Results 1  10
of
18
An industrially effective environment for formal hardware verification
 IEEE Transactions on ComputerAided Design of Integrated Circuits and Systems
, 2005
"... This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author’s copyrig ..."
Abstract

Cited by 33 (5 self)
 Add to MetaCart
This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author’s copyright. In most cases, these works may not be reposted without the explicit permission of the copyright holder.
Formal Hardware Verification By Symbolic Trajectory Evaluation
, 1997
"... Formal verification uses a set of languages, tools, and techniques to mathematically reason about the correctness of a hardware system. The form of mathematical reasoning is dependent upon the hardware system. This thesis concentrates on hardware systems that have a simple deterministic highlevel s ..."
Abstract

Cited by 19 (1 self)
 Add to MetaCart
Formal verification uses a set of languages, tools, and techniques to mathematically reason about the correctness of a hardware system. The form of mathematical reasoning is dependent upon the hardware system. This thesis concentrates on hardware systems that have a simple deterministic highlevel specification but have implementations that exhibit highly nondeterministic behaviors. A typical example of such hardware systems are processors. At the high level, the sequencing model inherent in processors is the sequential execution model. The underlying implementation, however, uses features such as nondeterministic interface protocols, instruction pipelines, and multiple instruction issue which leads to nondeterministic behaviors. The goal is to develop a methodology with which a designer can show that a circuit fulfills the abstract specification of the desired system behavior. The abstract specification describes the highlevel behavior of the system independent of any timing or implem...
Virtual Symmetry Reduction
 In Logic in Computer Science (LICS
, 2000
"... We provide a general method for ameliorating state explosion via symmetry reduction in certain asymmetric systems, such as systems with many similar, but not identical, processes. The method applies to systems whose structures (i.e., state transition graphs) have more state symmetries than arc sy ..."
Abstract

Cited by 18 (3 self)
 Add to MetaCart
We provide a general method for ameliorating state explosion via symmetry reduction in certain asymmetric systems, such as systems with many similar, but not identical, processes. The method applies to systems whose structures (i.e., state transition graphs) have more state symmetries than arc symmetries. We introduce a new notion of "virtual symmetry" that strictly subsumes earlier notions of "rough symmetry" and "near symmetry" [ET99]. Virtual symmetry is the most general condition under which the structure of a system is naturally bisimilar to its quotient by a group of state symmetries.
Collection of HighLevel Microprocessor Bugs from Formal Verification of Pipelined and Superscalar Designs
, 2003
"... The paper presents a collection of 93 different bugs, detected in formal verification of 65 student designs that include: 1) singleissue pipelined DLX processors; 2) extensions with exceptions and branch prediction; and 3) dualissue superscalar implementations. The processors were described in a hi ..."
Abstract

Cited by 17 (4 self)
 Add to MetaCart
The paper presents a collection of 93 different bugs, detected in formal verification of 65 student designs that include: 1) singleissue pipelined DLX processors; 2) extensions with exceptions and branch prediction; and 3) dualissue superscalar implementations. The processors were described in a highlevel HDL, and were formally verified with an automatic tool flow. The bugs are analyzed and classified, and can be used in research on microprocessor testing.
Efficient Modeling of Memory Arrays in Symbolic Simulation
, 1997
"... . This paper enables symbolic simulation of systems with large embedded memories. Each memory array is replaced with a behavioral model, where the number of symbolic variables used to characterize the initial state of the memory is proportional to the number of memory accesses. The memory state is r ..."
Abstract

Cited by 11 (2 self)
 Add to MetaCart
. This paper enables symbolic simulation of systems with large embedded memories. Each memory array is replaced with a behavioral model, where the number of symbolic variables used to characterize the initial state of the memory is proportional to the number of memory accesses. The memory state is represented by a list containing entries of the form ác, a, dñ, where c is a Boolean expression denoting the set of conditions for which the entry is defined, a is an address expression denoting a memory location, and d is a data expression denoting the contents of this location. Address and data expressions are represented as vectors of Boolean expressions. The list interacts with the rest of the circuit by means of a software interface developed as part of the symbolic simulation engine. The interface monitors the control lines of the memory array and translates read and write conditions into accesses to the list. This memory model was also incorporated into the Symbolic Trajectory Evaluat...
Structural Symmetries and Model Checking
, 1998
"... We present a fully automatic framework for identifying symmetries in structural descriptions of digital circuits and CTL* formulas and using them in a model checker. We show how the set of subformulas of a formula can be partitioned into equivalence classes so that truth values for only one subfor ..."
Abstract

