Results 1  10
of
20
Lazy Satisfiability Modulo Theories
 JOURNAL ON SATISFIABILITY, BOOLEAN MODELING AND COMPUTATION 3 (2007) 141Â224
, 2007
"... Satisfiability Modulo Theories (SMT) is the problem of deciding the satisfiability of a firstorder formula with respect to some decidable firstorder theory T (SMT (T)). These problems are typically not handled adequately by standard automated theorem provers. SMT is being recognized as increasingl ..."
Abstract

Cited by 181 (47 self)
 Add to MetaCart
Satisfiability Modulo Theories (SMT) is the problem of deciding the satisfiability of a firstorder formula with respect to some decidable firstorder theory T (SMT (T)). These problems are typically not handled adequately by standard automated theorem provers. SMT is being recognized as increasingly important due to its applications in many domains in different communities, in particular in formal verification. An amount of papers with novel and very efficient techniques for SMT has been published in the last years, and some very efficient SMT tools are now available. Typical SMT (T) problems require testing the satisfiability of formulas which are Boolean combinations of atomic propositions and atomic expressions in T, so that heavy Boolean reasoning must be efficiently combined with expressive theoryspecific reasoning. The dominating approach to SMT (T), called lazy approach, is based on the integration of a SAT solver and of a decision procedure able to handle sets of atomic constraints in T (Tsolver), handling respectively the Boolean and the theoryspecific components of reasoning. Unfortunately, neither the problem of building an efficient SMT solver, nor even that
Convergence Testing in TermLevel Bounded Model Checking
, 2003
"... We consider the problem of bounded model checking of systems expressed in a decidable fragment of firstorder logic. While model checking is not guaranteed to terminate for an arbitrary system, it converges for many practical examples, including pipelined processors. We give a new formal definition ..."
Abstract

Cited by 12 (2 self)
 Add to MetaCart
(Show Context)
We consider the problem of bounded model checking of systems expressed in a decidable fragment of firstorder logic. While model checking is not guaranteed to terminate for an arbitrary system, it converges for many practical examples, including pipelined processors. We give a new formal definition of convergence that generalizes previously stated criteria. We also give a sound semidecision procedure to check this criterion based on a translation to quantified separation logic. Preliminary results on simple pipeline processor models are presented.
Adaptive Eager Boolean Encoding for Arithmetic Reasoning in Verification
, 2005
"... senting the official policies, either expressed or implied, of any sponsoring institution, the U.S. Government, or any other entity. ..."
Abstract

Cited by 9 (1 self)
 Add to MetaCart
senting the official policies, either expressed or implied, of any sponsoring institution, the U.S. Government, or any other entity.
TLSim and EVC: a termlevel symbolic simulator and an efficient decision procedure for the logic of equality with uninterpreted functions and memories
 Int. J. Embedded Systems
, 2005
"... ..."
TermLevel Verification of a Pipelined CISC Microprocessor
, 2005
"... By abstracting the details of the data representations and operations in a microprocessor, termlevel verification can formally prove that a pipelined microprocessor faithfully implements its sequential, instructionset architecture specification. Previous efforts in this area have focused on reduce ..."
Abstract

Cited by 5 (2 self)
 Add to MetaCart
By abstracting the details of the data representations and operations in a microprocessor, termlevel verification can formally prove that a pipelined microprocessor faithfully implements its sequential, instructionset architecture specification. Previous efforts in this area have focused on reduced instruction set computer (RISC) and verylarge instruction word (VLIW) processors. This work reports
Learning Conditional Abstractions
"... Abstract—Abstraction is central to formal verification. In termlevel abstraction, the design is abstracted using a fragment of firstorder logic with background theories, such as the theory of uninterpreted functions with equality. The main challenge in using termlevel abstraction is determining w ..."
Abstract

