Incremental bounded model checking for embedded software

Program analysis is on the brink of mainstream usage in embedded systems development. Formal verification of behavioural requirements, finding runtime errors and test case generation are some of the most common applications of automated verification tools based on bounded model checking (BMC). Existing industrial tools for embedded software use an off-the-shelf bounded model checker and apply it iteratively to verify the program with an increasing number of unwindings. This approach unnecessarily wastes time repeating work that has already been done and fails to exploit the power of incremental SAT solving. This article reports on the extension of the software model checker CBMC to support incremental BMC and its successful integration with the industrial embedded software verification tool BTC EMBEDDED TESTER. We present an extensive evaluation over large industrial embedded programs, mainly from the automotive industry. We show that incremental BMC cuts runtimes by one order of magnitude in comparison to the standard non-incremental approach, enabling the application of formal verification to large and complex embedded software. We furthermore report promising results on analysing programs with arbitrary loop structure using incremental BMC, demonstrating its applicability and potential to verify general software beyond the embedded domain

SystemC Through the Looking Glass : Non-Intrusive Analysis of Electronic System Level Designs in SystemC

Due to the ever increasing complexity of hardware and hardware/software co-designs, developers strive for higher levels of abstractions in the early stages of the design flow. To address these demands, design at the Electronic System Level (ESL) has been introduced. SystemC currently is the de-facto standard for ESL design. The extraction of data from system designs written in SystemC is thereby crucial e.g. for the proper understanding of a given system. However, no satisfactory support of reflection/introspection of SystemC has been provided yet. Previously proposed methods for this purpose %introduced to achieve the goal nonetheless either focus on static aspects only, restrict the language means of SystemC, or rely on modifications of the compiler and/or parser. In this thesis, approaches that overcome these limitations are introduced, allowing the extraction of information from a given SystemC design without changing the SystemC library or the compiler. The proposed approaches retrieve both, static and dynamic (i.e. run-time) information

High-Level verification methodology for UVMF-based C++ reference model testbench implementation

Abstract. This thesis was completed for Nokia and in cooperation with Siemens EDA. In this thesis a UVM Predictor component, which wraps a C++ reference model, was generated with UVM Framework (UVMF) and implemented. The Predictor was generated and implemented to Universal Verification Methodology (UVM) testbench that had HLS generated Design Under Test (DUT). First, the UVMF generated Predictor was implemented for the UVM testbench with a small HLS-generated design to learn the verification flow. After the first trial run, the UVMF-generated Predictor was implemented into an existing UVM testbench with a bigger subsystem as a DUT. The subsystem contained two manually written RTLs and one HLS-generated RTL. First, this thesis presents the UVM theory and the UVM technologies that are used in the thesis work. The third chapter introduces code coverage, different coverage metrics, and the coverage metrics used in this thesis. After theory, practical work is presented. Chapter four explains the devices under test, UVM components, testbench connections with a UVM Predictor, Predictor generation, functionality testing, and simulation. Measured coverage metrics, tools, and technologies are also presented. Finally, coverage results from thesis work with testing strategies are presented. The results of coverage closure are discussed in chapter 6, and the thesis is summarized in chapter 7. Applying a UVMF-generated Predictor to the UVM testbench for verification flow showed promising results for obtaining a faster verification process as well as produced the possibility of using various versatile verification techniques with the Predictor, such as stimulus generation with constrained random (CR).Korkeatason verifiointi metodologian testipenkki-implementaatio UVM Framework pohjautuvalla C++ referenssi mallilla. Tiivistelmä. Tämä diplomityö on tehty Nokialle yhteistyössä Siemens EDA:n kanssa. Tässä diplomityössä UVM Framework työkalulla generoitiin ja toteutettiin UVM-prediktori komponentti, joka sisältää C++ referenssimallin. Generoitu prediktori integroitiin universaalin varmennusmenetelmän testipenkkiin, joka sisälsi HLS:llä luodun testattavan suunnitelman. Ensiksi UVMF:llä generoitu prediktori implementoitiin UVM-testipenkkiin pienellä HLS generoidulla alilohkolla, jotta verifiointivuo saatiin opeteltua. Ensimmäisen testivedoksen jälkeen, UVMF generoitu prediktori implementoitiin olemassa olevaan UVM-testipenkkiin, jossa varmennettavan suunnitelmana oli suurempi osajärjestelmä. Osajärjestelmä sisälsi kolme alilohkoa, joista kaksi oli manuaalisesti kirjoitettua RTL:ää ja yksi HLS generoitu RTL. Ensiksi tässä työssä käydään läpi UVM:n teoriaa, sekä käytettävät UVM teknologiat, joita sovelletaan diplomityössä. Kolmas kappale esittelee koodin kattavuutta ja erilaisia kattavuus parametreja. Teoriaosuuden jälkeen esitellään käytännön työn asiat. Kappale 4 esittelee varmennettavat suunnitelmat, UVM komponentit, testipenkkikytkennät prediktorin kanssa, sekä prediktorin generoinnin, testauksen ja simuloinnin. Myös työssä mitattavat kattavuusparametrit, sekä käytettävät työkalut ja teknologiat esitellään. Lopuksi esitellään diplomityössä saavutetut kattavuustulokset, sekä suunnitelmien varmennusstrategiat. Diplomityössä saavutetut tulokset käydään läpi seuraavassa kappaleessa, minkä jälkeen kappaleessa 7 tiivistetään koko diplomityö. UVMF generoidun prediktorin ottaminen mukaan osaksi UVM testipenkin verifiointivuota antoi lupaavia tuloksia verifiointiprosessin nopeuttamiseksi, ja mahdollisuuden käyttää erilaisia monipuolisia verifiointitekniikoita kuten testiherätteiden luontia rajoitetun satunnaisuuden menetelmällä

