176 research outputs found
Instruction-Level Abstraction (ILA): A Uniform Specification for System-on-Chip (SoC) Verification
Modern Systems-on-Chip (SoC) designs are increasingly heterogeneous and
contain specialized semi-programmable accelerators in addition to programmable
processors. In contrast to the pre-accelerator era, when the ISA played an
important role in verification by enabling a clean separation of concerns
between software and hardware, verification of these "accelerator-rich" SoCs
presents new challenges. From the perspective of hardware designers, there is a
lack of a common framework for the formal functional specification of
accelerator behavior. From the perspective of software developers, there exists
no unified framework for reasoning about software/hardware interactions of
programs that interact with accelerators. This paper addresses these challenges
by providing a formal specification and high-level abstraction for accelerator
functional behavior. It formalizes the concept of an Instruction Level
Abstraction (ILA), developed informally in our previous work, and shows its
application in modeling and verification of accelerators. This formal ILA
extends the familiar notion of instructions to accelerators and provides a
uniform, modular, and hierarchical abstraction for modeling software-visible
behavior of both accelerators and programmable processors. We demonstrate the
applicability of the ILA through several case studies of accelerators (for
image processing, machine learning, and cryptography), and a general-purpose
processor (RISC-V). We show how the ILA model facilitates equivalence checking
between two ILAs, and between an ILA and its hardware finite-state machine
(FSM) implementation. Further, this equivalence checking supports accelerator
upgrades using the notion of ILA compatibility, similar to processor upgrades
using ISA compatibility.Comment: 24 pages, 3 figures, 3 table
An Approach Combining Simulation and Verification for SysML using SystemC and Uppaal
International audienceEnsuring the correction of heterogeneous and complex systems is an essential stage in the process of engineering systems.In this paper we propose a methodology to verify and validate complex systems specified with SysML language using a combination of the two techniques of simulation and verification. We translate SysML specifications into SystemC models to validate the designed systems by simulation, then we propose to verify the derived SystemC models by using the Uppaal model checker. A case study is presented to demonstrate the effectiveness of our approach
Modeling Algorithms in SystemC and ACL2
We describe the formal language MASC, based on a subset of SystemC and
intended for modeling algorithms to be implemented in hardware. By means of a
special-purpose parser, an algorithm coded in SystemC is converted to a MASC
model for the purpose of documentation, which in turn is translated to ACL2 for
formal verification. The parser also generates a SystemC variant that is
suitable as input to a high-level synthesis tool. As an illustration of this
methodology, we describe a proof of correctness of a simple 32-bit radix-4
multiplier.Comment: In Proceedings ACL2 2014, arXiv:1406.123
Verifying SystemC using stateful symbolic simulation
Formal verification of high-level SystemC designs is an im-portant and challenging problem. Recent works have pro-posed symbolic simulation in combination with Partial Or-der Reduction (POR) as a promising solution and experi-mentally demonstrated its potential. However, these sym-bolic simulation approaches have a fundamental limitation in handling cyclic state spaces. The reason is that they are based on stateless model checking and thus unable to avoid revisiting states in a cycle. In this paper, we propose a novel stateful symbolic simulation approach for SystemC. For the efficient detection of revisited symbolic states, we apply sym-bolic subsumption checking. Furthermore, our implementa-tion integrates a cycle proviso to preserve the soundness of POR in the presence of cycles. We demonstrate the scala-bility and the efficiency of the proposed approach using an extensive set of experiments. 1
IEEE/NASA Workshop on Leveraging Applications of Formal Methods, Verification, and Validation
This volume contains the Preliminary Proceedings of the 2005 IEEE ISoLA Workshop on Leveraging Applications of Formal Methods, Verification, and Validation, with a special track on the theme of Formal Methods in Human and Robotic Space Exploration. The workshop was held on 23-24 September 2005 at the Loyola College Graduate Center, Columbia, MD, USA. The idea behind the Workshop arose from the experience and feedback of ISoLA 2004, the 1st International Symposium on Leveraging Applications of Formal Methods held in Paphos (Cyprus) last October-November. ISoLA 2004 served the need of providing a forum for developers, users, and researchers to discuss issues related to the adoption and use of rigorous tools and methods for the specification, analysis, verification, certification, construction, test, and maintenance of systems from the point of view of their different application domains
Verification of interlocking systems using statistical model checking
In the railway domain, an interlocking is the system ensuring safe train
traffic inside a station by controlling its active elements such as the signals
or points. Modern interlockings are configured using particular data, called
application data, reflecting the track layout and defining the actions that the
interlocking can take. The safety of the train traffic relies thereby on
application data correctness, errors inside them can cause safety issues such
as derailments or collisions. Given the high level of safety required by such a
system, its verification is a critical concern. In addition to the safety, an
