Presentation is loading. Please wait.

Presentation is loading. Please wait.

Enhancing PDR/IC3 with Localization Abstraction

Published byΈρως Ζέρβας Modified over 6 years ago

Similar presentations

Presentation on theme: "Enhancing PDR/IC3 with Localization Abstraction"— Presentation transcript:

1 Enhancing PDR/IC3 with Localization Abstraction
Yen-Sheng Ho Alan Mishchenko Robert Brayton Department of EECS, UC Berkeley Niklas Een Google Inc, Mountain View

2 Overview Motivation for improving verification engines
Property directed reachability engine (PDR) Inductive invariant Engine overview Adding abstraction Comparison with previous work Experiments Conclusion 2

3 Motivation Formal verification remains hard
Tools employ a portfolio of engines Engine improvement is ongoing

4 Inductive Invariant A property-directed inductive invariant is a Boolean function in terms of the flop variables that Contains the initial state(s) Is inductive assuming that is holds in one (or more) time-frames, prove that it holds in the next time-frame Does not contain “bad states” where the property fails Computing an inductive invariant is a complex task performed by engines capable of unbounded verification, such as IMC and PDR Property checking D T p State space Bad Invariant Reached Init

5 Property Directed Reachability
PDR/IC3 is a verification engine Proposed by Aaron Bradley in 2010 Is the strongest unbounded verification engine But it is not a magic bullet Why PDR does not converge Invariant cannot be expressed in two levels Invariant construction is not focused

6 PDR (In a Nutshell) PDR is a way of computing an inductive invariant
Constructs over-approximations (F0, F1, …, Fk) of states reachable after each time step as sets of CNF clauses Additionally, requires containment of sets of clauses Termination criteria If a counter-example is found, return SAT If an over-approximation is inductive, return UNSAT The algorithm constructs over-approximations In a property directed way the property is used to decide what clauses to include With an inductive flavor induction is used to prove that a clause holds in a frame

7 PDR (Illustration) T  Time frame Time frame 0 Time frame 1 Comb Logic
Primary inputs Property output Comb Logic Register outputs Register inputs Initial State States where property fails State space of time frame 0 State space of time frame 1 Initial states a1 a2 Bad Bad a3 Cubes (a1, a2, a3) are covering bad states and not including reached states. The product of their complements is a property-directed over-approximation F1 of reachable states at frame 1. T Init Init Reached

8 Localization Abstraction
Reduces a verification miter by removing irrelevant logic Helps PDR by making invariant construction more focused Questions: What logic to abstract away? How to perform abstraction inside the PDR engine? Logic included in the abstraction Localization abstraction Logic abstracted away Verification miter

9 Overview of PDR Algorithm

10 Changes to the Engine Support an “abstraction map”
Indicates what flops are currently used Modify ternary simulation to use only flops in the abstraction map If a counter-example is produced, check if it is spurious If so, perform CEGAR-based refinement Flush accumulated proof obligations when the refinement takes place

11 Previous Work Integrates PDR with abstraction on a high-level
J. Baumgartner, A. Ivrii, A. Matsliah, and H. Mony. “IC3-guided abstraction”. Proc. FMCAD’12. Relies on information about control and datapath logic S. Lee and K. A. Sakallah, “Unbounded scalable verification based on approximate property-directed reachability and datapath abstraction”. Proc. CAV’14. Uses different flavors of localization abstraction Y. Vizel, O. Grumberg, and S. Shoham. “Lazy abstraction and SAT-based reachability in hardware model checking”. Proc. FMCAD’12. K. Fan, M.-J. Yang, and C.-Y. Huang, “Automatic abstraction refinement of TR for PDR”. Proc. ASP-DAC’16.

12 Experimental Results Using 77 industrial benchmarks
Comparing 3 flavors of PDR without abstraction and with abstraction pdr vs pdr –t The default version of PDR in ABC treb vs treb –abs An improved version of PDR in ABC-ZZ pdr –nc vs pdr –nct Z. Hassan, A. R. Bradley, and F. Somenzi. “Better generalization in IC3”. Proc. FMCAD’13. Comparison criteria the number of solved instances and runtime the invariant size

13 Solved Instances and Runtime

14 Invariant Size Ratios

15 Improving “Readability” of Invariants
.e .i 21 .o 1 .p 17 .e PDR with abstraction PDR without abstraction

16 Conclusion Presented improved version of PDR with built-in localization abstraction It is relatively easy to implement It solves more instances It produces smaller and more readable invariants Future work Handle control and data-path flops differently Explore different abstraction refinement strategies Develop an improved SAT solver for PDR

17 Abstract Property Directed Reachability (aka PDR/IC3) is the strongest engine presently used in formal verification tools. Localization abstraction is a way to reduce the complexity of a verification problem by cutting away irrelevant logic. Both methods are effective when used independently or when an abstracted model is passed to PDR. This paper proposes a new method of combining them by minimally changing the PDR engine. The method differs from previous work, which requires a larger implementation effort. Experiments show that the integrated engine is, on average, stronger than the baseline and produces inductive invariants that are smaller and depend on fewer variables, making them more useful in design analysis and debugging.

