output(s) Primary output(s) Logic gates Logic gates y=0 Sequential miter Sequential miter Primary inputs Primary inputs Primary output(s) Primary output(s) Logic gates Logic gates FF’s with initial state FF’s with initial state ? y=0 for all time ? Comb logic Seq logic xx Logic is represented using AIGs

5 5 Why AIGs in Verification? Easy to construct, relatively compact, robust Easy to construct, relatively compact, robust 1M AIG ~ 12Mb RAM 1M AIG ~ 12Mb RAM Can be efficiently stored on disk Can be efficiently stored on disk 3-4 bytes / AIG node (1M AIG ~ 4Mb file) 3-4 bytes / AIG node (1M AIG ~ 4Mb file) Unifying representation Unifying representation Used by different verification engines Used by different verification engines Easy to pass around, duplicate, save Easy to pass around, duplicate, save Compatible with SAT solvers Compatible with SAT solvers Efficient AIG-to-CNF conversion available Efficient AIG-to-CNF conversion available “AIGs + simulation + SAT” works well in many cases “AIGs + simulation + SAT” works well in many cases

6 6 AIG Tricks Structural hashing Structural hashing Performs AIG compaction Performs AIG compaction Is applied on-the-fly during AIG construction Is applied on-the-fly during AIG construction Propagates constants Propagates constants Makes each node structurally unique Makes each node structurally unique Complemented edges Complemented edges Represents inverters as attributes on the edges Represents inverters as attributes on the edges No memory used for inverters No memory used for inverters Increases logic sharing using DeMorgan’s rule Increases logic sharing using DeMorgan’s rule Leads to fast, uniform manipulation Leads to fast, uniform manipulation Memory allocation Memory allocation Uses fixed amount of memory for each node Uses fixed amount of memory for each node Can be done by a simple custom memory manager Can be done by a simple custom memory manager Dynamic fanout manipulation is supported! Dynamic fanout manipulation is supported! Allocates memory for nodes in a topological order Allocates memory for nodes in a topological order Optimized for traversal in the same topological order Optimized for traversal in the same topological order Small static memory footprint in many applications Small static memory footprint in many applications Computes fanout information on demand Computes fanout information on demand ab c d ab c d Without hashing With hashing

7 7 Integrated Verification Flow 1. Initial fast simplification of the logic Forward retime and do FF correspondence Forward retime and do FF correspondence Min FF retime Min FF retime Extract implicit constraints and use them to find signal equivalences Extract implicit constraints and use them to find signal equivalences Fold back the constraints Fold back the constraints If ever a constraint is not satisfied, make the output 0 forever. If ever a constraint is not satisfied, make the output 0 forever. Trim away irrelevant inputs Trim away irrelevant inputs Try phase abstraction Try phase abstraction

8 8 Integrated Verification Flow 2. Abstraction Use new CBA/PBA method of N. Een Use new CBA/PBA method of N. Een Uses single instance of SAT solver Uses single instance of SAT solver Uses counter-example based abstraction Uses counter-example based abstraction Refined with proof-based abstraction Refined with proof-based abstraction Checked afterward with BMC, BDDs, and simulation for CEX’s and refined if necessary. Checked afterward with BMC, BDDs, and simulation for CEX’s and refined if necessary.

9 9 Integrated Verification Flow 3. Speculation (IBM Austin) Simulation used to find candidate equivalences. Simulation used to find candidate equivalences. These are used to build a “speculative miter” These are used to build a “speculative miter” All equivalences are used to simplify miter All equivalences are used to simplify miter Each equivalence is XORed to produce a new output which is a proof obligation Each equivalence is XORed to produce a new output which is a proof obligation If any output is disproved, need to build a new speculative miter. If any output is disproved, need to build a new speculative miter. The result is checked with BMC, BDDs and simulation for CEX’s and refined if necessary. The result is checked with BMC, BDDs and simulation for CEX’s and refined if necessary.