Cited by 10 (0 self)
 Add to MetaCart
We present a fully automatic framework for identifying symmetries in structural descriptions of digital circuits and CTL* formulas and using them in a model checker. We show how the set of subformulas of a formula can be partitioned into equivalence classes so that truth values for only one subformula in any class need be evaluated for model checking. We unify and extend the theories developed by Clarke et al [CEFJ96] and Emerson and Sistla [ES96] for symmetries in Kripke structures. We formalize the notion of structural symmetries in netlist descriptions of digital circuits and CTL* formulas. We show how they relate to symmetries in the corresponding Kripke structures. We also show how such symmetries can automatically be extracted by constructing a suitable directed labeled graph and computing its automorphism group. We present a novel fast algorithm for solving the graph automorphism problem for directed labeled graphs.
On the symmetry reduction method for Petri nets and similar formalisms
, 2003
"... The symmetry reduction method is a technique for alleviating the combinatorial explosion problem arising in the state space analysis of concurrent systems. This thesis studies various issues involved in the method. The focus is on systems modeled with Petri nets and similar formalisms, such as the ..."
Abstract

Cited by 9 (1 self)
 Add to MetaCart
The symmetry reduction method is a technique for alleviating the combinatorial explosion problem arising in the state space analysis of concurrent systems. This thesis studies various issues involved in the method. The focus is on systems modeled with Petri nets and similar formalisms, such as the Murϕ description language. For place/transition nets, the computational complexity of the subtasks involved in the method is established. The problems of finding the symmetries of a net, comparing whether two markings are equivalent under the symmetries, producing canonical representatives for markings, and deciding whether a marking symmetrically covers another are classified to wellknown complexity classes. New algorithms for the central task of producing canonical representatives for markings are presented. The algorithms apply and combine techniques from computational group theory and from the algorithms
Symmetry detection for large boolean functions using circuit representation, simulation and satisfiability
 in DAC
, 2006
"... Classical twovariable symmetries play an important role in many EDA applications, ranging from logic synthesis to formal verification. This paper proposes a complete circuitbased method that makes uses of structural analysis, integrated simulation and Boolean satisfiability for fast and scalable d ..."
Abstract

Cited by 8 (2 self)
 Add to MetaCart
Classical twovariable symmetries play an important role in many EDA applications, ranging from logic synthesis to formal verification. This paper proposes a complete circuitbased method that makes uses of structural analysis, integrated simulation and Boolean satisfiability for fast and scalable detection of classical symmetries of completelyspecified Boolean functions. This is in contrast to previous incomplete circuitbased methods and complete BDDbased methods. Experimental results demonstrate that the proposed method works for large Boolean functions, for which BDDs cannot be constructed.
Efficient Modeling of Memory Arrays in Symbolic Ternary Simulation
, 1998
"... . This paper enables symbolic ternary simulation of systems with large embedded memories. Each memory array is replaced with a behavioral model, where the number of symbolic variables used to characterize the initial state of the memory is proportional to the number of distinct symbolic memory locat ..."
Abstract

Cited by 6 (4 self)
 Add to MetaCart
. This paper enables symbolic ternary simulation of systems with large embedded memories. Each memory array is replaced with a behavioral model, where the number of symbolic variables used to characterize the initial state of the memory is proportional to the number of distinct symbolic memory locations accessed. The behavioral model provides a conservative approximation of the replaced memory array, while allowing the address and control inputs of the memory to accept symbolic ternary values. Memory state is represented by a list of entries encoding the sequence of updates of symbolic addresses with symbolic data. The list interacts with the rest of the circuit by means of a software interface developed as part of the symbolic simulation engine. This memory model was incorporated into our verification tool based on Symbolic Trajectory Evaluation. Experimental results show that the new model significantly outperforms the transistor level memory model when verifying a simple pipelined d...
Incorporating Timing Constraints in the Efficient Memory Model for Symbolic Ternary Simulation
 3 International Conference on Computer Design (ICCD ’98
, 1998
"... This paper introduces the four timing constraints of setup time, hold time, minimum delay, and maximum delay in the Efficient Memory Model (EMM). The EMM is a behavioral model, where the number of symbolic variables used to characterize the initial state of the memory is proportional to the number o ..."
Abstract

Cited by 5 (4 self)
 Add to MetaCart
This paper introduces the four timing constraints of setup time, hold time, minimum delay, and maximum delay in the Efficient Memory Model (EMM). The EMM is a behavioral model, where the number of symbolic variables used to characterize the initial state of the memory is proportional to the number of distinct symbolic memory locations accessed. The behavioral model provides a conservative approximation of the replaced memory array, while allowing the address and control inputs of the memory to accept symbolic ternary values. If a circuit has been formally verified with the behavioral model, the system is guaranteed to function correctly with any memory implementation whose timing parameters are bounded by the ones used in the verification. 1.