Proof Planning for Automating Hardware Verification (original) (raw)

Proof strategies for hardware verification

1996

Ascertaining correctness of digital hardware designs through simulation does not scale-up for large designs because of the sheer combinatorics of the problem. Formal verification of hardware designs holds promise because its computational complexity is of the order of number of different types of components (and not number of components in the design). This approach requires the specification of the behavior and the design in a formal language, and reason with them using a theorem prover. In this paper we attempt to develop a methodology for writing and using these specifications for some important classes of hardware circuits. We examine digital hardware verification in the HOL-90 environment. (HOL-90 is a proof checker written in Standard ML which assists in mechanically checking a formal proof of hardware correctness.) In particular, we analyze proofs for a variety of circuits, and develop proof strategies for combinational circuits and restricted sequential circuits. Overall, this approach makes the theorem proving task less tedious and provides guidance to the user in carrying out proofs.

Experiments in Automating Hardware Verification Using Inductive Proof Planning

Formal Methods in Computer-Aided Design, 1996

We present a new approach to automating the verification of hardware designs based on planning techniques. A database of methods is developed that combines tactics, which construct proofs, using specifications of their behaviour. Given a verification problem, a planner uses the method database to build automatically a specialised tactic to solve the given problem. User interaction is limited to specifying circuits and their properties and, in some cases, suggesting lemmas. We have implemented our work in an extension of the Clam proof planning system. We report on this and its application to verifying a variety of combinational and synchronous sequential circuits including a parameterised multiplier design and a simple computer microprocessor.

Structuring Hardware Proofs: First steps towards Automation in a Higher-Order Environment

1991

Most proofs of hardware in an higher-order logic environment follow a definite pattern. This observation is used to give a methodology for hardware proofs in order to isolate the situations where the designer's creativity is required, and to automate the remaining tedious proof tasks. The interactive HOL theorem prover has been extended by generalized hardware specific tactics for simplifying proofs and an automatic theorem prover, called FAUST, for proving the simplified subgoals.

The Hardware Verification Workbench

ction also requires hardware engineerswith profound logic expertise. As a consequence, highly interactive toolscan only be driven by a few design engineers which hinders the integrationinto the standard design flow. Moreover, interactive proofs usually consume ahigh amount of verification time which imposes additional problems on the designflow. The hardware verification workbench therefore focuses on automaticproof procedures such as model checking, equivalence checking, and automatedtheorem proving..

Structuring Hardware Proofs: First steps towards Automation in Higher-Order Environment

1998

The Notion of Proof in Hardware Verification

2015

Recent advances in the field of hardware verification have raised some fresh (and some familiar) issues to do with the scope and limitations of formal proof. In this note, some of these are considered in the context of the Viper verification project. Viper is a microprocessor designed by W. J. Cullyer, C. Pygott and J. Kershaw, of the Royal Signals and Radar Establishment of the U.K. Ministry of Defense, for use in safety-critical applications. Much to their credit, the designers intended from the start that Viper be formally verified; they presented Viper's more abstract specifications in a language suitable for formal reasoning, and they placed the design in the public domain. Viper microprocessors are currently being marketed as verified chips. The formal proof aspects of the verication work have been carried out at the Computer Laboratory of the University of Cambridge. To date, some important properties of a register-transfer level model of Viper, relative to a more abstra...

Effective Theorem Proving for Hardware Verification

1994

The attractiveness of using theorem provers for system design verification lies in their generality. The major practical challenge confronting theorem proving technology is in combining this generality with an acceptable degree of automation. We describe an approach for enhancing the effectiveness of theorem provers for hardware verification through the use of efficient automatic procedures for rewriting, arithmetic and equality reasoning, and an off-the-shelf BDD-based propo-sitional simplifier. These automatic procedures can be combined into general-purpose proof strategies that can efficiently automate a number of proofs including those of hardware correctness. The inference procedures and proof strategies have been implemented in the PVS verification system. They are applied to several examples including an N-bit adder, the Saxe pipelined processor, and the benchmark Tamarack microprocessor design. These examples illustrate the basic design philosophy underlying PVS where powerful and efficient low-level inferences are employed within high-level user-defined proof strategies. This approach is contrasted with approaches based on tactics or batch-oriented theorem proving.

Introduction to Formal Hardware Verification

1999

Formal hardware veri cation has recently attracted considerable interest. The need for \correct" designs in safety-critical applications, coupled with the major cost associated with products delivered late, are two of the main factors behind this. In addition, as the complexity o f t h e designs increase, an ever smaller percentage of the possible behaviors of the designs will be simulated. Hence, the con dence in the designs obtained by s i m ulation is rapidly diminishing. This paper provides an introduction to the topic by describing three of the main approaches to formal hardware veri cation: theorem-proving, model checking, and symbolic simulation. We outline the underlying theory behind each approach, we illustrate the approaches by applying them to simple examples, and we discuss their strengths and weaknesses. We conclude the paper by describing current on-going work on combining the approaches to achieve m ulti-level veri cation approaches.

A unified approach for combining different formalisms for hardware verification

Lecture Notes in Computer Science, 1996

Model Checking as the predominant technique for automatically verifying circuits su ers from the well-known state explosion problem. This hinders the veri cation of circuits which contain non-trivial data paths. Recently, it has been shown that for those circuits it may be useful to separate the control and data part prior to veri cation. This paper is also based on this idea and presents an approach for combining various proof approaches like model checking and theorem proving in a unifying framework. In contrast to other approaches, special proof procedures are available to verify circuits with data sensitive controllers, where a bidirectional signal ow between controller and data path can be found. Generic circuits can be veri ed by induction or by model checking nite instantiations. By giving the system`proof hints', also the veri cation e ort for model checking based proofs can be considerably reduced in many cases. The paper presents an introduction to the di erent proof strategies as well as an algorithm for their combination. The underlying C@S system also allows the e ciency evaluation of di erent approaches to verify the same circuits. This is shown in di erent case studies, demonstrating the tradeo between interaction and veri able circuit size.

Proof Planning for Automating Hardware Verification (original) (raw)

Related papers