ebook img

Practical Formal Methods for Hardware Design PDF

303 Pages·1997·9.78 MB·English
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Practical Formal Methods for Hardware Design

Research Reports Esprit Project 6128· FORMAT· Volume 1 Edited in cooperation with the European Commission, DG ilifF Esprit, the Information Technology R&D Programme, was set up in 1984 as a co-operative research programme involving European IT companies, IT "user" organisations, large and small, and academic institutions. Managed by DGIIIIF of the European Commission, its aim is to contribute to the development of a competitive industrial base in an area of crucial importance for the entire European economy. The current phase of the IT programme comprises the following eight domains: software technologies, technologies for components and subsystems, multimedia systems, long-term research, open microprocessor systems initiative, high-performance computing and networking, technologies for business processes, and integration in manufacturing. The Research Reports Esprit series is helping to disseminate the many results - products and services, tools and methods, and international standards - arising from the hundreds of projects that have already been launched, involving thousands of researchers. Springer Berlin Heidelberg New York Barcelona Budapest Hong Kong London Milan Paris Santa Clara Singapore Tokyo c. Delgado Kloos W. Damm (Eds.) Practical Formal Methods for Hardware Design Springer Volume Editors Carlos Delgado Kloos Universidad Carlos III de Madrid Depto. Ingenieria C/Butarque, 15 E-28911 Leganes/Madrid, Spain Werner Damm Universitat Oldenburg Fachbereich Informatik, Abt. Rechnerarchitektur Postfach 2503 D-26111 Oldenburg, Germany Cataloging-in-Publication Data applied for Die Deutsche Bibliothek - CIP-Einheitsaufnahme Practical formal methods for hardware design / C. Delgado Kloos ; W. Damm (ed.). - Berlin; Heidelberg; New York; Barcelona; Budapest ; Hong Kong ; London ; Milan ; Paris ; Santa Clara ; Singapore; Tokyo: Springer, 1997 (Research reports ESPRIT: FORMAT; Vol. 1) CR Subject Classification (1991): B.1.2, B.4.4, B.5.2, B.6.3, F.3.1 ISBN-13: 978-3-540-62007-5 e-ISBN-13: 978-3-642-60641-0 DOl: 10.1007/978-3-642-60641-0 Publication No. EUR 17535 EN of the European Commission, Dissemination of Scientific and Technical Knowledge Unit, Directorate·General Telecommunications, Information Market and Exploitation of Research, Luxembourg. © ECSC·EC·EAEC, Brussels-Luxembourg, 1997 Softcover reprint of the hardcover 1s t edition 1997 LEGAL NOTICE Neither the European Commission nor any person acting on behalf of the Commission is responsible for the use which might be made of the following information. Typesetting: Camera-ready by the editors SPIN: 10551972 45/3142·543210 - Printed on acid-free paper Preface Mike Newman European Commission, Belgium I am very pleased to be asked to contribute a foreword for this book. In my role as Project Officer in the European Commission as part of the Esprit Programme, I was involved with the FORMAT Project since its inception. The use of formal methods for design verification appears to be finally entering the realm of real commercial and tangible benefits on realistically complex designs. Recent incidents, such as the famous design flaw in the processor chip from a well-known American manufacturer,have graphically illustrated the potentially enormous costs of corrective action where such a flaw is detected by customers only after sales have commenced. Since tools based on formal methods often require extensive re-training of designers, some such motivation is needed to embark on their serious use. The FORMAT project has certainly not solved all of the problems in the use of formal methods which were identified at the start of the project, but many significant breakthroughs have been achieved. A good example is the new capability of the tools to offer counter-examples where a proof has failed. This is much more valuable to a designer than the simple knowledge that he has an error 'somewhere'. Probably the optimum verification approach will need the combined efforts of both simulation and formal verification tools for the foreseeable future, but at least they are being given a chance to work intelligently together. In addition, the FORMAT Project was a very good example of success ful application of the underlying principle of Esprit whereby several partners with complementary skills collaborate to achieve a joint goal. Thus all have equal access to exploit the common result while their costs are shared and then assisted by a contribution from the European Commission. In a success ful collaboration this multiplying effect can be very beneficial and this was the case for FORMAT. Not only was the necessary mix of researchers, man agers, CAD vendors and user companies involved but the indefinable spark, which is needed before such collaborations really take off, was also evident. Valuable results have certainly flowed from the work; new and powerful CAD products were announced on the market before the project was even finished, and the user companies were also able to show important improve ments in the detection of design errors in time to avoid expensive re-designs. I confidently recommend this book to any reader interested in this field. Brussels, July 1996 Table of Contents Preface Mike Newman. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. V Introduction Carlos Delgado Kloos, Werner Damm, and Juan Goicolea . . . . . . . . . . . . 1 1. Formal methods vs. conventional ones ... . . . . . . . . . . . . . . . . . . . . . . . 1 2. The FORMAT project. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 3. Organization of this book . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 Part I. Overview Design Methodology for Complex VLSI Devices Massimo Bombana and Fabrizio Ferrandi .......................... 