10 research outputs found
Synthesizing Multiple Boolean Functions using Interpolation on a Single Proof
It is often difficult to correctly implement a Boolean controller for a
complex system, especially when concurrency is involved. Yet, it may be easy to
formally specify a controller. For instance, for a pipelined processor it
suffices to state that the visible behavior of the pipelined system should be
identical to a non-pipelined reference system (Burch-Dill paradigm). We present
a novel procedure to efficiently synthesize multiple Boolean control signals
from a specification given as a quantified first-order formula (with a specific
quantifier structure). Our approach uses uninterpreted functions to abstract
details of the design. We construct an unsatisfiable SMT formula from the given
specification. Then, from just one proof of unsatisfiability, we use a variant
of Craig interpolation to compute multiple coordinated interpolants that
implement the Boolean control signals. Our method avoids iterative learning and
back-substitution of the control functions. We applied our approach to
synthesize a controller for a simple two-stage pipelined processor, and present
first experimental results.Comment: This paper originally appeared in FMCAD 2013,
http://www.cs.utexas.edu/users/hunt/FMCAD/FMCAD13/index.shtml. This version
includes an appendix that is missing in the conference versio
Synthesizing Robust Systems with RATSY
Specifications for reactive systems often consist of environment assumptions
and system guarantees. An implementation should not only be correct, but also
robust in the sense that it behaves reasonably even when the assumptions are
(temporarily) violated. We present an extension of the requirements analysis
and synthesis tool RATSY that is able to synthesize robust systems from GR(1)
specifications, i.e., system in which a finite number of safety assumption
violations is guaranteed to induce only a finite number of safety guarantee
violations. We show how the specification can be turned into a two-pair Streett
game, and how a winning strategy corresponding to a correct and robust
implementation can be computed. Finally, we provide some experimental results.Comment: In Proceedings SYNT 2012, arXiv:1207.055
LNCS
Boolean controllers for systems with complex datapaths are often very difficult to implement correctly, in particular when concurrency is involved. Yet, in many instances it is easy to formally specify correctness. For example, the specification for the controller of a pipelined processor only has to state that the pipelined processor gives the same results as a non-pipelined reference design. This makes such controllers a good target for automated synthesis. However, an efficient abstraction for the complex datapath elements is needed, as a bit-precise description is often infeasible. We present Suraq, the first controller synthesis tool which uses uninterpreted functions for the abstraction. Quantified firstorder formulas (with specific quantifier structure) serve as the specification language from which Suraq synthesizes Boolean controllers. Suraq transforms the specification into an unsatisfiable SMT formula, and uses Craig interpolation to compute its results. Using Suraq, we were able to synthesize a controller (consisting of two Boolean signals) for a five-stage pipelined DLX processor in roughly one hour and 15 minutes
RATSY – A new Requirements Analysis Tool with Synthesis ⋆
Abstract. Formal specifications play an increasingly important role in system design-flows. Yet, they are not always easy to deal with. In this paper we present RATSY, a successor of the Requirements Analysis Tool RAT. RATSY extends RAT in several ways. First, it includes a new graphical user interface to specify system properties as simple Büchi word automata. Second, it can help debug incorrect specifications by means of a game-based approach. Third, it allows correct-by-construction synthesis of systems from their temporal properties. These new features and their seamless integration assist in property-based design processes.
Synthesizing robust systems
Systems should not only be correct but also robust in the sense that they behave reasonably in unexpected situations. This article addresses synthesis of robust reactive systems from temporal specifications. Existing methods allow arbitrary behavior if assumptions in the specification are violated. To overcome this, we define two robustness notions, combine them, and show how to enforce them in synthesis. The first notion applies to safety properties: If safety assumptions are violated temporarily, we require that the system recovers to normal operation with as few errors as possible. The second notion requires that, if liveness assumptions are violated, as many guarantees as possible should be fulfilled nevertheless. We present a synthesis procedure achieving this for the important class of GR(1) specifications, and establish complexity bounds. We also present an implementation of a special case of robustness, and show experimental results
Coupon recalculation for the GPS authentication scheme
Equipping branded goods with RFID tags is an effective measure to fight the growing black market of counterfeit products. Asymmetric cryptography is the technology of choice to achieve strong authentication but suffers from its ample demand of area and power resources. The GPS authentication scheme showed that a coupon-based approach can cope with the limited resources of passive RFID tags. This article extends the idea of coupons by recalculating coupons during the idle time of tags when they are powered but do not actively communicate. This approach relaxes latency requirements and allows to implement GPS hardware using only 800 gate equivalents plus storage for 560 bytes. In the average case it has the same performance as the classical coupon-based approach but does not suffer its susceptibility to denial-of-service attacks.Anglai
Formal Analysis of a TPM-Based Secrets Distribution and Storage Scheme
Trusted computing introduces the Trusted Platform Module (TPM) as a root of trust on an otherwise untrusted computer. The TPM can be used to restrict the use of cryptographic keys to trusted states, i.e., to situations in which the computer runs trusted software. This allows for the distribution of intellectual property or secrets to a remote party with a reasonable security that such secrets will not be obtained by a malicious or compromised client. We model a specific protocol for the distribution of secrets proposed by Sevine et al. A formal analysis using the NuSMV model checker shows that the protocol allows an intruder to give the client an arbitrary secret, without the client noticing. We propose an alternative that prevents this scenario