1 / 28

Verification of Local Design Refinements in a System Design Methodology

Verification of Local Design Refinements in a System Design Methodology. Tarvo Raudvere. Today’s complex systems. Outline. Introduction into System Design Authors Contribution Gradual design verification Polynomial Abstraction Conclusion Future Work. Trends in System Design.

rashad-ballard
Télécharger la présentation

Verification of Local Design Refinements in a System Design Methodology

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Verification of Local Design Refinements in a System Design Methodology Tarvo Raudvere

  2. Today’s complex systems

  3. Outline • Introduction into System Design • Authors Contribution • Gradual design verification • Polynomial Abstraction • Conclusion • Future Work

  4. Trends in System Design • Increasing complexity • System design starts at a higher abstraction level • Simulation alone is not efficient for verification • Formal techniques have to be complementary applied

  5. Specification Model DesignConstraints Functional Domain Design Refinement Verification Transf. Library Implement. Model Implementation Mapping Implementation Domain HW Description Interface Description SW Description The ForSyDe Design Flow

  6. Semantic PreservingTransformation Do not change the meaning of the model Used mainly for process merging and splitting M1 Mn ImplementationModel T1 T2 Tn The specification model (M0) is stepwise refined by the use of well defined design transformation (Ti) into an implementation model (Mn) Refinement of the Specification Model Specification Model M0 • Design DecisionTransformation • Change the meaning of the model • Introduce a design decision • Examples are refinement of data types, constraining buffer sizes

  7. Simulation Equivalence checking Model checking Model checking Theorem proving Strategy Tool Abstraction DATE’04 CODES+ISSS’03 Gradual design verification Translation from ForSyDe into SMV Polynomial abstraction Thesis contribution Choose a verification technique

  8. Specification model Trans- formation library Input stimuli gen. Property library Design Constraints B1 B2 B3 T B1 B’2 B3 Input stimuli Block B’2 Property checker Implementation model Verification Gradual design verification

  9. Assumptions for gradual verification • The specification model is correct • Only the local correctness of the system is verified • The designer is aware of the constraints for every design block • Design blocks are small enough, that existing verification tools manage the tasks in reasonable time

  10. Verification Details • For every design transformation there is a set of predefined properties • There are SMV templates to assist the user to model the design environment for design blocks • Abstraction has to be done by the user • Translation from ForSyDe into SMV is straight forward • The Cadence version of SMV (Symbolic Model Verifier) is used for verification

  11. Refinement of the Equalizer System Model Button Control Dist. Control HoldLevel LevelControl Distort.Control CheckLow Freq Buttons PowerSpectrum FIR1 Amplifier Audio Filter FFT AudioIn FIR2 Amplifier Sum GroupSamples FIR5 Amplifier Audio Analyzer AudioOut

  12. V Button Control Audio Filter Transformation: ChannelToHandshake V Receive V Send Button Control Finite FIFO Audio Filter Refinement into a Handshake Protocol • The handshake protocol introduces a delay between Send and Receive • The FIFO buffer stores the input data if the channel is busy with the previous arrival • The FIFO size must correspond to the load on the channel

  13. Verified properties Reliability: The only data loss is caused by overflow. (1 sec.) Latency: It takes a fixed number of clock cycles to transport data through the channel. (0.2 sec.) Bandwidth: An input stream with a certain data rate causes no FIFO overflow. (0.2 sec.) Order: Present values on the channel output preserves the same order they have on the input. (400 sec.)

  14. Requirements • For every new design transformation a set of properties has to be defined, which are obligatory to verify • In order to avoid state space explosion, abstraction has to be applied. • The proper abstraction technique should be selected according to: • specific design transformation • the properties that we verify

  15. Polynomial Abstraction • Verification of sequentially implemented combinational functions • Applicable at a high abstraction level • Target: clock domain refinements in the ForSyDe methodology

  16. x f y f(x,y,z) x z DATA PATH f(x,y,z) y z + × x + + + CONTROLLER y f(x,y,z) × × × z Clock Domain Refinement

  17. D D D d1 d2 d3 d4 c1 c2 c3 c4 × × × × + + + Refinement of a FIR-filter Combinational Specification f=c1d1+…+c4d4 ( g ≡ f ) ??? d1 0 reg g × + mux mux d4 c1 Sequential Implementation mux c4 ready FSM start

  18. Theoretical background • ”The Fundamental Theorem of Algebra”: Two degree k uni-variable polynomials are equivalent, if they evaluate pairwise the same values for k+1 input assignments. • Example • S(x)=4x2+3x+7 • R(x)= 5x2+2x+6 • Degree of S(x) and R(x) is 2 • S(x)=R(x), if they calculate pairwise the same value for 3 arbitrary chosen input assignments • If S(x)=R(x) for 3 input assignments, then they are equal for any input assignment.

  19. D D D d1 d2 d3 d4 c1 c2 c3 c4 × × × × f + + + d1 g 0 reg d4 × + mux mux c1 c4 mux ready FSM start Strategy • Find degrees of c1, c2, c3, c4, d1, d2, d3, d4 in f and g. • According to the degrees declare domains of input values. • The equivalence check of f and g can be performed by a model checker. • It is possible to reduce domains of these input signals, which do not determine the control flow of the FSM.

  20. Methodology Sequential design Signal type? • Signal type classification • Degree calculation • Abstraction, model checking Symbolic execution Data 1. 2. Control Output polynomials 3. Degree calculation Domain declaration Model checking Abstract model

  21. Model Checking • Control inputs may get values from all the range of their input domains. • The data signal s gets assignments from 0 to n, if the degree of s is n. • Specification - S(x), Implementation - I(x) the model checker verifies the property: “always S(x)=I(x), if the signal ready is high”.

  22. 5 order 4 FIR-filters 29 Integer inputs 210 seconds 13M BBD-nodes Case Study: Verification of the Audio Filter Button Control Audio Filter FIR-filter1 Lowest Pass Amplifier FIR-filter2 Lowest Pass Amplifier + FIR-filter5 Lowest Pass Amplifier

  23. Conclusion • Integration of formal verification into ForSyDe • Gradual design verification • Translation from ForSyDe into SMV • Polynomial Abstraction

  24. Future Work • Extend the transformation library and the respective property library • Create a tool for translation from ForSyDe into SMV • Create a tool for polynomial abstraction • Extend the polynomial abstraction • Modulo calculation - fix-point arithmetic • Saturation arithmetic • Predicate calculation on input signals

  25. Thanks for your attention!

  26. Theoretical Background • The fundamental theorem of algebra: A uni-variable polynomial of degree n has exactly n complex roots, unless all of its coefficients are zero. • If R(x)=a2x2+a1x+a0 has at least three roots then all ai=0 • Specification S(x)=c2x2+c1x+c0 • Implementation I(x)=d2x2+d1x+d0 • R(x)=I(x)-S(x)=(d2-c2)x2+(d1-c1)x+(d0-c0)

  27. Specification: Combinational function, expressed as a polynomial Implementation: Data path contains operations +,-,×,/ Feedback loops – State Machine Description Computation takes one execution cycle Target Designs Data Path Real numbers Boolean Integers Controller Enumerated

  28. Author’s Papers • T.Raudvere, I.Sander, A.K.Singh, A.Jantsch. Verification of design decisions in ForSyDe. Codes+ISSS’03. • Gradual design verification • Translation from ForSyDe into SMV • T.Raudvere, A.K.Singh, I.Sander, A.Jantsch. Polynomial abstraction for verification of sequentially implemented combinational circuits. DATE’04. • Polynomial Abstraction

More Related