Presentation is loading. Please wait.

Presentation is loading. Please wait.

A Framework on Synchronization Verification in System-Level Design Thanyapat Sakunkonchak Satoshi Komatsu Masahiro Fujita Fujita Laboratory University.

Published byShavonne Gilbert Modified over 9 years ago

Similar presentations

Presentation on theme: "A Framework on Synchronization Verification in System-Level Design Thanyapat Sakunkonchak Satoshi Komatsu Masahiro Fujita Fujita Laboratory University."— Presentation transcript:

1 A Framework on Synchronization Verification in System-Level Design Thanyapat Sakunkonchak Satoshi Komatsu Masahiro Fujita Fujita Laboratory University of Tokyo

2 Contents Introduction System-level design VS Verification Counterexample-guided abstraction refinement (CEGAR) Why synchronization verification? Verification flow Preliminary experimental results Summary & Future direction

3 System-Level Design & Verification Recover as many bugs as possible in the earlier stages is necessary Verification in system-level design  Bugs fix time Cost due to the delay/late time-to-market Revenue loss System-Level RTL Layout System synthesis High-level synthesis Logic synthesis Layout synthesis 30 minutes delay Modify source & re-compile 3 days delay Modify RTL & re-synthesis 3 weeks delay Re-layout

4 Basic Idea To increase productivity and fast prototype Apply formal verification at system-level Counter-Example Guided Abstraction Refinement (CEGAR) paradigm Apply abstraction to the design Verify the abstracted design Property hold Property does not hold + abstract counter-example Abstraction refinement: validate the abstract counter- example Valid: the real counter-example is given Invalid: refine abstraction

5 Formal Verification with Abstraction Refinement (CEGAR) Model checker Design Property + abstract counterexample The abstract design’s size is enough to be handled Abstract Design Check abstract counterexample Refine + real counterexample Widely used verification philosophy: Counter-Example Guided Abstraction Refinement (CEGAR)

6 Contents Introduction System-level design VS Verification Counterexample-guided abstraction refinement (CEGAR) Why synchronization verification? Verification flow Preliminary experimental results Summary & Future direction

7 Why synchronization verification? Usually the abstracted design is still too large There are many parallel processes in system-level design To operate properly, those parallel processes must be properly synchronized Targeting only synchronization verification, the problem size can be significantly reduced

8 void A() { } void B() { } void main() { A(); B(); C(); } void C() { } Concurrency: Par Statement in SpecC AAB C LanguageSpecC Language BC void A() { } void B() { } void main() { par{ A.main(); B.main(); } C.main(); } void C() { } C

9 Synchronization in SpecC Add notify/wait of event e for sync. ‘ wait ’ will stop process until it is ‘ notify ’ AB void A() { } void B() { } void main() { par { A.main(); B.main(); } notify e1; wait e2; wait e1; notify e2; wait e1 Process B stops and wait until e1 is notified notify e1 B resumes wait e2 Process A stops and wait until e2 is notified notify e2 A resumes

10 Synchronization in SpecC (cont.) These equations can be solved with Integer Linear Programming Solver Tas=Tbs, Tae=Tbe Tas<=T1s<T1e<=T2s<T2e<=Tas Tbs<=T3s<T3e<=Tbe T2e<=T3s

11 Contents Introduction System-level design VS Verification Counterexample-guided abstraction refinement (CEGAR) Why synchronization verification? Verification flow Preliminary experimental results Summary & Future direction

12 Synchronization verification

13 Synchronization property Synchronization is completed if ‘ wait ’ was notified A deadlock occurs once ‘ wait ’ is reached but ‘ notify ’ is not Process AProcess B notify wait Deadlock in B

14 NOT FEASIBLE Check path feasibility a1 = true & b1 = false & b2 = true !waitCustomer = true & !waitCustomer = false & !chairOccupied = true /* Barber */ void main() { while(1) { if (!waitCustomer) DayDreaming(); else { if (chairOccupied) { notify call; chairOccupied = false; } else { KeepCutting(); chairOccupied = true; } }; /* Customer */ void main() { while(1) { if (!waitCustomer) waitCustomer = true; else { waitCustomer = false; if (!chairOccupied) wait call; } }; /* Barber */ void main() { while(a0) { if (a1)... else { if (a2) { notify call;... } else {... } }; /* Customer */ void main() { while(b0) { if (b1)... else {... if (b2) wait call; } }; Refine#0 /* Barber */ void main() { while(a0) { if (a1)... else { if (a2) { notify call;... } else {... } }; /* Customer */ void main() { while(b0) { if (a1) a1_1 = true; else { a1_1 = false; if (b2) wait call; } }; Refine#1 Check path feasibility a1 = false & a2 = false & b1 = false & b2 = true !waitCustomer = false & chairOccupied = false & !waitCustomer = false & !chairOccupied = true FEASIBLE ‘ notify ’ is not reached: ‘ wait ’ is reached

15 Contents Introduction System-level design VS Verification Counterexample-guided abstraction refinement (CEGAR) Why synchronization verification? Verification flow Preliminary experimental results Summary & Future direction

16 Verification conditions Real applications are verified Focusing only synchronization (notify/wait under par{ }), problem size can be significantly reduced Running on linux machine, P4 1.7GHz & 512 MB RAM, deadlock can be detected within few minutes

17 Preliminary experimental result Check all designs with properties “ there is no deadlock ” There is no such a case where ‘ wait ’ is executed while ‘ notify ’ is not Property1,2,3 are the different pairs of notify/wait Simulation results All properties hold No deadlock Abstraction refinement is not conducted in this experiments

18 Contents Introduction System-level design VS Verification Counterexample-guided abstraction refinement (CEGAR) Why synchronization verification? Verification flow Preliminary experimental results Summary & Future direction

19 Summary & Future Direction A framework for synchronization verification of SpecC was described Abstraction/abstraction refinement algorithm was presented Abstraction Insertion of deadlock property Verification Abstraction refinement Now targeting only for synchronization property, but we can further extend to verify other properties, e.g. safety Implementation of abstraction refinement

Download ppt "A Framework on Synchronization Verification in System-Level Design Thanyapat Sakunkonchak Satoshi Komatsu Masahiro Fujita Fujita Laboratory University."