interlocking must also ensure that availability properties, stating that no
train would be stopped forever in a station, are satisfied. Most of the
research dealing with this verification relies on model checking. However, due
to the state space explosion problem, this approach does not scale for large
stations. More recently, a discrete event simulation approach limiting the
verification to a set of likely scenarios, was proposed. The simulation enables
the verification of larger stations, but with no proof that all the interesting
scenarios are covered by the simulation. In this paper, we apply an
intermediate statistical model checking approach, offering both the advantages
of model checking and simulation. Even if exhaustiveness is not obtained,
statistical model checking evaluates with a parametrizable confidence the
reliability and the availability of the entire system.Comment: 12 pages, 3 figures, 2 table
RTL2RTL Formal Equivalence: Boosting the Design Confidence
Increasing design complexity driven by feature and performance requirements
and the Time to Market (TTM) constraints force a faster design and validation
closure. This in turn enforces novel ways of identifying and debugging
behavioral inconsistencies early in the design cycle. Addition of incremental
features and timing fixes may alter the legacy design behavior and would
inadvertently result in undesirable bugs. The most common method of verifying
the correctness of the changed design is to run a dynamic regression test suite
before and after the intended changes and compare the results, a method which
is not exhaustive. Modern Formal Verification (FV) techniques involving new
methods of proving Sequential Hardware Equivalence enabled a new set of
solutions for the given problem, with complete coverage guarantee. Formal
Equivalence can be applied for proving functional integrity after design
changes resulting from a wide variety of reasons, ranging from simple pipeline
optimizations to complex logic redistributions. We present here our experience
of successfully applying the RTL to RTL (RTL2RTL) Formal Verification across a
wide spectrum of problems on a Graphics design. The RTL2RTL FV enabled checking
the design sanity in a very short time, thus enabling faster and safer design
churn. The techniques presented in this paper are applicable to any complex
hardware design.Comment: In Proceedings FSFMA 2014, arXiv:1407.195
Hardware Acceleration Using Functional Languages
Cílem této práce je prozkoumat možnosti využití funkcionálního paradigmatu pro hardwarovou akceleraci, konkrétně pro datově paralelní úlohy. Úroveň abstrakce tradičních jazyků pro popis hardwaru, jako VHDL a Verilog, přestáví stačit. Pro popis na algoritmické či behaviorální úrovni se rozmáhají jazyky původně navržené pro vývoj softwaru a modelování, jako C/C++, SystemC nebo MATLAB. Funkcionální jazyky se s těmi imperativními nemůžou měřit v rozšířenosti a oblíbenosti mezi programátory, přesto je předčí v mnoha vlastnostech, např. ve verifikovatelnosti, schopnosti zachytit inherentní paralelismus a v kompaktnosti kódu. Pro akceleraci datově paralelních výpočtů se často používají jednotky FPGA, grafické karty (GPU) a vícejádrové procesory. Praktická část této práce rozšiřuje existující knihovnu Accelerate pro počítání na grafických kartách o výstup do VHDL. Accelerate je možno chápat jako doménově specifický jazyk vestavěný do Haskellu s backendem pro prostředí NVIDIA CUDA. Rozšíření pro vysokoúrovňovou syntézu obvodů ve VHDL představené v této práci používá stejný jazyk a frontend.The aim of this thesis is to research how the functional paradigm can be used for hardware acceleration with an emphasis on data-parallel tasks. The level of abstraction of the traditional hardware description languages, such as VHDL or Verilog, is becoming to low. High-level languages from the domains of software development and modeling, such as C/C++, SystemC or MATLAB, are experiencing a boom for hardware description on the algorithmic or behavioral level. Functional Languages are not so commonly used, but they outperform imperative languages in verification, the ability to capture inherent paralellism and the compactness of code. Data-parallel task are often accelerated on FPGAs, GPUs and multicore processors. In this thesis, we use a library for general-purpose GPU programs called Accelerate and extend it to produce VHDL. Accelerate is a domain-specific language embedded into Haskell with a backend for the NVIDIA CUDA platform. We use the language and its frontend, and create a new backend for high-level synthesis of circuits in VHDL.
Using ACL2 to Verify Loop Pipelining in Behavioral Synthesis
Behavioral synthesis involves compiling an Electronic System-Level (ESL)
design into its Register-Transfer Level (RTL) implementation. Loop pipelining
is one of the most critical and complex transformations employed in behavioral
synthesis. Certifying the loop pipelining algorithm is challenging because
there is a huge semantic gap between the input sequential design and the output
pipelined implementation making it infeasible to verify their equivalence with
automated sequential equivalence checking techniques. We discuss our ongoing
effort using ACL2 to certify loop pipelining transformation. The completion of
the proof is work in progress. However, some of the insights developed so far
may already be of value to the ACL2 community. In particular, we discuss the
key invariant we formalized, which is very different from that used in most
pipeline proofs. We discuss the needs for this invariant, its formalization in
ACL2, and our envisioned proof using the invariant. We also discuss some
trade-offs, challenges, and insights developed in course of the project.Comment: In Proceedings ACL2 2014, arXiv:1406.123
- …