1 / 20

Representing Boolean Functions for Symbolic Model Checking

Representing Boolean Functions for Symbolic Model Checking. Supratik Chakraborty IIT Bombay. Example: 3-bit Counter. Model State transition graph defined by X0’ = NOT(x0) X1’ = XOR(x1, x0) X2’ = XOR(x2, x0.x1). x2. X2’. x1. X1’. Property The state x0,x1,x2 = 000

lovie
Télécharger la présentation

Representing Boolean Functions for Symbolic Model Checking

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Representing Boolean Functions for Symbolic Model Checking Supratik Chakraborty IIT Bombay

  2. Example: 3-bit Counter Model State transition graph defined by X0’ = NOT(x0) X1’ = XOR(x1, x0) X2’ = XOR(x2, x0.x1) x2 X2’ x1 X1’ Property The state x0,x1,x2 = 000 is always eventually reached from the current state. x0 X0’ Clk

  3. Model Checking • Number of states, stored explicitly, may become too large (10120) • Symbolic model checking uses Boolean functions to compactly represent • Sets of states • Transition relation • Searching the states of the model translates to manipulation of Boolean functions • Satisfaction of a CTL property translates to satisfiability of an appropriate Boolean function.

  4. Representing States and Transitions • For 3-bit counter, • Set of states x0,x1,x2 = {000, 010, 011, 001} can be represented by S (x0, x1, x2) = S(x) = x0. • Set of state transitions can be represented by Tr (x0, x1, x2, X0’, X1’, X2’) = Tr (x, X’) = (X0’ x0) AND (X1’ x1 x0)) AND (X2’ x2 (x1.x0))

  5. Post Image Computation • Post(S0) = Set of states reachable in 1 step from S0 • Post(S0) = {x | y in S0 and Tr(y, x) = true} • Expressed as Boolean functions: Given S0 (x0, x1, x2), Post(S0 (x0, x1, x2)) = y0 y1 y2 . (S0 (y0, y1, y2) AND Tr(y0,y1,y2x0,x1,x2)) • Given functions S0 and Tr, function for Post (S0) obtained

  6. Pre Image Computation • Pre(S0) = Set of states from which a state in S0 can be reached in 1 step • Pre(S0) = {x | y in S0 and Tr(x, y) = true} • Expressed as Boolean functions: Given S0 (x0, x1, x2), Pre(S0 (x0, x1, x2)) = y0 y1 y2 . (S0 (y0, y1, y2) AND Tr(x0,x1,x2,y0,y1,y2)) • Given functions S0 and Tr, function for Pre(S0) obtained

  7. Representing Boolean Functions • Need to represent and efficiently manipulate Boolean functions • Commonly used representations: • Truth table, Karnaugh map, canonical sum-of-products representation • Too large to represent functions of 100s of variables • Size 2n for n-argument function • Operations (e.g. AND, NOT) inefficient • Not appropriate for practical applications • e.g., representing carry-out function of a 64-bit adder,

  8. x1 x2 x2 x3 x3 x3 1 0 1 1 1 0 1 0 Binary Decision Diagrams • A graphical representation [Lee, Akers, Bryant] • Allows efficient representation & manipulation of Boolean functions in many practical cases • Enables efficient verification of a large class of designs • Worst-case behavior still exponential • Example: f = x1.x2 + x3’ • Represent as binary tree • Evaluating f: • Start from root • For each vertex labeled xi • take left branch if xi = 0 • else take right branch x3

  9. Binary Decision Diagrams • Underlying principle: Shannon decomposition • f(x1, x2, x3) = x1.f(1, x2, x3) + x1’.f(0, x2, x3) = x1. (x2 + x3’) + x1’. (x3’) • Can be applied recursively to f(1, x2, x3) and f(0, x2, x3) • Gives tree • Extend to n arguments • But number of nodes can be exponential in number of arguments x1 x2 x2 x3 x3 x3 x3 1 0 1 1 1 0 1 0 f = x1.x2 + x3’

  10. Restrictions on BDDs • Ordering of variables • In all paths from root to leaf, variable labels of nodes must appear in a specified order • Reduced graphs • No two distinct vertices must represent the same function • Each non-leaf vertex must have distinct children REDUCED ORDERED BDD (ROBDD): Directed Acyclic Graph x1 x2 x3 x2 x3 x2 x3 1 0 1 1 1 0 1 0 f = x’1.x’2 + x1.x2 + x1.x3’

