Pub Date : 2013-12-11DOI: 10.1109/FMCAD.2013.6679397
J. O'Leary, R. Kaivola, T. Melham
Model checking by symbolic trajectory evaluation, orchestrated in a flexible functional-programming framework, is a well-established technology for correctness verification of industrial-scale circuit designs. Most verifications in this domain require decomposition into subproblems that symbolic trajectory evaluation can handle, and deductive theorem proving has long been proposed as a complement to symbolic trajectory evaluation to enable such compositional reasoning. This paper describes an approach to verification by symbolic simulation, called Relational STE, that raises verification properties to the purely logical level suitable for compositional reasoning in a theorem prover. We also introduce a new deductive theorem prover, called Goaled, that has been integrated into Intel's Forte verification framework for this purpose. We illustrate the effectiveness of this combination of technologies by describing a general framework, accessible to non-experts, that is widely used for verification and regression validation of integer multipliers at Intel.
{"title":"Relational STE and theorem proving for formal verification of industrial circuit designs","authors":"J. O'Leary, R. Kaivola, T. Melham","doi":"10.1109/FMCAD.2013.6679397","DOIUrl":"https://doi.org/10.1109/FMCAD.2013.6679397","url":null,"abstract":"Model checking by symbolic trajectory evaluation, orchestrated in a flexible functional-programming framework, is a well-established technology for correctness verification of industrial-scale circuit designs. Most verifications in this domain require decomposition into subproblems that symbolic trajectory evaluation can handle, and deductive theorem proving has long been proposed as a complement to symbolic trajectory evaluation to enable such compositional reasoning. This paper describes an approach to verification by symbolic simulation, called Relational STE, that raises verification properties to the purely logical level suitable for compositional reasoning in a theorem prover. We also introduce a new deductive theorem prover, called Goaled, that has been integrated into Intel's Forte verification framework for this purpose. We illustrate the effectiveness of this combination of technologies by describing a general framework, accessible to non-experts, that is widely used for verification and regression validation of integer multipliers at Intel.","PeriodicalId":346097,"journal":{"name":"2013 Formal Methods in Computer-Aided Design","volume":"5 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-12-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121049506","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2013-12-11DOI: 10.1109/FMCAD.2013.6679399
Jijie Wei, Yan Peng, Ge Yu, M. Greenstreet
We present a verification of a digital phase-locked loop (PLL) using the SpaceEx hybrid-systems tool. In particular, we establish global convergence - from any initial state the PLL eventually reaches a state of phase and frequency lock. Having shown that the PLL converges to a small region, traditional methods of circuit analysis based on linear-systems theory can be used to characterize the response of the PLL when in lock. The majority of the verification involves modeling each component of the PLL with piece-wise linear differential inclusions. We show how non-linear transfer functions, quantization error, and other non-idealities can be included in such a model. A limitation of piece-wise linear inclusions is that the linear coefficients for each component must take on fixed values. For real designs, ranges will be specified for these components. We show how a key step of the verification can be generalized to handle interval values for the linear coefficients by using an SMT solver.
{"title":"Verifying global convergence for a digital phase-locked loop","authors":"Jijie Wei, Yan Peng, Ge Yu, M. Greenstreet","doi":"10.1109/FMCAD.2013.6679399","DOIUrl":"https://doi.org/10.1109/FMCAD.2013.6679399","url":null,"abstract":"We present a verification of a digital phase-locked loop (PLL) using the SpaceEx hybrid-systems tool. In particular, we establish global convergence - from any initial state the PLL eventually reaches a state of phase and frequency lock. Having shown that the PLL converges to a small region, traditional methods of circuit analysis based on linear-systems theory can be used to characterize the response of the PLL when in lock. The majority of the verification involves modeling each component of the PLL with piece-wise linear differential inclusions. We show how non-linear transfer functions, quantization error, and other non-idealities can be included in such a model. A limitation of piece-wise linear inclusions is that the linear coefficients for each component must take on fixed values. For real designs, ranges will be specified for these components. We show how a key step of the verification can be generalized to handle interval values for the linear coefficients by using an SMT solver.","PeriodicalId":346097,"journal":{"name":"2013 Formal Methods in Computer-Aided Design","volume":"198200 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-12-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115186177","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2013-12-11DOI: 10.1109/FMCAD.2013.6679406
A. Cimatti, A. Griggio, Sergio Mover, Stefano Tonetta
Parametric systems arise in different application domains, such as software, cyber-physical systems or tasks scheduling. A key challenge is to estimate the values of parameters that guarantee the desired behaviours of the system. In this paper, we propose a novel approach based on an extension of the IC3 algorithm for infinite-state transition systems. The algorithm finds the feasible region of parameters by complement, incrementally finding and blocking sets of “bad” parameters which lead to system failures. If the algorithm terminates we obtain the precise region of feasible parameters of the system. We describe an implementation for symbolic transition systems with linear constraints and perform an experimental evaluation on benchmarks taken from the domain of hybrid systems. The results demonstrate the potential of the approach.
