Results 1  10
of
20
Symbolic model checking for sequential circuit verification
 IEEE TRANSACTIONS ON COMPUTERAIDED DESIGN OF INTEGRATED CIRCUITS AND SYSTEMS
, 1994
"... The temporal logic model checking algorithm of Clarke, Emerson, and Sistla [17] is modified to represent state graphs using binary decision diagrams (BDD’s) [7] and partitioned trunsirion relations [lo], 1111. Because this representation captures some of the regularity in the state space of circuit ..."
Abstract

Cited by 222 (10 self)
 Add to MetaCart
The temporal logic model checking algorithm of Clarke, Emerson, and Sistla [17] is modified to represent state graphs using binary decision diagrams (BDD’s) [7] and partitioned trunsirion relations [lo], 1111. Because this representation captures some of the regularity in the state space of circuits with data path logic, we are able to verify circuits with an extremely large number of states. We demonstrate this new technique on a synchronous pipelined design with approximately 5 x 10^120 states. Our model checking algorithm handles full CTL with fairness constraints. Consequently, we are able to express a number of important liveness and fairness properties, which would otherwise not be expressible in CTL. We give empirical results on the performance of the algorithm applied to both synchronous and asynchronous circuits with data path logic.
Verification Tools for FiniteState Concurrent Systems
"... Temporal logic model checking is an automatic technique for verifying finitestate concurrent systems. Specifications are expressed in a propositional temporal logic, and the concurrent system is modeled as a statetransition graph. An efficient search procedure is used to determine whether or not t ..."
Abstract

Cited by 118 (3 self)
 Add to MetaCart
Temporal logic model checking is an automatic technique for verifying finitestate concurrent systems. Specifications are expressed in a propositional temporal logic, and the concurrent system is modeled as a statetransition graph. An efficient search procedure is used to determine whether or not the statetransition graph satisfies the specification. When the technique was first developed ten years ago, it was only possible to handle concurrent systems with a few thousand states. In the last few years, however, the size of the concurrent systems that can be handled has increased dramatically. By representing transition relations and sets of states implicitly using binary decision diagrams, it is now possible to check concurrent systems with more than 10 120 states. In this paper we describe in detail how the new implementation works and
The Constructive Semantics of Pure Esterel
, 1996
"... Esterel [8, 10, 3, 4] is an imperative synchronous parallel programming lan guage dedicated to reactive systems [17]. Esterel is tailored for programming hardware or software synchronous controllers for which the controlhandling aspects are predominant. Esterel programs are inputdriven: they wait ..."
Abstract

Cited by 90 (2 self)
 Add to MetaCart
Esterel [8, 10, 3, 4] is an imperative synchronous parallel programming lan guage dedicated to reactive systems [17]. Esterel is tailored for programming hardware or software synchronous controllers for which the controlhandling aspects are predominant. Esterel programs are inputdriven: they wait for inputs and compute corresponding outputs in a cyclebased way. An in putoutput computation is called a reaction...
A Hardware Implementation of Pure Esterel
 ACADEMY PROCEEDINGS IN ENGINEERING SCIENCES, INDIAN ACADEMY OF SCIENCES, SADHANA
, 1991
"... Esterel is a synchronous concurrent programming language dedicated to reactive systems (controllers, protocols, manmachine interfaces, etc.). Esterel has an efficient standard software implementation based on welldefined mathematical semantics. We present a new hardware implementation of the pure ..."
Abstract

Cited by 58 (3 self)
 Add to MetaCart
Esterel is a synchronous concurrent programming language dedicated to reactive systems (controllers, protocols, manmachine interfaces, etc.). Esterel has an efficient standard software implementation based on welldefined mathematical semantics. We present a new hardware implementation of the pure synchronization subset of the language. Each program generates a specific circuit that responds to any input in one clock cycle. When the source program satisfies some statically checkable dynamic properties, the circuit is shown to be semantically equivalent to the source program. The hardware translation has been effectively implemented on the programmable active memory Perle0 developed by J. Vuillemin and his group at Digital Equipment.
An industrially effective environment for formal hardware verification
 IEEE Transactions on ComputerAided Design of Integrated Circuits and Systems
, 2005
"... This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author’s copyrig ..."
Abstract

