Quality and Quantity in Robustness-Checking Using Formal Techniques

Fault tolerance is one of the main challenges for future technology scaling to tolerate transient faults. Various techniques at design level are available to catch and handle transient faults, e.g., Triple Modular Redundancy. An important but missing step is to verify the implementation of those techniques since the implementation might be buggy itself. The thesis is focusing on formally verifying digital circuits with respect to fault-tolerant aspects. It considers transient faults and basically checks whether these faults can influence the output behavior of sequential circuits for any kind of scenarios. As a result the designer is pin-pointed directly to critical parts of the design and gets a prove about the absence of faulty behavior for non-critical parts. The focus of the verification is completeness with respect to the analysis. Three issues need to be adequately addressed: 1) cover all input stimuli, 2) all possible transient faults, and, 3) all possibly exponential long (wrt. to number of state bits) propagation paths. All three issues are addressed in different engines. A tool called RobuCheck has been implemented and evaluated on different academic benchmarks from ITC'99 and industrial benchmarks from IBM

09461 Abstracts Collection -- Algorithms and Applications for Next Generation SAT Solvers

From 8th to 13th November 2009, the Dagstuhl Seminar 09461 "Algorithms and Applications for Next Generation SAT Solvers" was held in Schloss Dagstuhl--Leibniz Center for Informatics. During the seminar, several participants presented their current research, and ongoing work and open problems were discussed. Abstracts of the presentations given during the seminar as well as abstracts of seminar results and ideas are put together in this paper. The first section describes the seminar topics and goals in general. Links to extended abstracts, slides or full papers are provided, if available

Génération de séquences de test pour l'accélération d'assertions

Avec la complexité croissante des systèmes sur puce, le processus de vérification devient une tâche de plus en plus cruciale à tous les niveaux du cycle de conception, et monopolise une part importante du temps de développement. Dans ce contexte, l'assertion-based verification (ABV) a considérablement gagné en popularité ces dernières années. Il s'agit de spécifier le comportement attendu du système par l'intermédiaire de propriétés logico-temporelles, et de vérifier ces propriétés par des méthodes semi-formelles ou formelles. Des langages de spécification comme PSL ou SVA (standards IEEE) sont couramment utilisés pour exprimer ces propriétés. Des techniques de vérification statiques (model checking) ou dynamiques (validation en cours de simulation) peuvent être mises en œuvre. Nous nous plaçons dans le contexte de la vérification dynamique. A partir d'assertions exprimées en PSL ou SVA, des descriptions VHDL ou Verilog synthétisables de moniteurs matériels de surveillance peuvent être produites (outil Horus). Ces composants peuvent être utilisés pendant la conception (en simulation et/ou émulation pour le débug et la validation de circuits), ou comme composants embarqués, pour la surveillance du comportement de systèmes critiques. Pour l'analyse en phase de conception, que ce soit en simulation ou en émulation, le problème de la génération des séquences de test se pose. En effet, des séquences de test générées aléatoirement peuvent conduire à un faible taux de couverture des conditions d'activation des moniteurs et, de ce fait, peuvent être peu révélatrices de la satisfaction des assertions. Les méthodes de génération de séquences de test sous contraintes n'apportent pas de réelle solution car les contraintes ne peuvent pas être liées à des conditions temporelles. De nouvelles méthodes doivent être spécifiées et implémentées, c'est ce que nous nous proposons d'étudier dans cette thèse.With the increasing complexity of SoC, the verification process becomes a task more crucial at all levels of the design cycle, and monopolize a large share of development time. In this context, the assertion-based verification (ABV) has gained considerable popularity in recent years. This is to specify the behavior of the system through logico-temporal properties and check these properties by semiformal or formal methods. Specification languages such as PSL or SVA (IEEE) are commonly used to express these properties. Static verification techniques (model checking) or dynamic (during simulation) can be implemented. We are placed in the context of dynamic verification. Our assertions are expressed in PSL or SVA, and synthesizable descriptions VHDL or Verilog hardware surveillance monitors can be produced (Horus tool). These components can be used for design (simulation and/or emulation for circuit debug and validation) or as embedded components for monitoring the behavior of critical systems. For analysis in the design phase, either in simulation or emulation, the problem of generating test sequences arises. In effect, sequences of randomly generated test can lead to a low coverage conditions of activation monitors and, therefore, may be indicative of little satisfaction assertions. The methods of generation of test sequences under constraints do not provide real solution because the constraints can not be linked to temporal conditions. New methods must be specified and implemented, this's what we propose to study in this thesis.SAVOIE-SCD - Bib.électronique (730659901) / SudocGRENOBLE1/INP-Bib.électronique (384210012) / SudocGRENOBLE2/3-Bib.électronique (384219901) / SudocSudocFranceF