{"title":"Parameter synthesis with IC3","authors":"A. Cimatti, A. Griggio, Sergio Mover, Stefano Tonetta","doi":"10.1109/FMCAD.2013.6679406","DOIUrl":"https://doi.org/10.1109/FMCAD.2013.6679406","url":null,"abstract":"Parametric systems arise in different application domains, such as software, cyber-physical systems or tasks scheduling. A key challenge is to estimate the values of parameters that guarantee the desired behaviours of the system. In this paper, we propose a novel approach based on an extension of the IC3 algorithm for infinite-state transition systems. The algorithm finds the feasible region of parameters by complement, incrementally finding and blocking sets of “bad” parameters which lead to system failures. If the algorithm terminates we obtain the precise region of feasible parameters of the system. We describe an implementation for symbolic transition systems with linear constraints and perform an experimental evaluation on benchmarks taken from the domain of hybrid systems. The results demonstrate the potential of the approach.","PeriodicalId":346097,"journal":{"name":"2013 Formal Methods in Computer-Aided Design","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-12-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130894401","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2013-12-11DOI: 10.1109/FMCAD.2013.6679389
Yifei Yuan, Anduo Wang, R. Alur, B. T. Loo
Mapping virtual networks to physical networks under bandwidth constraints is a key computational problem for the management of data centers. Recently proposed heuristic strategies for this problem work efficiently, but are not guaranteed to always find an allocation even when one exists. Given that the bandwidth allocation problem is NP-complete, and the state-of-the-art SAT solvers have recently been successfully applied to NP-hard problems in planning and formal verification, the goal of this paper is to study whether these SAT solvers can be used to solve the bandwidth allocation problem exactly with acceptable overhead. We investigate alternative ways of encoding the allocation problem, and develop techniques for abstraction and refinement of network graphs for scalability. We report experimental comparisons of the proposed encodings with the existing heuristics for typical data-center topologies.
{"title":"On the feasibility of automation for bandwidth allocation problems in data centers","authors":"Yifei Yuan, Anduo Wang, R. Alur, B. T. Loo","doi":"10.1109/FMCAD.2013.6679389","DOIUrl":"https://doi.org/10.1109/FMCAD.2013.6679389","url":null,"abstract":"Mapping virtual networks to physical networks under bandwidth constraints is a key computational problem for the management of data centers. Recently proposed heuristic strategies for this problem work efficiently, but are not guaranteed to always find an allocation even when one exists. Given that the bandwidth allocation problem is NP-complete, and the state-of-the-art SAT solvers have recently been successfully applied to NP-hard problems in planning and formal verification, the goal of this paper is to study whether these SAT solvers can be used to solve the bandwidth allocation problem exactly with acceptable overhead. We investigate alternative ways of encoding the allocation problem, and develop techniques for abstraction and refinement of network graphs for scalability. We report experimental comparisons of the proposed encodings with the existing heuristics for typical data-center topologies.","PeriodicalId":346097,"journal":{"name":"2013 Formal Methods in Computer-Aided Design","volume":"84 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-12-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126916108","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2013-12-11DOI: 10.1109/FMCAD.2013.6679403
D. Sethi, S. Narayana, S. Malik
Software defined networks (SDNs) are receiving significant attention in the computer networking community, with increasing adoption by the industry. The key feature of SDNs is a centralized controller which programs the packet forwarding behavior of a distributed underlying network. This centralized view of control-which is absent in traditional networks-opens up opportunities for full formal verification. While there is recent research in formal verification of these networks, model checking the controller behavior as it updates the underlying network has only seen limited application. Existing approaches are limited to verifying the controller for a small number of exchanged packets in the network. In this case study, we extend the state of the art by presenting abstractions for model checking controllers for an arbitrarily large number of packets exchanged in the network. We validate the utility of these abstractions through two applications: a learning switch and a stateful firewall.
