Protocol verification using flows: An industrial experience

We prove the parameterized correctness of one of the largest cache coherence protocols being used in modern multi-core processors today. Our approach is a generalization of a method we described last year that uses data type reduction and compositional reasoning to iteratively abstract and refine the protocol and uses invariants derived from protocol “flows” to make the abstraction-refinement loop converge. Our prior work demonstrated the value of sequencing information that appeared within the linear flows describing a protocol in design documents. This paper extends the notion of flows to capture intricate scenarios seen in real industrial protocols and demonstrates that there is also valuable information in the interaction among flows. We further show that judicious use of flows is required to make the method converge and identify which flows are most suitable.

[1]  Giorgio Delzanno Automatic Verification of Parameterized Cache Coherence Protocols , 2000, CAV.

[2]  Ganesh Gopalakrishnan,et al.  Transaction Based Modeling and Verification of Hardware Protocols , 2007 .

[3]  David L. Dill,et al.  Verification of FLASH cache coherence protocol by aggregation of distributed transactions , 1996, SPAA '96.

[4]  Shuvendu K. Lahiri,et al.  Constructing Quantified Invariants via Predicate Abstraction , 2004, VMCAI.

[5]  Vineet Kahlon,et al.  Model Checking Large-Scale and Parameterized Resource Allocation Systems , 2002, TACAS.

[6]  Parosh Aziz Abdulla,et al.  On the Existence of Network Invariants for Verifying Parameterized Systems , 1999, Correct System Design.

[7]  David L. Dill,et al.  Experience with Predicate Abstraction , 1999, CAV.

[8]  Yi Lv,et al.  Computing Invariants for Parameter Abstraction , 2007, 2007 5th IEEE/ACM International Conference on Formal Methods and Models for Codesign (MEMOCODE 2007).

[9]  Kedar S. Namjoshi,et al.  Local Proofs for Global Safety Properties , 2007, CAV.

[10]  Helmut Veith,et al.  Environment Abstraction for Parameterized Verification , 2006, VMCAI.

[11]  Helmut Veith,et al.  Verification by Network Decomposition , 2004, CONCUR.

[12]  Mark R. Tuttle,et al.  Going with the Flow: Parameterized Verification Using Message Flows , 2008, 2008 Formal Methods in Computer-Aided Design.

[13]  Yu Yang,et al.  Hierarchical cache coherence protocol verification one level at a time through assume guarantee , 2007, 2007 IEEE International High Level Design Validation and Test Workshop.

[14]  Kenneth L. McMillan,et al.  Verification of Infinite State Systems by Compositional Model Checking , 1999, CHARME.

[15]  Shuvendu K. Lahiri,et al.  Indexed Predicate Discovery for Unbounded System Verification , 2004, CAV.

[16]  Amir Pnueli,et al.  Liveness with (0, 1, ∞)-counter abstraction , 2002 .

[17]  Pradeep Dubey,et al.  Larrabee: A Many-Core x86 Architecture for Visual Computing , 2009, IEEE Micro.

[18]  Vineet Kahlon,et al.  Reducing Model Checking of the Many to the Few , 2000, CADE.

[19]  Sava Krstić Parametrized System Verification with Guard Strengthening and Parameter Abstraction , 2005 .

[20]  Jesse D. Bingham Automatic Non-Interference Lemmas for Parameterized Model Checking , 2008, 2008 Formal Methods in Computer-Aided Design.

[21]  Kedar S. Namjoshi,et al.  Reasoning about rings , 1995, POPL '95.

[22]  Kenneth L. McMillan,et al.  Parameterized Verification of the FLASH Cache Coherence Protocol by Compositional Model Checking , 2001, CHARME.

[23]  Leslie Lamport A New Approach to Proving the Correctness of Multiprocess Programs , 1979, TOPL.

[24]  John M. Rushby Verification Diagrams Revisited: Disjunctive Invariants for Easy Verification , 2000, CAV.

[25]  Seungjoon Park,et al.  A Simple Method for Parameterized Verification of Cache Coherence Protocols , 2004, FMCAD.

[26]  Parosh Aziz Abdulla,et al.  Handling Global Conditions in Parameterized System Verification , 1999, CAV.

[27]  G. G. Stokes "J." , 1890, The New Yale Book of Quotations.