Presentation is loading. Please wait.

Presentation is loading. Please wait.

Verification of Behavioral Consistency in C by Using Symbolic Simulation and Program Slicer Takeshi Matsumoto Thanyapat Sakunkonchak Hiroshi Saito Masahiro.

Published byWinfred Watkins Modified over 9 years ago

Similar presentations

Presentation on theme: "Verification of Behavioral Consistency in C by Using Symbolic Simulation and Program Slicer Takeshi Matsumoto Thanyapat Sakunkonchak Hiroshi Saito Masahiro."— Presentation transcript:

1 Verification of Behavioral Consistency in C by Using Symbolic Simulation and Program Slicer Takeshi Matsumoto Thanyapat Sakunkonchak Hiroshi Saito Masahiro Fujita The University of Tokyo

2 2 Outline Introduction Basic Notations Verification Strategy Case Studies Conclusion and Future Work

3 3 Outline Introduction Basic Notations Verification Strategy Case Studies Conclusion and Future Work

4 4 Formal verification in VLSI design As VLSI designs become more complicated, verification tasks become more difficult Formal verification has many advantages, however, it is very sensitive to the size of descriptions Recently, C-based design languages are commonly used SpecC, SystemC, … Easy to learn Able to describe HW and SW

5 5 C-base design & verification flow Our verification method works in this design flow There are many refinement steps in this flow At each refinement step, descriptions are very close to each other Specification in C Refined descri- ption for HW part Refined description with concurrency Removal of pointer, recursive calling Introduction of concurrency (SpecC or SystemC may be used here) To RTL : Refinement step Checking behavioral consistency

6 6 Target of verification In this work, target of verification is C hardware descriptions No pointer reference No recursive function calling No dynamic memory allocation In future, our verification method will cover all the design flow by extension Specification in C Refined descri- ption for HW part Refined description with concurrency

7 7 Our proposed method We propose the verification method to check the behavioral consistency of two given C-descriptions These C-descriptions are restricted for HW Verification itself is operated in terms of symbolic simulation (formal method) Main interest is to make verification task reduced and realize the efficient verification Based on textual differences Code reduction by program slicing

8 8 Next Introduction Basic Notations Verification Strategy Case Studies Conclusion and Future Work

9 9 Symbolic simulation In our method, verification itself is carried out in terms of symbolic simulation Variables are treated as symbols rather than bit vectors Symbolic simulation can verify designs more efficiently than traditional simulation

10 10 Example Example of checking the behavioral consistency based on symbolic simulation Equivalent variables are collected into EqvClass a = v1; b = v2; add1 = a + b; Description 1 add2 = v1 + v2; Description 2 EqvClass Symbolic simulation We are going to check the equivalence between add1 and add2

11 11 Example This is an example of equivalence checking based on symbolic simulation Equivalent variables are collected into EqvClass a = v1; b = v2; add1 = a + b; Description 1 add2 = v1 + v2; Description 2 EqvClass Symbolic simulation E1 (a, v1) E2 (b, v2) E3 (add1, a+b) Description1 is simulated

12 12 Example This is an example of equivalence checking based on symbolic simulation Equivalent variables are collected into EqvClass a = v1; b = v2; add1 = a + b; Description 1 add2 = v1 + v2; Description 2 EqvClass Symbolic simulation E1 (a, v1) E2 (b, v2) E3 (add1, a+b) E4 (add2, v1+v2) Description2 is simulated

13 13 Example This is an example of equivalence checking based on symbolic simulation Equivalent variables are collected into EqvClass a = v1; b = v2; add1 = a + b; Description 1 add2 = v1 + v2; Description 2 EqvClass Symbolic simulation E1 (a, v1) E2 (b, v2) E3 (add1, a+b) E4 (add2, v1+v2) Due to the equivalences in E1, E2

14 14 Example This is an example of equivalence checking based on symbolic simulation Equivalent variables are collected into EqvClass a = v1; b = v2; add1 = a + b; Description 1 add2 = v1 + v2; Description 2 EqvClass Symbolic simulation E1 (a, v1) E2 (b, v2) E3 ’ (add1, a+b, add2, v1+v2) E3 & E4 are merged into E3 ’

15 15 Program slicing In our methods, the codes to be symbolically simulated are extracted by program slicing This means only extracted codes will be simulated for verification Program slicing can extract the codes that can affect (be affected by) a variable Two kinds of slicing: backward slicing and forward slicing

16 16 Backward slicing Backward slicing for a variable v extracts all codes that affect the variable v a = 2; b = 3; c = 5; a = a + 10; b = a * c; /start/ c = c + a; a = a * b; a = 2; b = 3; c = 5; a = a + 10; b = a * c; /start/ c = c + a; a = a * b; Backward slicing

