Properties Incompleteness Evaluation by Functional Verification IEEE TRANSACTIONS ON COMPUTERS, VOL. 56, NO. 4, APRIL 2007 1.

Slides:

Advertisements

Similar presentations

1 Verification by Model Checking. 2 Part 1 : Motivation.

Advertisements

Digital Integrated Circuits© Prentice Hall 1995 Design Methodologies Design for Test.

Masahiro Fujita Yoshihisa Kojima University of Tokyo May 2, 2008

Introduction to Formal Methods for SW and HW Development 09: SAT Based Abstraction/Refinement in Model-Checking Roberto Sebastiani Based on work and slides.

Abstraction and Modular Reasoning for the Verification of Software Corina Pasareanu NASA Ames Research Center.

Software Failure: Reasons Incorrect, missing, impossible requirements * Requirement validation. Incorrect specification * Specification verification. Faulty.

SAT and Model Checking. Bounded Model Checking (BMC) A.I. Planning problems: can we reach a desired state in k steps? Verification of safety properties:

On the Selection of Efficient Arithmetic Additive Test Pattern Generators S. Manich, L. García, L. Balado, E. Lupon, J. Rius, R. Rodriguez, J. Figueras.

Diagnostic Test Generation and Fault Simulation Algorithms for Transition Faults Yu Zhang Vishwani D. Agrawal Auburn University, Auburn, Alabama

A Diagnostic Test Generation System Yu Zhang Vishwani D. Agrawal Auburn University, Auburn, Alabama USA Nov. 3rdITC

Reduced Complexity Test Generation Algorithms for Transition Fault Diagnosis Yu Zhang Vishwani D. Agrawal Auburn University, Auburn, Alabama USA.

Abstractions. Outline Informal intuition Why do we need abstraction? What is an abstraction and what is not an abstraction A framework for abstractions.

Dec. 19, 2005ATS05: Agrawal and Doshi1 Concurrent Test Generation Auburn University, Department of Electrical and Computer Engineering Auburn, AL 36849,

Concurrent Test Generation Auburn University, Department of Electrical and Computer Engineering Auburn, AL 36849, USA Vishwani D. Agrawal Alok S. Doshi.

Aug 11, 2006Yogi/Agrawal: Spectral Functional ATPG1 Spectral Characterization of Functional Vectors for Gate-level Fault Coverage Tests Nitin Yogi and.

ECE Synthesis & Verification1 ECE 667 Spring 2011 Synthesis and Verification of Digital Systems Verification Introduction.

Dec. 29, 2005Texas Instruments (India)1 Concurrent Test Generation Auburn University, Department of Electrical and Computer Engineering Auburn, AL 36849,

An Efficient Test Data Reduction Technique Through Dynamic Pattern Mixing Across Multiple Fault Models 2011 VLSI Test Symposium S. Alampally 1, R. T. Venkatesh.

Functional Coverage Driven Test Generation for Validation of Pipelined Processors P. Mishra and N. Dutt Proceedings of the Design, Automation and Test.

1 Coverage Metrics in Formal Verification Hana Chockler Hebrew University.

Parameterizing Random Test Data According to Equivalence Classes Chris Murphy, Gail Kaiser, Marta Arias Columbia University.

Ugur Kalay, Marek Perkowski, Douglas Hall Universally Testable AND-EXOR Networks Portland State University Speaker: Alan Mishchenko.

School of Computer ScienceG53FSP Formal Specification1 Dr. Rong Qu Introduction to Formal Specification

Techniques and Algorithms for Fault Grading of FPGA Interconnect Test Configurations Mehdi Baradaran Tahoori and Subhasish Mitra IEEE Transactions on Computer-Aided.

Formal verification Marco A. Peña Universitat Politècnica de Catalunya.

Principle of Functional Verification Chapter 1~3 Presenter : Fu-Ching Yang.

By D. Beyer et. al. Simon Fraser University (Spring 09) Presentation By: Pashootan Vaezipoor.

USING SAT-BASED CRAIG INTERPOLATION TO ENLARGE CLOCK GATING FUNCTIONS Ting-Hao Lin, Chung-Yang (Ric) Huang Graduate Institute of Electrical Engineering,

Software Testing Verification and validation planning Software inspections Software Inspection vs. Testing Automated static analysis Cleanroom software.

CS527: (Advanced) Topics in Software Engineering Overview of Software Quality Assurance Tao Xie ©D. Marinov, T. Xie.

Software Faults and Fault Injection Models --Raviteja Varanasi.

On Timing- Independent False Path Identification Feng Yuan, Qiang Xu Cuhk Reliable Computing Lab, The Chinese University of Hong Kong ICCAD 2010.