7 1. Introduction: needs and constraints of the ESDA market. . . . . . . . . . 7 2. The design flow. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. 10 2.1 Design specification and documentation. . . . . . . . . . . . . . . . . . . .. 11 2.2 VHDL for simulation and synthesis. . . . . . . . . . . . . . . . . . . . . . . .. 13 2.3 From specification to implementation. . . . . . . . . . . . . . . . . . . . . .. 14 3. Design capture with VHDL/S ................................. 16 4. The Format methodology at work. . . . . . . . . . . . . . . . . . . . . . . . . . . . .. 18 5. Concluding remarks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. 22 Specification Languages Werner Damm, Gert Dohmen, Johannes Helbig, Peter Kelb, Rainer Schlor, Werner Grass, Christian Grobe, Stefan Lenk, and Wolf-Dieter Tiedemann .................................................... 23 1. VHDL/S ................................................... 23 2. State based specifications. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. 25 2.1 Integration.............................................. 27 2.2 A design situation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. 28 3. Timing diagrams. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. 31 3.1 Syntax definition. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. 32 3.2 Informal semantics. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. 36 VIII Table of Contents 4. Example: a traffic light system. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. 42 4.1 Structure of the traffic light system. . . . . . . . . . . . . . . . . . . . . . . .. 42 4.2 Behavioural description of the traffic light system . . . . . . . . . . .. 44 5. Timing diagram description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. 47 6. Summary................................................... 50 Verification Flow Werner Damm, Gert Dohmen, Ronald Herrmann, Peter Kelb, Hergen Pargmann, and Rainer Schlor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. 52 1. Verification tools. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. 52 2. Proof manager .............................................. 55 2.1 Purpose of the proof manager. . .. . . . . . . .. . . . . . . . . . . . . .. . .. 55 2.2 Verification of behavioural descriptions ..................... 56 2.3 Handling hierarchical structures ........................... 60 3. Proof steps for the traffic light system . . . . . . . . . . . . . . . . . . . . . . . . .. 63 4. Compositional verification .................................... 65 5. Component verification ...................................... 70 5.1 Introduction............................................. 70 5.2 Verification of the traffic light controller .................... 72 6. Generation of temporal logic .................................. 77 7. Summary................................................... 80 Synthesis Flow Werner Grass, Wolf-Dieter Tiedemann, Carlos Delgado Kloos, and Andres Marin Lopez ................................................... 81 1. Introduction ................................................ 81 2. Design flow ................................................. 82 3. Timing diagrams as specifications ............................. 83 4. T-LOTOS semantics of timing diagrams....... .... ...... ....... 84 4.1 Formalization of timing diagram specifications .............. 85 4.2 Timed graphs as internal representation. .. . . . . .. . . .. .. .. . .. 86 5. The different ways of producing T-LOTOS implementation descrip- tions ....................................................... 87 5.1 Automatic transformation.. . . .. . . . . . . . . . . . . . . . . . . . . . . . . . .. 87 5.2 Interactive transformation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. 87 6. 'franslation from T-LOTOS to VHDL .......................... 91 6.1 'franslation process. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. 91 6.2 VHDL produced . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. 94 7. Conclusion.................................................. 96 Table of Contents IX Part II. Industrial Experience Application of a Formal Verification Toolset to the Design of Integrated Circuits in an Industrial Environment Pierre Plaza, Jose Luis Cones a, and Fernando Palao.. . . . . . . .. . . . . . .. 99 1. Introduction................................................. 99 2. Description of the DEPTH circuit .............................. 100 2.1 DEPTH interface with the environment ..................... 101 2.2 Architecture ............................................. 101 2.3 Considerations and decisions regarding FORMAT ............ 105 3. Integration of the FORMAT tools into the Telef6nica I+D design process ..................................................... 106 3.1 System specification. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. 107 3.2 Synthesis tools ........................................... 109 3.3 Verification tools. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. 109 4. Working methodology and results .............................. 110 4.1 The synthesis line ........................................ 110 4.2 The verification line ...................................... 118 5. Conclusions ................................................. 130 Italtel Application of the FORMAT Design Flow Massimo Bombana, Patrizia Cavalloro, Fabrizio Ferrandi, and Fernanda Salice ......................................................... 132 1. Introduction................................................. 132 2. Device specification in VHDLjS ............................... 133 2.1 Design capture .......................................... 134 3. The verification flow .......................................... 137 3.1 Design properties ........................................ 