formal hardware verification some key ideas
play

Formal Hardware Verification (some key ideas) Mary Sheeran - PDF document

Nov 16, 2023 •176 likes •402 views

4/3/2008 Formal Hardware Verification (some key ideas) Mary Sheeran Idealised Flow High level Not formal 1 4/3/2008 Idealised Flow High level Not formal Equally high level Formal spec. Math, expressive logic Idealised Flow High level

  1. 4/3/2008 Formal Hardware Verification (some key ideas) Mary Sheeran Idealised Flow High level Not formal 1

  2. 4/3/2008 Idealised Flow High level Not formal Equally high level Formal spec. Math, expressive logic Idealised Flow High level Not formal Equally high level Formal spec. Math, expressive logic Specification Validation Not a formal process (big demand for tools that assist) 2

  3. 4/3/2008 Refinement Formal spec. (inc. Constraints) Formal spec. Formal spec. (inc. Constraints) (inc. Constraints) Refinement Formal spec. (inc. Constraints) Proof Mechanically checked Formal spec. Formal spec. (inc. Constraints) (inc. Constraints) 3

  4. 4/3/2008 Proof by induction Formal spec. (inc. Constraints) n . . . . n and so on recursively …. Stop when reach library components that have physical implementation(s) 4

  5. 4/3/2008 Design verification Run proof from bottom up Formal spec. MODEL of the system Pros Hierarchy is a (the?) way to manage complexity. Scalable. This approach can span abstraction levels and in particular can start high up close to the original informal spec. The proof is based on the circuit structure It is mechanically checked. Can prove generic (or parameterised) systems. (One proof gives a lot.) 5

  6. 4/3/2008 Cons Interactive theorem proving is difficult and time- consuming (often tedious too) May need the lowest level components to be rather abstract to make it feasible Hard to make the link to the very low level physical details. Risk leaving a gap to what is actually implemented Idealised Implementation Keep exact structure Conservative design rules used to ensure that the abstract behaviour of the silicon is faithfully reflected in the system model Link between implementation and design is checked in Implementation verification Remember that the model captures only a simplified version of the behaviour. Usually only function 6

  7. 4/3/2008 Implementation verification Often done by extracting a model from the actual layout (look in it to find where the transistors or gates are and how they are connected) Make a model of this result and compare with the design (using Equivalence Checking (EC)) To make this feasible the design (golden model) has to be close to the actual implementation Post-silicon verification Did the manufacturing work? Very Hard because have few pins for pumping data in and out (Formal methods used here too, more needed) 7

  8. 4/3/2008 Specification validation (not formal) Design Verification Implementation Verification Post-silicon Verification Reality gets in the way  Pipelining State encoding Physical design messes up logical structure Optimisations Spec. is dragged downwards 8

  9. 4/3/2008 What can we do?? Aim for automation (bit level) Find niches where formal methods work well Use assertions / properties first in sim. and then in FV Idea 1: make simulators a little cleverer Symbolic simulation Take a simulator (can be quite low level, accurate one) Make it work not only on 0, 1, X (unknown) (or a larger group of constants) but ALSO on symbols 9

  10. 4/3/2008 Ordinary simulation xor ? 0 0 simulation 1 0 1 0 10

  11. 4/3/2008 simulation 1 0 1 1 0 0 simulation 1 0 1 0 1 0 1 0 11

  12. 4/3/2008 simulation 1 0 1 0 0 1 0 1 4 runs to check exhaustively 0 Q: how many for n inputs? Symbolic simulation Idea 1 Use X values 0 0 Halves number of sim. runs! X Why? 12

  13. 4/3/2008 Symbolic simulation Idea 1 Use X values 0 0 Halves number of sim. runs! X BUT may lose information 1 X (try on xor example) X Symbolic simulation Idea 2 Use symbolic values 1 a Think of giving input values names a rather than constant values Build up an expression in terms of (some of the) inputs a ¬a May Rep. Using Binary Decision Diagrams (BDDs) 13

  14. 4/3/2008 Symbolic simulation 1 a Symbolic simulation 1 0 a ¬a 14

  15. 4/3/2008 Symbolic simulation 1 0 0 a ¬a a Symbolic simulation 1X X 0 1 0 1 a ¬a ¬a 1a ¬a ¬a a 15

  16. 4/3/2008 Symbolic simulation Widely used (applies also to sequential circuits) Forms basis of model checking method called Symbolic Trajectory Evaluation (STE) User must make judicious choice of 0,1 X a, b, … X halves sim runs, but may result in X at a point vital to the verification Symbolic variable halves sim. runs without losing info. BUT BDD somewhere in the sim. may grow too big Questions? 16