  11. ROBDDs x1 • Example: • Properties • Unique (canonical) representation of f for given ordering of variables • Checking f1 = f2 reduces to checking if ROBDDs are isomorphic • Shared subgraphs: size reduction • Every path doesn’t have all labels x1, x2, x3 • Every non-leaf vertex has a path to 0 and 1 So far good ! f = x1.x2 + x3’ x2 x3 0 1 x1 x2 x2 x3 x3 x3 1 0 1 1 1 0 1 0

  12. Variable Ordering Problem f = x1.x2 + x3.x4 + x5.x6 1 1 2 3 3 3 5 5 5 5 4 2 2 2 2 5 4 4 6 6 0 1 0 1 Order 1,3,5,2,4,6 Order 1,2,3,4,5,6

  13. Variable Ordering Problem • ROBDD size • Extremely sensitive to variable ordering • f = x_1.x_2 + x_3.x_4 + … x_2n-1.x_2n • 2n+2 vertices for order 1,2,3,4…2n-1,2n • 2n+1 vertices for order 1,n+1,2,n+2,…n,2n • Non-exponential regardless of variable ordering • f = x1.x2.x3….xn • n+2 vertices for all orderings • Exponential regardless of variable ordering • Output functions of integer multipliers [Bryant] • Determining best variable order for a function is computationally intractable • Heuristics: Static ordering, Dynamic ordering

  14. Operations on BDDs OperationComplexity • Reduce O(|G|) • G reduced to canonical form • Apply O(|G1||G2|) • Any binary Boolean op: AND, XOR … ) • Compose O(|G1|2|G2|) • f(x1, x2, x5) composed with g(x3, x4) at position of x2 is: f(x1, g(x3,x4), x5) • Satisfy-one O(n) • Find one assignment of x1, x2, … xn for which f(x1, x2, … xn) = 1 • Restrict O(|G|) • Find ROBDD for f(x1, x2, …,1, ... xn) or f (x1, x2, … 0 … xn)

  15. Operations on BDDs • Complexity polynomial in size of BDDs • If size can be kept under control, we are in business! • BDD size limiting factor in most applications • Ongoing research on variable ordering problem • If arguments to an operation are ROBDDs, result is also an ROBDD. • Quantification expressed as: • x1. f(x1, x2, x3) = f(0, x2, x3) + f(1, x2, x3) • x1. f(x1, x2, x3) = f(0, x2, x3) . f(1, x2, x3) • Useful in model checking if functions can be represented compactly

  16. Neat tricks in BDD packages • Shared BDDs (SBDDs) • Multiple functions represented simultaneously as a multi-rooted DAG. • Each root and descendants form an ROBDD • Different roots can share subgraphs • Variable ordering same for all functions represented • Representing functions using ITE operator • if-then-else (x, y, z) = x.y + x’z • Natural implementation using BDDs • Can express any binary Boolean operation using ITE • NAND(x,y) = ITE(x,y’,0); NOT(x) = ITE(x,0,1) • Efficient algorithm for computing ITE with ROBDDs exist

  17. Neat tricks in BDD packages f = x1.x2 + x3’ • Complement edges • If a vertex is reached by a complement edge, take the complement of the function represented by the vertex • Simplifies complementation • Saves duplication of computation • Hash Tables and Caches • Facilitates identifying ROBDD node for an already computed function • Avoids computation duplication • Very effective in practice x1 x2 x3 0 1 f = x1.x2’x3 + x1’x3’ x1 x2 x3 0 1

  18. BDD Packages Out There • CUDD package (Colorado University) • CMU BDD package • TiGeR (commercial package) • CAL (University of California, Berkeley) • EHV • ...

  19. Applications of BDDs • Extensively used in CAD applications for digital hardware • Some Interesting applications • Combinational logic verification • Is a combinational circuit functionally equivalent to another? • Sequential machine equivalence • Using combinational equivalence of next-state logic • For representing transition relations and state spaces in symbolic methods • Symbolic model checking • Test pattern generation • Automatic Test Pattern Generation (ATPG) essentially tries to come up with satisfying instances of a Boolean formula

  20. Applications of BDDs • Timing verification • For representing false paths in a circuit succinctly • For representing discretized time encoded as binary values • Representing sets using characteristic functions • Symbolic simulation • Assign variables and/or constants to circuit inputs and determine output values in terms of variables • Representing sets of constant values • Logic synthesis and optimization • Other domains: Combinatorics, manipulating classes of combined Boolean algebraic expressions ...

More Related