140 3.2 Users' feedback .......................................... 144 4. The synthesis flow ........................................... 146 4.1 From timing diagrams to VHDL ........................... 146 4.2 Using the structurizer .................................... 151 5. Example of FORMAT tools encapsulation into a framework ....... 155 6. Conclusion .................................................. 158 Siemens Industrial Experience Ronald Herrmann, Jorg Bormann, Thomas Filkorn, Jorg Lohse, and Hans-Albert Schneider ........................................... 159 1. Design flow and verification methodology ....................... 159 2. Application reports .......................................... 161 2.1 Verification of a token ring controller ....................... 161 2.2 Verification of an arbiter .................................. 163 X Table of Contents 2.3 Verification of a serial V24 interface controller ............... 166 2.4 Verification of an ATM component ......................... 167 2.5 Verification of a FIFO buffer component .................... 169 3. Conclusion.................................................. 171 Part III. Technical Background The FORMAT Model Checker Andreas Scholz, Thomas Filkorn, Jorg Lohse, Hans-Albert Schneider, Erik Tiden, and Peter Warkentin .................................. 175 1. Introduction................................................. 175 2. Architecture ................................................. 176 2.1 Interfaces ............................................... 176 2.2 The algorithm ........................................... 178 3. The checking component. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. 178 4. The debugging component .................................... 178 5. The tautology checker ........................................ 182 Reasoning Nick Chapman, Simon Finn, and Michael P. Fourman .... . . . . . . . . . .. 184 1. LAMBDA - a behavioural design tool ......................... 184 1.1 The LAMBDA logic ...................................... 185 1.2 Proof in LAMBDA ....................................... 186 2. Generating L2 specifications ............................... ~ . .. 188 2.1 Modelling VHDL in L2 ................................... 188 3. Tutorial examples ............................................ 202 3.1 Simple reasoning. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 202 3.2 Recursive definitions ..................................... 206 3.3 Arrays .................................................. 211 4. Conclusions .................................................. 216 VHDL Formal Modeling and Analysis Luis Entrena, Serafin Olcoz, and Juan Goicolea ..................... 217 1. Introduction................................................. 217 2. A formal model of VHDL ..................................... 217 3. Petri Nets and VHDL analysis ................................. 220 3.1 Petri Net analysis ........................................ 220 3.2 Motivation of structural analysis techniques ................. 222 3.3 VHDL analysis .......................................... 222 4. Conclusions ............................. ;................... 227 Table of Contents XI Synthesis Techniques Wolf-Dieter Tiedemann, Stefan Lenk, Christian Grobe, Werner Grass, Carlos Delgado Kloos, Andres Marin Lopez, Tomas de Miguel Moro, and Tomas Robles Valladares ......................................... 229 1. Introduction................................................. 229 2. T-LOTOS .................................................. 230 2.1 Syntax of T-LOTOS ..................................... 231 2.2 T-LOTOS operational semantics .......................... 233 2.3 Examples of specifications in T-LOTOS ..................... 234 2.4 Timed graphs as internal representation .................... 236 3. Formalizing timing diagrams .................................. 242 3.1 General translation approach .............................. 242 3.2 Translation of graphical primitives ......................... 244 3.3 The operational model. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 247 4. Automatic synthesis .......................................... 248 5. Interactive synthesis .......................................... 249 5.1 The synthesis algorithm .................................. 250 5.2 Implementation relation .................................. 251 5.3 Protocol conversion ...................................... 254 5.4 An example: a frequency counter .......................... 256 6. Conclusions................................................. 263 Generating VHDL Code from LOTOS Descriptions Andres Marin Lopez, Carlos Delgado Kloos, Tomas Robles Valladares, and Tomas de Miguel Moro ...................................... 266 1. Introduction................................................. 266 2. Translation of T-LOTOS to VHDL ............................ 267 2.1 Relation between LOTOS and VHDL semantic elements ...... 269 2.2 Restrictions imposed by the translation ..................... 271 2.3 Translation scheme ....................................... 272 2.4 Optimizing the code ...................................... 275 3. Design of an ethernet bridge ................................... 275 4. System testing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 283 4.1 Derivation and validation of test cases ...................... 284 4.2 Test suite application. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 285 5. Testing environment .......................................... 287 5.1 Test case production ..................................... 289 5.2 Test cases implementation ................................ 290 5.3 Test case execution and report production .................. 291 6. Conclusion .................................................. 292

See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.