  17. 4/3/2008 Binary Decision Diagrams Vital enabling technology Data structure for representing a Boolean function (current form introduced by Bryant, known earlier) Canonical form (constant time comparison) Used in Symbolic Model Checking Ordered Decision Tree ab + cd a (a b) (c d) 0 1 b b 0 1 0 1 c c c c 0 1 0 1 0 1 0 1 d d d d d d d d 0 0 0 1 0 0 0 1 0 0 0 1 1 1 1 1 17

  18. 4/3/2008 Ordered Decision Tree ab + cd a (a b) (c d) 0 1 b b 0 1 0 1 c c c c 0 1 0 1 0 1 0 1 d d d d d d d d 0 0 0 1 0 0 0 1 0 0 0 1 1 1 1 1 Every path from root to leaf obeys the variable ordering (a,b,c,d) Ordered Decision Tree ab + cd a (a b) (c d) 0 1 b b 0 1 0 1 c c c c 0 1 0 1 0 1 0 1 d d d d d d d d 0 0 0 1 0 0 0 1 0 0 0 1 1 1 1 1 Every path from root to leaf obeys the variable ordering (a,b,c,d) 18

  19. 4/3/2008 a b c d 0 0 0 0 0 0 0 0 0 0 0 1 0 d 0 1 0 1 0 1 0 1 0 0 1 0 0 0 0 1 1 1 c 0 1 0 1 d 1 0 0 0 b . . . d c 0 1 d 1 0 0 0 a d c d 1 1 b d 1 1 c d 1 truth table To get OBDD Combine isomorphic subtrees (same label, same children) Eliminate redundant nodes (those with two identical children) until no more reductions possible Tree becomes a graph 19

  20. 4/3/2008 (O)BDD ab + cd (a b) (c d) a 1 0 b 0 c 1 0 d 0 1 0 1 ( Make (O)BDD for x y z is xor 20

  21. 4/3/2008 Above method just conceptual In reality generated and manipulated in fully reduced form Sharing exploited everywhere (hashing) Efficient (polynomial time) algorithms for all usual operations (and, or etc., quantification) Representation is canonical (for a given variable ordering) Pros Comparing Boolean functions cheap [could use for what?] Many small and usual functions have small BDDs [example parity above How big BDD for n inputs? Exercise: How would it look in Conjunctive Normal Form (CNF)?] 21

  22. 4/3/2008 Cons Some usual and important functions have GIGANTIC BDDs Q: How big is the BDD for a 16-bit binary multiplier? Shifters are also problematic Getting the variable order right is vital Can make the difference between linear and exponential size! Next Step Model checking (week after next) 22

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Formal Hardware Verification: getting started Mary Sheeran Making Formal Verification work Aim

Formal Hardware Verification: getting started Mary Sheeran Making Formal Verification work Aim

Formal Hardware Verification: getting started Mary Sheeran Making Formal Verification work Aim for automation (bit level) Find niches where formal methods work well Use assertions/ properties first in sim. and then in FV (the acronym is ABV,

1.14k views • 65 slides
Hardware description and verification Getting hardware designs right [using ideas from computer

Hardware description and verification Getting hardware designs right [using ideas from computer

Hardware description and verification Getting hardware designs right [using ideas from computer science] TECHNICAL VHDL PSL Gaislers 2 process method Writing VHDL code CTL (LTL) .... PSL circuit

386 views • 14 slides
Hardware description and verification http://www.cse.chalmers.se/edu/course/TDA956/ Getting

Hardware description and verification http://www.cse.chalmers.se/edu/course/TDA956/ Getting

3/21/2011 Hardware description and verification http://www.cse.chalmers.se/edu/course/TDA956/ Getting hardware designs right [using ideas from computer science] Mary Sheeran Verification Design verification is the task of establishing that a

598 views • 15 slides
Hardware description and verification http://www.cse.chalmers.se/edu/course/TDA956/ Getting

Hardware description and verification http://www.cse.chalmers.se/edu/course/TDA956/ Getting

Hardware description and verification http://www.cse.chalmers.se/edu/course/TDA956/ Getting hardware designs right [using ideas from computer science] Mary Sheeran Verification Design verification is the task of establishing that a given

756 views • 30 slides
SymbiYosys Formal Hardware Verification with OpenSource Tools Clifford Wolf Symbiotic EDA