Concurrent Specification of Embedded Systems: An Insight into the Flexibility vs Correctness Trade-Off

Diseases & disorder

Understanding multidimensional verification: Where functional meets non-functional

Abstract Advancements in electronic systems' design have a notable impact on design verification technologies. The recent paradigms of Internet-of-Things (IoT) and Cyber-Physical Systems (CPS) assume devices immersed in physical environments, significantly constrained in resources and expected to provide levels of security, privacy, reliability, performance and low-power features. In recent years, numerous extra-functional aspects of electronic systems were brought to the front and imply verification of hardware design models in multidimensional space along with the functional concerns of the target system. However, different from the software domain such a holistic approach remains underdeveloped. The contributions of this paper are a taxonomy for multidimensional hardware verification aspects, a state-of-the-art survey of related research works and trends enabling the multidimensional verification concept. Further, an initial approach to perform multidimensional verification based on machine learning techniques is evaluated. The importance and challenge of performing multidimensional verification is illustrated by an example case study

A Cross-level Verification Methodology for Digital IPs Augmented with Embedded Timing Monitors

Smart systems are characterized by the integration in a single device of multi-domain subsystems of different technological domains, namely, analog, digital, discrete and power devices, MEMS, and power sources. Such challenges, emerging from the heterogeneous nature of the whole system, combined with the traditional challenges of digital design, directly impact on performance and on propagation delay of digital components. This article proposes a design approach to enhance the RTL model of a given digital component for the integration in smart systems with the automatic insertion of delay sensors, which can detect and correct timing failures. The article then proposes a methodology to verify such added features at system level. The augmented model is abstracted to SystemC TLM, which is automatically injected with mutants (i.e., code mutations) to emulate delays and timing failures. The resulting TLM model is finally simulated to identify timing failures and to verify the correctness of the inserted delay monitors. Experimental results demonstrate the applicability of the proposed design and verification methodology, thanks to an efficient sensor-aware abstraction methodology, by applying the flow to three complex case studies

On mixed abstraction, languages and simulation approach to refinement with SystemC AMS

Executable specifications and simulations arecornerstone to system design flows. Complex mixed signalembedded systems can be specified with SystemC AMSwhich supports abstraction and extensible models of computation. The language contains semantics for moduleconnections and synchronization required in analog anddigital interaction. Through the synchronization layer, user defined models of computation, solvers and simulators can be unified in the SystemC AMS simulator for achieving low level abstraction and model refinement. These improvements assist in amplifying model aspects and their contribution to the overall system behavior. This work presents cosimulating refined models with timed data flow paradigm of SystemC AMS. The methodology uses Cbased interaction between simulators. An RTL model ofdata encryption standard is demonstrated as an example.The methodology is flexible and can be applied in earlydesign decision trade off, architecture experimentation and particularly for model refinement and critical behavior analysis

