PRESENTER: PCLee 2011.12.14. System-on-chip (SoC) designs use bus protocols for high performance data transfer among the Intellectual Property (IP) cores.

Slides:

Advertisements

Similar presentations

1 Verification by Model Checking. 2 Part 1 : Motivation.

Advertisements

1 IP-Based System-on-Chip Design 2002 IP Reuse Hardening via Embedded Sugar Assertions Erich Marschner 1, Bernard Deadman 2, Grant Martin 1 1 Cadence Design.

Copyright 2000 Cadence Design Systems. Permission is granted to reproduce without modification. Introduction An overview of formal methods for hardware.

Implementation and Verification of a Cache Coherence protocol using Spin Steven Farago.

1 Dynamic Interconnection Networks Buses CEG 4131 Computer Architecture III Miodrag Bolic.

DATE 2003, Munich, Germany Formal Verification of a System-on-Chip Bus Protocol Abhik Roychoudhury Tulika Mitra S.R. Karri National University of Singapore.

Bus Specification Embedded Systems Design and Implementation Witawas Srisa-an.

Evaluation of On-Chip Interconnect Architectures for Multi-Core DSP Students : Haim Assor, Horesh Ben Shitrit 2. Shared Bus 3. Fabric 4. Network on Chip.

3D Graphics Content Over OCP Martti Venell Sr. Verification Engineer Bitboys.

Presenter : Cheng-Ta Wu Kenichiro Anjo, Member, IEEE, Atsushi Okamura, and Masato Motomura IEEE JOURNAL OF SOLID-STATE CIRCUITS, VOL. 39,NO. 5, MAY 2004.

M ODEL CHECKING -Vasvi Kakkad University of Sydney.

Algorithmic Software Verification VII. Computation tree logic and bisimulations.

Introducing Formal Methods, Module 1, Version 1.1, Oct., Formal Specification and Analytical Verification L 5.

1 Model checking. 2 And now... the system How do we model a reactive system with an automaton ? It is convenient to model systems with Transition systems.

Automatic Verification Book: Chapter 6. What is verification? Traditionally, verification means proof of correctness automatic: model checking deductive:

An Introduction to the Model Verifier verds Wenhui Zhang September 15 th, 2010.

Computer Science & Engineering

PROTOCOL VERIFICATION & PROTOCOL VALIDATION. Protocol Verification Communication Protocols should be checked for correctness, robustness and performance,

Presenter: PCLee VLSI Design, Automatic and Test, (VLSI-TSA-DAT).

Presenter : Ching-Hua Huang 2014/4/14 A Configurable Bus-Tracer for Error Reproduction in Post-Silicon Validation Shing-Yu Chen ; Ming-Yi Hsiao ; Wen-Ben.

6/14/991 Symbolic verification of systems with state machines David L. Dill Jeffrey Su Jens Skakkebaek Computer System Laboratory Stanford University.

SOC Design Lecture 6 HREQ and HGRANT. Kyungoh Park & Youpyo Hong, DGU Multi Master & Single Slave(MM & SS) Multiple masters cannot access the same slave.

Reporter:PCLee With a significant increase in the design complexity of cores and associated communication among them, post-silicon validation.

Module 20 Troubleshooting Common SQL Server 2008 R2 Administrative Issues.

1 Formal Methods in SE Qaisar Javaid Assistant Professor Lecture 05.

1 Spin Model Checker Samaneh Navabpour Electrical and Computer Engineering Department University of Waterloo SE-464 Summer 2011.

Automated creation of verification models for C-programs Yury Yusupov Saint-Petersburg State Polytechnic University The Second Spring Young Researchers.

Teaching MC to Undergrads. Abhik Roychoudhury National University of Singapore.

CIS 540 Principles of Embedded Computation Spring Instructor: Rajeev Alur

Feng-Xiang Huang A Low-Cost SOC Debug Platform Based on On-Chip Test Architectures.

Model Checking. Used in studying behaviors of reactive systems Typically involves three steps: Create a finite state model (FSM) of the system design.

1 Assertion Based Verification 2 The Design and Verification Gap  The number of transistors on a chip increases approximately 58% per year, according.

Lecture 4&5: Model Checking: A quick introduction Professor Aditya Ghose Director, Decision Systems Lab School of IT and Computer Science University of.

An Automatic AMBA Wrapper Generation Tool for Embedded Cores Laboratory for Reliable Computing (LaRC) Electrical Engineering Department National Tsing.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 7: Planning a DNS Strategy.

School of Computer ScienceG53FSP Formal Specification1 Dr. Rong Qu Introduction to Formal Specification

Formal verification Marco A. Peña Universitat Politècnica de Catalunya.

COMP3221 lec31-mem-bus-II.1 Saeid Nooshabadi COMP 3221 Microprocessors and Embedded Systems Lectures 32: Memory and Bus Organisation - II

Presenter : Cheng-Ta Wu Vijay D’silva, S. Ramesh Indian Institute of Technology Bombay Arcot Sowmya University of New South Wales, Sydney.

Verification technique on SA applications using Incremental Model Checking 컴퓨터학과 신영주.

Cheng/Dillon-Software Engineering: Formal Methods Model Checking.

Digital System Bus A bus in a digital system is a collection of (usually unbroken) signal lines that carry module-to-module communications. The signals.

Reporter: PCLee. Assertions in silicon help post-silicon debug by providing observability of internal properties within a system which are.

Chapter 1 What is Programming? Lecture Slides to Accompany An Introduction to Computer Science Using Java (2nd Edition) by S.N. Kamin, D. Mickunas, E.

