Proving Functional Correctness of Weakly Programmable IPs - A Case Study with Formal Property Checking

In recent years, designing systems-on-chip (SoCs) with domain specific and customizable embedded processors (ASIPs) has become standard practice. When compared with general purpose processors on the one hand and dedicated hardwired accelerators on the other hand, these processor cores provide new trade-offs between flexibility, energy and performance. Since they are intended to only run a restricted set of application-specific programs this knowledge is often exploited to further optimize the architecture resulting in weakly programmable IP cores. Such weakly programmable systems raise new challenges for hardware and software verification. The conventional separation of hardware and software verification based on a generic and well-defined instruction set is no longer sustainable. In this paper, we present a case study applying formal property checking to state-of-the-art designs of two weakly programmable IP blocks. A methodology is presented which is oriented at the operations of the ASIP rather than its instructions. As a by-product of our methodology for hardware verification we formalize the software restrictions exploited for optimization of the micro-architecture. We show that an automatic compliance check is feasible which certifies that the software complies with these restrictions. To our best knowledge, this is the first time that functional correctness of ASIP hardware and HW/SW compliance for a realistic design was completely verified using a formal methodology.

[1]  Stephan Merz,et al.  Model Checking , 2000 .

[2]  Armin Biere,et al.  Verifiying Safety Properties of a Power PC Microprocessor Using Symbolic Model Checking without BDDs , 1999, CAV.

[3]  Doron A. Peled,et al.  Combining Software and Hardware Verification Techniques , 2002, Formal Methods Syst. Des..

[4]  Giovanni Mancini Hardware/software co-verification in ATM , 1994, ISSS '94.

[5]  Rainer Leupers,et al.  Customizable Embedded Processors: Design Technologies and Applications , 2006 .

[6]  Jason R. Andrews Hardware/Software Co-Verification , 2005 .

[7]  Steve Leibson,et al.  Engineering the complex SOC : fast, flexible design with configurable processors , 2004 .

[8]  Sanjay Gupta,et al.  Verification of the Cell Broadband Engine/spl trade/ processor , 2006, 2006 43rd ACM/IEEE Design Automation Conference.

[9]  Dominik Stoffel,et al.  Cost-efficient block verification for a UMTS up-link chip-rate coprocessor , 2004, Proceedings Design, Automation and Test in Europe Conference and Exhibition.

[10]  Armin Biere,et al.  Verification of Out-Of-Order Processor Designs Using Model Checking and a Light-Weight Completion Function , 2002, Formal Methods Syst. Des..

[11]  Chris Rowen,et al.  Engineering the Complex SOC , 2004 .

[12]  Alain Glavieux,et al.  Reflections on the Prize Paper : "Near optimum error-correcting coding and decoding: turbo codes" , 1998 .

[13]  Sriram K. Rajamani,et al.  The SLAM project: debugging system software via static analysis , 2002, POPL '02.

[14]  Rolf Drechsler,et al.  HW/SW co-verification of embedded systems using bounded model checking , 2006, GLSVLSI '06.

[15]  Gerd Ascheid,et al.  Opportunities for Application-Specific Processors: The Case of Wireless Communications , 2007 .

[16]  Norbert Wehn,et al.  A Reconfigurable Application Specific Instruction Set Processor for Convolutional and Turbo Decoding in a SDR Environment , 2008, 2008 Design, Automation and Test in Europe.

[17]  Patrice Godefroid,et al.  Software Model Checking: The VeriSoft Approach , 2005, Formal Methods Syst. Des..

[18]  Helmut Veith,et al.  Counterexample-guided abstraction refinement for symbolic model checking , 2003, JACM.

[19]  Thomas A. Henzinger,et al.  Lazy abstraction , 2002, POPL '02.

[20]  E. Clarke,et al.  Verifying Safety Properties of a PowerPC TM 1 Microprocessor Using Symbolic Model Checking without BDDs , 1999 .

[21]  Russell Klein Executing an RTOS on Simulated Hardware using Co-verification , 2000 .

[22]  Norbert Wehn,et al.  A Reconfigurable Applcation Specific Instruction Set Processor for Viterbi and Log-MAP Decoding , 2006, 2006 IEEE Workshop on Signal Processing Systems Design and Implementation.

[23]  Patrick Robertson,et al.  Optimal and sub-optimal maximum a posteriori algorithms suitable for turbo decoding , 1997, Eur. Trans. Telecommun..

[24]  Norbert Wehn,et al.  Hardware/Software Tradeoffs for Advanced 3G Channel Decoding , 2007 .

[25]  Sanjay Gupta,et al.  Verification of the Cell Broadband Engine/spl trade/ processor , 2006, DAC 2006.