Presentation is loading. Please wait.

Presentation is loading. Please wait.

Copyright 2000 Cadence Design Systems. Permission is granted to reproduce without modification. Introduction An overview of formal methods for hardware.

Published bySteven Hammond Modified over 10 years ago

Similar presentations

Presentation on theme: "Copyright 2000 Cadence Design Systems. Permission is granted to reproduce without modification. Introduction An overview of formal methods for hardware."— Presentation transcript:

1 Copyright 2000 Cadence Design Systems. Permission is granted to reproduce without modification. Introduction An overview of formal methods for hardware verification

2 Copyright 2000 Cadence Design Systems. Permission is granted to reproduce without modification. What is formal verification? Formal means two things: –A mathematical (not English) specification –An exhaustive verification method (not simulation) Sometimes semiformal is used to mean… –Formal specification, but not verification, or –Nothing formal, but using similar algorithms. We wont cover semiformal methods here.

3 Copyright 2000 Cadence Design Systems. Permission is granted to reproduce without modification. Formal methods Informal simulation methodology... simulator system vectors 01011... (observe output) Semiformal simulation methodology... simulator system vectors 01011... ? properties Formal verification methodology... verifier system properties yes/no/?

4 Copyright 2000 Cadence Design Systems. Permission is granted to reproduce without modification. Systems and properties Example system –(model of) bus arbiter circuit Example properties –No two requesters ackd at same time –If request, then eventually grant An FV system must have a way to formalize the properties, and to prove system specification

5 Copyright 2000 Cadence Design Systems. Permission is granted to reproduce without modification. Axes for formal methods Increased expressiveness –handle a broader class of properties –handle a broader class of systems Automation –handle larger, more complex systems automatically Scalability –break large objects into small objects –prove properties of smaller objects Consider some verification approaches...

6 Copyright 2000 Cadence Design Systems. Permission is granted to reproduce without modification. Symbolic simulation Simulate with boolean formulas, not 0/1/X Example system: Example property: x = a b c a b c x=(a b) c Verification engine: boolean equivalence (hard!) Why is this formal verification?

7 Copyright 2000 Cadence Design Systems. Permission is granted to reproduce without modification. Simulating sequential circuits r z Property: if r 0 =a, z 0 =b, z 1 =c then r 2 = a b c Symbolic evaluation: r 0 = a r 1 = a b r 2 = (a b) c Limitation: can only specify a fixed finite sequence

8 Copyright 2000 Cadence Design Systems. Permission is granted to reproduce without modification. Model checking Verification engine: state space search (even harder!) Advantage: greater expressiveness (but model must still be finite-state) MC G(req -> F ack) yes no/counterexample: req ack req ack properties: G (ack 1 ack 2 ) system:

9 Copyright 2000 Cadence Design Systems. Permission is granted to reproduce without modification. First order decision procedures Handles even non-finite-state systems Used to verify pipeline equivalence Cannot handle temporal properties decision procedure formula: f(x)=x f(f(x))=x valid not valid

10 Copyright 2000 Cadence Design Systems. Permission is granted to reproduce without modification. Increasing automation Handle larger, more complex systems Boolean case –Binary decision diagrams Boolean equivalence in symbolic simulation Symbolic model checking –SAT solvers State space reduction techniques –partial order, symmetry, etc. Fast decision procedures Very hot research topics in last decade, but still do not scale to large systems.

11 Copyright 2000 Cadence Design Systems. Permission is granted to reproduce without modification. Scaling up The compositional approach: –Break large verification problems into smaller, localized problems. –Verify the smaller problems using automated methods. –Verify that smaller problems together imply larger problem.

12 Copyright 2000 Cadence Design Systems. Permission is granted to reproduce without modification. Example -- equivalence checkers Identify corresponding registers Show corresponding logic cones equivalent –Note: logic equivalence symbolic simulation Infer sequential circuits equivalent circuit Acircuit B That is, local properties global property

13 Copyright 2000 Cadence Design Systems. Permission is granted to reproduce without modification. Compositional systems Automation handles small sub-problems Proof decomposition usually manual Equivalence Checkers Symbolic Simulation STE Proof Assistants Decision procedures Model Checking This approach is necessary to scale up!

14 Copyright 2000 Cadence Design Systems. Permission is granted to reproduce without modification. Abstraction Hide details not necessary to prove property Two basic approaches –Build abstract models manually –Use abstract interpretation of original model system abstract model property abstraction relation property

15 Copyright 2000 Cadence Design Systems. Permission is granted to reproduce without modification. Examples of abstraction Hiding some components of system Using X value in symbolic simulation One-address/data abstractions Instruction-set architecture models All are meant to reduce the complexity of the system so that we can simplify the verification problem for automatic tools.