Tester for chosen sub-standard of the IEEE 802.1Q

Tato práce se zabývá analyzováním IEEE 802.1Q standardu TSN skupiny a návrhem testovacího modulu. Testovací modul je napsán v jazyku VHDL a je možné jej implementovat do Intel Stratix® V GX FPGA (5SGXEA7N2F45C2) vývojové desky. Standard IEEE 802.1Q (TSN) definuje deterministickou komunikace přes Ethernet sít, v reálném čase, požíváním globálního času a správným rozvrhem vysíláním a příjmem zpráv. Hlavní funkce tohoto standardu jsou: časová synchronizace, plánování provozu a konfigurace sítě. Každá z těchto funkcí je definovaná pomocí více různých podskupin tohoto standardu. Podle definice IEEE 802.1Q standardu je možno tyto podskupiny vzájemně libovolně kombinovat. Některé podskupiny standardu nemohou fungovat nezávisle, musí využívat funkce jiných podskupin standardu. Realizace funkce podskupin standardu je možná softwarově, hardwarově, nebo jejich kombinací. Na základě výše uvedených fakt, implementace podskupin standardu, které jsou softwarově související, byly vyloučené. Taky byly vyloučené podskupiny standardů, které jsou závislé na jiných podskupinách. IEEE 802.1Qbu byl vybrán jako vhodná část pro realizaci hardwarového testu. Různé způsoby testování byly vysvětleny jako DFT, BIST, ATPG a další jiné techniky. Pro hardwarové testování byla vybrána „Protocol Aware (PA)“technika, protože tato technika zrychluje testování, dovoluje opakovanou použitelnost a taky zkracuje dobu uvedení na trh. Testovací modul se skládá ze dvou objektů (generátor a monitor), které mají implementovanou IEEE 802.1Qbu podskupinu standardu. Funkce generátoru je vygenerovat náhodné nebo nenáhodné impulzy a potom je poslat do testovaného zařízeni ve správném definovaném protokolu. Funkce monitoru je přijat ethernet rámce a ověřit jejich správnost. Objekty jsou navrhnuty stejným způsobem na „TOP“úrovni a skládají se ze čtyř modulů: Avalon MM rozhraní, dvou šablon a jednoho portu. Avalon MM rozhraní bylo vytvořeno pro komunikaci softwaru s hardwarem. Tento modul přijme pakety ze softwaru a potom je dekóduje podle definovaného protokolu a „pod-protokolu “. „Pod-protokol“se skládá z příkazu a hodnoty daného příkazu. Podle dekódovaného příkazu a hodnot daných příkazem je kontrolovaný celý objekt. Šablona se používá na generování nebo ověřování náhodných nebo nenáhodných dat. Dvě šablony byly implementovány pro expresní ověřování nebo preempční transakce, definované IEEE 802.1Qbu. Porty byly vytvořené pro komunikaci mezi testovaným zařízením a šablonou podle daného standardu. Port „generátor“má za úkol vybrat a vyslat rámce podle priority a času vysílaní. Port „monitor“přijme rámce do „content-addressable memory”, která ověřuje priority rámce a podle toho je posílá do správné šablony. Výsledky prokázaly, že tato testovací technika dosahuje vysoké rychlosti a rychlé implementace.This master paper is dealing with the analysis of IEEE 802.1Q group of TSN standards and with the design of HW tester. Standard IEEE 802.1Qbu has appeared to be an optimal solution for this paper. Detail explanation of this sub-standard are included in this paper. As HW test the implementation, a protocol aware technique was chosen in order to accelerate testing. Paper further describes architecture of this tester, with detail explanation of the modules. Essential issue of protocol aware controlling objects by SW, have been resolved and described. Result proof that this technique has reached higher speed of testing, reusability, and fast implementation.

Formal Analysis of Arithmetic Circuits using Computer Algebra - Verification, Abstraction and Reverse Engineering

Despite a considerable progress in verification and abstraction of random and control logic, advances in formal verification of arithmetic designs have been lagging. This can be attributed mostly to the difficulty in an efficient modeling of arithmetic circuits and datapaths without resorting to computationally expensive Boolean methods, such as Binary Decision Diagrams (BDDs) and Boolean Satisfiability (SAT), that require “bit blasting”, i.e., flattening the design to a bit-level netlist. Approaches that rely on computer algebra and Satisfiability Modulo Theories (SMT) methods are either too abstract to handle the bit-level nature of arithmetic designs or require solving computationally expensive decision or satisfiability problems. The work proposed in this thesis aims at overcoming the limitations of analyzing arithmetic circuits, specifically at the post-synthesized phase. It addresses the verification, abstraction and reverse engineering problems of arithmetic circuits at an algebraic level, treating an arithmetic circuit and its specification as a properly constructed algebraic system. The proposed technique solves these problems by function extraction, i.e., by deriving arithmetic function computed by the circuit from its low-level circuit implementation using computer algebraic rewriting technique. The proposed techniques work on large integer arithmetic circuits and finite field arithmetic circuits, up to 512-bit wide containing millions of logic gates

