Formal methods for functional verification of cache-coherent systems-on-chip

State-of-the-art System-on-Chip (SoC) architectures integrate many different components, such as processors, accelerators, memories, and I/O blocks. Some of those components, but not all, may have caches. Because the effort of validation with simulation-based techniques, currently used in industry, grows exponentially with the complexity of the SoC, this thesis investigates the use of formal verification techniques in this context. More precisely, we use the CADP toolbox to develop and validate a generic formal model of a heterogeneous cache-coherent SoC compliant with the recent AMBA 4 ACE specification proposed by ARM. We use a constraint-oriented specification style to model the general requirements of the specification. We verify system properties on both the constrained and unconstrained model to detect the cache coherency corner cases. We take advantage of the parametrization of the proposed model to produce a comprehensive set of counterexamples of non-satisfied properties in the unconstrained model. The results of formal verification are then used to improve the industrial simulation-based verification techniques in two aspects. On the one hand, we suggest using the formal model to assess the sanity of an interface verification unit. On the other hand, in order to generate clever semi-directed test cases from temporal logic properties, we propose a two-step approach. One step consists in generating system-level abstract test cases using model-based testing tools of the CADP toolbox. The other step consists in refining those tests into interface-level concrete test cases that can be executed at RTL level with a commercial Coverage-Directed Test Generation tool. We found that our approach helps in the transition between interface-level and system-level verification, facilitates the validation of system-level properties, and enables early detection of bugs in both the SoC and the commercial test-bench.Les architectures des systèmes sur puce (System-on-Chip, SoC) actuelles intègrent de nombreux composants différents tels que les processeurs, les accélérateurs, les mémoires et les blocs d'entrée/sortie, certains pouvant contenir des caches. Vu que l'effort de validation basée sur la simulation, actuellement utilisée dans l'industrie, croît de façon exponentielle avec la complexité des SoCs, nous nous intéressons à des techniques de vérification formelle. Nous utilisons la boîte à outils CADP pour développer et valider un modèle formel d'un SoC générique conforme à la spécification AMBA 4 ACE récemment proposée par ARM dans le but de mettre en œuvre la cohérence de cache au niveau système. Nous utilisons une spécification orientée contraintes pour modéliser les exigences générales de cette spécification. Les propriétés du système sont vérifié à la fois sur le modèle avec contraintes et le modèle sans contraintes pour détecter les cas intéressants pour la cohérence de cache. La paramétrisation du modèle proposé a permis de produire l'ensemble complet des contre-exemples qui ne satisfont pas une certaine propriété dans le modèle non contraint. Notre approche améliore les techniques industrielles de vérification basées sur la simulation en deux aspects. D'une part, nous suggérons l'utilisation du modèle formel pour évaluer la bonne construction d'une unité de vérification d'interface. D'autre part, dans l'objectif de générer des cas de test semi-dirigés intelligents à partir des propriétés de logique temporelle, nous proposons une approche en deux étapes. La première étape consiste à générer des cas de tests abstraits au niveau système en utilisant des outils de test basé sur modèle de la boîte à outils CADP. La seconde étape consiste à affiner ces tests en cas de tests concrets au niveau de l'interface qui peuvent être exécutés en RTL grâce aux services d'un outil commercial de génération de tests dirigés par les mesures de couverture. Nous avons constaté que notre approche participe dans la transition entre la vérification du niveau interface, classiquement pratiquée dans l'industrie du matériel, et la vérification au niveau système. Notre approche facilite aussi la validation des propriétés globales du système, et permet une détection précoce des bugs, tant dans le SoC que dans les bancs de test commerciales

Aircraft Safety and Operating Problems

Results of NASA research in the field of aircraft safety and operating problems are discussed. Topics include: (1) terminal area operations, (2) flight dynamics and control; (3) ground operations; (4) atmospheric environment; (5) structures and materials; (6) powerplants; (7) noise; and (8) human factors engineering

Proceedings of the 2018 Canadian Society for Mechanical Engineering (CSME) International Congress

Published proceedings of the 2018 Canadian Society for Mechanical Engineering (CSME) International Congress, hosted by York University, 27-30 May 2018