10 10 Integrated Verification Flow 4. Final high-effort verification check Try BDD reachability if problem small enough Try BDD reachability if problem small enough Use interpolation Use interpolation In a rare case, can prove outputs using induction. In a rare case, can prove outputs using induction. As a last effort, check initial simplified circuit using heavy BMC to see if it was SAT. As a last effort, check initial simplified circuit using heavy BMC to see if it was SAT.

11 11 Read_file IE1.aig PIs = 532, POs = 1, FF = 2389, ANDs = 12049 proveSimplifying Number of constraints = 3 Forward retiming, quick_simp, scorr_comp, trm: PIs = 532, POs = 1, FF = 2342, ANDs = 11054 Simplify: PIs = 532, POs = 1, FF = 2335, ANDs = 10607 Phase abstraction: PIs = 283, POs = 2, FF = 1460, ANDs = 8911 Abstracting Initial abstraction: PIs = 1624, POs = 2, FF = 119, ANDs = 1716, max depth = 39 Testing with BMC bmc3 -C 100000 -T 50 -F 78: No CEX found in 51 frames Latches reduced from 1460 to 119 Simplify: PIs = 1624, POs = 2, FF = 119, ANDs = 1687, max depth = 51 Trimming: PIs = 158, POs = 2, FF = 119, ANDs = 734, max depth = 51 Simplify: PIs = 158, POs = 2, FF = 119, ANDs = 731, max depth = 51 Speculating Initial speculation: PIs = 158, POs = 26, FF = 119, ANDs = 578, max depth = 51 Fast interpolation: reduced POs to 24 Testing with BMC bmc3 -C 150000 -T 75: No CEX found in 1999 frames PIs = 158, POs = 24, FF = 119, ANDs = 578, max depth = 1999 Simplify: PIs = 158, POs = 24, FF = 119, ANDs = 535, max depth = 1999 Trimming: PIs = 86, POs = 24, FF = 119, ANDs = 513, max depth = 1999 Verifying Running reach -v -B 1000000 -F 10000 -T 75: BDD reachability aborted RUNNING interpolation with 20000 conflicts, 50 sec, max 100 frames: 'UNSAT‘ Elapsed time: 457.87 seconds, total: 458.52 seconds Example 1

12 12 NOTES: 1.The file IE1.aig is first read in and its statistics are reported as 532 primary inputs, 1 output, 2389 flip-flops, and 12049 AIG nodes. 2.3 implicit constraints were found, but they were only mildly useful in simplifying the problem. 3.Phase abstraction found a cycle of length 2 and this was useful for simplifying the problem to 1460 FF from 2335 FF. Note that the number of outputs increased to 2 because the problem was unrolled 2 time frames. 4.Abstraction was very successful in reducing the FF count to 119. This was proved valid out to 39 time frames. 5.BMC verified that the abstraction produced is actually valid at least to 51 frames, which gives us good confidence that the abstraction is valid for all time. 6.Trimming reduced the inputs relevant to the abstraction from 1624 to 158 and simplify reduced the number of AIG nodes to 731. 7.Speculate produced a speculative reduced model (SRM) with 24 new outputs to be proved and low resource interpolation proved 2 of them. The SRM model is simpler and has only 578 AIG nodes. The SRM was tested with BMC and proved valid out to 1999 frames. 8.Subsequent trimming and simplification reduced the PIs to 86 and the AIG nodes to 513. 9.The final verification step first tried BDD reachability allowing it 75 sec. and to grow to up to 1M BDD nodes. It could not converge with these resources so it was aborted. Then interpolation was able to prove UNSAT, and hence all 24 outputs are proved. 10.Although quick_verify was applied between simplification and abstraction, and between abstraction and speculation, it was not able to prove anything, so its output is not shown. 11.The total time for this proof was 457 sec. run on a Lenovo X301 laptop.