16 Copyright 2000 Cadence Design Systems. Permission is granted to reproduce without modification. Decomposition and abstraction Abstractions are relative to property Decomposition means we can hide more information. Decomposed properties are often relative to abstract reference models. property decomposition verification abstraction

17 Copyright 2000 Cadence Design Systems. Permission is granted to reproduce without modification. Tutorial outline Model checking –temporal logics, automata and algorithms Abstraction techniques –state space reductions Binary decision diagrams –heuristically efficient model checking Compositional methodology –techniques for scaling up Conclusion –where to go next

Download ppt "Copyright 2000 Cadence Design Systems. Permission is granted to reproduce without modification. Introduction An overview of formal methods for hardware."

Similar presentations

Model Checking Base on Interoplation

Model Checking Base on Interoplation
1 Verification by Model Checking. 2 Part 1 : Motivation.

1 Verification by Model Checking. 2 Part 1 : Motivation.
Copyright 2000 Cadence Design Systems. Permission is granted to reproduce without modification. Compositional methods Scaling up to large systems.

Copyright 2000 Cadence Design Systems. Permission is granted to reproduce without modification. Compositional methods Scaling up to large systems.
The behavior of SAT solvers in model checking applications K. L. McMillan Cadence Berkeley Labs.

The behavior of SAT solvers in model checking applications K. L. McMillan Cadence Berkeley Labs.
Exploiting SAT solvers in unbounded model checking

Exploiting SAT solvers in unbounded model checking
Functional Decompositions for Hardware Verification With a few speculations on formal methods for embedded systems Ken McMillan.

Functional Decompositions for Hardware Verification With a few speculations on formal methods for embedded systems Ken McMillan.
Copyright 2000 Cadence Design Systems. Permission is granted to reproduce without modification. Conclusion Summary Research trends Resources.

Copyright 2000 Cadence Design Systems. Permission is granted to reproduce without modification. Conclusion Summary Research trends Resources.
1 Verification of Infinite State Systems by Compositional Model Checking Ken McMillan Cadence Berkeley Labs.

1 Verification of Infinite State Systems by Compositional Model Checking Ken McMillan Cadence Berkeley Labs.
Modeling issues Book: chapters 4.12, 5.4, 8.4, 10.1.

Modeling issues Book: chapters 4.12, 5.4, 8.4, 10.1.
Auto-Generation of Test Cases for Infinite States Reactive Systems Based on Symbolic Execution and Formula Rewriting Donghuo Chen School of Computer Science.

Auto-Generation of Test Cases for Infinite States Reactive Systems Based on Symbolic Execution and Formula Rewriting Donghuo Chen School of Computer Science.
Translation-Based Compositional Reasoning for Software Systems Fei Xie and James C. Browne Robert P. Kurshan Cadence Design Systems.

Translation-Based Compositional Reasoning for Software Systems Fei Xie and James C. Browne Robert P. Kurshan Cadence Design Systems.
Introduction to Formal Methods for SW and HW Development 09: SAT Based Abstraction/Refinement in Model-Checking Roberto Sebastiani Based on work and slides.

Introduction to Formal Methods for SW and HW Development 09: SAT Based Abstraction/Refinement in Model-Checking Roberto Sebastiani Based on work and slides.
Introducing Formal Methods, Module 1, Version 1.1, Oct., 1998 1 Formal Specification and Analytical Verification L 5.

Introducing Formal Methods, Module 1, Version 1.1, Oct., Formal Specification and Analytical Verification L 5.
1 Model checking. 2 And now... the system How do we model a reactive system with an automaton ? It is convenient to model systems with Transition systems.

1 Model checking. 2 And now... the system How do we model a reactive system with an automaton ? It is convenient to model systems with Transition systems.
Automatic Verification Book: Chapter 6. What is verification? Traditionally, verification means proof of correctness automatic: model checking deductive:

Automatic Verification Book: Chapter 6. What is verification? Traditionally, verification means proof of correctness automatic: model checking deductive:
An Introduction to the Model Verifier verds Wenhui Zhang September 15 th, 2010.

An Introduction to the Model Verifier verds Wenhui Zhang September 15 th, 2010.
Model Checking I What are LTL and CTL?. and or dreq q0 dack q0bar.

Model Checking I What are LTL and CTL?. and or dreq q0 dack q0bar.
Model Checking : Making Automatic Formal Verification Scale Shaz Qadeer EECS Department University of California at Berkeley.

Model Checking : Making Automatic Formal Verification Scale Shaz Qadeer EECS Department University of California at Berkeley.
ECE 667 - Synthesis & Verification 1 ECE 667 Synthesis and Verification of Digital Systems Formal Verification Combinational Equivalence Checking.

ECE Synthesis & Verification 1 ECE 667 Synthesis and Verification of Digital Systems Formal Verification Combinational Equivalence Checking.
Efficient Reachability Analysis for Verification of Asynchronous Systems Nishant Sinha.

Efficient Reachability Analysis for Verification of Asynchronous Systems Nishant Sinha.

Similar presentations

Ads by Google