Assessment of emergency core cooling system effectiveness for light water nuclear power reactors

The effectiveness of Emergency Core Cooling Systems (ECCS) for light water nuclear power reactors was the subject of lengthy, controversial and technically complex hearings conducted by the AEC over the two years from 1971 through 1973. An independent, objective review and assessment of the technical issues associated with ECCS effectiveness was conducted in a study performed at the Environmental Quality Laboratory of the California Institute of Technology. The review was based upon the testimonies and supporting technical documentation of the principal participants in the hearings: the AEC, utilities, reactor manufacturers, and intervenors. From the review, the critical technical parameters influencing ECCS performance, which were at issue, are identified. Of fifteen parameters cited by the Advisory Committee on Reactor Safety in the hearings as being of unproved conservatism, essentially all are reviewed in detail, including, for example, the initial stored fuel energy, fuel rod gas gap conductance, fluid flow rates through broken pipes, metal-water reaction energy release and fuel rod embrittlement, reflood/core-spray heat transfer, and reflooding rates, as well as the adequacy of ECCS analytical models and numerical methods. ,The relative influence of uncertainties in the performance criteria associated with these parameters is assessed. Based upon the relative importance of these parameters, alternative responses to resolution of the ECCS problem are analyzed. The importance of the core reflooding rate in resolving the technical issues of the problem is emphasized. The conservatism of the proposed criteria (current and past) is reviewed. Recommendations are made for improvements in criteria conservatism, especially in the establishment of minimum reflood heat transfer rates (or alternatively, reflooding rates). Several new and/or accelerated research programs and additional large scale testing programs are also recommended. Suggestions are also made for areas in which design improvements would help to achieve greater ECCS reliability

Environmental Impact Statement for the Cassini Mission

This Final Supplemental Environmental Impact Statement (FSEIS) to the 1995 Cassini mission Environmental Impact Statement (EIS) focuses on information recently made available from updated mission safety analyses. This information is pertinent to the consequence and risk analyses of potential accidents during the launch and cruise phases of the mission that were addressed in the EIS. The type of accidents evaluated are those which could potentially result in a release of plutonium dioxide from the three Radioisotope Thermoelectric Generators (RTGS) and the up to 129 Radioisotope Heater Units (RHUS) onboard the Cassini spacecraft. The RTGs use the heat of decay of plutonium dioxide to generate electric power for the spacecraft and instruments. The RHUs, each of which contains a small amount of plutonium dioxide, provide heat for controlling the thermal environment of the spacecraft and several of its instruments. The planned Cassini mission is an international cooperative effort of the National Aeronautics and Space Administration (NASA), the European Space Agency (ESA), and the Italian Space Agency (ASI) to conduct a 4-year scientific exploration of the planet Saturn, its atmosphere, moons, rings, and magnetosphere

Abstracts on Radio Direction Finding (1899 - 1995)

The files on this record represent the various databases that originally composed the CD-ROM issue of "Abstracts on Radio Direction Finding" database, which is now part of the Dudley Knox Library's Abstracts and Selected Full Text Documents on Radio Direction Finding (1899 - 1995) Collection. (See Calhoun record https://calhoun.nps.edu/handle/10945/57364 for further information on this collection and the bibliography). Due to issues of technological obsolescence preventing current and future audiences from accessing the bibliography, DKL exported and converted into the three files on this record the various databases contained in the CD-ROM. The contents of these files are: 1) RDFA_CompleteBibliography_xls.zip [RDFA_CompleteBibliography.xls: Metadata for the complete bibliography, in Excel 97-2003 Workbook format; RDFA_Glossary.xls: Glossary of terms, in Excel 97-2003 Workbookformat; RDFA_Biographies.xls: Biographies of leading figures, in Excel 97-2003 Workbook format]; 2) RDFA_CompleteBibliography_csv.zip [RDFA_CompleteBibliography.TXT: Metadata for the complete bibliography, in CSV format; RDFA_Glossary.TXT: Glossary of terms, in CSV format; RDFA_Biographies.TXT: Biographies of leading figures, in CSV format]; 3) RDFA_CompleteBibliography.pdf: A human readable display of the bibliographic data, as a means of double-checking any possible deviations due to conversion