13 13 def prove(a): global x_factor,xfi,f_name max_bmc = -1 K = 0 set_globals() status = pre_simp() if status <= Unsat: return RESULT[status] ABC('trm') ABC('write backup 0’) K = K +1 set_globals() if ((n_ands() < 30000) and (a == 1) and (n_latches() < 300)): status = quick_verify(0) if ((status == Unsat) or (status == Sat)): return RESULT[status]' status = abstract() ABC('trm') status = process_status(status) if ((status <= Unsat) or status == Error): return RESULT[status] ABC('write backup 1’) K = K +1 if status == Undecided_reduction: status = quick_verify(1) status = process_status(status) if status <= Unsat: if status == Sat: status = final_verify_recur(K-1) return RESULT[status] if n_ands() > 15000: K = 2 else: status = speculate() ABC('trm') status = process_status(status) if ((status == Unsat) or status == Error): return RESULT[status] if status == Sat: K = K-1 else: ABC('write backup 2’) K = K +1 status = final_verify_recur(K) return RESULT[status] Python code

14 14 Example 2 tst22 PIs = 532, POs = 1, FF = 2389, ANDs = 12049 In [6]: prove() Initial: PIs = 532, POs = 1, FF = 2389, ANDs = 12049 Running pre_simp Number of constraints = 3 Forward, quick_simp, scorr_comp, trm: PIs = 532, POs = 1, FF = 2342, ANDs = 11054... Simplify: PIs = 532, POs = 1, FF = 2335, ANDs = 10607 Number of possible phases = 2... Phase abstraction obtained : PIs = 282, POs = 2, FF = 1776, ANDs = 9220 WRITING tst22_smp.aig: PIs = 282, POs = 2, FF = 1776, ANDs = 9220 Running abstract First abstraction: PIs = 1942, POs = 2, FF = 116, ANDs = 2502, max depth = 37 Running simulation iteratively............................................. Iterating BMC or BDD reachability RUNNING bmc3 -C 100000 -T 50.000000 -F 74 No CEX found in 46 frames Latches reduced from 1776 to 116 WRITING tst22_smp_abs.aig: PIs = 600, POs = 2, FF = 116, ANDs = 2502, max depth = 46 Running quick_verify... After trimming: PIs = 587, POs = 2, FF = 116, ANDs = 2380, max depth = 46 RUNNING interpolation with 10000 conflicts, max 20 sec and 100 frames... No success, max_depth = 46

15 15 Example 2 (cont.) Running speculate Running &equiv2 with C = 100000, T = 25.000000 sec., F = 200 -S 1 -R 25 Initial speculation: PIs = 587, POs = 52, FF = 111, ANDs = 1880, max depth = 46 RUNNING simulation iteratively............................................. Iterating BMC or BDD reachability Running bmc3 -C 150000 -T 75.000000 -F 92.000000 CEX in frame 20 for output 40 Spec. Red. Miter: PIs = 587, POs = 48, FF = 115, ANDs = 1937, max depth = 46... Running bmc3 -C 150000 -T 75.000000 -F 92.000000 CEX in frame 20 for output 34 Spec. Red. Miter: PIs = 587, POs = 47, FF = 115, ANDs = 1938, max depth = 46 ……….. Running bmc3 -C 150000 -T 75.000000 -F 92.000000 CEX in frame 33 for output 9 Spec. Red. Miter: PIs = 587, POs = 28, FF = 116, ANDs = 1898, max depth = 46 Running bmc3 -C 150000 -T 75.000000 -F 92.000000 No cex found in 91 frames WRITING tst22_smp_abs_spec.aig: PIs = 477, POs = 28, FF = 116, ANDs = 1898, max depth = 91 Verifying backup number 2: PIs = 477, POs = 28, FF = 116, ANDs = 1898, max depth = 91... RUNNING interpolation with 20000 conflicts, 50 sec, max 100 frames WRITING tst22_smp_abs_spec_final.aig: PIs = 476, POs = 28, FF = 115, ANDs = 1810, max depth = 91 Total time taken by prove = 318.884223 sec. Out[6]: 'UNSAT'

16 16 Super_prove def super_prove(): global max_bmc max_bmc = -1 result = prove(0) if result[range(3)] == ‘UND':# test is result is undecided if n_pos()>1: result = prove_g_pos(0)# prove each output separately if result[range(3)] == 'SAT': # we probably had a bad abstraction result = 'UNDECIDED but reduced' return result If the final result is undecided and there is more than one output caused by speculation, then try to prove each output one at a time. If the final result is undecided and there is more than one output caused by speculation, then try to prove each output one at a time.

