Formal Co-Validation of Low-Level Hardware/Software Interfaces (original) (raw)
Related papers
Hardware/Software Co-verification Using Path-based Symbolic Execution
2020
Conventional tools for formal hardware/software co-verification use bounded model checking techniques to construct a single monolithic propositional formula. Formulas generated in this way are extremely complex and contain a great deal of irrelevant logic, hence are difficult to solve even by the state-of-the-art Satisfiability (SAT) solvers. In a typical hardware/software co-design the firmware only exercises a fraction of the hardware state-space, and we can use this observation to generate simpler and more concise formulas. In this paper, we present a novel verification algorithm for hardware/software co-designs that identify partitions of the firmware and the hardware logic pertaining to the feasible execution paths by means of path-based symbolic simulation with custom path-pruning, propertyguided slicing and incremental SAT solving. We have implemented this approach in our tool COVERIF. We have experimentally compared COVERIF with HW-CBMC, a monolithic BMC based co-verificatio...
CREST: Hardware Formal Verification with ANSI-C Reference Specifications
2019
This paper presents CREST, a prototype front-end tool intended as an add-on to commercial EDA formal verifcation environments. CREST is an adaptation of the CBMC bounded model checker for C, an academic tool widely used in industry for software analysis and property verification. It leverages the capabilities of CBMC to process hardware datapath specifications written in arbitrary ANSI-C, without limiting restrictions to a synthesizable subset. We briefly sketch the architecture of our tool and show its use in a range of verification case studies.
Combining Software and Hardware Verification Techniques
Formal Methods in System Design, 2002
Combining verification methods developed separately for software and hardware is motivated by the industry's need for a technology that would make formal verification of realistic software/hardware co-designs practical. We focus on techniques that have proved successful in each of the two domains: BDD-based symbolic model checking for hardware verification and partial order reduction for the verification of concurrent software programs. In this paper, we first suggest a modification of partial order reduction, allowing its combination with any BDD-based verification tool, and then describe a co-verification methodology developed using these techniques jointly. Our experimental results demonstrate the efficiency of this combined verification technique, and suggest that for moderate-size systems the method is ready for industrial application.
A New Formal Verification Approach for Hardware-dependent Embedded System Software
IPSJ Transactions on System LSI Design Methodology, 2013
This paper describes a method to generate a computational model for formal verification of hardwaredependent software in embedded systems. The computational model of the combined HW/SW system is a program netlist (PN) consisting of instruction cells connected in a directed acyclic graph that compactly represents all execution paths of the software. The model can be easily integrated into SAT-based verification environments such as those based on Bounded Model Checking (BMC). The proposed construction of the model allows for an efficient reasoning of the SAT solver over entire execution paths. Program netlists are compositional. The paper presents how they can be combined to model interrupt-driven systems. We demonstrate the efficiency of our approach by presenting experimental results from the formal verification of an industrial LIN (Local Interconnect Network) bus node, implemented as a software driver on a 32-bit RISC machine.
An industrially effective environment for formal hardware verification
… -Aided Design of …, 2005
We describe the Forte formal verification environment for datapath-dominated hardware, which has proved effective in large-scale industrial trials. Forte combines an efficient linear-time logic model checking algorithm, symbolic trajectory evaluation, with lightweight theorem proving in higher-order logic. These are tightly integrated in a general-purpose functional programming language, which both allows the system to be easily customized and also serves as a specification language. We also describe the design philosophy behind Forte and elements of the verification methodology that make it effective in practice.
2004
Abstract This industrial panel is organized to discuss the views, experiences and opinions of formal methods practitioners from design automation, hardware and software industries, in order to understand the industrial needs and trends in using formal methods. In particular, we discuss the current thrust on application of formal verification in software development, and what hardware formal verification experiences bring to bear for formal software verification.
Using a formal specification and a model checker to monitor and direct simulation
Proceedings 2003. Design Automation Conference (IEEE Cat. No.03CH37451), 2003
We describe a technique for verifying that a hardware design correctly implements a protocol-level formal specification. Simulation steps are translated to protocol state transitions using a refinement map and then verified against the specification using a model checker. On the specification state space, the model checker collects coverage information and identifies states violating certain properties. It then generates protocol-level traces to these coverage gaps and error states. This technique was applied to the multiprocessing hardware of the Alpha 21364 microprocessor and the cache coherence protocol. We were able to generate an error trace which exercised a bug in the implementation that had not been discovered before a prototype was built.
Integrated Static Analysis for Linux Device Driver Verification
Lecture Notes in Computer Science, 2007
We port verification techniques for device drivers from the Windows domain to Linux, combining several tools and techniques into one integrated tool-chain. Building on ideas from Microsoft's Static Driver Verifier (SDV) project, we extend their specification language and combine its implementation with the public domain bounded model checker CBMC as a new verification back-end. We extract several API conformance rules from Linux documentation and formulate them in the extended language SLICx. Thus SDV-style verification of temporal safety specifications is brought into the public domain. In addition, we show that SLICx, together with CBMC, can be used to simulate preemption in multi-threaded code, and to find race conditions and to prove the absence of deadlocks and memory leaks.