Transaction Based Modeling and Verification of Hardware Protocols Xiaofang Chen, Steven M. German and Ganesh Gopalakrishnan Supported in part by Intel.

Slides:

Advertisements

Similar presentations

The Quest for Correctness Joseph Sifakis VERIMAG Laboratory 2nd Sogeti Testing Academy April 29th 2009.

Advertisements

Functional Decompositions for Hardware Verification With a few speculations on formal methods for embedded systems Ken McMillan.

Implementation and Verification of a Cache Coherence protocol using Spin Steven Farago.

Tintu David Joy. Agenda Motivation Better Verification Through Symmetry-basic idea Structural Symmetry and Multiprocessor Systems Mur ϕ verification system.

Promising Directions in Hardware Design Verification Shaz Qadeer Serdar Tasiran Compaq Systems Research Center.

Multi-core systems System Architecture COMP25212 Daniel Goodman Advanced Processor Technologies Group.

Hierarchical Cache Coherence Protocol Verification One Level at a Time through Assume Guarantee Xiaofang Chen, Yu Yang, Michael Delisi, Ganesh Gopalakrishnan.

Department of Computer Sciences Revisiting the Complexity of Hardware Cache Coherence and Some Implications Rakesh Komuravelli Sarita Adve, Ching-Tsun.

Using Formal Specifications to Monitor and Guide Simulation: Verifying the Cache Coherence Engine of the Alpha Microprocessor Serdar Tasiran Systems.

Cache Optimization Summary

Transaction Based Modeling and Verification of Hardware Protocols Xiaofang Chen, Steven M. German and Ganesh Gopalakrishnan Supported in part by SRC Contract.

Ensuring Robustness via Early- Stage Formal Verification Multicore Power Management: Anita Lungu *, Pradip Bose **, Daniel Sorin *, Steven German **, Geert.

6/14/991 Symbolic verification of systems with state machines David L. Dill Jeffrey Su Jens Skakkebaek Computer System Laboratory Stanford University.

Background information Formal verification methods based on theorem proving techniques and modelchecking –to prove the absence of errors (in the formal.

Using a Formal Specification and a Model Checker to Monitor and Guide Simulation Verifying the Multiprocessing Hardware of the Alpha Microprocessor.

May 11, ACL2 Panel: What is the Future of Theorem Proving? Arvind Computer Science & Artificial Intelligence Laboratory.

1 Scaling Formal Methods toward Hierarchical Protocols in Shared Memory Processors: Annual Review Presentation – April 2007 Presenters: Ganesh Gopalakrishnan.

Design For Verification Synopsys Inc, April 2003.

Scaling Formal Methods Toward Hierarchical Protocols in Shared Memory Processors Presenters: Ganesh Gopalakrishnan and Xiaofang Chen School of Computing,

1 A Compositional Approach to Verifying Hierarchical Cache Coherence Protocols Xiaofang Chen 1 Yu Yang 1 Ganesh Gopalakrishnan 1 Ching-Tsun Chou 2 1 University.

A High Performance Application Representation for Reconfigurable Systems Wenrui GongGang WangRyan Kastner Department of Electrical and Computer Engineering.

Verification of Hierarchical Cache Coherence Protocols for Future Processors Student: Xiaofang Chen Advisor: Ganesh Gopalakrishnan.

Modular Verification of Multithreaded Software Shaz Qadeer Compaq Systems Research Center Shaz Qadeer Compaq Systems Research Center Joint work with Cormac.

Transaction Ordering Verification using Trace Inclusion Refinement Mike Jones 11 January 2000.

1 Scaling Formal Methods Toward Hierarchical Protocols in Shared Memory Processors Joint work with Xiaofang Chen (PhD student) Ching-Tsun Chou (Intel Corporation,

Software Engineering, COMP201 Slide 1 Protocol Engineering Protocol Specification using CFSM model Lecture 30.

Transaction Ordering Verification using Trace Inclusion Refinement Mike Jones 11 January 2000.

Fundamentals of Simulation-Based Verification 1.Structure of a Testbench - stimulus, checkers, etc. 2.Observation and Assertions - automatic checking of.

Scaling Formal Methods Toward Hierarchical Protocols in Shared Memory Processors Presenters: Ganesh Gopalakrishnan and Xiaofang Chen School of Computing,

Utah Verifier Group Research Overview Robert Palmer.