Nadpis 1 Nadpis 2 Nadpis 3 Jméno Příjmení Vysoké učení technické v Brně, Fakulta informačních technologií v Brně Božetěchova 2, Brno

An Introduction to MBT  what, why and when 张坚

On Bridging Simulation and Formal Verification Eugene Goldberg Cadence Research Labs (USA) VMCAI-2008, San Francisco, USA.

Testing Theory cont. Introduction Categories of Metrics Review of several OO metrics Format of Presentation CEN 5076 Class 6 – 10/10.

1 Testing, Abstraction, Theorem Proving: Better Together! Greta Yorsh joint work with Thomas Ball and Mooly Sagiv.

Muralidharan Venkatasubramanian Vishwani D. Agrawal

B. Fernández, D. Darvas, E. Blanco Formal methods appliedto PLC code verification Automation seminar CERN – IFAC (CEA) 02/06/2014.

Framework for the Development and Testing of Dependable and Safety-Critical Systems IKTA 065/ Supported by the Information and Communication.

Semi-automatic Property Generation for the Formal Verification of a Satellite On-board System Wesley Gonçalves Silva.

1 Hybrid-Formal Coverage Convergence Dan Benua Synopsys Verification Group January 18, 2010.

©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 22 Slide 1 Software Verification, Validation and Testing.

Incremental formal verification of hardware Hana Chockler Alexander Ivrii Arie Matsliah Shiri Moran Ziv Nevo IBM Research - Haifa.

QuickCheck: A Lightweight Tool for Random Testing of Haskell Programs By Koen Claessen, Juhn Hughes ME: Mike Izbicki.

Lazy Annotation for Program Testing and Verification Speaker: Chen-Hsuan Adonis Lin Advisor: Jie-Hong Roland Jiang November 26,

ICS 216 Embedded Systems Validation and Test Instructor: Professor Ian G. Harris Department of Computer Science University of California Irvine.

1 Predicate Abstraction and Refinement for Verifying Hardware Designs Himanshu Jain Joint work with Daniel Kroening, Natasha Sharygina, Edmund M. Clarke.

Cut-Based Inductive Invariant Computation Michael Case 1,2 Alan Mishchenko 1 Robert Brayton 1 Robert Brayton 1 1 UC Berkeley 2 IBM Systems and Technology.

More on Correctness. Prime Factorization Problem: Write a program that computes all the prime factors of a given number Solution (Idea): Factors are less.

Author: Alex Groce, Daniel Kroening, and Flavio Lerda Computer Science Department, Carnegie Mellon University Pittsburgh, PA Source: R. Alur and.

- 1 -  P. Marwedel, Univ. Dortmund, Informatik 12, 05/06 Universität Dortmund Validation - Formal verification -

Verification & Validation By: Amir Masoud Gharehbaghi

HACNet Simulation-based Validation of Security Protocols Vinay Venkataraghavan Advisors: S.Nair, P.-M. Seidel HACNet Lab Computer Science and Engineering.

February 22-25, 2010 Designers Work Less with Quality Formal Equivalence Checking by Orly Cohen, Moran Gordon, Michael Lifshits, Alexander Nadel, and Vadim.

Generating High-Quality Tests for Boolean Circuits by Treating Tests as Proof Encoding Eugene Goldberg, Pete Manolios Northeastern University, USA TAP-2010,

SAFEWARE System Safety and Computers Chap18:Verification of Safety Author : Nancy G. Leveson University of Washington 1995 by Addison-Wesley Publishing.

Automated Formal Verification of PLC (Programmable Logic Controller) Programs

CIS 540 Principles of Embedded Computation Spring Instructor: Rajeev Alur

IEEE TRANSACTIONS ON COMPUTERS, VOL. 56, NO. 4, APRIL 2007 P ROPERTIES I NCOMPLETENESS E VALUATION BY F UNCTIONAL V ERIFICATION 1.

Error Explanation with Distance Metrics Authors: Alex Groce, Sagar Chaki, Daniel Kroening, and Ofer Strichman International Journal on Software Tools for.

/ PSWLAB Evidence-Based Analysis and Inferring Preconditions for Bug Detection By D. Brand, M. Buss, V. C. Sreedhar published in ICSM 2007.

FMCAD A Theory of Mutations with Applications to Vacuity, Coverage, and Fault Tolerance Orna Kupferman 1 Wenchao Li 2 Sanjit A. Seshia 2 1 Hebrew.

Testing Overview Software Reliability Techniques Testing Concepts CEN 4010 Class 24 – 11/17.

Verification vs. Validation Verification: "Are we building the product right?" The software should conform to its specification.The software should conform.

Speaker: Nansen Huang VLSI Design and Test Seminar (ELEC ) March 9, 2016 Simulation-Based Equivalence Checking.

Introduction to Machine Learning, its potential usage in network area,

Random Testing: Theoretical Results and Practical Implications IEEE TRANSACTIONS ON SOFTWARE ENGINEERING 2012 Andrea Arcuri, Member, IEEE, Muhammad.