B. Fernández, D. Darvas, E. Blanco Formal methods appliedto PLC code verification Automation seminar CERN – IFAC (CEA) 02/06/2014.

CS6133 Software Specification and Verification

Sept COMP60611 Fundamentals of Parallel and Distributed Systems Lecture 15 More Advanced Program Properties: Temporal logic and jSpin John Gurd,

Introduction to Formal Verification using Rulebase April 18, 2001 Rebecca Gott eServer I/O Development Hardware Verification

I2C Master Core Simulation Environment. I2C Master Core Requirements Coverage (*) Requirement I2C IP RS-906: The I2C IP shall define the period of time,

Fault-Tolerant Parallel and Distributed Computing for Software Engineering Undergraduates Ali Ebnenasir and Jean Mayo {aebnenas, Department.

CIS 842: Specification and Verification of Reactive Systems Lecture 1: Course Overview Copyright 2001, Matt Dwyer, John Hatcliff, and Radu Iosif. The.

SOC Consortium Course Material On Chip Bus National Taiwan University Adopted from National Taiwan University SOC Course Material.

- 1 -  P. Marwedel, Univ. Dortmund, Informatik 12, 05/06 Universität Dortmund Validation - Formal verification -

CIS 842: Specification and Verification of Reactive Systems Lecture INTRO-Examples: Simple BIR-Lite Examples Copyright 2004, Matt Dwyer, John Hatcliff,

HACNet Simulation-based Validation of Security Protocols Vinay Venkataraghavan Advisors: S.Nair, P.-M. Seidel HACNet Lab Computer Science and Engineering.

Spring 2007W. Rhett DavisNC State UniversityECE 747Slide 1 ECE 747 Digital Signal Processing Architecture SoC Lecture – Working with Buses & Interconnects.

Agenda  Quick Review  Finish Introduction  Java Threads.

Aditya Dayal M. Tech, VLSI Design ITM University, Gwalior.

Presented By Aditya Dayal ITM University, Gwalior.

Formal methods: Lecture

CIS 842: Specification and Verification of Reactive Systems

Program Synthesis is a Game

Yogesh Mahajan, Sharad Malik Princeton University

Gabor Madl Ph.D. Candidate, UC Irvine Advisor: Nikil Dutt

Formal Performance Evaluation of AMBA-based System-on-Chip Designs

CodePeer Update Arnaud Charlet CodePeer Update Arnaud Charlet

CodePeer Update Arnaud Charlet CodePeer Update Arnaud Charlet

SOC Design Lecture 4 Bus and AMBA Introduction.

Operating System Introduction.

COMP60621 Designing for Parallelism

Presentation transcript:

PRESENTER: PCLee

System-on-chip (SoC) designs use bus protocols for high performance data transfer among the Intellectual Property (IP) cores. These protocols incorporate advanced features such as pipelining, burst and split transfers. In this paper, we describe a case study in formally verifying a widely used SoC bus protocol: the Advanced Micro-controller Bus Architecture (AMBA) protocol from ARM. In particular, we develop a formal specification of the AMBA protocol. We then employ model checking, a state space exploration based formal verification technique, to verify crucial design invariants. The presence of pipelining and split transfer in the AMBA protocol gives rise to interesting corner cases, which are hard to detect via informal reasoning. Using the SMV model checker, we have detected a potential bus starvation scenario in the AMBA protocol. Such scenarios demonstrate the inherent intricacies in designing pipelined bus protocols.

This paper [1,4,8] formal specification and verification of PCI [11, 12] moniror-based verification

Whats the problem Interaction specified informally before Correctness of protocol is hard to describe Some bugs cannot be found. (deadlock, starvation…pipeline problem)

AHB BUS IP1 … IP2 MODEL CHECKING (check if model satisfies specification) MODEL CHECKING (check if model satisfies specification) Formal specification (property of design must to satisfy by CTL…) Formal specification (property of design must to satisfy by CTL…) design model Analyze result Error design False negative of system specification automatic manual

Advantage: State space explosion Verify concurrent finite state system automatically. Disadvantage: Restriction on finite state system(controller, communication protocol..)

Pipeline and waiting cycle Split and retry response

Design model Multiple masters Multiple slaves Arbiter Decoder Default master Default slave Using Computation Tree Logic(CTL) to specify property AG(HBUSREQ m AF HGRANT m ) means HGRANT will eventually high if HBUSREQ has been raise. Experiment environment: 2 masters and 1 slave Linux version of Cadence SMV in a Pentium IV 1.3 GHz

AG(HBUSREQm AF HGRANTm) is a crucial design invariant of non-starvation. Starvation situation: Slave never informs the arbiter that it is now able to service master. Even after slave has informed its ability to service master, the arbiter ignores the bus request from master forever. Reason: Implementation error! Unfair arbitration policy!

Using fair and slave_live to prove AG(HBUSREQm maskm AF HGRANTm) If slave split the transaction, arbiter must mask the request of master. If the arbiter doesnt mask master and the master has bus request, HGRANT of this master must be high eventaully. AG(splitm AF HSPLITm) The slave must recover from split state if it had split transaction before.

Arbiter mask m2. But it is split for m1

Formal verification can find many corner case and more automatic. Starvation scenario would be hard to detect without automated formal verification.

Model checking may makes debug more quickly. Formal verification has other method today. It verify system by using algorithm.

Goal: Run standalone verification on RVDS Problem: RVDS cant load image file of CICs test program CIC said that wrong version of ads. I write a simple program. RVDS can load it. Next: continue to discuss with CIC.