A Faithful Semantics for Generalised Symbolic Trajectory Evaluation

Generalised Symbolic Trajectory Evaluation (GSTE) is a high-capacity formal verification technique for hardware. GSTE uses abstraction, meaning that details of the circuit behaviour are removed from the circuit model. A semantics for GSTE can be used to predict and understand why certain circuit properties can or cannot be proven by GSTE. Several semantics have been described for GSTE. These semantics, however, are not faithful to the proving power of GSTE-algorithms, that is, the GSTE-algorithms are incomplete with respect to the semantics. The abstraction used in GSTE makes it hard to understand why a specific property can, or cannot, be proven by GSTE. The semantics mentioned above cannot help the user in doing so. The contribution of this paper is a faithful semantics for GSTE. That is, we give a simple formal theory that deems a property to be true if-and-only-if the property can be proven by a GSTE-model checker. We prove that the GSTE algorithm is sound and complete with respect to this semantics

Efficient Generation of Monitor Circuits for GSTE Assertion Graphs

Generalized symbolic trajectory evaluation (GSTE) is a powerful, new method for formal verification that combines the industriallyproven scalability and capacity of classical symbolic trajectory evaluation with the expressive power of temporal-logic model checking. GSTE was originally developed at Intel and has been used successfully on Intel’s next-generation microprocessors. However, the supporting algorithms and tools for GSTE are still relatively immature. GSTE specifications are given as assertion graphs, an extension of ∀-automata. This paper presents a linear-time, linear-size translation from GSTE assertion graphs into monitor circuits, which can be used with dynamic verification both as a quick “sanity check ” of the specification before effort is invested in abstraction and formal verification, and also as means to reuse GSTE specifications with other validations methods. We present experimental results using real GSTE assertion graphs for real industrial circuits, showing that the circuit construction procedure is efficient in practice and that the monitor circuits impose minimal simulation overhead. 1

Efficient generation of monitor circuits for GSTE assertion graphs

Generalized symbolic trajectory evaluation (GSTE) is a powerful, new method for formal verification that combines the industriallyproven scalability and capacity of classical symbolic trajectory evaluation with the expressive power of temporal-logic model checking. GSTE was originally developed at Intel and has been used successfully on Intel’s next-generation microprocessors. However, the supporting algorithms and tools for GSTE are still relatively immature. GSTE specifications are given as assertion graphs, an extension of ∀-automata. This paper presents a linear-time, linear-size translation from GSTE assertion graphs into monitor circuits, which can be used with dynamic verification both as a quick “sanity check ” of the specification before effort is invested in abstraction and formal verification, and also as means to reuse GSTE specifications with other validations methods. We present experimental results using real GSTE assertion graphs for real industrial circuits, showing that the circuit construction procedure is efficient in practice and that the monitor circuits impose minimal simulation overhead. 1