{"title":"Abstractions for model checking SDN controllers","authors":"D. Sethi, S. Narayana, S. Malik","doi":"10.1109/FMCAD.2013.6679403","DOIUrl":"https://doi.org/10.1109/FMCAD.2013.6679403","url":null,"abstract":"Software defined networks (SDNs) are receiving significant attention in the computer networking community, with increasing adoption by the industry. The key feature of SDNs is a centralized controller which programs the packet forwarding behavior of a distributed underlying network. This centralized view of control-which is absent in traditional networks-opens up opportunities for full formal verification. While there is recent research in formal verification of these networks, model checking the controller behavior as it updates the underlying network has only seen limited application. Existing approaches are limited to verifying the controller for a small number of exchanged packets in the network. In this case study, we extend the state of the art by presenting abstractions for model checking controllers for an arbitrarily large number of packets exchanged in the network. We validate the utility of these abstractions through two applications: a learning switch and a stateful firewall.","PeriodicalId":346097,"journal":{"name":"2013 Formal Methods in Computer-Aided Design","volume":"8 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-12-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129507346","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2013-12-11DOI: 10.1109/FMCAD.2013.6679404
Sam Bayless, C. G. Val, T. Ball, H. Hoos, A. Hu
We describe an efficient way to compose SAT solvers into chains, while still allowing unit propagation between those solvers. We show how such a “SAT Modulo SAT” solver naturally produces sequence interpolants as a side effect - there is no need to generate a resolution proof and post-process it to extract an interpolant. We have implemented a version of IC3 using this SAT Modulo SAT solver, which solves both more SAT instances and more UNSAT instances than PDR and IC3 on each of the 2008, 2010, and 2012 Hardware Model Checking Competition benchmarks.
{"title":"Efficient modular SAT solving for IC3","authors":"Sam Bayless, C. G. Val, T. Ball, H. Hoos, A. Hu","doi":"10.1109/FMCAD.2013.6679404","DOIUrl":"https://doi.org/10.1109/FMCAD.2013.6679404","url":null,"abstract":"We describe an efficient way to compose SAT solvers into chains, while still allowing unit propagation between those solvers. We show how such a “SAT Modulo SAT” solver naturally produces sequence interpolants as a side effect - there is no need to generate a resolution proof and post-process it to extract an interpolant. We have implemented a version of IC3 using this SAT Modulo SAT solver, which solves both more SAT instances and more UNSAT instances than PDR and IC3 on each of the 2008, 2010, and 2012 Hardware Model Checking Competition benchmarks.","PeriodicalId":346097,"journal":{"name":"2013 Formal Methods in Computer-Aided Design","volume":"28 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-12-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129866176","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2013-12-11DOI: 10.1109/FMCAD.2013.6679388
S. Sohail, F. Somenzi
A finite state reactive system (for instance a hardware controller) can be specified through a set of ω-regular properties, most of which are often safety properties. In the game-based approach to synthesis, the specification is converted to a game between the system and the environment. A deterministic implementation is obtained from the game graph and a system's winning strategy. However, there are obstacles to extract an efficient implementation from the game in hardware. On the one hand, a large space must be explored to find a strategy that has a concise representation. On the other hand, the transition structure inherited from the game graph may correspond to a state encoding that is far from optimal. In the approach presented in this paper, the game is formulated as a sequence of Boolean equations. That leads to significant improvements in the quality of the implementation compared to existing automata-based techniques. It is also shown discussed to extend this approach to the synthesis from obligation properties.
{"title":"Efficient handling of obligation constraints in synthesis from omega-regular specifications","authors":"S. Sohail, F. Somenzi","doi":"10.1109/FMCAD.2013.6679388","DOIUrl":"https://doi.org/10.1109/FMCAD.2013.6679388","url":null,"abstract":"A finite state reactive system (for instance a hardware controller) can be specified through a set of ω-regular properties, most of which are often safety properties. In the game-based approach to synthesis, the specification is converted to a game between the system and the environment. A deterministic implementation is obtained from the game graph and a system's winning strategy. However, there are obstacles to extract an efficient implementation from the game in hardware. On the one hand, a large space must be explored to find a strategy that has a concise representation. On the other hand, the transition structure inherited from the game graph may correspond to a state encoding that is far from optimal. In the approach presented in this paper, the game is formulated as a sequence of Boolean equations. That leads to significant improvements in the quality of the implementation compared to existing automata-based techniques. It is also shown discussed to extend this approach to the synthesis from obligation properties.","PeriodicalId":346097,"journal":{"name":"2013 Formal Methods in Computer-Aided Design","volume":"16 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-12-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114142062","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2013-12-11DOI: 10.1109/FMCAD.2013.6679410
Alexander Nadel, Vadim Ryvchin, O. Strichman
We report advances in state-of-the-art algorithms for the problem of Minimal Unsatisfiable Subformula (MUS) extraction. First, we demonstrate how to apply techniques used in the past to speed up resolution-based Group MUS extraction to plain MUS extraction. Second, we show that model rotation, presented in the context of assumption-based MUS extraction, can also be used with resolution-based MUS extraction. Third, we introduce an improvement to rotation, called eager rotation. Finally, we propose a new technique for speeding-up resolution-based MUS extraction, called path strengthening. We integrated the above techniques into the publicly available resolution-based MUS extractor HaifaMUC, which, as a result, now outperforms leading MUS extractors.
