Formal verification by symbolic evaluation of partially-ordered trajectories

Symbolic trajectory evaluation provides a means to formally verify properties of a sequential system by a modified form of symbolic simulation. The desired system properties are expressed in a notation combining Boolean expressions and the temporal logic “next-time” operator. In its simplest form, each property is expressed as an assertion [A⇒C], where the antecedentA expresses some assumed conditions on the system state over a bounded time period, and the consequentC expresses conditions that should result. A generalization allows simple invariants to be established and proven automatically.The verifier operates on system models in which the state space is ordered by “information content”. By suitable restrictions to the specification notation, we guarantee that for every trajectory formula, there is a unique weakest state trajectory that satisfies it. Therefore, we can verify an assertion [A⇒C] by simulating the system over the weakest trajectory forA and testing adherence toC. Also, establishing invariants correspond to simple fixed point calculations.This paper presents the general theory underlying symbolic trajectory evaluation. It also illustrates the application of the theory to the taks of verifying switch-level circuits as well as more abstract implementations.

[1]  Robin Milner,et al.  Edinburgh LCF , 1979, Lecture Notes in Computer Science.

[2]  Jeffrey J. Joyce,et al.  A Mathematically Precise Two-Level Formal Hardware Verification Methodology* , 1992 .

[3]  Randal E. Bryant,et al.  Formally Verifying a Microprocessor Using a Simulation Methodology , 1994, 31st Design Automation Conference.

[4]  Michael J. C. Gordon,et al.  Why higher-order logic is a good formalism for specifying and verifying hardware , 1985 .

[5]  Randal E. Bryant,et al.  Formal hardware verification by symbolic ternary trajectory evaluation , 1991, 28th ACM/IEEE Design Automation Conference.

[6]  Srinivas Devadas,et al.  On The Verification of Sequential Machines at Differing Levels of Abstraction , 1987, 24th ACM/IEEE Design Automation Conference.

[7]  Michael Yoeli,et al.  On a Ternary Model of Gate Networks , 1979, IEEE Transactions on Computers.

[8]  Pierre Wolper,et al.  Expressing interesting properties of programs in propositional temporal logic , 1986, POPL '86.

[9]  Randal E. Bryant,et al.  COSMOS: a compiled simulator for MOS circuits , 1987, DAC '87.

[10]  D. Beatty A methodology for formal hardware verification, with application to microprocessors , 1993 .

[11]  Carl Seger VOSS - A Formal Hardware Verification System User''s Guide , 1993 .

[12]  Edmund M. Clarke,et al.  Sequential circuit verification using symbolic model checking , 1991, DAC '90.

[13]  Mary Jane Irwin,et al.  Fast Methods for Switch-Level Verification of MOS Circuits , 1987, IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems.

[14]  Jeffrey J. Joyce,et al.  Linking BDD-Based Symbolic Evaluation to Interactive Theorem-Proving , 1993, 30th ACM/IEEE Design Automation Conference.

[15]  Randal E. Bryant,et al.  Synchronous circuit verification by symbolic simulation: an illustration , 1990 .

[16]  J.A. Darringer The Application of Program Verification to Hardware Verification , 1979, 16th Design Automation Conference.

[17]  Randal E. Bryant,et al.  Boolean Analysis of MOS Circuits , 1987, IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems.

[18]  Olivier Coudert,et al.  Verifying Temporal Properties of Sequential Machines without Building Their State Diagrams , 1990, CAV.

[19]  Joseph E. Stoy,et al.  Denotational Semantics: The Scott-Strachey Approach to Programming Language Theory , 1981 .

[20]  Amir Pnueli,et al.  The temporal logic of programs , 1977, 18th Annual Symposium on Foundations of Computer Science (sfcs 1977).

[21]  Robert P. Kurshan,et al.  Analysis of digital circuits through symbolic reduction , 1991, IEEE Trans. Comput. Aided Des. Integr. Circuits Syst..

[22]  Randal E. Bryant,et al.  A methodology for hardware verification based on logic simulation , 1987, JACM.

[23]  Randal E. Bryant,et al.  On the Complexity of VLSI Implementations and Graph Representations of Boolean Functions with Application to Integer Multiplication , 1991, IEEE Trans. Computers.

[24]  Allan L. Fisher,et al.  Verifying pipelined hardware using symbolic logic simulation , 1989, Proceedings 1989 IEEE International Conference on Computer Design: VLSI in Computers and Processors.

[25]  A. Szałas Temporal logic of programs: a standard approach , 1995 .

[26]  Randal E. Bryant,et al.  Formal Verification of Digital Circuits Using Symbolic Ternary System Models , 1990, CAV.

[27]  James S. Jephson,et al.  A Three-Value Computer Design Verification System , 1969, IBM Syst. J..

[28]  Robin Milner,et al.  A proposal for standard ML , 1984, LFP '84.

[29]  Lynn Conway,et al.  Introduction to VLSI systems , 1978 .

[30]  Timothy Kam,et al.  Comparing layouts with HDL models: a formal verification technique , 1992, Proceedings 1992 IEEE International Conference on Computer Design: VLSI in Computers & Processors.

[31]  Randal E. Bryant,et al.  Formal verification of memory circuits by switch-level simulation , 1991, IEEE Trans. Comput. Aided Des. Integr. Circuits Syst..

[32]  Nicolas Halbwachs,et al.  Programming and Verifying Real-Time Systems by Means of the Synchronous Data-Flow Language LUSTRE , 1992, IEEE Trans. Software Eng..

[33]  Jeffrey J. Joyce,et al.  A Two-Level Formal Verification Methodology using HOL and COSMOS , 1991, CAV.

[34]  John A. Darringer The Application of Program Verification to Hardware Verification , 1979, DAC 1979.

[35]  Randal E. Bryant,et al.  Graph-Based Algorithms for Boolean Function Manipulation , 1986, IEEE Transactions on Computers.