17 17 Example 3 IE3 PIs = 30, POs = 1, FF = 965, ANDs = 7408 Executing super_prove Initial: PIs = 30, POs = 1, FF = 965, ANDs = 7408 Running pre_simp Forward, quick_simp, scorr_comp, trm: PIs = 30, POs = 1, FF = 776, ANDs = 7073... Simplify: PIs = 30, POs = 1, FF = 688, ANDs = 5362 WRITING IE3_smp.aig: PIs = 30, POs = 1, FF = 688, ANDs = 5362 Running abstract Start: PIs = 30, POs = 1, FF = 688, ANDs = 5362 Abstraction good to 30 frames First abstraction: PIs = 503, POs = 1, FF = 215, ANDs = 2223, max depth = 30 Running simulation iteratively............................................. Iterating BMC or BDD reachability New abstraction: PIs = 503, POs = 1, FF = 215, ANDs = 2223, max depth = 30 RUNNING bmc3 -C 100000 -T 50.000000 -F 60 No CEX found in 59 frames Latches reduced from 688 to 215 WRITING IE3_smp_abs.aig: PIs = 213, POs = 1, FF = 215, ANDs = 2223, max depth = 59 Running quick_verify... After trimming: PIs = 213, POs = 1, FF = 215, ANDs = 2052, max depth = 59 RUNNING interpolation with 10000 conflicts, max 20 sec and 100 frames... No success, max_depth = 59

18 18 Running speculate Running &equiv2 with C = 100000, T = 25.000000 sec., F = 200 -S 1 -R 25 Initial speculation: PIs = 213, POs = 32, FF = 212, ANDs = 2051, max depth = 59 RUNNING simulation iteratively............................................. Iterating BMC or BDD reachability Running bmc3 -C 150000 -T 75.000000 -F 118.000000 No cex found in 117 frames WRITING IE3_smp_abs_spec.aig: PIs = 213, POs = 32, FF = 212, ANDs = 2051, max depth = 117 Verifying backup number 2: PIs = 213, POs = 32, FF = 212, ANDs = 2051, max depth = 117... RUNNING interpolation with 20000 conflicts, 50 sec, max 100 frames Undecided WRITING IE3_smp_abs_spec_final.aig: PIs = 213, POs = 32, FF = 212, ANDs = 1960, max depth = 117 Time taken = 255.318055 sec. Example 3 (cont.)

19 19 ********** Proving each output separately ************ [4, 5, 7, 8, 28, 30] Reduced POs from 32 to 20 Proving output 19 Initial: PIs = 213, POs = 1, FF = 207, ANDs = 1901 Running pre_simp Forward, quick_simp, scorr_comp, trm: PIs = 212, POs = 1, FF = 197, ANDs = 1899... Simplify: PIs = 212, POs = 1, FF = 197, ANDs = 1890 Running abstract Start: PIs = 212, POs = 1, FF = 197, ANDs = 1890 Abstraction good to 332 frames First abstraction: PIs = 353, POs = 1, FF = 56, ANDs = 780, max depth = 332 Running simulation iteratively............................................. Iterating BMC or BDD reachability New abstraction: PIs = 353, POs = 1, FF = 56, ANDs = 780, max depth = 332 RUNNING bmc3 -C 100000 -T 50.000000 -F 664 No CEX found in 663 frames Latches reduced from 197 to 56 Running quick_verify... After trimming: PIs = 217, POs = 1, FF = 56, ANDs = 744, max depth = 663 RUNNING interpolation with 10000 conflicts, max 20 sec and 100 frames Interpolation went to in 663 frames Time for proof = 14.821251 sec. ******** PROVED OUTPUT 19 ******** …. Example 3 (cont.)