17 17 Forward slicing Forward slicing for a variable v extracts all codes that are affected by the variable v a = 2; b = 3; c = 5; a = a + 10; b = a * c; /start/ c = c + a; a = a * b; Forward slicing a = 2; b = 3; c = 5; a = a + 10; b = a * c; /start/ c = c + a; a = a * b;

18 18 Next Introduction Basic Notations Verification Strategy Case Studies Conclusion and Future Work

19 19 Verification flow (1) Description 1Description 2 Pre-processes Identification of textual differences & ordering them Output the set of textual differences (d1, d2, d3, … )

20 20 Identification of textual differences First, textual differences are identified by “ diff ” Then, they are sorted in the order of execution int v1, v2, out, opcode; v1 = 3; v2 = 5; if(opcode == 1) { out = v1 + v2; } Description 1 int v1, v2, out, opcode; int reg1, reg2, alu; v1 = 3; v2 = 5; reg1 = v1; reg2 = v2; if(opcode == 1) { alu = reg1 + reg2; out = alu; } Description 2 d1 d2 d3

21 21 Consistency is proved Verification flow (2) Is there any differences left? Decision of target variables Backward slicing Symbolic simulation Forward slicing Yes No Verification terminates successfully An erroneous trace is reported Consistency is not proved Consistency is proved Consistency is not proved (d1, d2, d3, … )

22 22 Verification flow (2) Is there any differences left? Decision of target variables Backward slicing Symbolic simulation Forward slicing Yes No Verification terminates successfully An erroneous trace is reported Consistency is proved Consistency is not proved Consistency is proved Consistency is not proved (d1, d2, d3, … )

23 23 Decision of target variables A variable v in a difference d is a target variable, When the variable v is defined in both descriptions, and assigned in the difference d int v1, v2, out, opcode; v1 = 3; v2 = 5; if(opcode == 1) { out = v1 + v2; } Description 1 int v1, v2, out, opcode; int reg1, reg2, alu; v1 = 3; v2 = 5; reg1 = v1; reg2 = v2; if(opcode == 1) { alu = reg1 + reg2; out = alu; } Description 2 d1 d2 d3

24 24 Consistency is proved Case split Is there any differences left? Decision of target variables Backward slicing Symbolic simulation Forward slicing Yes No Verification terminates successfully An erroneous trace is reported Consistency is not proved Consistency is proved Consistency is not proved (d1, d2, d3, … )

25 25 Next Introduction Basic Notations Verification Strategy Case Studies Conclusion and Future Work

26 26 Case studies Our tool implementation has not been completed A part of symbolic simulation is implemented Program slicing is done by CodeSurfer that is a product of GrammaTech Inc. We evaluated efficiency of our proposed method by the amount of codes to be verified

27 27 Case study 1 C-model of Huffman decoder Two functions were in-lined after refinement 2 differences, 2 target variables An example of textual differences Original Refined v = show_bits(); flush_bits(); v = inbuf[buf_index]; buf_index++; The declarations of show_bits, flush_bits in the original description are also identified

28 28 Case study 1 C-model of Huffman decoder Two functions were in-lined after refinement 2 differences, 2 target variables Result … behaviors were consistent 49 lines 41 lines73% 58% 11 lines 21 lines Reduction ratio Original Refined Total codes Simulated codes

29 29 Case study 2 C-model of MAXSAT solver We inserted differences in the original descri- ption so that both were consistent 6 differences, 6 target variables Result … behaviors were consistent 632 lines 630 lines80% 79% 129 lines 131 lines Reduction ratio Original Refined Total codes Simulated codes

30 30 Next Introduction Basic Notations Verification Strategy Case Studies Conclusion and Future Work

31 31 Conclusion and future work We proposed a method to verify behavioral consistency of two given C-descriptions efficiently C-descriptions are restricted for HW Identification textual differences and program slicing are applied for efficiency Future work Fully implementation tool set to realize this proposed method Extension of proposed method by introduction of concurrency

32 Thank you very much!!

Download ppt "Verification of Behavioral Consistency in C by Using Symbolic Simulation and Program Slicer Takeshi Matsumoto Thanyapat Sakunkonchak Hiroshi Saito Masahiro."

Similar presentations

Copyright 2000 Cadence Design Systems. Permission is granted to reproduce without modification. Introduction An overview of formal methods for hardware.

Copyright 2000 Cadence Design Systems. Permission is granted to reproduce without modification. Introduction An overview of formal methods for hardware.
A hardware-software co-design approach with separated verification/synthesis between computation and communication Masahiro Fujita VLSI Design and Education.

A hardware-software co-design approach with separated verification/synthesis between computation and communication Masahiro Fujita VLSI Design and Education.
TOPIC : SYNTHESIS DESIGN FLOW Module 4.3 Verilog Synthesis.