Operational Semantics Semantics with Applications Chapter 2 H. Nielson and F. Nielson

Word Level Predicate Abstraction and Refinement for Verifying RTL Verilog Himanshu Jain Daniel Kroening Natasha Sharygina Edmund Clarke Carnegie Mellon.

Counterexample Guided Invariant Discovery for Parameterized Cache Coherence Verification Sudhindra Pandav Konrad Slind Ganesh Gopalakrishnan.

1 Formal Engineering of Reliable Software LASER 2004 school Tutorial, Lecture1 Natasha Sharygina Carnegie Mellon University.

1 Reducing Verification Complexity of a Multicore Coherence Protocol Using Assume/Guarantee Xiaofang Chen 1, Yu Yang 1, Ganesh Gopalakrishnan 1, Ching-Tsun.

Transaction Based Modeling and Verification of Hardware Protocols Xiaofang Chen, Steven M. German and Ganesh Gopalakrishnan Supported in part by SRC Contract.

Slide 0 FMCAD 2004 A Simple Method for Parameterized Verification of Cache Coherence Protocols Ching-Tsun Chou Phanindra K. Mannava Seungjoon Park Microprocessor.

Formal verification Marco A. Peña Universitat Politècnica de Catalunya.

Formal Verification of SpecC Programs using Predicate Abstraction Himanshu Jain Daniel Kroening Edmund Clarke Carnegie Mellon University.

Memory Consistency Models Some material borrowed from Sarita Adve’s (UIUC) tutorial on memory consistency models.

Advances in Language Design

Using Mathematica for modeling, simulation and property checking of hardware systems Ghiath AL SAMMANE VDS group : Verification & Modeling of Digital systems.

Automatic Abstraction Refinement for GSTE Yan Chen, Yujing He, and Fei Xie Portland State University Jin Yang Intel Nov 13, 2007.

A Simple Method for Extracting Models from Protocol Code David Lie, Andy Chou, Dawson Engler and David Dill Computer Systems Laboratory Stanford University.

Extreme Makeover for EDA Industry

1 Automatic Refinement and Vacuity Detection for Symbolic Trajectory Evaluation Orna Grumberg Technion Haifa, Israel Joint work with Rachel Tzoref.

TEMPLATE DESIGN © Hardware Design, Synthesis, and Verification of a Multicore Communication API Ben Meakin, Ganesh Gopalakrishnan.

An Ontological Framework for Web Service Processes By Claus Pahl and Ronan Barrett.

CIS 540 Principles of Embedded Computation Spring Instructor: Rajeev Alur

SPECULATIVE EXECUTION IN A DISTRIBUTED FILE SYSTEM E. B. Nightingale P. M. Chen J. Flint University of Michigan.

Memory Consistency Models. Outline Review of multi-threaded program execution on uniprocessor Need for memory consistency models Sequential consistency.

1 Predicate Abstraction and Refinement for Verifying Hardware Designs Himanshu Jain Joint work with Daniel Kroening, Natasha Sharygina, Edmund M. Clarke.

ICFEM 2002, Shanghai Reasoning about Hardware and Software Memory Models Abhik Roychoudhury School of Computing National University of Singapore.

Theory-Aided Model Checking of Concurrent Transition Systems Guy Katz, Clark Barrett, David Harel New York University Weizmann Institute of Science.

Formal Verification. Background Information Formal verification methods based on theorem proving techniques and modelchecking –To prove the absence of.

Parosh Aziz Abdulla 1, Mohamed Faouzi Atig 1, Zeinab Ganjei 2, Ahmed Rezine 2 and Yunyun Zhu 1 1. Uppsala University, Sweden 2. Linköping University, Sweden.

Specifying Multithreaded Java semantics for Program Verification Abhik Roychoudhury National University of Singapore (Joint work with Tulika Mitra)

SystemC Semantics by Actors and Reduction Techniques in Model Checking Marjan Sirjani Formal Methods Lab, ECE Dept. University of Tehran, Iran MoCC 2008.

Gauss Students’ Views on Multicore Processors Group members: Yu Yang (presenter), Xiaofang Chen, Subodh Sharma, Sarvani Vakkalanka, Anh Vo, Michael DeLisi,

Operational Semantics Mooly Sagiv Tel Aviv University Sunday Scrieber 8 Monday Schrieber.