Pre-validation of SoC via hardware and software co-simulation

Abstract. System-on-chips (SoCs) are complex entities consisting of multiple hardware and software components. This complexity presents challenges in their design, verification, and validation. Traditional verification processes often test hardware models in isolation until late in the development cycle. As a result, cooperation between hardware and software development is also limited, slowing down bug detection and fixing. This thesis aims to develop, implement, and evaluate a co-simulation-based pre-validation methodology to address these challenges. The approach allows for the early integration of hardware and software, serving as a natural intermediate step between traditional hardware model verification and full system validation. The co-simulation employs a QEMU CPU emulator linked to a register-transfer level (RTL) hardware model. This setup enables the execution of software components, such as device drivers, on the target instruction set architecture (ISA) alongside cycle-accurate RTL hardware models. The thesis focuses on two primary applications of co-simulation. Firstly, it allows software unit tests to be run in conjunction with hardware models, facilitating early communication between device drivers, low-level software, and hardware components. Secondly, it offers an environment for using software in functional hardware verification. A significant advantage of this approach is the early detection of integration errors. Software unit tests can be executed at the IP block level with actual hardware models, a task previously only possible with costly system-level prototypes. This enables earlier collaboration between software and hardware development teams and smoothens the transition to traditional system-level validation techniques.Järjestelmäpiirin esivalidointi laitteiston ja ohjelmiston yhteissimulaatiolla. Tiivistelmä. Järjestelmäpiirit (SoC) ovat monimutkaisia kokonaisuuksia, jotka koostuvat useista laitteisto- ja ohjelmistokomponenteista. Tämä monimutkaisuus asettaa haasteita niiden suunnittelulle, varmennukselle ja validoinnille. Perinteiset varmennusprosessit testaavat usein laitteistomalleja eristyksissä kehityssyklin loppuvaiheeseen saakka. Tämän myötä myös yhteistyö laitteisto- ja ohjelmistokehityksen välillä on vähäistä, mikä hidastaa virheiden tunnistamista ja korjausta. Tämän diplomityön tavoitteena on kehittää, toteuttaa ja arvioida laitteisto-ohjelmisto-yhteissimulointiin perustuva esivalidointimenetelmä näiden haasteiden ratkaisemiseksi. Menetelmä mahdollistaa laitteiston ja ohjelmiston varhaisen integroinnin, toimien luonnollisena välietappina perinteisen laitteistomallin varmennuksen ja koko järjestelmän validoinnin välillä. Yhteissimulointi käyttää QEMU suoritinemulaattoria, joka on yhdistetty rekisterinsiirtotason (RTL) laitteistomalliin. Tämä mahdollistaa ohjelmistokomponenttien, kuten laiteajureiden, suorittamisen kohdejärjestelmän käskysarja-arkkitehtuurilla (ISA) yhdessä kellosyklitarkkojen RTL laitteistomallien kanssa. Työ keskittyy kahteen yhteissimulaation pääsovellukseen. Ensinnäkin se mahdollistaa ohjelmiston yksikkötestien suorittamisen laitteistomallien kanssa, varmistaen kommunikaation laiteajurien, matalan tason ohjelmiston ja laitteistokomponenttien välillä. Toiseksi se tarjoaa ympäristön ohjelmiston käyttämiseen toiminnallisessa laitteiston varmennuksessa. Merkittävä etu tästä lähestymistavasta on integraatiovirheiden varhainen havaitseminen. Ohjelmiston yksikkötestejä voidaan suorittaa jo IP-lohkon tasolla oikeilla laitteistomalleilla, mikä on aiemmin ollut mahdollista vain kalliilla järjestelmätason prototyypeillä. Tämä mahdollistaa aikaisemman ohjelmisto- ja laitteistokehitystiimien välisen yhteistyön ja helpottaa siirtymistä perinteisiin järjestelmätason validointimenetelmiin