A formal framework for high level synthesis (original) (raw)

Automating verification by functional abstraction at the system level

Lecture Notes in Computer Science, 1994

The veri cation of digital circuits at higher levels of abstraction still su ers from complex and unstructured proofs. In this paper, we present a class of circuits that can be used for the implementation of arbitrary processes without shared memory. These processes communicate with each other according to a handshake protocol. We have proven general theorems to automatically derive correctness theorems for composed handshake circuits. The contribution of this paper is therefore a new design style based on handshake circuits and a highly automated approach to veri cation at the system level based on functional abstraction. ? This work has been partly nanced by a german national grant, project Automated System Design, SFB No.358.

Effective Theorem Proving for Hardware Verification

1994

The attractiveness of using theorem provers for system design verification lies in their generality. The major practical challenge confronting theorem proving technology is in combining this generality with an acceptable degree of automation. We describe an approach for enhancing the effectiveness of theorem provers for hardware verification through the use of efficient automatic procedures for rewriting, arithmetic and equality reasoning, and an off-the-shelf BDD-based propo-sitional simplifier. These automatic procedures can be combined into general-purpose proof strategies that can efficiently automate a number of proofs including those of hardware correctness. The inference procedures and proof strategies have been implemented in the PVS verification system. They are applied to several examples including an N-bit adder, the Saxe pipelined processor, and the benchmark Tamarack microprocessor design. These examples illustrate the basic design philosophy underlying PVS where powerful and efficient low-level inferences are employed within high-level user-defined proof strategies. This approach is contrasted with approaches based on tactics or batch-oriented theorem proving.

Introduction to Formal Hardware Verification

1999

Formal hardware veri cation has recently attracted considerable interest. The need for \correct" designs in safety-critical applications, coupled with the major cost associated with products delivered late, are two of the main factors behind this. In addition, as the complexity o f t h e designs increase, an ever smaller percentage of the possible behaviors of the designs will be simulated. Hence, the con dence in the designs obtained by s i m ulation is rapidly diminishing. This paper provides an introduction to the topic by describing three of the main approaches to formal hardware veri cation: theorem-proving, model checking, and symbolic simulation. We outline the underlying theory behind each approach, we illustrate the approaches by applying them to simple examples, and we discuss their strengths and weaknesses. We conclude the paper by describing current on-going work on combining the approaches to achieve m ulti-level veri cation approaches.

Proof strategies for hardware verification

1996

Ascertaining correctness of digital hardware designs through simulation does not scale-up for large designs because of the sheer combinatorics of the problem. Formal verification of hardware designs holds promise because its computational complexity is of the order of number of different types of components (and not number of components in the design). This approach requires the specification of the behavior and the design in a formal language, and reason with them using a theorem prover. In this paper we attempt to develop a methodology for writing and using these specifications for some important classes of hardware circuits. We examine digital hardware verification in the HOL-90 environment. (HOL-90 is a proof checker written in Standard ML which assists in mechanically checking a formal proof of hardware correctness.) In particular, we analyze proofs for a variety of circuits, and develop proof strategies for combinational circuits and restricted sequential circuits. Overall, this approach makes the theorem proving task less tedious and provides guidance to the user in carrying out proofs.

Formal verification in hardware design

ACM Transactions on Design Automation of Electronic Systems, 1999

In recent years, formal methods have emerged as an alternative approach to ensuring the quality and correctness of hardware designs, overcoming some of the limitations of traditional validation techniques such as simulation and testing.There are two main aspects to the application of formal methods in a design process: the formal framework used to specify desired properties of a design and the verification techniques and tools used to reason about the relationship between a specification and a corresponding implementation. We survey a variety of frameworks and techniques proposed in the literature and applied to actual designs. The specification frameworks we describe include temporal logics, predicate logic, abstraction and refinement, as well as containment between ω-regular languages. The verification techniques presented include model checking, automata-theoretic techniques, automated theorem proving, and approaches that integrate the above methods.In order to provide insight in...

A unified approach for combining different formalisms for hardware verification

Lecture Notes in Computer Science, 1996

Model Checking as the predominant technique for automatically verifying circuits su ers from the well-known state explosion problem. This hinders the veri cation of circuits which contain non-trivial data paths. Recently, it has been shown that for those circuits it may be useful to separate the control and data part prior to veri cation. This paper is also based on this idea and presents an approach for combining various proof approaches like model checking and theorem proving in a unifying framework. In contrast to other approaches, special proof procedures are available to verify circuits with data sensitive controllers, where a bidirectional signal ow between controller and data path can be found. Generic circuits can be veri ed by induction or by model checking nite instantiations. By giving the system`proof hints', also the veri cation e ort for model checking based proofs can be considerably reduced in many cases. The paper presents an introduction to the di erent proof strategies as well as an algorithm for their combination. The underlying C@S system also allows the e ciency evaluation of di erent approaches to verify the same circuits. This is shown in di erent case studies, demonstrating the tradeo between interaction and veri able circuit size.

Formal verification of microprocessors

Proceedings of the Fourth Annual Conference on Computer Assurance, 'Systems Integrity, Software Safety and Process Security, 1989

We present a general method for formally verifying the correctness of microprocessor designs. The abstract level specification of the processor defines the effect of every instruction in terms of a suitably chosen programmer's model of the processor. The concrete level specification gives a description of the design of the processor a t a synchronous level by defining the behavior over a single microcycle. We develop a general criterion of correctness to relate the two levels of behavior of the processor. We illustrate the application of our method to a simple processor, Simple, and a larger realistic processor MiniCayuga, which uses instruction pipelining. Both the designs have been completely verified using an applicative language based verification system Clio.

Proof producing synthesis of arithmetic and cryptographic hardware

Formal Aspects of Computing, 2007

A compiler from a synthesisable subset of higher order logic to clocked synchronous hardware is described. It is being used to create coprocessors for cryptographic and arithmetic applications. The compiler automatically translates a function f defined in higher order logic (typically using recursion) into a device that computes f via a four-phase handshake circuit. Compilation is by fully automatic proof in the HOL4 system, and generates a correctness theorem for each compiled function. Synthesised circuits can be directly translated to Verilog, and then input to design automation tools. A fully-expansive 'LCF methodology' allows users to safely modify and extend the compiler's theorem proving scripts to add optimisations or to enlarge the synthesisable subset of higher order logic.