TOPIC : SYNTHESIS DESIGN FLOW Module 4.3 Verilog Synthesis.
Masahiro Fujita Yoshihisa Kojima University of Tokyo May 2, 2008

Masahiro Fujita Yoshihisa Kojima University of Tokyo May 2, 2008
ECOE 560 Design Methodologies and Tools for Software/Hardware Systems Spring 2004 Serdar Taşıran.

ECOE 560 Design Methodologies and Tools for Software/Hardware Systems Spring 2004 Serdar Taşıran.
HARDWARE SOFTWARE PARTITIONING AND CO-DESIGN PRINCIPLES MADHUMITA RAMESH BABU SUDHI PROCH 1/37.

HARDWARE SOFTWARE PARTITIONING AND CO-DESIGN PRINCIPLES MADHUMITA RAMESH BABU SUDHI PROCH 1/37.
Computer Design Aided Computer Design Aided Fujita Lab, University of Tokyo Equivalence Checking in C-based System-Level Design by Sequentializing Concurrent.

Computer Design Aided Computer Design Aided Fujita Lab, University of Tokyo Equivalence Checking in C-based System-Level Design by Sequentializing Concurrent.
Abstraction and Modular Reasoning for the Verification of Software Corina Pasareanu NASA Ames Research Center.

Abstraction and Modular Reasoning for the Verification of Software Corina Pasareanu NASA Ames Research Center.
Automated Refinement Checking of Concurrent Systems Sudipta Kundu, Sorin Lerner, Rajesh Gupta Department of Computer Science and Engineering, University.

Automated Refinement Checking of Concurrent Systems Sudipta Kundu, Sorin Lerner, Rajesh Gupta Department of Computer Science and Engineering, University.
Linear Obfuscation to Combat Symbolic Execution Zhi Wang 1, Jiang Ming 2, Chunfu Jia 1 and Debin Gao 3 1 Nankai University 2 Pennsylvania State University.

Linear Obfuscation to Combat Symbolic Execution Zhi Wang 1, Jiang Ming 2, Chunfu Jia 1 and Debin Gao 3 1 Nankai University 2 Pennsylvania State University.
Chapter 1 Object Oriented Programming. OOP revolves around the concept of an objects. Objects are crated using the class definition. Programming techniques.

Chapter 1 Object Oriented Programming. OOP revolves around the concept of an objects. Objects are crated using the class definition. Programming techniques.
INTRODUCTION T.Najah Al_Subaie Kingdom of Saudi Arabia Prince Norah bint Abdul Rahman University College of Computer Since and Information System CS240.

INTRODUCTION T.Najah Al_Subaie Kingdom of Saudi Arabia Prince Norah bint Abdul Rahman University College of Computer Since and Information System CS240.
Algorithms and Problem Solving-1 Algorithms and Problem Solving.

Algorithms and Problem Solving-1 Algorithms and Problem Solving.
Behavioral Design Outline –Design Specification –Behavioral Design –Behavioral Specification –Hardware Description Languages –Behavioral Simulation –Behavioral.

Behavioral Design Outline –Design Specification –Behavioral Design –Behavioral Specification –Hardware Description Languages –Behavioral Simulation –Behavioral.
Algorithms and Problem Solving. Learn about problem solving skills Explore the algorithmic approach for problem solving Learn about algorithm development.

Algorithms and Problem Solving. Learn about problem solving skills Explore the algorithmic approach for problem solving Learn about algorithm development.
ECE 667 - Synthesis & Verification1 ECE 667 Spring 2011 Synthesis and Verification of Digital Systems Verification Introduction.

ECE Synthesis & Verification1 ECE 667 Spring 2011 Synthesis and Verification of Digital Systems Verification Introduction.
CS 330 Programming Languages 09 / 18 / 2007 Instructor: Michael Eckmann.

CS 330 Programming Languages 09 / 18 / 2007 Instructor: Michael Eckmann.
VHDL Intro What does VHDL stand for? VHSIC Hardware Description Language VHSIC = Very High Speed Integrated Circuit Developed in 1982 by Govt. to standardize.

VHDL Intro What does VHDL stand for? VHSIC Hardware Description Language VHSIC = Very High Speed Integrated Circuit Developed in 1982 by Govt. to standardize.
CS 330 Programming Languages 09 / 16 / 2008 Instructor: Michael Eckmann.

CS 330 Programming Languages 09 / 16 / 2008 Instructor: Michael Eckmann.
Matlab as a Design Environment for Wireless ASIC Design June 16, 2005 Erik Lindskog Beceem Communications, Inc.

Matlab as a Design Environment for Wireless ASIC Design June 16, 2005 Erik Lindskog Beceem Communications, Inc.

Similar presentations

Ads by Google