140 likes | 158 Vues
This panel discussion explores the relationship between formal methods and simulation in the field of CAD, discussing terminology, methodologies, and potential for cross-fertilization. Panelists from academia and industry provide insights and discuss the role of verification methodologies and team structures.
 
                
                E N D
Giving the Gorilla Some Brains: How Can Formal Complement Simulation?FMCAD Panel DiscussionNovember 14, 2006 Andreas Kuehlmann
“Simulation” vs. “Formal Verification” • Let’s look into terminology! We as FMCAD community should know what formal means! FMCAD = “Formal Methods on CAD” “Precise Formalists” versus the “Sloppy Informalists” ?? But what does Simulation mean?
Let’s Check out Wikipedia… A simulation is an imitation of some real thing, state of affairs, or process. The act of simulating something generally entails representing certain key characteristics or behaviors of a selected physical or abstract system. But it continues…. …for Distinction Sake, a Deceiving by Words, is commonly called a Lye, and a Deceiving by Action, Gestures, or Behavior, is called Simulation
Let’s Google it… • http://embedded.eecs.berkeley.edu/research/vis/ttc/lecDir/ps/session3.ppt.ps
Simulation in the Formal World “A Simulation Preorder is a relation between state transition systems associating systems which behave in the same way in the sense that one system “simulates” the other” In other, words a system simulates another system if it can match all of its moves. … looks to me like a pretty formal and “complete” approach
Monitor Subset of Input Stimuli DUV versus Simulation in the “Informal World” RTL simulation -> stick a tiny subset of the input stimuli into the system, simulate the behavior and see if the output matches what you expect The formal world calls this Testing
But Wait a Minute…. … for others Testing means this: The testing community uses formal methods to generate test vectors E.g. D-Algorithm for ATPG Paul Roth: Diagnosis of Automata Failure: A Calculus & Method IBM Journal of R&D 1966 (10), pp. 278-291 Later we “renamed” sequential ATPG into Bounded Model Checking
… and then there are the Companies • IBM • Verification includes simulation and formal methods • Intel: • Validation (simulation) • versus Verification (formal) • The rest • Whatever is fashionable
Two Introductory Lectures • Robert Jones Principal Engineer, Intel Corp. Hillsboro, OR “Life in the Jungle: Simulation vs. Verification” • Wolfgang Roesner Distinguished Engineer IBM Server Division, Austin, TX ”Ecological Niche or Survival Gear? - Improving an Industrial Simulation Methodology with Formal Methods”
How can Formal Complement Simulation • Technology: • Are there methods from the formal world that are usable in a simulation based flow? • Methodologies: • Should we do simulation first to catch the “easy bugs” and then switch to formal for the “hard” ones? • Teams: • In many projects designers are responsible for “almost” correctness and hand the difficult part to the verification team. Does this make sense?
Constraint Solver Monitor Constraints Biasing Coverage Analysis Testbench A “typical” Simulation Setup DUV
Constraint Solver Monitor Constraints Biasing Coverage Analysis Testbench Points where “Formal” Could Help DUV
Questions for the Panel • Are there interesting techniques from the formal world that can complement simulation methods? • Does the traditional tool partitioning between • Simulation and test generation • Equivalence checking • Formal property checking encourage cross-fertilization between technologies? • Do we have the appropriate verification methodologies and team structures reflecting this?
Panelists • Warren Hunt (UT Austin) • Robert Jones (Intel) • Robert Kurshan (Cadence) • Wolfgang Paul (University Saarbruecken) • Carl Pixley (Synopsys) • Wolfgang Roesner (IBM)