20 20 … Time for proof = 7.381485 sec. ******** PROVED OUTPUT 1 ******** Proving output 0 Initial: PIs = 213, POs = 1, FF = 207, ANDs = 1902 Forward, quick_simp, scorr_comp, trm: PIs = 212, POs = 1, FF = 197, ANDs = 1900... Simplify: PIs = 212, POs = 1, FF = 197, ANDs = 1891 Running abstract First abstraction: PIs = 385, POs = 1, FF = 24, ANDs = 305, max depth = 230 Running simulation iteratively............................................. Iterating BMC or BDD reachability New abstraction: PIs = 385, POs = 1, FF = 24, ANDs = 305, max depth = 230 RUNNING bmc3 -C 100000 -T 50.000000 -F 460 No CEX found in 459 frames Latches reduced from 197 to 24 Running quick_verify... After trimming: PIs = 102, POs = 1, FF = 24, ANDs = 293, max depth = 459 RUNNING interpolation with 6387 conflicts, max 12 sec and 100 frames Interpolation went to in 459 frames Time for proof = 18.021230 sec. ******** PROVED OUTPUT 0 ******** Proved all outputs. The problem is proved UNSAT Total time = 560.434390 sec. Total time taken by super_prove = 815.753979 sec. Out[12]: 'UNSAT' Example 3 (cont.)

21 21 Verification Engines (Overview) Simplifiers Simplifiers Combinational synthesis Combinational synthesis Sequential synthesis Sequential synthesis Reparametrization (not used currently) Reparametrization (not used currently) Retiming Retiming Bug-hunters Bug-hunters random simulation random simulation bounded model checking (BMC) bounded model checking (BMC) hybrid of simulation and BMC (“semi-formal”) hybrid of simulation and BMC (“semi-formal”) BDD reachability BDD reachability Provers Provers K-step induction, with or without constraints K-step induction, with or without constraints Interpolation (over-approximate reachability) Interpolation (over-approximate reachability) BDDs (exact reachability) BDDs (exact reachability) Explicit state space enumeration (‘era’) Explicit state space enumeration (‘era’)

22 22 Verification Engines (Details) Induction Induction Interpolation Interpolation Abstraction Abstraction Counterexample guided (CBA) Counterexample guided (CBA) Proof based (PBA) Proof based (PBA) Speculative reduction Speculative reduction BDD-based reachability BDD-based reachability

23 23 Inductive Case Proving internal equivalences in a topological order in frame K A B SAT-1 D C SAT-2 A B D C A B D C Assuming internal equivalences to in uninitialized frames 0 through K-1 0 0 0 0 ? ? Symbolic state PI 0 PI 1 PI k A B SAT-3 D C SAT-4 A B SAT-1 D C SAT-2 ? ? ? ? PI 0 PI 1 Initial state Candidate equivalences: {A,B}, {C,D} Proving internal equivalences in initialized frames 0 through K-1 Induction Base Case

24 24 Interpolation Input: Sequential AIG with single output representing a property Input: Sequential AIG with single output representing a property Property holds when the output is 0 Property holds when the output is 0 Method: Over-approximate reachability analysis Method: Over-approximate reachability analysis Using over-approximations, instead of exact sets of reachable states Using over-approximations, instead of exact sets of reachable states Output: Proof that the property holds Output: Proof that the property holds Implementation: A sequence of SAT calls on unrolled time-frames that is similar to bounded model checking Implementation: A sequence of SAT calls on unrolled time-frames that is similar to bounded model checking T1T1 T2T2 T3T3 TnTn  I k+1 P=1 IkIk B A

