Download presentation
Presentation is loading. Please wait.
Published byAnthony Emery Modified over 11 years ago
1
Sugar 2.0 Formal Specification Language D ana F isman 1,2 Cindy Eisner 1 1 IBM Haifa Research Laboratory 1 IBM Haifa Research Laboratory 2 Weizmann Institute of Science 2 Weizmann Institute of Science
2
D ana F isman Cindy Eisner 2 Sugar2.0 Sugar 2.0 is a formalism to reason about behavior over time Uses of Sugar: For documentation: easy to read, yet precise specification Input to formal verification tools (model checker, theorem prover) Input to simulation tools (source of automatically generated monitors )
3
D ana F isman Cindy Eisner 3 Goals (in designing the language) easy easy to learn, read and write mathematically precise rigorously well defined formal syntax and semantics expressive sufficiently expressive permitting the specification of a large class of real world design properties algorithms known efficient underlying algorithms in simulation in model checking (with reasonable complexity)
4
D ana F isman Cindy Eisner 4 History 1994 Syntactic sugaring of CTL for RuleBase model checker 1995 Addition of regular expressions 1997 Automatic generation of simulation monitors 2001 Move to linear (LTL-based) semantics 2002 Selected by Accellera for IEEE standardization Sugar 1.0 Sugar 2.0
5
D ana F isman Cindy Eisner 5 Track Record Track Record ( Sugar 1.0) IBM products: Main Frame line (S/390) Mid-range line (AS/400) Workstation line (RS/6000) PC line (Netfinity) Super Computers (ASCI) ASIC/OEM business External licensees University program
6
D ana F isman Cindy Eisner 6 Structure of Sugar Boolean layer states Used to reason about states of the design Temporal layer behaviortime Used to reason about behavior of the design over time Modeling layer auxiliary Used to model auxiliary state variables and state machines Verification layer Directives Directives to the verification tool:
7
D ana F isman Cindy Eisner 7 Structure of Sugar Boolean layer states Used to reason about states of the design Temporal layer behaviortime Used to reason about behavior of the design over time Modeling layer auxiliary Used to model auxiliary state variables and state machines Verification layer Directives Directives to the verification tool: Sugar comes in three flavors: Verilog/VHDL/EDL
8
D ana F isman Cindy Eisner 8 The Temporal Layer Boolean Expressions expressions evaluated over a single state Sugar Extended Regular Expressions (SERE) expressions evaluated over a bounded sequence of states Sugar Foundation Language expressions evaluated over finite or infinite sequence of states Optional Branching Extension (OBE) expression evaluated over infinite trees of states (relevant for formal verification only) s s1s1 s2s2 s3s3 s4s4 s1s1 s2s2 s3s3 s4s4 … s5s5 s6s6 s7s7
9
D ana F isman Cindy Eisner 9 The Temporal Layer Boolean Expressions Sugar Extended Regular Expressions (SERE) expressions evaluated over a bounded sequence of states Sugar Foundation Language expressions evaluated over finite or infinite sequence of states Optional Branching Extension (OBE) expression evaluated over infinite trees of states (relevant for formal verification only) s s1s1 s2s2 s3s3 s4s4 s1s1 s2s2 s3s3 s4s4 … s5s5 s6s6 s7s7
10
D ana F isman Cindy Eisner 10 The Temporal Layer Boolean Expressions Sugar Extended Regular Expressions (SERE) expressions evaluated over a bounded sequence of states Sugar Foundation Language expressions evaluated over finite or infinite sequence of states Optional Branching Extension (OBE) expression evaluated over infinite trees of states (relevant for formal verification only) s s1s1 s2s2 s3s3 s4s4 s1s1 s2s2 s3s3 s4s4 … s5s5 s6s6 s7s7
11
D ana F isman Cindy Eisner 11 The Temporal Layer Boolean Expressions Sugar Extended Regular Expressions (SERE) expressions evaluated over a bounded sequence of states Sugar Foundation Language expressions evaluated over finite or infinite sequence of states Optional Branching Extension (OBE) expression evaluated over infinite trees of states (relevant for formal verification only) s s1s1 s2s2 s3s3 s4s4 s1s1 s2s2 s3s3 s4s4 … s5s5 s6s6 s7s7 … … … … …
12
D ana F isman Cindy Eisner 12 The Temporal Layer Boolean Expressions Sugar Extended Regular Expressions (SERE) Sugar Foundation Language Optional Branching Extension (OBE) s s1s1 s2s2 s3s3 s4s4 s1s1 s2s2 s3s3 s4s4 … s5s5 s6s6 s7s7 … … … … … Building Blocks (atoms) Properties