Similar presentations

1 Verification by Model Checking. 2 Part 1 : Motivation.

1 Verification by Model Checking. 2 Part 1 : Motivation.
Auto-Generation of Test Cases for Infinite States Reactive Systems Based on Symbolic Execution and Formula Rewriting Donghuo Chen School of Computer Science.

Auto-Generation of Test Cases for Infinite States Reactive Systems Based on Symbolic Execution and Formula Rewriting Donghuo Chen School of Computer Science.
Masahiro Fujita Yoshihisa Kojima University of Tokyo May 2, 2008

Masahiro Fujita Yoshihisa Kojima University of Tokyo May 2, 2008
Computer Design Aided Computer Design Aided Fujita Lab, University of Tokyo Equivalence Checking in C-based System-Level Design by Sequentializing Concurrent.

Computer Design Aided Computer Design Aided Fujita Lab, University of Tokyo Equivalence Checking in C-based System-Level Design by Sequentializing Concurrent.
Verification of Evolving Software Natasha Sharygina Joint work with Sagar Chaki and Nishant Sinha Carnegie Mellon University.

Verification of Evolving Software Natasha Sharygina Joint work with Sagar Chaki and Nishant Sinha Carnegie Mellon University.
Abstraction and Modular Reasoning for the Verification of Software Corina Pasareanu NASA Ames Research Center.

Abstraction and Modular Reasoning for the Verification of Software Corina Pasareanu NASA Ames Research Center.
Temporal Logic and the NuSMV Model Checker CS 680 Formal Methods Jeremy Johnson.

Temporal Logic and the NuSMV Model Checker CS 680 Formal Methods Jeremy Johnson.
High Level Languages: A Comparison By Joel Best. 2 Sources The Challenges of Synthesizing Hardware from C-Like Languages  by Stephen A. Edwards High-Level.

High Level Languages: A Comparison By Joel Best. 2 Sources The Challenges of Synthesizing Hardware from C-Like Languages  by Stephen A. Edwards High-Level.
A Randomized Dynamic Program Analysis for Detecting Real Deadlocks Koushik Sen CS 265.

A Randomized Dynamic Program Analysis for Detecting Real Deadlocks Koushik Sen CS 265.
Timed Automata.

Timed Automata.
Annoucements  Next labs 9 and 10 are paired for everyone. So don’t miss the lab.  There is a review session for the quiz on Monday, November 4, at 8:00.

Annoucements  Next labs 9 and 10 are paired for everyone. So don’t miss the lab.  There is a review session for the quiz on Monday, November 4, at 8:00.
CS 267: Automated Verification Lecture 10: Nested Depth First Search, Counter- Example Generation Revisited, Bit-State Hashing, On-The-Fly Model Checking.

CS 267: Automated Verification Lecture 10: Nested Depth First Search, Counter- Example Generation Revisited, Bit-State Hashing, On-The-Fly Model Checking.
Symmetry-Aware Predicate Abstraction for Shared-Variable Concurrent Programs Alastair Donaldson, Alexander Kaiser, Daniel Kroening, and Thomas Wahl Computer.

Symmetry-Aware Predicate Abstraction for Shared-Variable Concurrent Programs Alastair Donaldson, Alexander Kaiser, Daniel Kroening, and Thomas Wahl Computer.
The Software Model Checker BLAST by Dirk Beyer, Thomas A. Henzinger, Ranjit Jhala and Rupak Majumdar Presented by Yunho Kim Provable Software Lab, KAIST.

The Software Model Checker BLAST by Dirk Beyer, Thomas A. Henzinger, Ranjit Jhala and Rupak Majumdar Presented by Yunho Kim Provable Software Lab, KAIST.
Thread-modular Abstraction Refinement Tom Henzinger Ranjit Jhala Rupak Majumdar Shaz Qadeer.

Thread-modular Abstraction Refinement Tom Henzinger Ranjit Jhala Rupak Majumdar Shaz Qadeer.
1 Model Checking, Abstraction- Refinement, and Their Implementation Based on slides by: Orna Grumberg Presented by: Yael Meller June 2008.

1 Model Checking, Abstraction- Refinement, and Their Implementation Based on slides by: Orna Grumberg Presented by: Yael Meller June 2008.
© Katz, 2003 Formal Specifications of Complex Systems-- Real-time 1 Adding Real-time to Formal Specifications Formal Specifications of Complex Systems.

© Katz, 2003 Formal Specifications of Complex Systems-- Real-time 1 Adding Real-time to Formal Specifications Formal Specifications of Complex Systems.
ECE 667 - Synthesis & Verification1 ECE 667 Spring 2011 Synthesis and Verification of Digital Systems Verification Introduction.

ECE Synthesis & Verification1 ECE 667 Spring 2011 Synthesis and Verification of Digital Systems Verification Introduction.
System-Level Verification –a Comparison of Approach Ray Turner Rapid Systems Prototyping, 1999. IEEE International Workshop on.

System-Level Verification –a Comparison of Approach Ray Turner Rapid Systems Prototyping, IEEE International Workshop on.
Predicate Abstraction for Software and Hardware Verification Himanshu Jain Model checking seminar April 22, 2005.

Predicate Abstraction for Software and Hardware Verification Himanshu Jain Model checking seminar April 22, 2005.

Similar presentations

Ads by Google