Cited by 5 (4 self)
 Add to MetaCart
(Show Context)
Abstract—Abstraction is central to formal verification. In termlevel abstraction, the design is abstracted using a fragment of firstorder logic with background theories, such as the theory of uninterpreted functions with equality. The main challenge in using termlevel abstraction is determining what components to abstract and under what conditions. In this paper, we present an automatic technique to conditionally abstract register transfer level (RTL) hardware designs to the term level. Our approach is a layered approach that combines random simulation and machine learning inside a counterexample guided abstraction refinement (CEGAR) loop. First, random simulation is used to determine modules that are candidates for abstraction. Next, machine learning is used on the resulting simulation traces to generate candidate conditions under which those modules can be abstracted. Finally, a verifier is invoked. If spurious counterexamples arise, we refine the abstraction by performing a further iteration of random simulation and machine learning. We present an experimental evaluation on processor designs. I.
ATLAS: Automatic TermLevel Abstraction of RTL Designs
, 2010
"... Abstraction plays a central role in formal verification. Termlevel abstraction is a technique for abstracting wordlevel terms, functional blocks with uninterpreted functions, and memories with a suitable theory of memories. A major challenge for any abstraction technique is to determine what comp ..."
Abstract

Cited by 4 (4 self)
 Add to MetaCart
(Show Context)
Abstraction plays a central role in formal verification. Termlevel abstraction is a technique for abstracting wordlevel terms, functional blocks with uninterpreted functions, and memories with a suitable theory of memories. A major challenge for any abstraction technique is to determine what components can be safely abstracted. We present an automatic technique for termlevel abstraction of hardware designs, in the context of equivalence and refinement checking problems. Our approach is hybrid, involving a combination of random simulation and static analysis. We use random simulation to identify functional blocks that are suitable for abstraction with uninterpreted functions. Static analysis is then used to compute conditions under which such function abstraction is performed. The generated termlevel abstractions are verified using techniques based on Boolean satisfiability (SAT) and satisfiability modulo theories (SMT). We demonstrate our approach for verifying processor designs, interface logic, and lowpower designs. We present experimental evidence that our approach is efficient and that the resulting termlevel models are easier to verify even when the abstracted designs generate larger SAT problems.
Abstracting RTL Designs to the Term Level
, 2008
"... Termlevel verification is a formal technique that seeks to verify RTL hardware descriptions by abstracting away details of data representations and operations. The key to making termlevel verification automatic and efficient is in deciding what to abstract. We investigate this question in this pap ..."
Abstract

Cited by 3 (3 self)
 Add to MetaCart
(Show Context)
Termlevel verification is a formal technique that seeks to verify RTL hardware descriptions by abstracting away details of data representations and operations. The key to making termlevel verification automatic and efficient is in deciding what to abstract. We investigate this question in this paper and propose a solution based on the use of type qualifiers. First, we demonstrate through case studies that only selective termlevel abstraction can be very effective in reducing the runtime of formal tools while still retaining precision of analysis. Second, the termlevel abstraction process can be guided using lightweight type qualifiers. We present an annotation language and type inference scheme that is applied to the formal verification of the Verilog implementation of a chip multiprocessor router. Experimental results indicate typebased selective termlevel abstraction is effective at scaling up verification with minimal designer guidance. 1
Unbounded System Verification Using Decision Procedures and Predicate Abstraction
, 2004
"... Designs of hardware and software systems have grown in complexity to meet the demand for improved performance. The complexity of the design often manifests itself in the form of subtle and intricate design flaws and bugs. The cost of these errors can be prohibitive and often dictates the lifetime of ..."
Abstract

Cited by 3 (2 self)
 Add to MetaCart
Designs of hardware and software systems have grown in complexity to meet the demand for improved performance. The complexity of the design often manifests itself in the form of subtle and intricate design flaws and bugs. The cost of these errors can be prohibitive and often dictates the lifetime of a product. Most design teams allocate a substantial amount of their resources in testing and verifying a product. Traditional simulation based testing or verification methods, which exercise the design on a small set of concrete inputs, often fall short of detecting most bugs in a system. Besides, these methods are suitable for finding bugs but cannot guarantee the absence of a bug in the design or the model. Formal verification based methods can ensure that a property holds for all the possible states of the system. Model checking is an approach that has been successful in verifying systems of commercial complexity or in detecting bugs that are hard to find using traditional simulation. The approach is based on systematically traversing the state space of a system and checking a property at each state. However, model checking can’t be directly applied to systems that have very large or unbounded state space. Examples of such systems include microprocessors with large buffer sizes and memories, parameterized cachecoherence and communication protocols and distributed mutual exclusion algorithms. Most previous works have either used general purpose theorem provers with considerable manual guidance or techniques specific to a particular class of systems that often exclude realistic systems discussed above. The lack of automation or the restrictions on the systems that can