Download ppt "Enhancing PDR/IC3 with Localization Abstraction"

Similar presentations

The Synthesis of Cyclic Circuits with SAT and Interpolation By John Backes and Marc Riedel ECE University of Minnesota.

The Synthesis of Cyclic Circuits with SAT and Interpolation By John Backes and Marc Riedel ECE University of Minnesota.
Efficient Implementation of Property Directed Reachability Niklas Een, Alan Mishchenko, Robert Brayton.

Efficient Implementation of Property Directed Reachability Niklas Een, Alan Mishchenko, Robert Brayton.
Aaron Bradley University of Colorado, Boulder

Aaron Bradley University of Colorado, Boulder
© Anvesh Komuravelli IC3/PDR Overview of IC3/PDR Anvesh Komuravelli Carnegie Mellon University.

© Anvesh Komuravelli IC3/PDR Overview of IC3/PDR Anvesh Komuravelli Carnegie Mellon University.
Automated Extraction of Inductive Invariants to Aid Model Checking Mike Case DES/CHESS Seminar EECS Department, UC Berkeley April 10, 2007.

Automated Extraction of Inductive Invariants to Aid Model Checking Mike Case DES/CHESS Seminar EECS Department, UC Berkeley April 10, 2007.
Enhancing and Integrating Model Checking Engines Robert Brayton Alan Mishchenko UC Berkeley June 15, 2009.

Enhancing and Integrating Model Checking Engines Robert Brayton Alan Mishchenko UC Berkeley June 15, 2009.
Incremental formal verification of hardware Hana Chockler Alexander Ivrii Arie Matsliah Shiri Moran Ziv Nevo IBM Research - Haifa.

Incremental formal verification of hardware Hana Chockler Alexander Ivrii Arie Matsliah Shiri Moran Ziv Nevo IBM Research - Haifa.
Property Directed Reachability (PDR) Using Cubes of Non-state Variables With Property Directed Reachability Using Cubes of Non-state Variables With Property.

Property Directed Reachability (PDR) Using Cubes of Non-state Variables With Property Directed Reachability Using Cubes of Non-state Variables With Property.
Cut-Based Inductive Invariant Computation Michael Case 1,2 Alan Mishchenko 1 Robert Brayton 1 Robert Brayton 1 1 UC Berkeley 2 IBM Systems and Technology.

Cut-Based Inductive Invariant Computation Michael Case 1,2 Alan Mishchenko 1 Robert Brayton 1 Robert Brayton 1 1 UC Berkeley 2 IBM Systems and Technology.
February 22-25, 2010 Designers Work Less with Quality Formal Equivalence Checking by Orly Cohen, Moran Gordon, Michael Lifshits, Alexander Nadel, and Vadim.

February 22-25, 2010 Designers Work Less with Quality Formal Equivalence Checking by Orly Cohen, Moran Gordon, Michael Lifshits, Alexander Nadel, and Vadim.
PDR: Property Directed Reachability AKA ic3: SAT-Based Model Checking Without Unrolling Aaron Bradley University of Colorado, Boulder University of Colorado,

PDR: Property Directed Reachability AKA ic3: SAT-Based Model Checking Without Unrolling Aaron Bradley University of Colorado, Boulder University of Colorado,
1 Alan Mishchenko Research Update June-September 2008.

1 Alan Mishchenko Research Update June-September 2008.
A Semi-Canonical Form for Sequential Circuits Alan Mishchenko Niklas Een Robert Brayton UC Berkeley Michael Case Pankaj Chauhan Nikhil Sharma Calypto Design.

A Semi-Canonical Form for Sequential Circuits Alan Mishchenko Niklas Een Robert Brayton UC Berkeley Michael Case Pankaj Chauhan Nikhil Sharma Calypto Design.
Enhancing Model Checking Engines for Multi-Output Problem Solving Alan Mishchenko Robert Brayton Berkeley Verification and Synthesis Research Center Department.

Enhancing Model Checking Engines for Multi-Output Problem Solving Alan Mishchenko Robert Brayton Berkeley Verification and Synthesis Research Center Department.
Variable-Time-Frame Gate-Level Abstraction Alan Mishchenko Niklas Een Robert Brayton Alan Mishchenko Niklas Een Robert Brayton UC Berkeley UC Berkeley.

Variable-Time-Frame Gate-Level Abstraction Alan Mishchenko Niklas Een Robert Brayton Alan Mishchenko Niklas Een Robert Brayton UC Berkeley UC Berkeley.
Sequential Equivalence Checking for Clock-Gated Circuits Hamid Savoj Robert Brayton Niklas Een Alan Mishchenko Department of EECS University of California,

Sequential Equivalence Checking for Clock-Gated Circuits Hamid Savoj Robert Brayton Niklas Een Alan Mishchenko Department of EECS University of California,
A Toolbox for Counter-Example Analysis and Optimization

A Toolbox for Counter-Example Analysis and Optimization
Efficient Generation of Small Interpolants in CNF (for Model Checking)

Efficient Generation of Small Interpolants in CNF (for Model Checking)
Introduction to Formal Verification

Introduction to Formal Verification
Synthesis for Verification

Synthesis for Verification

Similar presentations

Ads by Google