SymbiYosys Formal Hardware Verification with OpenSource Tools Clifford Wolf Symbiotic EDA

SymbiYosys Formal Hardware Verification with OpenSource Tools Clifford Wolf Symbiotic EDA Yosys, Yosys-SMTBMC, SymbiYosys Yosys FOSS Verilog Synthesis tool and more highly flexible, customizable using scripts Formal

600 views • 35 slides
Formal verification of low-level execution platforms Apps OS Hardware Host 1 Motivations

Formal verification of low-level execution platforms Apps OS Hardware Host 1 Motivations

Roberto Guanciale Estonian Winter School Day 02 Formal verification of low-level execution platforms Apps OS Hardware Host 1 Motivations Apps Crypto Service OS Hypervisor/ Separation Kernel Hardware Host 1 Motivations Separation

850 views • 63 slides
Model-Checking Acknowledgment Formal Verification Formal verification means to apply

Model-Checking Acknowledgment Formal Verification Formal verification means to apply

Model-Checking Acknowledgment Formal Verification Formal verification means to apply mathematical arguments to prove the correctness of systems Systems have bugs Formal verification aims to find and correct such bugs Why? Computer systems

1.42k views • 122 slides
Formal Verification and Computer Architecture A Validated Formal Model of the x86 ISA for

Formal Verification and Computer Architecture A Validated Formal Model of the x86 ISA for

Formal Verification and Computer Architecture A Validated Formal Model of the x86 ISA for Analyzing Computing Systems Shilpi Goel shilpi@centtech.com Formal Verification Engineer Centaur Technology, Inc. Software and Reliability Can we rely

1.14k views • 78 slides
based Hardware Verification Makai Mann, Clark Barrett Hardware Verification SAT is king

based Hardware Verification Makai Mann, Clark Barrett Hardware Verification SAT is king

Finding Critical Clauses in SMT- based Hardware Verification Makai Mann, Clark Barrett Hardware Verification SAT is king Still faces scaling issues, particularly for data-path properties Satisfiability Modulo Theories (SMT) can

605 views • 5 slides
Formal Verification in Industry John Harrison Intel Corporation The cost of bugs Formal

Formal Verification in Industry John Harrison Intel Corporation The cost of bugs Formal

Formal Verification in Industry 1 Formal Verification in Industry John Harrison Intel Corporation The cost of bugs Formal verification Machine-checked proof Automatic and interactive approaches HOL Light Floating point

366 views • 25 slides
Verification of Industry Code : Challenges R Venkatesh r.venky@tcs.com 1 Overview Focus of

Verification of Industry Code : Challenges R Venkatesh r.venky@tcs.com 1 Overview Focus of

Verification of Industry Code : Challenges R Venkatesh r.venky@tcs.com 1 Overview Focus of talk Scalability problems in industry code Ideas we are exploring Formal verification @ TRDDC Apply academic ideas to address

174 views • 13 slides
Introduction to Formal Analysis Mark Greenstreet CpSc 513 Term 1, 2015/16 Formal

Introduction to Formal Analysis Mark Greenstreet CpSc 513 Term 1, 2015/16 Formal

Introduction to Formal Analysis Mark Greenstreet CpSc 513 Term 1, 2015/16 Formal verification uses algorithms to rigorously prove properties of hardware or software design. 20 years ago, we had the FDIV bug: 42.0 / 7.0 = 8.0 Formal

576 views • 6 slides
Formal Verification of Floating-Point Arithmetic John Harrison Intel Corporation Formal

Formal Verification of Floating-Point Arithmetic John Harrison Intel Corporation Formal

Formal Verification of Floating-Point Arithmetic 1 Formal Verification of Floating-Point Arithmetic John Harrison Intel Corporation Formal verification Machine-checked proof Automatic and interactive approaches HOL Light

539 views • 19 slides
Formal Verification of Mathematical Algorithms John Harrison Intel Corporation The cost of

Formal Verification of Mathematical Algorithms John Harrison Intel Corporation The cost of

Formal Verification of Mathematical Algorithms 1 Formal Verification of Mathematical Algorithms John Harrison Intel Corporation The cost of bugs Formal verification Levels of verification HOL Light Formalizing mathematics

353 views • 19 slides
Formal Verification of RISC-V cores with riscv-formal Clifford Wolf CTO, Symbiotic EDA

Formal Verification of RISC-V cores with riscv-formal Clifford Wolf CTO, Symbiotic EDA

