Approximate Reachability Don't Cares for CTL model checking

RDCs (Reachability Don't Cares) can have a dramatic impact on the cost of CTL model checking (J. Yuan et al., 1997). Unfortunately, RDCs, being a global property, are often much more difficult to compute than the satisfying set of typical CTL formulas. We address this problem through the use of Approximate Reachability Don't Cares (ARDCs), computed with the algorithms developed for the VERITAS sequential synthesis package (H. ho et al., 1990; 1996). Approximate reachable states represent an upper bound on the set of true reachable states, and thus a lower bound on the set of unreachable (Don't Care) states. ARDCs can be 10X to 100X (or much more for very large circuits) cheaper to compute than RDCs, and in some cases have the same dramatic effect on CTL model checking as the real RDCs. We also discuss the application of ARDCs to the problem of exact computation of the RDCs themselves. Experiments on industrial benchmarks show that order of magnitude speedups are possible, and occur frequently. The experimental results presented strongly support our claim that ARDCs play a safe and important way out of a serious dilemma: RDCs are necessary for tractable model checking of many large circuits, but the computation of the RDCs themselves is often intractable. We include, and theoretically justify, significant extensions of the VERITAS algorithms, and show that they can be up to an order of magnitude faster, while computing a virtually identical upper bound.

[1]  Yaacov Choueka,et al.  Theories of Automata on omega-Tapes: A Simplified Approach , 1974, J. Comput. Syst. Sci..

[2]  Seh-Woong Jeong,et al.  ATPG aspects of FSM verification , 1990, 1990 IEEE International Conference on Computer-Aided Design. Digest of Technical Papers.

[3]  Robert K. Brayton,et al.  Implicit state enumeration of finite state machines using BDD's , 1990, 1990 IEEE International Conference on Computer-Aided Design. Digest of Technical Papers.

[4]  Ilan Beer,et al.  Efficient Model Checking by Automated Ordering of Transition Relation Partitions , 1994, CAV.

[5]  Edmund M. Clarke,et al.  Symbolic model checking for sequential circuit verification , 1993, IEEE Trans. Comput. Aided Des. Integr. Circuits Syst..

[6]  R. Brayton,et al.  Efficient BDD Algorithms for FSM Synthesis and Verification , 1995 .

[7]  Kavita Ravi,et al.  High-density reachability analysis , 1995, ICCAD.

[8]  Tiziano Villa,et al.  VIS: A System for Verification and Synthesis , 1996, CAV.

[9]  Enrico Macii,et al.  Automatic state space decomposition for approximate FSM traversal based on circuit analysis , 1996, IEEE Trans. Comput. Aided Des. Integr. Circuits Syst..

[10]  H. Iwashita,et al.  CTL model checking based on forward state traversal , 1996, ICCAD 1996.

[11]  H. Iwashita,et al.  CTL model checking based on forward state traversal , 1996, Proceedings of International Conference on Computer Aided Design.

[12]  Kenneth L. McMillan,et al.  A Conjunctively Decomposed Boolean Representation for Symbolic Model Checking , 1996, CAV.

[13]  Enrico Macii,et al.  Algorithms for approximate FSM traversal based on state space decomposition , 1996, IEEE Trans. Comput. Aided Des. Integr. Circuits Syst..

[14]  H. Iwashita,et al.  Forward model checking techniques oriented to buggy designs , 1997, 1997 Proceedings of IEEE International Conference on Computer Aided Design (ICCAD).

[15]  Jian Shen,et al.  On Combining Formal and Informal Verification , 1997, CAV.

[16]  Abelardo Pardo,et al.  Automatic Abstraction Techniques for Propositional µ-calculus Model Checking , 1997, CAV.

[17]  Alan J. Hu,et al.  Approximate reachability with BDDs using overlapping projections , 1998, Proceedings 1998 Design and Automation Conference. 35th DAC. (Cat. No.98CH36175).