The impact of design techniques in the reduction of power consumption of SoCs Multimedia

Orientador: Guido Costa Souza de AraújoDissertação (mestrado) - Universidade Estadual de Campinas, Instituto de ComputaçãoResumo: A indústria de semicondutores sempre enfrentou fortes demandas em resolver problema de dissipação de calor e reduzir o consumo de energia em dispositivos. Esta tendência tem sido intensificada nos últimos anos com o movimento de sustentabilidade ambiental. A concepção correta de um sistema eletrônico de baixo consumo de energia é um problema de vários níveis de complexidade e exige estratégias sistemáticas na sua construção. Fora disso, a adoção de qualquer técnica de redução de energia sempre está vinculada com objetivos especiais e provoca alguns impactos no projeto. Apesar dos projetistas conheçam bem os impactos de forma qualitativa, as detalhes quantitativas ainda são incógnitas ou apenas mantidas dentro do 'know-how' das empresas. Neste trabalho, de acordo com resultados experimentais baseado num plataforma de SoC1 industrial, tentamos quantificar os impactos derivados do uso de técnicas de redução de consumo de energia. Nos concentramos em relacionar o fator de redução de energia de cada técnica aos impactos em termo de área, desempenho, esforço de implementação e verificação. Na ausência desse tipo de dados, que relacionam o esforço de engenharia com as metas de consumo de energia, incertezas e atrasos serão frequentes no cronograma de projeto. Esperamos que este tipo de orientações possam ajudar/guiar os arquitetos de projeto em selecionar as técnicas adequadas para reduzir o consumo de energia dentro do alcance de orçamento e cronograma de projetoAbstract: The semiconductor industry has always faced strong demands to solve the problem of heat dissipation and reduce the power consumption in electronic devices. This trend has been increased in recent years with the action of environmental sustainability. The correct conception of an electronic system for low power consumption is an issue with multiple levels of complexities and requires systematic approaches in its construction. However, the adoption of any technique for reducing the power consumption is always linked with some specific goals and causes some impacts on the project. Although the designers know well that these impacts can affect the design in a quality aspect, the quantitative details are still unkown or just be kept inside the company's know-how. In this work, according to the experimental results based on an industrial SoC2 platform, we try to quantify the impacts of the use of low power techniques. We will relate the power reduction factor of each technique to the impact in terms of area, performance, implementation and verification effort. In the absence of such data, which relates the engineering effort to the goals of power consumption, uncertainties and delays are frequent. We hope that such guidelines can help/guide the project architects in selecting the appropriate techniques to reduce the power consumption within the limit of budget and project scheduleMestradoCiência da ComputaçãoMestre em Ciência da Computaçã

Cryptographic Fault Diagnosis using VerFI

Historically, fault diagnosis for integrated circuits has singularly dealt with reliability concerns. In contrast, a cryptographic circuit needs to be primarily evaluated concerning information leakage in the presence of maliciously crafted faults. While Differential Fault Attacks (DFAs) on symmetric ciphers have been known for over 20 years, recent developments have tried to structurally classify the attackers’ capabilities as well as the properties of countermeasures. Correct realization of countermeasures should still be manually verified, which is error-prone and infeasible for even moderate-size real-world designs. Here, we introduce the concept of Cryptographic Fault Diagnosis, which revises and shapes the notions of fault diagnosis in reliability testing to the needs of evaluating cryptographic implementations. Additionally, we present VerFI, which materializes the idea of Cryptographic Fault Diagnosis. It is a fully automated, open-source fault detection tool processing the gate-level representation of arbitrary cryptographic implementations. By adjusting the bounds of the underlying adversary model, VerFI allows us to rapidly examine the desired fault detection/correction capabilities of the given implementation. Among several case studies, we demonstrate its application on an implementation of LED cipher with combined countermeasures against side-channel analysis and fault-injection attacks (published at CRYPTO 2016). This experiment revealed general implementation flaws and undetectable faults leading to successful DFA on the protected design with full-key recovery

Providing Reliable FIB Update Acknowledgments in SDN

Impairment of biliverdin reductase-A (BVR-A) is an early event leading to brain insulin resistance in AD. Intranasal insulin (INI) administration is under evaluation as a strategy to alleviate brain insulin resistance; however, the molecular mechanisms underlying INI beneficial effects are still unclear. We show that INI improves insulin signaling activation in the hippocampus and cortex of adult and aged 3×Tg-AD mice by ameliorating BVR-A activation. These changes were associated with a reduction of nitrosative stress, Tau phosphorylation, and Aβ oligomers in brain, along with improved cognitive functions. The role of BVR-A was strengthened by showing that cells lacking BVR-A: (i) develop insulin resistance if treated with insulin and (ii) can be recovered from insulin resistance only if treated with a BVR-A-mimetic peptide. These novel findings shed light on the mechanisms underlying INI treatment effects and suggest BVR-A as potential therapeutic target to prevent brain insulin resistance in AD