Parallel Bounded Property Checking with SymC

Today, verification of industrial size designs like multi-million gate ASICs (Application Specific Integrated Circuit) and SoC (System-on-a-Chip) processors consumes up to 75% of the design effort. The trend to augment functional verification with formal verification tries to alleviate this problem. Efficient property checking algorithms based on binary decision diagrams (BDDs) and satisfiability (SAT) solvers allow automatic verification of medium-sized designs. However, the steadily increasing design sizes still leave verification the major bottleneck, because formal methodologies do not yet scale to very large designs. To address these problems, we developed the bounded property checking tool SymC. SymC takes properties and a system description as inputs and translates them into a symbolically simulatable representation. SymC performs forward state space traversal for verifying the properties. However, for larger designs SymC cannot complete the traversal due to the state space explosion problem. Therefore, we propose a parallel version of SymC. The main idea of our approach is to split the state set into partitions and delegate traversal of these subsets to nodes on a cluster computer. Depending on the property and the quantification operator, detecting an accepting or rejecting state on one node can immediately abort computation on all other nodes and a witness/counterexample is produced. Otherwise, only the current search path is terminated and the remaining paths are traversed further. Parallel computation shows approximately linear speedups in execution time, enables faster verification of properties and we are able to handle larger designs.

[1]  Fabio Somenzi,et al.  CUDD: CU Decision Diagram Package Release 2.2.0 , 1998 .

[2]  Martin Große-Rhode Integration of Software Specification Techniques for Applications in Engineering , 2004, Lecture Notes in Computer Science.

[3]  Wolfgang Rosenstiel,et al.  TPO++: an object-oriented message-passing library in C++ , 2000, Proceedings 2000 International Conference on Parallel Processing.

[4]  Ofer Strichman,et al.  Bounded model checking , 2003, Adv. Comput..

[5]  Randal E. Bryant,et al.  Graph-Based Algorithms for Boolean Function Manipulation , 1986, IEEE Transactions on Computers.

[6]  Christian Stangier,et al.  A Partitioning Methodology for BDD-Based Verification , 2004, FMCAD.

[7]  Assaf Schuster,et al.  Achieving Scalability in Parallel Reachability Analysis of Very Large Circuits , 2000, CAV.

[8]  Anthony Skjellum,et al.  Using MPI - portable parallel programming with the message-parsing interface , 1994 .

[9]  Randal E. Bryant,et al.  Symbolic Boolean manipulation with ordered binary-decision diagrams , 1992, CSUR.

[10]  Wolfgang Rosenstiel,et al.  Dynamic guiding of bounded property checking , 2004, Proceedings. Ninth IEEE International High-Level Design Validation and Test Workshop (IEEE Cat. No.04EX940).

[11]  Kenneth L. McMillan,et al.  Approximation and decomposition of binary decision diagrams , 1998, Proceedings 1998 Design and Automation Conference. 35th DAC. (Cat. No.98CH36175).

[12]  Kenneth L. McMillan,et al.  Symbolic model checking: an approach to the state explosion problem , 1992 .

[13]  Wolfgang Rosenstiel,et al.  Modeling and Formal Verification of Production Automation Systems , 2004, SoftSpez Final Report.

[14]  R. Brayton,et al.  Reachability analysis using partitioned-ROBDDs , 1997, ICCAD 1997.

[15]  Wolfgang Rosenstiel,et al.  Using Symbolic Simulation for Bounded Property Checking , 2003, FDL.

[16]  Wolfgang Rosenstiel,et al.  Simulation-guided property checking based on multi-valued AR-automata , 2001, Proceedings Design, Automation and Test in Europe. Conference and Exhibition 2001.