Complexity Relief Techniques for Model Checking METU, Aug SOFTWARE VERIFICATION WORKSHOP Hüsnü Yenigün Sabanci University Informatics Institute,

Xiaofang Chen1 Yu Yang1 Ganesh Gopalakrishnan1 Ching-Tsun Chou2

Opeoluwa Matthews, Jesse Bingham, Daniel Sorin

Synthesis from scenarios and requirements

Yogesh Mahajan, Sharad Malik Princeton University

Logical architecture refinement

Property Directed Reachability with Word-Level Abstraction

Formal Verification of Partial Good Self-Test Fencing Structures

Coherent caches Adapted from a lecture by Ian Watson, University of Machester.

Program correctness Model-checking CTL

Presentation transcript:

Transaction Based Modeling and Verification of Hardware Protocols Xiaofang Chen, Steven M. German and Ganesh Gopalakrishnan Supported in part by Intel SRC Customization Award 2005-TJ-1318

2 Modeling and Verification of HW Protocols  High-level modeling –Model checking –Murphi, TLA+  Low-level: RTL or VHDL –Simulation –SixthSense, RuleBase

3 Problem Addressed  Global properties cannot be verified at RTL level  Specifications can be verified; but do they correctly represent the implementations  Our goal – Bridge the gap between specifications and implementations

4 Modeling home client buf local cache One step in high-level Multiple steps in low-level

5 Differences in Execution We introduce “transactions” for the mapping Interleaving in HL Concurrency in LL

6 Hardware Murphi  Murphi extension by S. German and G. Janssen  A concurrent shared variable language –On each cycle Multiple transitions execute concurrently Exclusive write to a variable Shared reads to variables Write immediately visible within the same transition Write visible to other transitions on the next cycle  Support signals, transactions, etc

7 A Few Notations  Variables in both spec and impl – Interface variables: V I – Transactional variables: V H  Variable v inactive at a state s –If all transactions that can write to v are not active at s

8 Formal Notion of Refinement  For every concurrent execution of impl, exists an interleaving execution of spec that variables – V I always match – V H match for inactive(l i ) … l0l0 l1l1 l2l2 … h0h0 h1h1 h2h2 h3h3 LL HL l3l3

9 Refinement Check Hardware Murphi Impl model Product model in Hardware Murphi Product model in VHDL Murphi Spec model Property check Muv Check high-level correctly implements low-level

10 Property Check in Refinement Spec( s ) s Spec( s ’) 1-transition 1-transaction: multi concurrent transitions s’ Guard for spec transition must hold s: reachable state where the commit transition of transaction is enabled Observable vars changed by spec or impl must match

11 Model Checking Approaches  Monolithic –Straightforward property check  Compositional –Divide and conquer

12 Compositional Refinement Check  Reduce the verification complexity  Basic Techniques –Abstraction Removing details to make verification easier –Assume guarantee A simple form of induction which introduces assumptions and justifies them

13 Abstraction  View design as concurrent processes  Perform simplifications –Change a read to access a fresh input variable, or –If in a process, two steps are executed 1 st step writes to a variable 2 nd step read it then no need to consider other sources of the read Change to free inputs

14 Assume Guarantee Reasoning  Assume certain values for any read of a variable  Guarantee certain values for all writes to the variable  Example –In the beginning of a transaction Assume spec and impl have same values on joint variables to be read –At the end of the transaction Guarantee spec and impl have same values on joint variables being written

15 Driving Benchmark Buf Remote DirCache Mem Router Buf Local Home Remote DirCache Mem S. German and G. Janssen, IBM Research Tech Report 2006 Local Home

16 Bugs Found with Refinement Check  Benchmark satisfies cache coherence already  Bugs still found –Bug 1: router unit loses messages –Bug 2: home unit replies twice for one request –Bug 3: cache unit gets updated twice from one reply  Refinement check is an automatic way of constructing checks

17 Experimental Results Verification Time 1-bit 10-bit 1-day Datapath Thanks: SixthSense, VHDL compiler and RuleBase groups  Configurations –2 nodes, 2 addresses, SixthSense “xpt” engine 30 min Monolithic approach Compositional approach

18 Conclusion  Introduced transactions to map spec and impl  Developed formal theory of refinement check  Developed compositional approach –Abstraction –Assume guarantee  Encouraging experimental results

19 Related Work  Arvind et. al. –Bluespec  Park and Dill –Aggregation of distributed actions  McMillan –Compositional approach

20 Thanks! “ Transaction based modeling and verification of hardware protocols”, To be appeared in FMCAD 2007