Property Directed Reachability with Word-Level Abstraction

State Abstraction Techniques for the Verification of Reactive Circuits

Presentation transcript:

Properties Incompleteness Evaluation by Functional Verification IEEE TRANSACTIONS ON COMPUTERS, VOL. 56, NO. 4, APRIL

Outline 2  Introduction  Background  Methodology  Generation of faulty implementations  Estimation of golden model incompleteness  Incremental property coverage computation  Experimental results  Conclusion

Introduction 3 Simulation-based techniques  Lack of exhaustiveness Formal verification  Overcome the exhaustiveness problem  Properties are derived from informal design specifications.  Model checking: prove the presence of bugs, but not their absence

Verification Flow Based on Model Checking 4

Vacuum Cleaning vs. Property Coverage Evaluation 5  Vacuum cleaning  Property coverage evaluation P = { p 1, p 2, …, p n } pipi pipi p n+1

Introduction – Model Checking 6 To increase the effectiveness of model checking Vacuity detection: look for properties that hold in a model and can be strengthened without causing them to fail Property coverage: address the question of whether enough properties have been defined How many properties should be defined to completely check the implementation? Coverage metric!

Coverage Metric 7  To measure property incompleteness  State coverage  Path coverage  Transition-based coverage

Introduction – Previous Work 8 Mutation-based ACTL, LTL, and CTL State coverage  path coverage  transition-based coverage Implementation-based State explosion problem Cannot precisely reflect the completeness of properties How about use mutation coverage jointly with dynamic verification to address the quality of the model checking process?

Background 9  Kripke structure K = {S, S 0, R, L}  FSM M = {I, O, S, s 0, R}  Product machine M P = M 1 X P M 2  Retroactive network Ι ε

Methodology Overview 10

Why Properties will be incomplete? 11 Functional test plan Design Verification System specifications  Informal to formal

Methodology Overview 12

Static vs. Dynamic 13  Static method  Formal verification  Time-consuming  Great effort in terms of memory resources  Exhaustive verification response  Dynamic method  ATPG & simulation  Lack of exhaustiveness  Rapider than static method

Generation of Faulty Implementations 14  The proposed methodology is independent of the adopted fault model  Different fault models can provide different estimations of the property completeness  Functional fault model  Bit coverage  has been proved to be related to design errors  Bit coverage fault model assumptions  Bit failure: stuck-at 0 or stuck-at 1  Condition failure: stuck-at true or stuck-at false  Single fault: A faulty implementation is generated for each fault

Generation of Faulty Implementations 15  Fault model and fault coverage for ATPG  Define functional fault model  RTL level  Bit coverage  Bit failure: stuck-at 0 or stuck-at 1  Condition failure: stuck-at true or stuck-at false  Single fault: A faulty implementation is generated for each fault  Has been proved to be related to design errors

Detectable Faults 16 fifi Environment

Generation of Faulty Implementations(cont.) 17  Detectable faults

Generation of Faulty Implementations(cont.) 18  A non-optimized algorithm  If fail then f is ε -detectable  Time-consuming and very likely state explosion  In this work: an approximation of the real set of ε -detectable

Methodology Overview 19

p-detectable and P-detectable 20 fifi Environment pipi SAT pipi UNSAT P = { p 1, p 2, …, p n }

Estimation of Golden Model Incompleteness 21  P-detectable and P-det  Property coverage

Property coverage 22  C P = 1  P is complete w.r.t. a specific fault model  Non-optimized algorithm

Estimation of Golden Model Incompleteness(cont.) 23  C P = 1  formal properties are complete w.r.t. a particular fault model  Non-optimized algorithm

Witnesses and Counterexamples 24  Witnesses  Existentially quantified CTL property  Counterexamples  Universally quantified CTL property

Estimation of Golden Model Incompleteness(cont.) 25  Witnesses and counterexamples  Tools can provide witnesses and counterexamples for CTL and LTL properties  Input witness and input counterexample

Witness Coverage 26  Property coverage can be estimated by using input witnesses  From formal verification to dynamic method  Under some conditions, C P = C w

Proof of C P = C w 27  Consider the safety and liveness properties separately  Proof of theorem 5.6 (safety property):

Proof of C P = C w (cont.) 28  w p -detectable and W P -detectable

Proof of C P = C w (cont.) 29

Incremental Property Coverage Computation 30

Coverage Accuracy Comparison 31  Combining static and dynamic verification makes this methodology can deal with real industrial circuits.  The methodology presented in this paper covers faults rather than states.  Can estimate coverage more accurate (compare with previous works)

Experimental Results 32 Test vector

Inspire to IC/CAD Contest 33  Functional fault model  Estimate coverage by fault instead of properties