Template-based synthesis of instruction-level abstractions for SoC verification

Contemporary integrated circuits are complex system-on-chip (SoC) designs consisting of programmable cores along with accelerators and peripherals controlled by firmware running on the cores. The functionality of the SoC is implemented by a combination of firmware and hardware components. As a result, verifying these two components separately can miss bugs while attempting to formally verify the full SoC design considering both firmware and hardware is not scalable. An abstraction that can be used instead of the cycle-accurate and bit-precise hardware implementation can be helpful in scalably verifying system-level properties of SoCs. However, constructing such an abstraction to capture all the required details and interactions is error-prone, tedious and time-consuming. Another challenge is ensuring correctness of the abstraction so that properties proven using it are valid. In this paper, we introduce a methodology for SoC verification. We synthesize an instruction-level abstraction (ILA) that precisely captures updates to all firmware-accessible states spanning the cores, accelerators and peripherals. The synthesis algorithm uses a blackbox simulator to synthesize the ILA from a template specification. A "golden-model" generated from the ILA is used to verify whether the hardware implementation matches the ILA. We demonstrate the methodology using a small SoC design consisting of the 8051 microcontroller and two cryptographic accelerators. The methodology uncovered 14 bugs.

[1]  Fei Xie,et al.  Translation-based co-verification , 2005, Proceedings. Second ACM and IEEE International Conference on Formal Methods and Models for Co-Design, 2005. MEMOCODE '05..

[2]  Guowu Yang,et al.  Component-based hardware/software co-verification for building trustworthy embedded systems , 2007, J. Syst. Softw..

[3]  Sanjit A. Seshia,et al.  Combinatorial sketching for finite programs , 2006, ASPLOS XII.

[4]  Ranjit Jhala,et al.  Microarchitecture Verification by Compositional Model Checking , 2001, CAV.

[5]  Nikolaj Bjørner,et al.  Z3: An Efficient SMT Solver , 2008, TACAS.

[6]  AngluinDana Learning regular sets from queries and counterexamples , 1987 .

[7]  Rajeev Alur,et al.  Syntax-guided synthesis , 2013, FMCAD 2013.

[8]  Robert E. Schapire,et al.  Design and analysis of efficient learning algorithms , 1992, ACM Doctoral dissertation award ; 1991.

[9]  Kenneth L. McMillan,et al.  Parameterized Verification of the FLASH Cache Coherence Protocol by Compositional Model Checking , 2001, CHARME.

[10]  Robert K. Brayton,et al.  GLA: Gate-level abstraction revisited , 2013, 2013 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[11]  Sumit Gulwani,et al.  Oracle-guided component-based program synthesis , 2010, 2010 ACM/IEEE 32nd International Conference on Software Engineering.

[12]  Pramod Subramanyan,et al.  Formal verification of taint-propagation security properties in a commercial SoC design , 2014, 2014 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[13]  Shahriar Mirabbasi,et al.  System-on-Chip: Reuse and Integration , 2006, Proceedings of the IEEE.

[14]  Aaron R. Bradley,et al.  SAT-Based Model Checking without Unrolling , 2011, VMCAI.

[15]  Markus Wedler,et al.  Formal hardware/software co-verification by interval property checking with abstraction , 2011, 2011 48th ACM/EDAC/IEEE Design Automation Conference (DAC).

[16]  SongXiaoyu,et al.  Component-based hardware/software co-verification for building trustworthy embedded systems , 2007 .

[17]  Daniel Kroening,et al.  Formal co-validation of low-level hardware/software interfaces , 2013, 2013 Formal Methods in Computer-Aided Design.

[18]  Dana Angluin,et al.  Learning Regular Sets from Queries and Counterexamples , 1987, Inf. Comput..

[19]  Ankur Taly,et al.  Automated synthesis of symbolic instruction encodings from I/O samples , 2012, PLDI.