Cited by 32 (5 self)
 Add to MetaCart
This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author’s copyright. In most cases, these works may not be reposted without the explicit permission of the copyright holder.
Symbolic Computation of the Valid States of a Sequential Machine: Algorithms and Discussion
 In International workshop on formal methods for correct VLSI design
, 1991
"... Computing the valid states of a sequential machine is a problem that appears in several verification and synthesis processes. The computation of the image of a vectorial function is the main operation required to solve this problem. The aim of this paper is to show how the image computation can ..."
Abstract

Cited by 15 (0 self)
 Add to MetaCart
Computing the valid states of a sequential machine is a problem that appears in several verification and synthesis processes. The computation of the image of a vectorial function is the main operation required to solve this problem. The aim of this paper is to show how the image computation can be symbolically performed, and to discuss the complexities and behaviors of several approaches. We propose a parametric algorithm that performs the image computation. Several instances of this algorithm can be obtained according to the results and the heuristics we give to analyze and to improve the computation. Two instances of this algorithm will be compared on practical examples. 1 Introduction The valid states of a sequential machine are needed in several verification and synthesis problems: comparing uncompletely defined Mealy machines [7, 8, 12, 13, 16], finding minimal differentiating input sequences, automatic test pattern generation [7], minimal reset sequences generation [1...
Scalable exploration of functional dependency by interpolation and incremental SAT solving
, 2006
"... Functional dependency is concerned with rewriting a Boolean function f as a function h over a set of base functions {g 1, …, g n}, i.e. f = h(g1, …, gn). It plays an important role in many aspects of electronics design automation (EDA), ranging from logic synthesis to formal verification. Prior appr ..."
Abstract

Cited by 15 (5 self)
 Add to MetaCart
Functional dependency is concerned with rewriting a Boolean function f as a function h over a set of base functions {g 1, …, g n}, i.e. f = h(g1, …, gn). It plays an important role in many aspects of electronics design automation (EDA), ranging from logic synthesis to formal verification. Prior approaches to the exploration of functional dependency are based on binary decision diagrams (BDDs), which may not be easily scalable to large designs. This paper proposes a novel reformulation that extensively exploits the capability of modern satisfiability (SAT) solvers. Thereby, functional dependency is detected effectively through incremental SAT solving and the dependency function h, if exists, is obtained through Craig interpolation. The main strengths of the proposed approach include: (1) fast detection of functional dependency with small memory consumption and thus scalable to large designs, (2) a full capacity to handle a large set of base functions and thus discovering dependency whenever exists, and (3) potential application to largescale logic optimization with different design constraints. Experimental results show the proposed method is far superior to prior work and scales well in dealing with the largest ISCAS89 and ITC99 benchmark circuits with up to 200K gates.
Exact High Level WCET Analysis of Synchronous Programs by Symbolic State Space Exploration
 In Design, Automation and Test in Europe
, 2003
"... In this paper, a novel approach to highlevel (i.e. architecture independent) worst case execution time (WCET) analysis is presented that automatically computes exact bounds for all inputs. To this end, we make use of the distinction between micro and macro steps as usually done by synchronous langu ..."
Abstract

Cited by 15 (5 self)
 Add to MetaCart
In this paper, a novel approach to highlevel (i.e. architecture independent) worst case execution time (WCET) analysis is presented that automatically computes exact bounds for all inputs. To this end, we make use of the distinction between micro and macro steps as usually done by synchronous languages. As macro steps must not contain loops, a later lowlevel WCET analysis (architecture dependent) is simplified to a large extent.
Multilevel Synthesis for Safe Replaceability
 in Proc. Intl. Conf. on ComputerAided Design
, 1994
"... We describe the condition that a sequential digital design is a safe replacement for an existing design without making any assumptions about a known initial state of the design or about its environment. We formulate a safe replacement condition which guarantees that if an original design is replaced ..."
Abstract

Cited by 14 (4 self)
 Add to MetaCart
We describe the condition that a sequential digital design is a safe replacement for an existing design without making any assumptions about a known initial state of the design or about its environment. We formulate a safe replacement condition which guarantees that if an original design is replaced by a new design, the interacting environment cannot detect the change by observing the inputoutput behavior of the new design; conversely, if a replacement design does not satisfy our condition an environment can potentially detect the replacement (in this sense the replacement is potentially unsafe). Our condition allows simplification of the state transition diagram of an original design. We use the safe replacement condition to derive a sequential resynthesis method for area reduction of gatelevel designs. We have implemented our resynthesis algorithm and we report experimental results. 1