13
D ana F isman Cindy Eisner 13 The Temporal Layer Boolean Expressions Sugar Extended Regular Expressions (SERE) Sugar Foundation Language atoms are Booleans Temporal formulas where the atoms are Booleans atoms are SEREs Temporal formulas where the atoms are SEREs atoms are Booleans and/or SEREs Temporal formulas where the atoms are Booleans and/or SEREs Optional Branching Extension (OBE) Building Blocks (atoms) Properties
14
D ana F isman Cindy Eisner 14 SEREs – Example1 A SERE describes a set of sequences of states (which we represent using timing diagrams) This diagram is described by the SERE
15
D ana F isman Cindy Eisner 15 SEREs – Example1 This diagram is also described by the SERE
16
D ana F isman Cindy Eisner 16 SEREs – Example1 expressions evaluated over a bounded sequence of states expressions evaluated over a bounded sequence of states If we want to describe only this diagram we have to change the SERE
17
D ana F isman Cindy Eisner 17 2SEREs – Example expressions evaluated over a bounded sequence of states expressions evaluated over a bounded sequence of states
18
D ana F isman Cindy Eisner 18 2SEREs – Example expressions evaluated over a bounded sequence of states expressions evaluated over a bounded sequence of states signal holds 4 times
19
D ana F isman Cindy Eisner 19 3SEREs – Example expressions evaluated over a bounded sequence of states expressions evaluated over a bounded sequence of states signal holds any number of times between 3 to 5 signal holds any number of times
20
D ana F isman Cindy Eisner 20 Examples Until now we saw examples for SEREs, which are not properties on their own, but rather building blocks of properties We will now see examples of properties composed from the SERE building blocks
21
D ana F isman Cindy Eisner 21 Examples – Properties suffix implication The suffix implication operator if starting now if the path starting now matches then continuation then its continuation should match
22
D ana F isman Cindy Eisner 22 Properties – Example1 if then But the property makes a requirement only for that holds at the very first cycle Add to the beginning of the first SERE
23
D ana F isman Cindy Eisner 23 Properties – Example1 Now the property makes a requirement for every no matter the cycles where it holds Note that the requirement is made for more than one (the first) if then
24
D ana F isman Cindy Eisner 24 Properties – Example1 if then if then Overlapping is also possible!
25
D ana F isman Cindy Eisner 25 Properties – Example1 if then if then
26
D ana F isman Cindy Eisner 26 Properties – Example2 if then But what if data does not hold in contiguous cycles? Use instead of
27
D ana F isman Cindy Eisner 27 Properties – Example2 if then 1 2 3 45 6 7 8 But what if the signals are only sampled when holds? Apply to the entire property
28
D ana F isman Cindy Eisner 28 Properties – Example2 if then Now the property is evaluated only on the cycles where the holds
29
D ana F isman Cindy Eisner 29 Properties – Example2 if then
30
D ana F isman Cindy Eisner 30 13 Properties – Example2 if then 2
31
D ana F isman Cindy Eisner 31 Expressiveness Theory At least as expressive as LTL CTL regular expressionsPractice All properties suggested by FVTC of Accellera are concisely and intuitively expressible in Sugar
32
D ana F isman Cindy Eisner 32 Implementation Sugar has a core of operators which determine its expressive power Other operators are syntactic sugaring (abbreviations) of the core operators A tool needs to implement Only the core operators Macro expansion of the syntactic sugaring operators
33
D ana F isman Cindy Eisner 33 Implementation (of the core) SugarLTL CTLstate machines Any Sugar property can be reduced to an LTL or CTL property using auxiliary state machines. CTLLTL CTL and LTL have known model checking algorithms. on-the-fly simple transformation rules state machine For simulation we consider the subset that can be verified on-the-fly. For this subset there are simple transformation rules that transform the formula to a state machine describing all possible counter examples.
34
D ana F isman Cindy Eisner 34 Sugar Home Page More information available on the sugar home page at: Complete definition Tutorial Sugar parser Formal syntax and semantics More … www.haifa.il.ibm.com/projects/verification/sugar/index.html
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.