{"title":"Efficient MUS extraction with resolution","authors":"Alexander Nadel, Vadim Ryvchin, O. Strichman","doi":"10.1109/FMCAD.2013.6679410","DOIUrl":"https://doi.org/10.1109/FMCAD.2013.6679410","url":null,"abstract":"We report advances in state-of-the-art algorithms for the problem of Minimal Unsatisfiable Subformula (MUS) extraction. First, we demonstrate how to apply techniques used in the past to speed up resolution-based Group MUS extraction to plain MUS extraction. Second, we show that model rotation, presented in the context of assumption-based MUS extraction, can also be used with resolution-based MUS extraction. Third, we introduce an improvement to rotation, called eager rotation. Finally, we propose a new technique for speeding-up resolution-based MUS extraction, called path strengthening. We integrated the above techniques into the publicly available resolution-based MUS extractor HaifaMUC, which, as a result, now outperforms leading MUS extractors.","PeriodicalId":346097,"journal":{"name":"2013 Formal Methods in Computer-Aided Design","volume":"9 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-12-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124629606","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2013-12-11DOI: 10.1109/FMCAD.2013.6679391
Koen Claessen, N. Eén, Baruch Sterin
This paper presents a method for translating formulas written in assertion languages such as LTL into a monitor circuit suitable for model checking. Unlike the conventional approach, no automata is generated for the property, but instead the monitor is built directly from the property formula through a recursive traversal. This method was first introduced by Pnueli et. al. under the name of Temporal Testers. In this paper, we show the practicality of temporal testers through experimental evaluation, as well as offer a self-contained exposition for how to construct them in manner that meets the requirements of industrial model checking tools. These tools tend to operate on logic circuits with sequential elements, rather than transition relations, which means we only need to consider so called positive testers with no future references. This restriction both simplifies the presentation and allows for more efficient monitors to be generated. In the final part of the paper, we suggest several possible optimizations that can improve the quality of the monitors, and conclude with experimental data.
{"title":"A circuit approach to LTL model checking","authors":"Koen Claessen, N. Eén, Baruch Sterin","doi":"10.1109/FMCAD.2013.6679391","DOIUrl":"https://doi.org/10.1109/FMCAD.2013.6679391","url":null,"abstract":"This paper presents a method for translating formulas written in assertion languages such as LTL into a monitor circuit suitable for model checking. Unlike the conventional approach, no automata is generated for the property, but instead the monitor is built directly from the property formula through a recursive traversal. This method was first introduced by Pnueli et. al. under the name of Temporal Testers. In this paper, we show the practicality of temporal testers through experimental evaluation, as well as offer a self-contained exposition for how to construct them in manner that meets the requirements of industrial model checking tools. These tools tend to operate on logic circuits with sequential elements, rather than transition relations, which means we only need to consider so called positive testers with no future references. This restriction both simplifies the presentation and allows for more efficient monitors to be generated. In the final part of the paper, we suggest several possible optimizations that can improve the quality of the monitors, and conclude with experimental data.","PeriodicalId":346097,"journal":{"name":"2013 Formal Methods in Computer-Aided Design","volume":"623 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-12-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127525613","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2013-10-30DOI: 10.1109/FMCAD.2013.6679398
Sicun Gao, Soonho Kong, E. Clarke
We study SMT problems over the reals containing ordinary differential equations,. They are important for formal verification of realistic hybrid systems and embedded software. We develop δ-complete algorithms for SMT formulas that are purely existentially quantified, as well as ∃∀-formulas whose universal quantification is restricted to the time variables. We demonstrate scalability of the algorithms, as implemented in our open-source solver dReal, on SMT benchmarks with several hundred nonlinear ODEs and variables.
{"title":"Satisfiability modulo ODEs","authors":"Sicun Gao, Soonho Kong, E. Clarke","doi":"10.1109/FMCAD.2013.6679398","DOIUrl":"https://doi.org/10.1109/FMCAD.2013.6679398","url":null,"abstract":"We study SMT problems over the reals containing ordinary differential equations,. They are important for formal verification of realistic hybrid systems and embedded software. We develop δ-complete algorithms for SMT formulas that are purely existentially quantified, as well as ∃∀-formulas whose universal quantification is restricted to the time variables. We demonstrate scalability of the algorithms, as implemented in our open-source solver dReal, on SMT benchmarks with several hundred nonlinear ODEs and variables.","PeriodicalId":346097,"journal":{"name":"2013 Formal Methods in Computer-Aided Design","volume":"9 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-10-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126412846","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: