State of the Art 1.5
Formal Specification 1.6
Formal Verification 1.8
System Design and Verification 1.10
Traditional Method 1.11
Formal Verification Methods 1.13
Timing Verification 1.26
Introduction
• Digital systems continuously grow in scale and functionality. Performance of integrated circuits (IC) doubling every year.
Microprocessors containing one million gates.
Telecommunication chips are deep submicron application-specific integrated circuits (ASICs) with more than 500,000 gates.
• Likelihood of subtle design errors is increasing. In 1994, cost of correcting problems with Intel Corp. Pentium and Pentium Pro microprocessors. Cost of correction about $250 M.
In 1995, problem with Texas Instruments Inc. the 320C32 floating point digital signal processor.
• Our goal is to develop verification methods to improve design quality.
• Formal Methods: mathematically-based languages, techniques, and tools for specifying and verifying such systems.
• Use of formal methods does not a priori guarantee correctness.
• Complement to simulation Increase understanding of a system by revealing inconsistencies, ambiguities, and incompletenesses.
7/13/97 1.5 (of 27)
State of the Art
• In the past, use of formal methods did not seem practical.
• notations too obscure
• techniques did not scale with problem size
• tool support inadequate or too hard to use
• Only a few non-trivial case studies available
• Few people had the training to use them effectively on the job.
• Recently more promising picture for formal methods.
• Software specification: industry trying out notations like Z to document system's properties.
• Hardware verification: industry adopting model checking and even theorem proving to complement simulation.
• Industrial case studies increasing confidence in using formal methods.
• 
Formal Specification
• Specification: the process of describing a system and its desired properties.
• Specification is a useful communication device: between customer and designer, between designer and implementor, and between implementors and tester.
• Companion document to the system's source code, but at a higher level of abstraction.
• Formal specification: uses a language with a mathematically-defined syntax and semantics.
• System properties relate to functional behavior, timing behavior, performance, internal structure, etc.
• So far, formal specifications most successful for functional behavior.
• Trend to integrate different specification languages, each for a different aspect.
© 1997 E. Cerny, X. Song 7/13/97 1.7 (of 27)
Formal Specification (cont'd)
• Examples of formal languages:
• Z, VDM, and Larch focus on specifying behavior of sequential systems. States in terms of sets, relations, functions.
State transitions in terms of pre-and post-conditions.
• CSP, CCS, LOTOS, Temporal Logics focus on concurrent systems States typically range over simple domains like integers or are left uninterpreted
Behavior defined in terms of sequences, trees or partial orders of events
• Common to all methods: the use of the mathematical concepts of abstraction and composition.
Formal Verification
• Formal methods cut across almost all areas in Computer Science and Engineering.
• Foundation in mathematics
• Intended applications are hardware and software systems
• Users are developers involved in system engineering process.
• An interdisciplinary activity: Formal Verification (cont'd)
Logic
• In the 1960-70's, high expectations for "software verification", but hopes gradually fizzled out by the late 1970's.
• Theorem proving approaches have "cultural roots" in software verification in 1970's.
• Why formal methods might work for hardware?
• Hardware is often regular and hierarchical
• Re-use of design is common practice
• Hardware specification is more common, e.g., VHDL models
• Primitives are simpler; e.g., behavior of an NAND-Gate easier to describe than the semantics of a while-loop
• Cost of design error can mean a 6 months delay and a costly set of lithography masks.
• Here we focus on formal verification methods of digital hardware.
© 1997 E. Cerny, X. Song 7/13/97 1.10 (of 27)
System Design and Verification
• Levels of abstraction in design:
• Behavioral synthesis: behavioral description into RTL description.
• RTL synthesis: RTL description into logic description.
• Logic synthesis: logic description into netlist of primitive gates for a target technology.
• Layout synthesis: gate netlist to mask geometry. 