25 25 Abstraction Replace some FFs by primary inputs Replace some FFs by primary inputs Produces an abstracted model (more behavior) Produces an abstracted model (more behavior) The abstracted model is often easier to prove The abstracted model is often easier to prove If a counter-example (CEX) is detected, the abstraction is refined by analyzing CEX and try again If a counter-example (CEX) is detected, the abstraction is refined by analyzing CEX and try again Use a combination of CBA and PBA Use a combination of CBA and PBA Start with the empty set of flops (all made PIs) Start with the empty set of flops (all made PIs) Add just enough flops to prevent detected counter-example (CBA) Add just enough flops to prevent detected counter-example (CBA) Remove flops that are not needed in the proof of UNSAT (PBA) Remove flops that are not needed in the proof of UNSAT (PBA) This approach can be efficiently implemented in a single instance of the SAT solver (see ref.) This approach can be efficiently implemented in a single instance of the SAT solver (see ref.) N. Een, A. Mishchenko, and N. Amla, "A single-instance incremental SAT formulation of proof- and counterexample-based abstraction". Proc. IWLS'10.

26 26 Speculative Reduction Detect candidate sequential equivalences in the miter Detect candidate sequential equivalences in the miter Done first by simulation Done first by simulation Refined by BMC Refined by BMC Assume these equivalences are true Assume these equivalences are true Merge fanouts, rehash logic, add XORs to create new POs Merge fanouts, rehash logic, add XORs to create new POs The result is a Speculatively Reduced Model (SRM) The result is a Speculatively Reduced Model (SRM) SRM is UNSAT iff all candidate equivalences hold! SRM is UNSAT iff all candidate equivalences hold! SRM has a different circuit structure SRM has a different circuit structure SRM is often easier to prove SRM is often easier to prove A B Adding assumptions without speculative reduction 0 A B Adding assumptions with speculative reduction 0

27 27 BDD-based reachability is an important backend of the verification flow BDD-based reachability is an important backend of the verification flow Used also to find CEX’s Used also to find CEX’s Several ideas, old and new, can be put together to implement a new improved engine Several ideas, old and new, can be put together to implement a new improved engine Long live BDDs! Long live BDDs! BDD-Based Reachability BDD-Based Reachability BDD

28 28 Future Work Vastly improved BDD engine Vastly improved BDD engine Ours is quite weak at the moment Ours is quite weak at the moment We have a better one but not integrated yet We have a better one but not integrated yet Will have a much better one in a few weeks. Will have a much better one in a few weeks. Improved interpolation engine Improved interpolation engine Improved speculation engine Improved speculation engine One SAT solver, with each speculation holding for a certain number of time frames One SAT solver, with each speculation holding for a certain number of time frames Improved circuit-based SAT solver Improved circuit-based SAT solver Can work on larger circuits with improved quality Can work on larger circuits with improved quality

Download ppt "Sequential Verification Overview Robert Brayton UC Berkeley."

Similar presentations

Exploiting SAT solvers in unbounded model checking K. L. McMillan Cadence Berkeley Labs.

Exploiting SAT solvers in unbounded model checking K. L. McMillan Cadence Berkeley Labs.
Efficient Implementation of Property Directed Reachability Niklas Een, Alan Mishchenko, Robert Brayton.

Efficient Implementation of Property Directed Reachability Niklas Een, Alan Mishchenko, Robert Brayton.
Recording Synthesis History for Sequential Verification Robert Brayton Alan Mishchenko UC Berkeley.

Recording Synthesis History for Sequential Verification Robert Brayton Alan Mishchenko UC Berkeley.
Aaron Bradley University of Colorado, Boulder

Aaron Bradley University of Colorado, Boulder
ECE 667 - Synthesis & Verification 1 ECE 667 Synthesis and Verification of Digital Systems Formal Verification Combinational Equivalence Checking.

ECE Synthesis & Verification 1 ECE 667 Synthesis and Verification of Digital Systems Formal Verification Combinational Equivalence Checking.
SAT and Model Checking. Bounded Model Checking (BMC) A.I. Planning problems: can we reach a desired state in k steps? Verification of safety properties:

SAT and Model Checking. Bounded Model Checking (BMC) A.I. Planning problems: can we reach a desired state in k steps? Verification of safety properties:
BVSRC Berkeley Verification and Synthesis Research Center UC Berkeley

BVSRC Berkeley Verification and Synthesis Research Center UC Berkeley
Introduction to Logic Synthesis Alan Mishchenko UC Berkeley.

Introduction to Logic Synthesis Alan Mishchenko UC Berkeley.
Formal Verification Group © Copyright IBM Corporation 2008 IBM Haifa Labs SAT-based unbounded model checking using interpolation Based on a paper “Interpolation.

Formal Verification Group © Copyright IBM Corporation 2008 IBM Haifa Labs SAT-based unbounded model checking using interpolation Based on a paper “Interpolation.
1 FRAIGs: Functionally Reduced And-Inverter Graphs Adapted from the paper “FRAIGs: A Unifying Representation for Logic Synthesis and Verification”, by.

1 FRAIGs: Functionally Reduced And-Inverter Graphs Adapted from the paper “FRAIGs: A Unifying Representation for Logic Synthesis and Verification”, by.
ECE 667 - Synthesis & Verification - L211 ECE 697B (667) Spring 2006 Synthesis and Verification of Digital Systems Verification Equivalence checking.

ECE Synthesis & Verification - L211 ECE 697B (667) Spring 2006 Synthesis and Verification of Digital Systems Verification Equivalence checking.
DAG-Aware AIG Rewriting Alan Mishchenko, Satrajit Chatterjee, Robert Brayton Department of EECS, University of California Berkeley Presented by Rozana.

DAG-Aware AIG Rewriting Alan Mishchenko, Satrajit Chatterjee, Robert Brayton Department of EECS, University of California Berkeley Presented by Rozana.
11.7.2005 Computing Over­Approximations with Bounded Model Checking Daniel Kroening ETH Zürich.

Computing Over­Approximations with Bounded Model Checking Daniel Kroening ETH Zürich.
Automated Extraction of Inductive Invariants to Aid Model Checking Mike Case DES/CHESS Seminar EECS Department, UC Berkeley April 10, 2007.

Automated Extraction of Inductive Invariants to Aid Model Checking Mike Case DES/CHESS Seminar EECS Department, UC Berkeley April 10, 2007.
7/13/2003BMC 20031 A SAT-Based Approach to Abstraction Refinement in Model Checking Bing Li, Chao Wang and Fabio Somenzi University of Colorado at Boulder.

7/13/2003BMC A SAT-Based Approach to Abstraction Refinement in Model Checking Bing Li, Chao Wang and Fabio Somenzi University of Colorado at Boulder.
Electrical and Computer Engineering Archana Rengaraj ABC Logic Synthesis basics ECE 667 Synthesis and Verification of Digital Systems Spring 2011.

Electrical and Computer Engineering Archana Rengaraj ABC Logic Synthesis basics ECE 667 Synthesis and Verification of Digital Systems Spring 2011.
Enhancing and Integrating Model Checking Engines Robert Brayton Alan Mishchenko UC Berkeley June 15, 2009.

Enhancing and Integrating Model Checking Engines Robert Brayton Alan Mishchenko UC Berkeley June 15, 2009.
1 Alan Mishchenko UC Berkeley Implementation of Industrial FPGA Synthesis Flow Revisited.

1 Alan Mishchenko UC Berkeley Implementation of Industrial FPGA Synthesis Flow Revisited.
Scalable and Scalably-Verifiable Sequential Synthesis Alan Mishchenko Mike Case Robert Brayton UC Berkeley.

Scalable and Scalably-Verifiable Sequential Synthesis Alan Mishchenko Mike Case Robert Brayton UC Berkeley.
Incremental formal verification of hardware Hana Chockler Alexander Ivrii Arie Matsliah Shiri Moran Ziv Nevo IBM Research - Haifa.

Incremental formal verification of hardware Hana Chockler Alexander Ivrii Arie Matsliah Shiri Moran Ziv Nevo IBM Research - Haifa.

Similar presentations

Ads by Google