Formal Verification of RISC-V cores with riscv-formal Clifford Wolf CTO, Symbiotic EDA http://www.clifford.at/papers/2018/riscv-formal/ About assertion based formal verification (formal ABV) Assertion based verification (ABV) Uses

781 views • 39 slides
Formal Verification with Yosys-SMTBMC Clifford Wolf Yosys Flows Synthesis Formal

Formal Verification with Yosys-SMTBMC Clifford Wolf Yosys Flows Synthesis Formal

Formal Verification with Yosys-SMTBMC Clifford Wolf Yosys Flows Synthesis Formal Verification Yosys-STMBMC iCE40 FPGAs Bounded Model Checking (Project IceStorm) Using any SMT-LIB2 solver (using QF_AUFBV logic) Xilinx

706 views • 56 slides
GENE Training D. R. Hatch Oct. 2018 ICTP, Trieste, IT Ge=ng GENE Go to genecode.org

GENE Training D. R. Hatch Oct. 2018 ICTP, Trieste, IT Ge=ng GENE Go to genecode.org

GENE Training D. R. Hatch Oct. 2018 ICTP, Trieste, IT Ge=ng GENE Go to genecode.org Register Follow instrucDons in registraDon email DocumentaDon is in doc directory in GENE folder 2 Many GyrokineDc Codes with Different

350 views • 18 slides
THE CASIMIR EFFECT J. Cugnon University of Lige The Max BORN Symposium, Wroclaw, 9-11 July

THE CASIMIR EFFECT J. Cugnon University of Lige The Max BORN Symposium, Wroclaw, 9-11 July

IFPA, AGO Department University of Lige THE CASIMIR EFFECT J. Cugnon University of Lige The Max BORN Symposium, Wroclaw, 9-11 July 2009 Dark energy The Casimir effect as a manifestation of quantum vacuum energy Dependence upon

344 views • 22 slides
Higgsing the stringy higher spin symmetry Ida Zadeh Brandeis University All about AdS 3 workshop

Higgsing the stringy higher spin symmetry Ida Zadeh Brandeis University All about AdS 3 workshop

Higgsing the stringy higher spin symmetry Ida Zadeh Brandeis University All about AdS 3 workshop ETH Z urich November 19, 2015 Based on: M. R. Gaberdiel, C. Peng, and IGZ, 1506.02045 Stringy symmetries at tensionless point In the context of

708 views • 29 slides
Testing K. Jarrod Millman Helen Wills Neuroscience Institute University of California, Berkeley

Testing K. Jarrod Millman Helen Wills Neuroscience Institute University of California, Berkeley

Overview Examples in Python Testing K. Jarrod Millman Helen Wills Neuroscience Institute University of California, Berkeley millman@berkeley.edu Applied Mathematics Perspectives 2011 Reproducible Research: Tools and Strategies for Scientific

750 views • 37 slides
Semi-supervised Object Detector Learning from Minimal Labels Sudeep Pillai December 12, 2012

Semi-supervised Object Detector Learning from Minimal Labels Sudeep Pillai December 12, 2012

Semi-supervised Object Detector Learning from Minimal Labels Sudeep Pillai December 12, 2012 Abstract While traditional machine learning approaches to classification involve using a substantial training phase with significant number of training

722 views • 12 slides
Aqueous Durability of Glasses New Approaches Thorsten Geisler(-Wierwille) Steinmann

Aqueous Durability of Glasses New Approaches Thorsten Geisler(-Wierwille) Steinmann

Aqueous Durability of Glasses New Approaches Thorsten Geisler(-Wierwille) Steinmann Institute , University of Bonn, Germany int ICTP-IAEA Workshop Triest (6.11.-10.11.2017) tgeisler@uni-bon int ICTP-IAEA Workshop Triest

1.02k views • 47 slides
Accelerator Physics 1 Speaker-email February 6, 2017 1.2 Accelerator Physics Outline WBS

Accelerator Physics 1 Speaker-email February 6, 2017 1.2 Accelerator Physics Outline WBS

Page Headline Accelerator Physics 1 Speaker-email February 6, 2017 1.2 Accelerator Physics Outline WBS dictionary Basis of estimate Overview of Cost estimate Labor, materials, burden rates & costs, contingency Overview of

276 views • 14 slides
Nuclear reac)ons at astrophysical energies with -ray

Nuclear reac)ons at astrophysical energies with -ray

Nuclear reac)ons at astrophysical energies with -ray beams: a novel experimental approach Chiara Mazzocchi University of Warsaw COMEX5, Krakw,

603 views • 27 slides

More recommend